]> granicus.if.org Git - apache/log
apache
7 years agoutil.c: add a strict Base64 decoding function
Jacob Champion [Tue, 20 Jun 2017 23:55:20 +0000 (23:55 +0000)]
util.c: add a strict Base64 decoding function

ap_pbase64decode_strict() adds to the functionality of
ap_pbase64decode() in two ways:

- the length of the decoded buffer is returned, allowing embedded NULLs
  to be retained by the caller
- the input string is strictly checked for Base64 validity, including
  correct zero-padding at the end of the string

(This was originally added to the httpdunit feature/backport branch in
r1796208, then reverted in r1799376, since it's currently intended for
trunk only.)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799380 13f79535-47bb-0310-9956-ffa450edef68

7 years agoap_get_basic_auth_components: add unit tests
Jacob Champion [Tue, 20 Jun 2017 23:55:17 +0000 (23:55 +0000)]
ap_get_basic_auth_components: add unit tests

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799379 13f79535-47bb-0310-9956-ffa450edef68

7 years agohttpdunit: merge to trunk from feature branch
Jacob Champion [Tue, 20 Jun 2017 23:42:12 +0000 (23:42 +0000)]
httpdunit: merge to trunk from feature branch

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799378 13f79535-47bb-0310-9956-ffa450edef68

7 years agoap_find_token: add unit tests
Jacob Champion [Tue, 20 Jun 2017 23:34:30 +0000 (23:34 +0000)]
ap_find_token: add unit tests

Add previously embargoed test case for CVE-2017-7668.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1799377 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRevert new base64 function and tests
Jacob Champion [Tue, 20 Jun 2017 23:34:18 +0000 (23:34 +0000)]
Revert new base64 function and tests

This should be trunk-only, not part of the backport branch.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1799376 13f79535-47bb-0310-9956-ffa450edef68

7 years agoutil.c: ensure all TEST_CHAR loops stop at the null terminator
Jacob Champion [Tue, 20 Jun 2017 23:08:19 +0000 (23:08 +0000)]
util.c: ensure all TEST_CHAR loops stop at the null terminator

In the aftermath of CVE-2017-7668, decouple the business logic ("is NULL
a T_HTTP_CTRL") from the postcondition ("must not go past the end of the
string"). The NULL-byte classification in the TEST_CHAR table may change
in the future.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799375 13f79535-47bb-0310-9956-ffa450edef68

7 years agoCVE-2017-3167: add documentation to ap_get_basic_auth_pw()
Jacob Champion [Tue, 20 Jun 2017 23:08:18 +0000 (23:08 +0000)]
CVE-2017-3167: add documentation to ap_get_basic_auth_pw()

Now that we've released, add clarifying comments to the now-deprecated
API.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799374 13f79535-47bb-0310-9956-ffa450edef68

7 years ago* The libnghttp2.pc might be found in lib64 on 64 bit systems
Ruediger Pluem [Tue, 20 Jun 2017 12:17:52 +0000 (12:17 +0000)]
* The libnghttp2.pc might be found in lib64 on 64 bit systems

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799341 13f79535-47bb-0310-9956-ffa450edef68

7 years agofix for RewriteOptions processing in r1798938
Eric Covener [Mon, 19 Jun 2017 19:08:49 +0000 (19:08 +0000)]
fix for RewriteOptions processing in r1798938

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799261 13f79535-47bb-0310-9956-ffa450edef68

7 years agoadd RewriteOptions LongURLOptimization
Eric Covener [Fri, 16 Jun 2017 15:13:03 +0000 (15:13 +0000)]
add RewriteOptions LongURLOptimization

Variable expansion in RewriteCond causes strings to be duplicated
out of r->pool.  If the variables are long and many conditions
are evaluated, r->pool can get seriously bloated.

Clear the memory used for variable expansion for each set of conditons
once the set of conditions fails to match.

edit: revised in 1799261

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798938 13f79535-47bb-0310-9956-ffa450edef68

7 years agoQuiet spurious gcc warning in ap_parse_form_data ("'escaped_char[0]' may be
Yann Ylavic [Wed, 14 Jun 2017 22:29:17 +0000 (22:29 +0000)]
Quiet spurious gcc warning in ap_parse_form_data ("'escaped_char[0]' may be
used uninitialized in this function").

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798785 13f79535-47bb-0310-9956-ffa450edef68

7 years agoadded the line <page href="mod/overrides.html">Sobreescritura de la clase índice...
Luis Gil [Wed, 14 Jun 2017 21:57:53 +0000 (21:57 +0000)]
added the line <page href="mod/overrides.html">Sobreescritura de la clase índice .htaccess</page>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798782 13f79535-47bb-0310-9956-ffa450edef68

7 years agochecked what have changed, nothing to update.
Luis Gil [Wed, 14 Jun 2017 21:51:51 +0000 (21:51 +0000)]
checked what have changed, nothing to update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798781 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRevert r1798456
Ruediger Pluem [Mon, 12 Jun 2017 13:15:33 +0000 (13:15 +0000)]
Revert r1798456

* For the time being keep on caching OCSP_RESPONSE_STATUS_TRYLATER. The effect can be limited by setting SSLStaplingErrorCacheTimeout.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798460 13f79535-47bb-0310-9956-ffa450edef68

7 years ago* Only report success, if had real one.
Ruediger Pluem [Mon, 12 Jun 2017 12:53:38 +0000 (12:53 +0000)]
* Only report success, if had real one.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798457 13f79535-47bb-0310-9956-ffa450edef68

7 years ago* Do not cache OCSP_RESPONSE_STATUS_TRYLATER.
Ruediger Pluem [Mon, 12 Jun 2017 12:49:06 +0000 (12:49 +0000)]
* Do not cache OCSP_RESPONSE_STATUS_TRYLATER.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798456 13f79535-47bb-0310-9956-ffa450edef68

7 years ago* Mark OCSP_RESPONSE_STATUS_TRYLATER as error response
Ruediger Pluem [Mon, 12 Jun 2017 12:48:30 +0000 (12:48 +0000)]
* Mark OCSP_RESPONSE_STATUS_TRYLATER as error response

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798455 13f79535-47bb-0310-9956-ffa450edef68

7 years agoallow quoted paths in <IfFile>
Eric Covener [Wed, 7 Jun 2017 00:52:10 +0000 (00:52 +0000)]
allow quoted paths in <IfFile>

The boilerplate code for config sections conflicts with TAKE1
because of the trailing stuff to terminate the opening tag.

Change from TAKE1 to RAW_ARGS and call ap_getword_conf()
directly.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797844 13f79535-47bb-0310-9956-ffa450edef68

7 years agoremove taint checking from proxy_handler
Eric Covener [Wed, 7 Jun 2017 00:24:31 +0000 (00:24 +0000)]
remove taint checking from proxy_handler

rewrite tests with P flag in htaccess broken since r1792169

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797843 13f79535-47bb-0310-9956-ffa450edef68

7 years agoOn the trunk:
Stefan Eissing [Tue, 6 Jun 2017 09:10:01 +0000 (09:10 +0000)]
On the trunk:

update after backport of mod_http2 fix.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797759 13f79535-47bb-0310-9956-ffa450edef68

7 years agoUpdate CHANGES after backports
Luca Toscano [Tue, 6 Jun 2017 08:05:55 +0000 (08:05 +0000)]
Update CHANGES after backports

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797747 13f79535-47bb-0310-9956-ffa450edef68

7 years agoOn the trunk:
Stefan Eissing [Tue, 6 Jun 2017 07:58:57 +0000 (07:58 +0000)]
On the trunk:

mod_http2: Fix for possible CPU busy loop introduced in v1.10.3 where a stream may keep
     the session in continuous check for state changes that never happen.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797745 13f79535-47bb-0310-9956-ffa450edef68

7 years agoFix typo.
Christophe Jaillet [Tue, 6 Jun 2017 05:49:27 +0000 (05:49 +0000)]
Fix typo.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797731 13f79535-47bb-0310-9956-ffa450edef68

7 years agowhitespace and match 2.4.x
Eric Covener [Mon, 5 Jun 2017 13:13:21 +0000 (13:13 +0000)]
whitespace and match 2.4.x

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797662 13f79535-47bb-0310-9956-ffa450edef68

7 years agoa few more backported fixes
Eric Covener [Mon, 5 Jun 2017 13:12:25 +0000 (13:12 +0000)]
a few more backported fixes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797661 13f79535-47bb-0310-9956-ffa450edef68

7 years agoremove some backported items
Eric Covener [Mon, 5 Jun 2017 13:11:11 +0000 (13:11 +0000)]
remove some backported items

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797660 13f79535-47bb-0310-9956-ffa450edef68

7 years agomod_mime: fix quoted pair scanning
Eric Covener [Sat, 3 Jun 2017 22:04:47 +0000 (22:04 +0000)]
mod_mime: fix quoted pair scanning

Submitted By: ylavic
CVEID: CVE-2017-7679

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797550 13f79535-47bb-0310-9956-ffa450edef68

7 years agowhitespace only
Eric Covener [Tue, 30 May 2017 13:39:45 +0000 (13:39 +0000)]
whitespace only

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796864 13f79535-47bb-0310-9956-ffa450edef68

7 years agoNew Spanish translations for mod_actions.xml.es and related files referencing or...
Daniel Ferradal [Mon, 29 May 2017 22:08:22 +0000 (22:08 +0000)]
New Spanish translations for mod_actions.xml.es and related files referencing or related to it

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796708 13f79535-47bb-0310-9956-ffa450edef68

7 years agoAdded missing html Spanish translation for mod_access_compat.html.es
Daniel Ferradal [Mon, 29 May 2017 08:49:11 +0000 (08:49 +0000)]
Added missing html Spanish translation for mod_access_compat.html.es

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796596 13f79535-47bb-0310-9956-ffa450edef68

7 years agoab: move option processing for setting a custom
Rainer Jung [Sun, 28 May 2017 14:10:09 +0000 (14:10 +0000)]
ab: move option processing for setting a custom
HTTP method outside of the HTTPS only handling.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796493 13f79535-47bb-0310-9956-ffa450edef68

7 years agoAdded missing changes for Spanish references to security_tips.html.es in files, missi...
Daniel Ferradal [Sat, 27 May 2017 21:24:29 +0000 (21:24 +0000)]
Added missing changes for Spanish references to security_tips.html.es in files, missing from commit r1795361

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796460 13f79535-47bb-0310-9956-ffa450edef68

7 years agoAdded new Spanish translation for mod_acccess_compat, as well as the update for files...
Daniel Ferradal [Sat, 27 May 2017 21:18:41 +0000 (21:18 +0000)]
Added new Spanish translation for mod_acccess_compat, as well as the update for files referencing it

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796457 13f79535-47bb-0310-9956-ffa450edef68

7 years agothese are backported
Eric Covener [Sat, 27 May 2017 20:21:29 +0000 (20:21 +0000)]
these are backported

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796451 13f79535-47bb-0310-9956-ffa450edef68

7 years agoctr'ed in 1796447.
Eric Covener [Sat, 27 May 2017 20:16:30 +0000 (20:16 +0000)]
ctr'ed in 1796447.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796448 13f79535-47bb-0310-9956-ffa450edef68

7 years agoPR61124: ap_parse_form_data() EBCDIC fix
Eric Covener [Sat, 27 May 2017 20:13:49 +0000 (20:13 +0000)]
PR61124: ap_parse_form_data() EBCDIC fix

URL-decoding doesn't work on EBCDIC.

Submitted By: Hank Ibell <hwibell gmail.com>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796446 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRebuild.
Lucien Gentis [Sat, 27 May 2017 13:03:01 +0000 (13:03 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796391 13f79535-47bb-0310-9956-ffa450edef68

7 years agoXML updates.
Lucien Gentis [Sat, 27 May 2017 13:02:09 +0000 (13:02 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796390 13f79535-47bb-0310-9956-ffa450edef68

7 years agoMove a potential NULL pointer dereference.
Christophe Jaillet [Sat, 27 May 2017 10:52:22 +0000 (10:52 +0000)]
Move a potential NULL pointer dereference.
Check if 'slave' is NULL before using 'slave->keepalives'.

Remove a redundant assignment which is already done in 'h2_slave_destroy'.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796378 13f79535-47bb-0310-9956-ffa450edef68

7 years agoremove r1792169 taint checks from proxy and status modules
Eric Covener [Fri, 26 May 2017 21:50:33 +0000 (21:50 +0000)]
remove r1792169 taint checks from proxy and status modules

Both of these checks are problematic without further
work.

status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796352 13f79535-47bb-0310-9956-ffa450edef68

7 years agoshort-circuit on NULL
Eric Covener [Fri, 26 May 2017 21:40:11 +0000 (21:40 +0000)]
short-circuit on NULL

Submitted By: jchampion
CVEID: CVE-2017-7668

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796350 13f79535-47bb-0310-9956-ffa450edef68

7 years agocore: deprecate and replace ap_get_basic_auth_pw
Eric Covener [Fri, 26 May 2017 21:29:59 +0000 (21:29 +0000)]
core: deprecate and replace ap_get_basic_auth_pw

  *) core: Deprecate ap_get_basic_auth_pw() and add
    ap_get_basic_auth_components().

Submitted By: Emmanuel Dreyfus <manu netbsd.org>, Jacob Champion, Eric Covener
CVEID: CVE-2017-3167

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796348 13f79535-47bb-0310-9956-ffa450edef68

7 years agomod_ssl: fix ctx passed to ssl_io_filter_error()
Eric Covener [Fri, 26 May 2017 21:09:32 +0000 (21:09 +0000)]
mod_ssl: fix ctx passed to ssl_io_filter_error()

Consistently pass the expected bio_filter_in_ctx_t
to ssl_io_filter_error().

Submitted By: Yann Ylavic
CVEID: CVE-2017-3169

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796343 13f79535-47bb-0310-9956-ffa450edef68

7 years agofix confusing indentation of examples
Rich Bowen [Fri, 26 May 2017 16:16:52 +0000 (16:16 +0000)]
fix confusing indentation of examples

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796296 13f79535-47bb-0310-9956-ffa450edef68

7 years agoutil.c: add a strict Base64 decoding function
Jacob Champion [Thu, 25 May 2017 21:18:42 +0000 (21:18 +0000)]
util.c: add a strict Base64 decoding function

ap_pbase64decode_strict() adds to the functionality of
ap_pbase64decode() in two ways:

- the length of the decoded buffer is returned, allowing embedded NULLs
  to be retained by the caller
- the input string is strictly checked for Base64 validity, including
  correct zero-padding at the end of the string

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796208 13f79535-47bb-0310-9956-ffa450edef68

7 years agohttpdunit: clean up after ourselves properly
Jacob Champion [Thu, 25 May 2017 21:18:40 +0000 (21:18 +0000)]
httpdunit: clean up after ourselves properly

Remove the testcase stubs and object files on `make clean`.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796207 13f79535-47bb-0310-9956-ffa450edef68

7 years agohttpdunit: add CMake support for Windows
Jacob Champion [Thu, 25 May 2017 21:18:38 +0000 (21:18 +0000)]
httpdunit: add CMake support for Windows

Add a CMake version of the httpdunit build system. At the moment, the only
annoyance is that CMake doesn't like globbing source files, so the
generator must be re-run whenever test cases are added.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796206 13f79535-47bb-0310-9956-ffa450edef68

7 years agohttpdunit: fix check.h on Windows
Jacob Champion [Thu, 25 May 2017 21:18:36 +0000 (21:18 +0000)]
httpdunit: fix check.h on Windows

Check seems to have trouble with type definitions when using a
CMake+Windows toolchain. Include apr.h before check.h to ensure pid_t
exists.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796205 13f79535-47bb-0310-9956-ffa450edef68

7 years agohttpdunit: simplify test case generation
Jacob Champion [Thu, 25 May 2017 21:18:35 +0000 (21:18 +0000)]
httpdunit: simplify test case generation

Look, a legitimate use of cat!

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796204 13f79535-47bb-0310-9956-ffa450edef68

7 years agohttpdunit_gen_cases: separate declarations from calls
Jacob Champion [Thu, 25 May 2017 21:18:33 +0000 (21:18 +0000)]
httpdunit_gen_cases: separate declarations from calls

This gets around strict compiler warnings.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796203 13f79535-47bb-0310-9956-ffa450edef68

7 years agohttpdunit: a Check-based unit test suite
Jacob Champion [Thu, 25 May 2017 21:18:32 +0000 (21:18 +0000)]
httpdunit: a Check-based unit test suite

Add a unit test suite based on Check:

    https://libcheck.github.io/check/

The suite depends on the build system to automatically generate the code
stubs that call every test case.

httpdunit is automatically enabled in the build if configure is able to
find Check via pkg-config. At the moment pkg-config is the only official
(non-deprecated) way to build and link against Check with an autoconf
system, since platforms may distribute Check as a static library.

Note that Check is an LGPL'd library, so we can't distribute test
objects and binaries. Building and running the suite remains optional
and is not required to run the server.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796202 13f79535-47bb-0310-9956-ffa450edef68

7 years agoconfigure: don't overwrite other_targets when mod_suexec is enabled
Jacob Champion [Thu, 25 May 2017 21:18:30 +0000 (21:18 +0000)]
configure: don't overwrite other_targets when mod_suexec is enabled

Just append to the list.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796201 13f79535-47bb-0310-9956-ffa450edef68

7 years agorules.mk: output directly to target for LT_COMPILE
Jacob Champion [Thu, 25 May 2017 21:18:28 +0000 (21:18 +0000)]
rules.mk: output directly to target for LT_COMPILE

For source files that exist in another directory, libtool will by
default put the output file in the current working directory instead of
next to the source file. Our build logic would then `touch` an empty
output file in the place where the actual output should have gone.

Replace the touch logic with an explicit -o option to libtool.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796200 13f79535-47bb-0310-9956-ffa450edef68

7 years agoFeature branch for a C-based unit test suite.
Jacob Champion [Thu, 25 May 2017 21:12:49 +0000 (21:12 +0000)]
Feature branch for a C-based unit test suite.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796198 13f79535-47bb-0310-9956-ffa450edef68

7 years agoCore documentation update
Luca Toscano [Thu, 25 May 2017 08:44:55 +0000 (08:44 +0000)]
Core documentation update

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796136 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRemove warning about nested If/ElseIf/Else evaluation
Luca Toscano [Thu, 25 May 2017 08:44:09 +0000 (08:44 +0000)]
Remove warning about nested If/ElseIf/Else evaluation

As noted by Christophe Jaillet in the dev@ ml nested
if/elseif/else conditions are now evaluated. The code
change has been already backported to 2.4.x.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796135 13f79535-47bb-0310-9956-ffa450edef68

7 years agoMerge in APR[-util] macros from branches/trunk-buildconf-noapr
Jacob Champion [Tue, 23 May 2017 16:28:46 +0000 (16:28 +0000)]
Merge in APR[-util] macros from branches/trunk-buildconf-noapr

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795931 13f79535-47bb-0310-9956-ffa450edef68

7 years agobuildconf: check in APR[-util] m4 macros trunk-buildconf-noapr trunk-buildconf-noapr
Jacob Champion [Tue, 23 May 2017 16:19:33 +0000 (16:19 +0000)]
buildconf: check in APR[-util] m4 macros

Suggestion by wrowe. These files haven't changed in years; since we need
them anyway, check them in directly. buildconf will still copy over the
latest versions during setup, and SVN will tell us if there are any
changes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-buildconf-noapr@1795928 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRemove empty line.
Christophe Jaillet [Mon, 22 May 2017 17:54:59 +0000 (17:54 +0000)]
Remove empty line.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795834 13f79535-47bb-0310-9956-ffa450edef68

7 years agoab: don't call malloc_init for OpenSSL 1.1.0
Jacob Champion [Mon, 22 May 2017 16:40:54 +0000 (16:40 +0000)]
ab: don't call malloc_init for OpenSSL 1.1.0

Patch by rjung.

The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems
when mixed with procedure linkage stubs with some toolchains (e.g. GCC).
OpenSSL's malloc implementation doesn't recognize that the PLT stub
points back to it, which leads to infinite recursion.

Since the 1.1.0 documentation states that calling this function
explicitly is no longer necessary except "in certain shared-library
situations"(?), get rid of it.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795830 13f79535-47bb-0310-9956-ffa450edef68

7 years agoFix some style issues.
Christophe Jaillet [Sat, 20 May 2017 05:11:44 +0000 (05:11 +0000)]
Fix some style issues.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795652 13f79535-47bb-0310-9956-ffa450edef68

7 years agoAdd an explicit NULL to initialise a field in an authn_provider structure, as done...
Christophe Jaillet [Sat, 20 May 2017 05:08:06 +0000 (05:08 +0000)]
Add an explicit NULL to initialise a field in an authn_provider structure, as done in all other places.  PR 60636

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795651 13f79535-47bb-0310-9956-ffa450edef68

7 years agoWhen processing a 'SetEnv' directive, warn if the environment variable name includes...
Christophe Jaillet [Fri, 19 May 2017 20:51:51 +0000 (20:51 +0000)]
When processing a 'SetEnv' directive, warn if the environment variable name includes a '='. It is likely a configuration error.   PR 60249

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795635 13f79535-47bb-0310-9956-ffa450edef68

7 years agoAdded security_tips.xml.es and related files, included built html.es
Daniel Ferradal [Tue, 16 May 2017 19:43:42 +0000 (19:43 +0000)]
Added security_tips.xml.es and related files, included built html.es

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795361 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRemove 3DES by default for users of older crypto librarys; the cipher
William A. Rowe Jr [Tue, 16 May 2017 19:33:36 +0000 (19:33 +0000)]
Remove 3DES by default for users of older crypto librarys; the cipher
has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)

This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795358 13f79535-47bb-0310-9956-ffa450edef68

7 years agobackported
Eric Covener [Thu, 11 May 2017 17:10:05 +0000 (17:10 +0000)]
backported

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794857 13f79535-47bb-0310-9956-ffa450edef68

7 years agoremove recently backported items
Eric Covener [Thu, 11 May 2017 16:46:49 +0000 (16:46 +0000)]
remove recently backported items

(present in 2.4.x CHANGES)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794853 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRebuild.
Lucien Gentis [Sun, 7 May 2017 15:49:48 +0000 (15:49 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794215 13f79535-47bb-0310-9956-ffa450edef68

7 years agoXML updates.
Lucien Gentis [Sun, 7 May 2017 15:48:50 +0000 (15:48 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794214 13f79535-47bb-0310-9956-ffa450edef68

7 years agoupdate transformation
André Malo [Sat, 6 May 2017 17:06:28 +0000 (17:06 +0000)]
update transformation

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794163 13f79535-47bb-0310-9956-ffa450edef68

7 years agoproperty fixes
André Malo [Sat, 6 May 2017 16:56:09 +0000 (16:56 +0000)]
property fixes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794161 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRebuild.
Lucien Gentis [Sat, 6 May 2017 16:42:59 +0000 (16:42 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794160 13f79535-47bb-0310-9956-ffa450edef68

7 years agoXML updates.
Lucien Gentis [Sat, 6 May 2017 16:41:21 +0000 (16:41 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794159 13f79535-47bb-0310-9956-ffa450edef68

7 years agomod_remoteip doc rebuild
Luca Toscano [Sat, 6 May 2017 14:07:45 +0000 (14:07 +0000)]
mod_remoteip doc rebuild

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794143 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRemove unclear sentence in mod_remoteip doc
Luca Toscano [Sat, 6 May 2017 14:07:08 +0000 (14:07 +0000)]
Remove unclear sentence in mod_remoteip doc

This sentence has been discussed in the docs@
mailing list since it wasn't super clear for
some people. I propose to just remove it,
the rest of the content is already clear in
my opinion.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794142 13f79535-47bb-0310-9956-ffa450edef68

7 years agoOn the trunk:
Stefan Eissing [Fri, 5 May 2017 13:24:50 +0000 (13:24 +0000)]
On the trunk:

update after mod_http2 backport

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794053 13f79535-47bb-0310-9956-ffa450edef68

7 years agoOn the trunk:
Stefan Eissing [Fri, 5 May 2017 13:03:41 +0000 (13:03 +0000)]
On the trunk:

mod_http2: fail requests without ERROR log in case we need to read interim
     responses and see only garbage. This can happen if proxied servers send
     data where none should be, e.g. a body for a HEAD request.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794049 13f79535-47bb-0310-9956-ffa450edef68

7 years agoDocumentation rebuild
Luca Toscano [Fri, 5 May 2017 12:53:05 +0000 (12:53 +0000)]
Documentation rebuild

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794046 13f79535-47bb-0310-9956-ffa450edef68

7 years agoAdd a note about time resolution to the timeout parameters - PR61067
Luca Toscano [Fri, 5 May 2017 12:52:00 +0000 (12:52 +0000)]
Add a note about time resolution to the timeout parameters - PR61067

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794044 13f79535-47bb-0310-9956-ffa450edef68

7 years agodocs: update
Jacob Champion [Thu, 4 May 2017 23:49:54 +0000 (23:49 +0000)]
docs: update

(Why wasn't mod_ssl.html.en updated during my last build...?)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793939 13f79535-47bb-0310-9956-ffa450edef68

7 years agooverride index: update missing <override>s in directives
Jacob Champion [Thu, 4 May 2017 23:41:19 +0000 (23:41 +0000)]
override index: update missing <override>s in directives

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793934 13f79535-47bb-0310-9956-ffa450edef68

7 years agooverride index: remove invalid <override>s from directives
Jacob Champion [Thu, 4 May 2017 23:41:16 +0000 (23:41 +0000)]
override index: remove invalid <override>s from directives

Remove the bogus "none" and "n/a" type <override>s from the
documentation. If a directive can't be put in .htaccess, it shouldn't
have an <override> element.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793933 13f79535-47bb-0310-9956-ffa450edef68

7 years agomerge in the override index
Jacob Champion [Thu, 4 May 2017 23:36:59 +0000 (23:36 +0000)]
merge in the override index

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793932 13f79535-47bb-0310-9956-ffa450edef68

7 years agodocs: update
Jacob Champion [Thu, 4 May 2017 23:32:41 +0000 (23:32 +0000)]
docs: update

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793931 13f79535-47bb-0310-9956-ffa450edef68

7 years agooverride index: clarify this doc's purpose trunk-override-index trunk-override-index
Jacob Champion [Thu, 4 May 2017 22:54:00 +0000 (22:54 +0000)]
override index: clarify this doc's purpose

Based on feedback by elukey.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-override-index@1793923 13f79535-47bb-0310-9956-ffa450edef68

7 years agoAdd an Override Class Index
Jacob Champion [Thu, 4 May 2017 22:53:58 +0000 (22:53 +0000)]
Add an Override Class Index

This page pulls in directives that declare an <override> element and
groups them by class. The documentation for each class comes from
overrides.xml. Any undocumented classes are flagged with a boilerplate
fallback text (this situation is only likely to occur with a misspelling
or otherwise invalid <override> somewhere else in the documentation).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-override-index@1793922 13f79535-47bb-0310-9956-ffa450edef68

7 years agoFeature branch for a new override index manual page.
Jacob Champion [Thu, 4 May 2017 22:50:47 +0000 (22:50 +0000)]
Feature branch for a new override index manual page.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-override-index@1793921 13f79535-47bb-0310-9956-ffa450edef68

7 years agoOn the trunk:
Stefan Eissing [Tue, 2 May 2017 15:30:07 +0000 (15:30 +0000)]
On the trunk:

mod_proxy_http2: update after backport

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793533 13f79535-47bb-0310-9956-ffa450edef68

7 years agoOn the trunk:
Stefan Eissing [Tue, 2 May 2017 15:16:43 +0000 (15:16 +0000)]
On the trunk:

mod_proxy_http2: adding support for Reverse Proxy Request headers.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793525 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRemove a space to synch with 2.4.x.
Christophe Jaillet [Mon, 1 May 2017 11:58:37 +0000 (11:58 +0000)]
Remove a space to synch with 2.4.x.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793314 13f79535-47bb-0310-9956-ffa450edef68

7 years agoSynch with 2.4.x.
Christophe Jaillet [Mon, 1 May 2017 08:17:16 +0000 (08:17 +0000)]
Synch with 2.4.x.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793291 13f79535-47bb-0310-9956-ffa450edef68

7 years agoSynch with trunk.
Christophe Jaillet [Mon, 1 May 2017 08:14:13 +0000 (08:14 +0000)]
Synch with trunk.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793290 13f79535-47bb-0310-9956-ffa450edef68

7 years agoSynch trunk and 2.4 branch (r1735954 in 2.4)
Christophe Jaillet [Mon, 1 May 2017 07:53:50 +0000 (07:53 +0000)]
Synch trunk and 2.4 branch (r1735954 in 2.4)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793288 13f79535-47bb-0310-9956-ffa450edef68

7 years agoSynch trunk and 2.4 branch
Christophe Jaillet [Mon, 1 May 2017 07:44:55 +0000 (07:44 +0000)]
Synch trunk and 2.4 branch

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793287 13f79535-47bb-0310-9956-ffa450edef68

7 years agoFix NULL pointer dereference in error logging message
Christophe Jaillet [Mon, 1 May 2017 07:36:56 +0000 (07:36 +0000)]
Fix NULL pointer dereference in error logging message

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793286 13f79535-47bb-0310-9956-ffa450edef68

7 years agoRebuild.
Lucien Gentis [Sat, 29 Apr 2017 14:04:39 +0000 (14:04 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793199 13f79535-47bb-0310-9956-ffa450edef68

7 years agoXML updates.
Lucien Gentis [Sat, 29 Apr 2017 14:03:52 +0000 (14:03 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1793198 13f79535-47bb-0310-9956-ffa450edef68

7 years agoFix typo
Christophe Jaillet [Fri, 28 Apr 2017 04:43:21 +0000 (04:43 +0000)]
Fix typo

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1792983 13f79535-47bb-0310-9956-ffa450edef68

7 years agoFollow up to r1789220.
Yann Ylavic [Tue, 25 Apr 2017 22:53:11 +0000 (22:53 +0000)]
Follow up to r1789220.
Document the implicit behaviour of ListenCoresBucketsRatio when multiple
Listen-ers are configured on the same IP:port.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1792675 13f79535-47bb-0310-9956-ffa450edef68

7 years agogit-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1792661 13f79535-47bb...
Luis Gil [Tue, 25 Apr 2017 21:29:09 +0000 (21:29 +0000)]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1792661 13f79535-47bb-0310-9956-ffa450edef68