]>
granicus.if.org Git - apache/log
Jacob Champion [Tue, 20 Jun 2017 23:55:20 +0000 (23:55 +0000)]
util.c: add a strict Base64 decoding function
ap_pbase64decode_strict() adds to the functionality of
ap_pbase64decode() in two ways:
- the length of the decoded buffer is returned, allowing embedded NULLs
to be retained by the caller
- the input string is strictly checked for Base64 validity, including
correct zero-padding at the end of the string
(This was originally added to the httpdunit feature/backport branch in
r1796208, then reverted in r1799376, since it's currently intended for
trunk only.)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1799380 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 20 Jun 2017 23:55:17 +0000 (23:55 +0000)]
ap_get_basic_auth_components: add unit tests
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1799379 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 20 Jun 2017 23:42:12 +0000 (23:42 +0000)]
httpdunit: merge to trunk from feature branch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1799378 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 20 Jun 2017 23:34:30 +0000 (23:34 +0000)]
ap_find_token: add unit tests
Add previously embargoed test case for CVE-2017-7668.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1799377 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 20 Jun 2017 23:34:18 +0000 (23:34 +0000)]
Revert new base64 function and tests
This should be trunk-only, not part of the backport branch.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1799376 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 20 Jun 2017 23:08:19 +0000 (23:08 +0000)]
util.c: ensure all TEST_CHAR loops stop at the null terminator
In the aftermath of CVE-2017-7668, decouple the business logic ("is NULL
a T_HTTP_CTRL") from the postcondition ("must not go past the end of the
string"). The NULL-byte classification in the TEST_CHAR table may change
in the future.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1799375 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 20 Jun 2017 23:08:18 +0000 (23:08 +0000)]
CVE-2017-3167: add documentation to ap_get_basic_auth_pw()
Now that we've released, add clarifying comments to the now-deprecated
API.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1799374 13f79535 -47bb-0310-9956-
ffa450edef68
Ruediger Pluem [Tue, 20 Jun 2017 12:17:52 +0000 (12:17 +0000)]
* The libnghttp2.pc might be found in lib64 on 64 bit systems
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1799341 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 19 Jun 2017 19:08:49 +0000 (19:08 +0000)]
fix for RewriteOptions processing in r1798938
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1799261 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 16 Jun 2017 15:13:03 +0000 (15:13 +0000)]
add RewriteOptions LongURLOptimization
Variable expansion in RewriteCond causes strings to be duplicated
out of r->pool. If the variables are long and many conditions
are evaluated, r->pool can get seriously bloated.
Clear the memory used for variable expansion for each set of conditons
once the set of conditions fails to match.
edit: revised in
1799261
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798938 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Wed, 14 Jun 2017 22:29:17 +0000 (22:29 +0000)]
Quiet spurious gcc warning in ap_parse_form_data ("'escaped_char[0]' may be
used uninitialized in this function").
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798785 13f79535 -47bb-0310-9956-
ffa450edef68
Luis Gil [Wed, 14 Jun 2017 21:57:53 +0000 (21:57 +0000)]
added the line <page href="mod/overrides.html">Sobreescritura de la clase índice .htaccess</page>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798782 13f79535 -47bb-0310-9956-
ffa450edef68
Luis Gil [Wed, 14 Jun 2017 21:51:51 +0000 (21:51 +0000)]
checked what have changed, nothing to update.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798781 13f79535 -47bb-0310-9956-
ffa450edef68
Ruediger Pluem [Mon, 12 Jun 2017 13:15:33 +0000 (13:15 +0000)]
Revert r1798456
* For the time being keep on caching OCSP_RESPONSE_STATUS_TRYLATER. The effect can be limited by setting SSLStaplingErrorCacheTimeout.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798460 13f79535 -47bb-0310-9956-
ffa450edef68
Ruediger Pluem [Mon, 12 Jun 2017 12:53:38 +0000 (12:53 +0000)]
* Only report success, if had real one.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798457 13f79535 -47bb-0310-9956-
ffa450edef68
Ruediger Pluem [Mon, 12 Jun 2017 12:49:06 +0000 (12:49 +0000)]
* Do not cache OCSP_RESPONSE_STATUS_TRYLATER.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798456 13f79535 -47bb-0310-9956-
ffa450edef68
Ruediger Pluem [Mon, 12 Jun 2017 12:48:30 +0000 (12:48 +0000)]
* Mark OCSP_RESPONSE_STATUS_TRYLATER as error response
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1798455 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 7 Jun 2017 00:52:10 +0000 (00:52 +0000)]
allow quoted paths in <IfFile>
The boilerplate code for config sections conflicts with TAKE1
because of the trailing stuff to terminate the opening tag.
Change from TAKE1 to RAW_ARGS and call ap_getword_conf()
directly.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797844 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Wed, 7 Jun 2017 00:24:31 +0000 (00:24 +0000)]
remove taint checking from proxy_handler
rewrite tests with P flag in htaccess broken since r1792169
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797843 13f79535 -47bb-0310-9956-
ffa450edef68
Stefan Eissing [Tue, 6 Jun 2017 09:10:01 +0000 (09:10 +0000)]
On the trunk:
update after backport of mod_http2 fix.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797759 13f79535 -47bb-0310-9956-
ffa450edef68
Luca Toscano [Tue, 6 Jun 2017 08:05:55 +0000 (08:05 +0000)]
Update CHANGES after backports
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797747 13f79535 -47bb-0310-9956-
ffa450edef68
Stefan Eissing [Tue, 6 Jun 2017 07:58:57 +0000 (07:58 +0000)]
On the trunk:
mod_http2: Fix for possible CPU busy loop introduced in v1.10.3 where a stream may keep
the session in continuous check for state changes that never happen.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797745 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Tue, 6 Jun 2017 05:49:27 +0000 (05:49 +0000)]
Fix typo.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797731 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 5 Jun 2017 13:13:21 +0000 (13:13 +0000)]
whitespace and match 2.4.x
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797662 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 5 Jun 2017 13:12:25 +0000 (13:12 +0000)]
a few more backported fixes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797661 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 5 Jun 2017 13:11:11 +0000 (13:11 +0000)]
remove some backported items
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797660 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 3 Jun 2017 22:04:47 +0000 (22:04 +0000)]
mod_mime: fix quoted pair scanning
Submitted By: ylavic
CVEID: CVE-2017-7679
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1797550 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Tue, 30 May 2017 13:39:45 +0000 (13:39 +0000)]
whitespace only
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796864 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Ferradal [Mon, 29 May 2017 22:08:22 +0000 (22:08 +0000)]
New Spanish translations for mod_actions.xml.es and related files referencing or related to it
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796708 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Ferradal [Mon, 29 May 2017 08:49:11 +0000 (08:49 +0000)]
Added missing html Spanish translation for mod_access_compat.html.es
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796596 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 28 May 2017 14:10:09 +0000 (14:10 +0000)]
ab: move option processing for setting a custom
HTTP method outside of the HTTPS only handling.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796493 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Ferradal [Sat, 27 May 2017 21:24:29 +0000 (21:24 +0000)]
Added missing changes for Spanish references to security_tips.html.es in files, missing from commit r1795361
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796460 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Ferradal [Sat, 27 May 2017 21:18:41 +0000 (21:18 +0000)]
Added new Spanish translation for mod_acccess_compat, as well as the update for files referencing it
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796457 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 27 May 2017 20:21:29 +0000 (20:21 +0000)]
these are backported
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796451 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 27 May 2017 20:16:30 +0000 (20:16 +0000)]
ctr'ed in
1796447 .
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796448 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 27 May 2017 20:13:49 +0000 (20:13 +0000)]
PR61124: ap_parse_form_data() EBCDIC fix
URL-decoding doesn't work on EBCDIC.
Submitted By: Hank Ibell <hwibell gmail.com>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796446 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 27 May 2017 13:03:01 +0000 (13:03 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796391 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 27 May 2017 13:02:09 +0000 (13:02 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796390 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sat, 27 May 2017 10:52:22 +0000 (10:52 +0000)]
Move a potential NULL pointer dereference.
Check if 'slave' is NULL before using 'slave->keepalives'.
Remove a redundant assignment which is already done in 'h2_slave_destroy'.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796378 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 26 May 2017 21:50:33 +0000 (21:50 +0000)]
remove r1792169 taint checks from proxy and status modules
Both of these checks are problematic without further
work.
status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796352 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 26 May 2017 21:40:11 +0000 (21:40 +0000)]
short-circuit on NULL
Submitted By: jchampion
CVEID: CVE-2017-7668
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796350 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 26 May 2017 21:29:59 +0000 (21:29 +0000)]
core: deprecate and replace ap_get_basic_auth_pw
*) core: Deprecate ap_get_basic_auth_pw() and add
ap_get_basic_auth_components().
Submitted By: Emmanuel Dreyfus <manu netbsd.org>, Jacob Champion, Eric Covener
CVEID: CVE-2017-3167
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796348 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 26 May 2017 21:09:32 +0000 (21:09 +0000)]
mod_ssl: fix ctx passed to ssl_io_filter_error()
Consistently pass the expected bio_filter_in_ctx_t
to ssl_io_filter_error().
Submitted By: Yann Ylavic
CVEID: CVE-2017-3169
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796343 13f79535 -47bb-0310-9956-
ffa450edef68
Rich Bowen [Fri, 26 May 2017 16:16:52 +0000 (16:16 +0000)]
fix confusing indentation of examples
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796296 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:42 +0000 (21:18 +0000)]
util.c: add a strict Base64 decoding function
ap_pbase64decode_strict() adds to the functionality of
ap_pbase64decode() in two ways:
- the length of the decoded buffer is returned, allowing embedded NULLs
to be retained by the caller
- the input string is strictly checked for Base64 validity, including
correct zero-padding at the end of the string
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796208 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:40 +0000 (21:18 +0000)]
httpdunit: clean up after ourselves properly
Remove the testcase stubs and object files on `make clean`.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796207 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:38 +0000 (21:18 +0000)]
httpdunit: add CMake support for Windows
Add a CMake version of the httpdunit build system. At the moment, the only
annoyance is that CMake doesn't like globbing source files, so the
generator must be re-run whenever test cases are added.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796206 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:36 +0000 (21:18 +0000)]
httpdunit: fix check.h on Windows
Check seems to have trouble with type definitions when using a
CMake+Windows toolchain. Include apr.h before check.h to ensure pid_t
exists.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796205 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:35 +0000 (21:18 +0000)]
httpdunit: simplify test case generation
Look, a legitimate use of cat!
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796204 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:33 +0000 (21:18 +0000)]
httpdunit_gen_cases: separate declarations from calls
This gets around strict compiler warnings.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796203 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:32 +0000 (21:18 +0000)]
httpdunit: a Check-based unit test suite
Add a unit test suite based on Check:
https://libcheck.github.io/check/
The suite depends on the build system to automatically generate the code
stubs that call every test case.
httpdunit is automatically enabled in the build if configure is able to
find Check via pkg-config. At the moment pkg-config is the only official
(non-deprecated) way to build and link against Check with an autoconf
system, since platforms may distribute Check as a static library.
Note that Check is an LGPL'd library, so we can't distribute test
objects and binaries. Building and running the suite remains optional
and is not required to run the server.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796202 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:30 +0000 (21:18 +0000)]
configure: don't overwrite other_targets when mod_suexec is enabled
Just append to the list.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796201 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:18:28 +0000 (21:18 +0000)]
rules.mk: output directly to target for LT_COMPILE
For source files that exist in another directory, libtool will by
default put the output file in the current working directory instead of
next to the source file. Our build logic would then `touch` an empty
output file in the place where the actual output should have gone.
Replace the touch logic with an explicit -o option to libtool.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796200 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 25 May 2017 21:12:49 +0000 (21:12 +0000)]
Feature branch for a C-based unit test suite.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@
1796198 13f79535 -47bb-0310-9956-
ffa450edef68
Luca Toscano [Thu, 25 May 2017 08:44:55 +0000 (08:44 +0000)]
Core documentation update
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796136 13f79535 -47bb-0310-9956-
ffa450edef68
Luca Toscano [Thu, 25 May 2017 08:44:09 +0000 (08:44 +0000)]
Remove warning about nested If/ElseIf/Else evaluation
As noted by Christophe Jaillet in the dev@ ml nested
if/elseif/else conditions are now evaluated. The code
change has been already backported to 2.4.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1796135 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 23 May 2017 16:28:46 +0000 (16:28 +0000)]
Merge in APR[-util] macros from branches/trunk-buildconf-noapr
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795931 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Tue, 23 May 2017 16:19:33 +0000 (16:19 +0000)]
buildconf: check in APR[-util] m4 macros
Suggestion by wrowe. These files haven't changed in years; since we need
them anyway, check them in directly. buildconf will still copy over the
latest versions during setup, and SVN will tell us if there are any
changes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-buildconf-noapr@
1795928 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 22 May 2017 17:54:59 +0000 (17:54 +0000)]
Remove empty line.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795834 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Mon, 22 May 2017 16:40:54 +0000 (16:40 +0000)]
ab: don't call malloc_init for OpenSSL 1.1.0
Patch by rjung.
The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems
when mixed with procedure linkage stubs with some toolchains (e.g. GCC).
OpenSSL's malloc implementation doesn't recognize that the PLT stub
points back to it, which leads to infinite recursion.
Since the 1.1.0 documentation states that calling this function
explicitly is no longer necessary except "in certain shared-library
situations"(?), get rid of it.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795830 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sat, 20 May 2017 05:11:44 +0000 (05:11 +0000)]
Fix some style issues.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795652 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sat, 20 May 2017 05:08:06 +0000 (05:08 +0000)]
Add an explicit NULL to initialise a field in an authn_provider structure, as done in all other places. PR 60636
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795651 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Fri, 19 May 2017 20:51:51 +0000 (20:51 +0000)]
When processing a 'SetEnv' directive, warn if the environment variable name includes a '='. It is likely a configuration error. PR 60249
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795635 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Ferradal [Tue, 16 May 2017 19:43:42 +0000 (19:43 +0000)]
Added security_tips.xml.es and related files, included built html.es
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795361 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Tue, 16 May 2017 19:33:36 +0000 (19:33 +0000)]
Remove 3DES by default for users of older crypto librarys; the cipher
has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)
This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1795358 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 11 May 2017 17:10:05 +0000 (17:10 +0000)]
backported
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794857 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 11 May 2017 16:46:49 +0000 (16:46 +0000)]
remove recently backported items
(present in 2.4.x CHANGES)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794853 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 7 May 2017 15:49:48 +0000 (15:49 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794215 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 7 May 2017 15:48:50 +0000 (15:48 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794214 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Sat, 6 May 2017 17:06:28 +0000 (17:06 +0000)]
update transformation
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794163 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Sat, 6 May 2017 16:56:09 +0000 (16:56 +0000)]
property fixes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794161 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 6 May 2017 16:42:59 +0000 (16:42 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794160 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 6 May 2017 16:41:21 +0000 (16:41 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794159 13f79535 -47bb-0310-9956-
ffa450edef68
Luca Toscano [Sat, 6 May 2017 14:07:45 +0000 (14:07 +0000)]
mod_remoteip doc rebuild
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794143 13f79535 -47bb-0310-9956-
ffa450edef68
Luca Toscano [Sat, 6 May 2017 14:07:08 +0000 (14:07 +0000)]
Remove unclear sentence in mod_remoteip doc
This sentence has been discussed in the docs@
mailing list since it wasn't super clear for
some people. I propose to just remove it,
the rest of the content is already clear in
my opinion.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794142 13f79535 -47bb-0310-9956-
ffa450edef68
Stefan Eissing [Fri, 5 May 2017 13:24:50 +0000 (13:24 +0000)]
On the trunk:
update after mod_http2 backport
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794053 13f79535 -47bb-0310-9956-
ffa450edef68
Stefan Eissing [Fri, 5 May 2017 13:03:41 +0000 (13:03 +0000)]
On the trunk:
mod_http2: fail requests without ERROR log in case we need to read interim
responses and see only garbage. This can happen if proxied servers send
data where none should be, e.g. a body for a HEAD request.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794049 13f79535 -47bb-0310-9956-
ffa450edef68
Luca Toscano [Fri, 5 May 2017 12:53:05 +0000 (12:53 +0000)]
Documentation rebuild
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794046 13f79535 -47bb-0310-9956-
ffa450edef68
Luca Toscano [Fri, 5 May 2017 12:52:00 +0000 (12:52 +0000)]
Add a note about time resolution to the timeout parameters - PR61067
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1794044 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 23:49:54 +0000 (23:49 +0000)]
docs: update
(Why wasn't mod_ssl.html.en updated during my last build...?)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793939 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 23:41:19 +0000 (23:41 +0000)]
override index: update missing <override>s in directives
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793934 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 23:41:16 +0000 (23:41 +0000)]
override index: remove invalid <override>s from directives
Remove the bogus "none" and "n/a" type <override>s from the
documentation. If a directive can't be put in .htaccess, it shouldn't
have an <override> element.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793933 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 23:36:59 +0000 (23:36 +0000)]
merge in the override index
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793932 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 23:32:41 +0000 (23:32 +0000)]
docs: update
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793931 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 22:54:00 +0000 (22:54 +0000)]
override index: clarify this doc's purpose
Based on feedback by elukey.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-override-index@
1793923 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 22:53:58 +0000 (22:53 +0000)]
Add an Override Class Index
This page pulls in directives that declare an <override> element and
groups them by class. The documentation for each class comes from
overrides.xml. Any undocumented classes are flagged with a boilerplate
fallback text (this situation is only likely to occur with a misspelling
or otherwise invalid <override> somewhere else in the documentation).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-override-index@
1793922 13f79535 -47bb-0310-9956-
ffa450edef68
Jacob Champion [Thu, 4 May 2017 22:50:47 +0000 (22:50 +0000)]
Feature branch for a new override index manual page.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-override-index@
1793921 13f79535 -47bb-0310-9956-
ffa450edef68
Stefan Eissing [Tue, 2 May 2017 15:30:07 +0000 (15:30 +0000)]
On the trunk:
mod_proxy_http2: update after backport
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793533 13f79535 -47bb-0310-9956-
ffa450edef68
Stefan Eissing [Tue, 2 May 2017 15:16:43 +0000 (15:16 +0000)]
On the trunk:
mod_proxy_http2: adding support for Reverse Proxy Request headers.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793525 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 1 May 2017 11:58:37 +0000 (11:58 +0000)]
Remove a space to synch with 2.4.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793314 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 1 May 2017 08:17:16 +0000 (08:17 +0000)]
Synch with 2.4.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793291 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 1 May 2017 08:14:13 +0000 (08:14 +0000)]
Synch with trunk.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793290 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 1 May 2017 07:53:50 +0000 (07:53 +0000)]
Synch trunk and 2.4 branch (r1735954 in 2.4)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793288 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 1 May 2017 07:44:55 +0000 (07:44 +0000)]
Synch trunk and 2.4 branch
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793287 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 1 May 2017 07:36:56 +0000 (07:36 +0000)]
Fix NULL pointer dereference in error logging message
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793286 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 29 Apr 2017 14:04:39 +0000 (14:04 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793199 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 29 Apr 2017 14:03:52 +0000 (14:03 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1793198 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Fri, 28 Apr 2017 04:43:21 +0000 (04:43 +0000)]
Fix typo
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1792983 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Tue, 25 Apr 2017 22:53:11 +0000 (22:53 +0000)]
Follow up to r1789220.
Document the implicit behaviour of ListenCoresBucketsRatio when multiple
Listen-ers are configured on the same IP:port.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1792675 13f79535 -47bb-0310-9956-
ffa450edef68
Luis Gil [Tue, 25 Apr 2017 21:29:09 +0000 (21:29 +0000)]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1792661 13f79535 -47bb-0310-9956-
ffa450edef68