]>
granicus.if.org Git - apache/log
André Malo [Sat, 23 Aug 2014 20:19:04 +0000 (20:19 +0000)]
update transformation
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1620072 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 23 Aug 2014 11:18:28 +0000 (11:18 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1620005 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 23 Aug 2014 11:17:04 +0000 (11:17 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1620004 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Fri, 22 Aug 2014 18:18:54 +0000 (18:18 +0000)]
Sync docs to r1619884
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1619885 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Fri, 22 Aug 2014 18:18:08 +0000 (18:18 +0000)]
SECURITY: CVE-2013-5704 (cve.mitre.org)
core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier. Adds "MergeTrailers" directive to restore
legacy behavior.
Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener
Backports: r1610814
Reviewed by: covener, wrowe, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1619884 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 21 Aug 2014 15:36:11 +0000 (15:36 +0000)]
premature
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1619447 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 21 Aug 2014 13:17:27 +0000 (13:17 +0000)]
propose deflate tweak
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1619387 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Thu, 21 Aug 2014 13:00:36 +0000 (13:00 +0000)]
Votes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1619381 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Tue, 19 Aug 2014 20:14:20 +0000 (20:14 +0000)]
Fix typo noticed by GilDawson
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1618966 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Tue, 19 Aug 2014 12:45:51 +0000 (12:45 +0000)]
propose simple authz_core fix
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1618852 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 18 Aug 2014 06:46:17 +0000 (06:46 +0000)]
Propose
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1618547 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 16 Aug 2014 19:18:34 +0000 (19:18 +0000)]
simple mod_proxy_fcgi fix
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1618402 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sun, 10 Aug 2014 00:45:02 +0000 (00:45 +0000)]
propose silencing of ratelimit errors
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1617035 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 9 Aug 2014 15:00:07 +0000 (15:00 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1616962 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 9 Aug 2014 14:58:51 +0000 (14:58 +0000)]
XML update.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1616960 13f79535 -47bb-0310-9956-
ffa450edef68
Mike Rumph [Thu, 7 Aug 2014 01:05:23 +0000 (01:05 +0000)]
Some doc changes for mod_authnz_fcgi.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1616382 13f79535 -47bb-0310-9956-
ffa450edef68
Mike Rumph [Thu, 7 Aug 2014 00:35:23 +0000 (00:35 +0000)]
Generated doc changes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1616380 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 2 Aug 2014 20:19:42 +0000 (20:19 +0000)]
use /var/log instead of /var/logs in examples
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1615363 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sat, 2 Aug 2014 18:46:14 +0000 (18:46 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1615346 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Fri, 1 Aug 2014 04:29:31 +0000 (04:29 +0000)]
Propose
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1615029 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Wed, 30 Jul 2014 04:25:54 +0000 (04:25 +0000)]
Fix typo spotted in comment #2818
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1614541 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 26 Jul 2014 18:49:32 +0000 (18:49 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1613702 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 26 Jul 2014 18:48:36 +0000 (18:48 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1613701 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Sat, 26 Jul 2014 17:02:01 +0000 (17:02 +0000)]
fix a 2.4.10 regression in mod_ldap (noticed by me in a very obscure test case)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1613684 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 25 Jul 2014 22:24:33 +0000 (22:24 +0000)]
Merge r1613526 from trunk:
no status during if_walk
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1613527 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Fri, 25 Jul 2014 22:21:01 +0000 (22:21 +0000)]
Merge r1613524 from trunk:
call out some variables that aren't set during <if>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1613525 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Thu, 24 Jul 2014 22:46:12 +0000 (22:46 +0000)]
Merge r1613318 from trunk:
two commenters were confused authnprovideralias
providing special config to authz providers
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1613319 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Mon, 21 Jul 2014 13:05:10 +0000 (13:05 +0000)]
Applied in r1611758.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1612259 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 20 Jul 2014 14:28:58 +0000 (14:28 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1612095 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 20 Jul 2014 14:27:06 +0000 (14:27 +0000)]
XML updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1612093 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sun, 20 Jul 2014 09:44:48 +0000 (09:44 +0000)]
Propose
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1612069 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 19 Jul 2014 17:47:34 +0000 (17:47 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611933 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sat, 19 Jul 2014 17:46:23 +0000 (17:46 +0000)]
XML Updates.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611931 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sat, 19 Jul 2014 17:33:08 +0000 (17:33 +0000)]
Propose
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611928 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sat, 19 Jul 2014 17:22:30 +0000 (17:22 +0000)]
Fix doxygen comments.
In trunk: r1611210 , r1611252, r1611481, r1611919
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611925 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Sat, 19 Jul 2014 09:40:42 +0000 (09:40 +0000)]
Propose
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611867 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Fri, 18 Jul 2014 21:42:08 +0000 (21:42 +0000)]
fix latex build
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611814 13f79535 -47bb-0310-9956-
ffa450edef68
André Malo [Fri, 18 Jul 2014 20:11:11 +0000 (20:11 +0000)]
update transformation
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611788 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 18 Jul 2014 18:33:46 +0000 (18:33 +0000)]
Merge r1611600 from trunk:
Silence compiler warning:
mod_authnz_fcgi.c:580:44: warning: 'orspbuflen'
may be used uninitialized in this function.
Not true but annoying.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611758 13f79535 -47bb-0310-9956-
ffa450edef68
Daniel Gruno [Fri, 18 Jul 2014 18:15:42 +0000 (18:15 +0000)]
backport for mod_lua: Don't quote values in cookies; Make IE happy again [#56734]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611744 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Fri, 18 Jul 2014 17:05:03 +0000 (17:05 +0000)]
Yes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611715 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Fri, 18 Jul 2014 16:43:10 +0000 (16:43 +0000)]
just make it shut up
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611707 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Fri, 18 Jul 2014 15:42:31 +0000 (15:42 +0000)]
Vote up, note patch (non-2.2) for defect identified by Yann
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611677 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 18 Jul 2014 11:46:00 +0000 (11:46 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611603 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Fri, 18 Jul 2014 11:29:17 +0000 (11:29 +0000)]
Fix typo.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611595 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Fri, 18 Jul 2014 05:54:17 +0000 (05:54 +0000)]
Backport r1513461 to fix some Doxygen warnings/comments, except for the following files which rely on other patches which have not been backported yet:
- ap_mpm.h: r1493741
- http_log.h: r1512819
- httpd.h: r1426877
- mpm_common.h: which is already in synch with 2.4
So only mpm_var_buf.h remains. This is however needed in order to backport other doxygen clean-up.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611541 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Wed, 16 Jul 2014 22:11:33 +0000 (22:11 +0000)]
Improve doxygen comment.
Improve layout, add trailing '.' in function description, remove unneeded @fn.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611203 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Wed, 16 Jul 2014 21:18:39 +0000 (21:18 +0000)]
Repaginate some short/long entries
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611194 13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Wed, 16 Jul 2014 20:26:20 +0000 (20:26 +0000)]
Propose utf-8 service names for winnt
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1611178 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Wed, 16 Jul 2014 06:06:01 +0000 (06:06 +0000)]
Add compatibility note.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610915 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Tue, 15 Jul 2014 20:11:14 +0000 (20:11 +0000)]
Propose
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610834 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Tue, 15 Jul 2014 19:15:14 +0000 (19:15 +0000)]
propose trailers fix, didn't make the cut for 2.4.10 because I had backpor troubles.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610816 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 15 Jul 2014 17:14:08 +0000 (17:14 +0000)]
And we are at 2.4.11-dev
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610760 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 15 Jul 2014 17:12:30 +0000 (17:12 +0000)]
Get ready to tag 2.4.10
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610757 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 15 Jul 2014 16:47:19 +0000 (16:47 +0000)]
xforms
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610749 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 15 Jul 2014 16:41:48 +0000 (16:41 +0000)]
We know this will happen today :)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610748 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Tue, 15 Jul 2014 16:36:11 +0000 (16:36 +0000)]
change attribution to Ben
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610745 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Tue, 15 Jul 2014 16:20:10 +0000 (16:20 +0000)]
CVE-2014-0117 done, the simple/dumb way.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610741 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Tue, 15 Jul 2014 16:12:46 +0000 (16:12 +0000)]
Expand -0117 text a bit and credit Eric who wrote the
one-liner down first ;)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610738 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 15 Jul 2014 16:11:04 +0000 (16:11 +0000)]
mod_proxy Connection handling crasher, CVE-2014-0117
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610737 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 15 Jul 2014 16:07:44 +0000 (16:07 +0000)]
promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610736 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 15 Jul 2014 16:03:02 +0000 (16:03 +0000)]
+1, Joe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610733 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Tue, 15 Jul 2014 14:13:36 +0000 (14:13 +0000)]
Really really think "rushing" this is not wise...
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610704 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Tue, 15 Jul 2014 14:04:16 +0000 (14:04 +0000)]
Vote for Connection header's RFC compliance.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610701 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Tue, 15 Jul 2014 13:33:37 +0000 (13:33 +0000)]
Collect -0117 patches... can I make conditional votes?
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610691 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Tue, 15 Jul 2014 12:14:07 +0000 (12:14 +0000)]
Fix CHANGES entry from r1587201.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610670 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 15 Jul 2014 11:41:28 +0000 (11:41 +0000)]
Fix CVE number for WinNT MPM issue (Thanks Joe)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610661 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 15 Jul 2014 11:17:49 +0000 (11:17 +0000)]
Merge r1610652 from trunk:
SECURITY (CVE-2014-3523): Fix a memory consumption denial of
service in the WinNT MPM used in all Windows installations.
Workaround: AcceptFilter <protocol> {none|connect}
Submitted by: trawick
Reviewed by: jorton, covener, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610653 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Tue, 15 Jul 2014 10:52:07 +0000 (10:52 +0000)]
clarify new use of Timeout for scripts
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610641 13f79535 -47bb-0310-9956-
ffa450edef68
Christophe Jaillet [Mon, 14 Jul 2014 20:48:32 +0000 (20:48 +0000)]
Add missing APLOGNO + fix a typo in a comment
r1610518 in trunk
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610522 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 14 Jul 2014 20:42:54 +0000 (20:42 +0000)]
"CGIDScriptTimeout", not "CGIDRequestTimeout"
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610517 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 20:35:27 +0000 (20:35 +0000)]
Credit/blame where it's due.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610516 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 14 Jul 2014 20:23:27 +0000 (20:23 +0000)]
add CGIDRequestTimeout to CHANGES
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610514 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 14 Jul 2014 20:18:26 +0000 (20:18 +0000)]
merge r1535125 and r1610509 from trunk:
*) SECURITY: CVE-2014-0231 (cve.mitre.org)
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server.
[Rainer Jung, Eric Covener, Yann Ylavic]
Submitted By: rjung, covener, ylavic
Reviewed By: trawick, jorton, covener, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610512 13f79535 -47bb-0310-9956-
ffa450edef68
Eric Covener [Mon, 14 Jul 2014 20:01:30 +0000 (20:01 +0000)]
backport r1610501 from trunk:
*) SECURITY: CVE-2014-0118 (cve.mitre.org)
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to avoid
denial of sevice via highly compressed bodies. See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst.
Thanks to Giancarlo Pellegrino and Davide Balzarotti for reporting the issue.
Submitted By: ylavic, covener
Reviewed By: jorton, covener, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610503 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 19:55:04 +0000 (19:55 +0000)]
Merge
1610491 from trunk:
SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling,
which could lead to a heap buffer overflow. Thanks to Marek Kroemeke
working with HP's Zero Day Initiative for reporting this.
* include/scoreboard.h: Add ap_copy_scoreboard_worker.
* server/scoreboard.c (ap_copy_scoreboard_worker): New function.
* modules/generators/mod_status.c (status_handler): Use it.
* modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise.
Reviewed by: trawick, jorton, covener, jim
Submitted by: jorton, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610499 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 19:36:38 +0000 (19:36 +0000)]
Note CVE name for mod_cache crasher fixed in 2.4.7.
This issue affected httpd versions 2.4.5 and 2.4.6 only.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610495 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 12:29:51 +0000 (12:29 +0000)]
Done.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610400 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 12:29:22 +0000 (12:29 +0000)]
Merge
1610311 from trunk:
Extend the scope of SSLSessionCacheTimeout to sessions
resumed by TLS session resumption (RFC 5077).
Submitted by: rjung
Reviewed by: rjung, ylavic, jorton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610399 13f79535 -47bb-0310-9956-
ffa450edef68
Joe Orton [Mon, 14 Jul 2014 12:27:53 +0000 (12:27 +0000)]
Vote, promote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610398 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Mon, 14 Jul 2014 12:09:21 +0000 (12:09 +0000)]
Merge r1572896, r1572911 from trunk:
mod_deflate:
Don't fail when asked to flush inflated data to the user-agent and that
coincides with the end of stream ("Zlib error flushing inflate buffer").
PR 56196.
Submitted By: [Christoph Fausak <christoph.fausak glueckkanja com>]
Committed By: ylavic
mod_deflate: follows up r1572896.
Be safe from successive or post end-of-stream flush buckets.
Submitted by: ylavic
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610397 13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Mon, 14 Jul 2014 12:07:55 +0000 (12:07 +0000)]
Merge r1452551, r1607960 from trunk:
PR54587: LDAP connections used for authn were not respecting
LDAPConnectionPoolTimeout due to confusion over what "bound" means.
Added some LDAP trace at TRACE5 to track how LDAP connections are
reused and rebound.
make LDAPConnectionPoolTTL more conservative, use r->request_time rather than
end-of-request time, and only update it after a round-trip with the LDAP
server rather than every time we check back into the pool.
Submitted by: covener
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610396 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Mon, 14 Jul 2014 06:05:22 +0000 (06:05 +0000)]
Merge r1610207 from trunk:
Forward local IP address as a custom request attribute
like we already do for the remote port.
Both were forgotten in the original AJP 13 spec
but are needed by the Servlet spec. Until now,
Tomcat simply returns for getLocalAddr() the same as
for getLocalName().
The next round of Tomcat releases will look for the
optional new request attribute.
See also Tomcat BZ 56661.
Submitted by: rjung
Reviewed by: trawick, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610340 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Mon, 14 Jul 2014 00:40:54 +0000 (00:40 +0000)]
Vote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610331 13f79535 -47bb-0310-9956-
ffa450edef68
Yann Ylavic [Mon, 14 Jul 2014 00:37:35 +0000 (00:37 +0000)]
Vote and promote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610330 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 14 Jul 2014 00:29:06 +0000 (00:29 +0000)]
Merge r1609938 from trunk:
core: Include any error notes set by modules in the canned error
response for 403 errors.
Submitted by: trawick
Reviewed by: minfrin, rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610328 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 14 Jul 2014 00:24:33 +0000 (00:24 +0000)]
Merge r1609936 from trunk:
mod_ssl: Set an error note for requests rejected due to
SSLStrictSNIVHostCheck
Submitted by: trawick
Reviewed by: minfrin, rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610327 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 14 Jul 2014 00:22:15 +0000 (00:22 +0000)]
Merge r1609914 from trunk:
mod_ssl: Fix issue with redirects to error documents when handling
SNI errors.
Submitted by: trawick
Reviewed by: minfrin, rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610326 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 23:21:33 +0000 (23:21 +0000)]
Promote.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610321 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 23:20:48 +0000 (23:20 +0000)]
Some easy votes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610319 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 22:36:32 +0000 (22:36 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610312 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sun, 13 Jul 2014 18:15:35 +0000 (18:15 +0000)]
vote/promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610263 13f79535 -47bb-0310-9956-
ffa450edef68
Rainer Jung [Sun, 13 Jul 2014 14:57:25 +0000 (14:57 +0000)]
Propose.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610221 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 13 Jul 2014 12:23:34 +0000 (12:23 +0000)]
Rebuild.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610179 13f79535 -47bb-0310-9956-
ffa450edef68
Lucien Gentis [Sun, 13 Jul 2014 12:22:14 +0000 (12:22 +0000)]
XML Update.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610178 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 20:43:36 +0000 (20:43 +0000)]
promote LDAP proposal
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610046 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:25:35 +0000 (18:25 +0000)]
the dishes are done
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610018 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:19:16 +0000 (18:19 +0000)]
Merge r1496709,r1601995 from trunk:
core: factor out DEFAULT_HANDLER_NAME
Submitted by: jailletc36
Reviewed by: ylavic, trawick
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610017 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:13:08 +0000 (18:13 +0000)]
vote/promote
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610016 13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Sat, 12 Jul 2014 18:08:09 +0000 (18:08 +0000)]
Merge r1597349,
1598107 ,
1603915 ,
1605827 ,
1605829 from trunk:
mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer
larger keys and support up to 8192-bit keys.
Submitted by: rpluem, jorton
Reviewed by: ylavic, kbrand
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610014 13f79535 -47bb-0310-9956-
ffa450edef68