]> granicus.if.org Git - apache/log
apache
10 years agoupdate transformation
André Malo [Sat, 23 Aug 2014 20:19:04 +0000 (20:19 +0000)]
update transformation

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1620072 13f79535-47bb-0310-9956-ffa450edef68

10 years agoRebuild.
Lucien Gentis [Sat, 23 Aug 2014 11:18:28 +0000 (11:18 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1620005 13f79535-47bb-0310-9956-ffa450edef68

10 years agoXML updates.
Lucien Gentis [Sat, 23 Aug 2014 11:17:04 +0000 (11:17 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1620004 13f79535-47bb-0310-9956-ffa450edef68

10 years agoSync docs to r1619884
William A. Rowe Jr [Fri, 22 Aug 2014 18:18:54 +0000 (18:18 +0000)]
Sync docs to r1619884

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619885 13f79535-47bb-0310-9956-ffa450edef68

10 years agoSECURITY: CVE-2013-5704 (cve.mitre.org)
William A. Rowe Jr [Fri, 22 Aug 2014 18:18:08 +0000 (18:18 +0000)]
SECURITY: CVE-2013-5704 (cve.mitre.org)

core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier.  Adds "MergeTrailers" directive to restore
legacy behavior.

Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener
Backports: r1610814
Reviewed by: covener, wrowe, ylavic

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619884 13f79535-47bb-0310-9956-ffa450edef68

10 years agopremature
Eric Covener [Thu, 21 Aug 2014 15:36:11 +0000 (15:36 +0000)]
premature

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619447 13f79535-47bb-0310-9956-ffa450edef68

10 years agopropose deflate tweak
Eric Covener [Thu, 21 Aug 2014 13:17:27 +0000 (13:17 +0000)]
propose deflate tweak

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619387 13f79535-47bb-0310-9956-ffa450edef68

10 years agoVotes.
Yann Ylavic [Thu, 21 Aug 2014 13:00:36 +0000 (13:00 +0000)]
Votes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619381 13f79535-47bb-0310-9956-ffa450edef68

10 years agoFix typo noticed by GilDawson
Christophe Jaillet [Tue, 19 Aug 2014 20:14:20 +0000 (20:14 +0000)]
Fix typo noticed by GilDawson

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1618966 13f79535-47bb-0310-9956-ffa450edef68

10 years agopropose simple authz_core fix
Eric Covener [Tue, 19 Aug 2014 12:45:51 +0000 (12:45 +0000)]
propose simple authz_core fix

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1618852 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose
Christophe Jaillet [Mon, 18 Aug 2014 06:46:17 +0000 (06:46 +0000)]
Propose

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1618547 13f79535-47bb-0310-9956-ffa450edef68

10 years agosimple mod_proxy_fcgi fix
Jeff Trawick [Sat, 16 Aug 2014 19:18:34 +0000 (19:18 +0000)]
simple mod_proxy_fcgi fix

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1618402 13f79535-47bb-0310-9956-ffa450edef68

10 years agopropose silencing of ratelimit errors
Eric Covener [Sun, 10 Aug 2014 00:45:02 +0000 (00:45 +0000)]
propose silencing of ratelimit errors

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1617035 13f79535-47bb-0310-9956-ffa450edef68

10 years agoRebuild.
Lucien Gentis [Sat, 9 Aug 2014 15:00:07 +0000 (15:00 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1616962 13f79535-47bb-0310-9956-ffa450edef68

10 years agoXML update.
Lucien Gentis [Sat, 9 Aug 2014 14:58:51 +0000 (14:58 +0000)]
XML update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1616960 13f79535-47bb-0310-9956-ffa450edef68

10 years agoSome doc changes for mod_authnz_fcgi.
Mike Rumph [Thu, 7 Aug 2014 01:05:23 +0000 (01:05 +0000)]
Some doc changes for mod_authnz_fcgi.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1616382 13f79535-47bb-0310-9956-ffa450edef68

10 years agoGenerated doc changes.
Mike Rumph [Thu, 7 Aug 2014 00:35:23 +0000 (00:35 +0000)]
Generated doc changes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1616380 13f79535-47bb-0310-9956-ffa450edef68

10 years agouse /var/log instead of /var/logs in examples
Eric Covener [Sat, 2 Aug 2014 20:19:42 +0000 (20:19 +0000)]
use /var/log instead of /var/logs in examples

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1615363 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose.
Rainer Jung [Sat, 2 Aug 2014 18:46:14 +0000 (18:46 +0000)]
Propose.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1615346 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose
Christophe Jaillet [Fri, 1 Aug 2014 04:29:31 +0000 (04:29 +0000)]
Propose

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1615029 13f79535-47bb-0310-9956-ffa450edef68

10 years agoFix typo spotted in comment #2818
Christophe Jaillet [Wed, 30 Jul 2014 04:25:54 +0000 (04:25 +0000)]
Fix typo spotted in comment #2818

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1614541 13f79535-47bb-0310-9956-ffa450edef68

10 years agoRebuild.
Lucien Gentis [Sat, 26 Jul 2014 18:49:32 +0000 (18:49 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1613702 13f79535-47bb-0310-9956-ffa450edef68

10 years agoXML updates.
Lucien Gentis [Sat, 26 Jul 2014 18:48:36 +0000 (18:48 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1613701 13f79535-47bb-0310-9956-ffa450edef68

10 years agofix a 2.4.10 regression in mod_ldap (noticed by me in a very obscure test case)
Eric Covener [Sat, 26 Jul 2014 17:02:01 +0000 (17:02 +0000)]
fix a 2.4.10 regression in mod_ldap (noticed by me in a very obscure test case)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1613684 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1613526 from trunk:
Eric Covener [Fri, 25 Jul 2014 22:24:33 +0000 (22:24 +0000)]
Merge r1613526 from trunk:

no status during if_walk

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1613527 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1613524 from trunk:
Eric Covener [Fri, 25 Jul 2014 22:21:01 +0000 (22:21 +0000)]
Merge r1613524 from trunk:

call out some variables that aren't set during <if>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1613525 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1613318 from trunk:
Eric Covener [Thu, 24 Jul 2014 22:46:12 +0000 (22:46 +0000)]
Merge r1613318 from trunk:

two commenters were confused authnprovideralias
providing special config to authz providers

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1613319 13f79535-47bb-0310-9956-ffa450edef68

10 years agoApplied in r1611758.
Rainer Jung [Mon, 21 Jul 2014 13:05:10 +0000 (13:05 +0000)]
Applied in r1611758.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1612259 13f79535-47bb-0310-9956-ffa450edef68

10 years agoRebuild.
Lucien Gentis [Sun, 20 Jul 2014 14:28:58 +0000 (14:28 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1612095 13f79535-47bb-0310-9956-ffa450edef68

10 years agoXML updates.
Lucien Gentis [Sun, 20 Jul 2014 14:27:06 +0000 (14:27 +0000)]
XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1612093 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose
Christophe Jaillet [Sun, 20 Jul 2014 09:44:48 +0000 (09:44 +0000)]
Propose

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1612069 13f79535-47bb-0310-9956-ffa450edef68

10 years agoRebuild.
Lucien Gentis [Sat, 19 Jul 2014 17:47:34 +0000 (17:47 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611933 13f79535-47bb-0310-9956-ffa450edef68

10 years agoXML Updates.
Lucien Gentis [Sat, 19 Jul 2014 17:46:23 +0000 (17:46 +0000)]
XML Updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611931 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose
Christophe Jaillet [Sat, 19 Jul 2014 17:33:08 +0000 (17:33 +0000)]
Propose

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611928 13f79535-47bb-0310-9956-ffa450edef68

10 years agoFix doxygen comments.
Christophe Jaillet [Sat, 19 Jul 2014 17:22:30 +0000 (17:22 +0000)]
Fix doxygen comments.

In trunk: r1611210 , r1611252, r1611481, r1611919

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611925 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose
Christophe Jaillet [Sat, 19 Jul 2014 09:40:42 +0000 (09:40 +0000)]
Propose

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611867 13f79535-47bb-0310-9956-ffa450edef68

10 years agofix latex build
André Malo [Fri, 18 Jul 2014 21:42:08 +0000 (21:42 +0000)]
fix latex build

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611814 13f79535-47bb-0310-9956-ffa450edef68

10 years agoupdate transformation
André Malo [Fri, 18 Jul 2014 20:11:11 +0000 (20:11 +0000)]
update transformation

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611788 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1611600 from trunk:
Rainer Jung [Fri, 18 Jul 2014 18:33:46 +0000 (18:33 +0000)]
Merge r1611600 from trunk:

Silence compiler warning:
mod_authnz_fcgi.c:580:44: warning: 'orspbuflen'
may be used uninitialized in this function.

Not true but annoying.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611758 13f79535-47bb-0310-9956-ffa450edef68

10 years agobackport for mod_lua: Don't quote values in cookies; Make IE happy again [#56734]
Daniel Gruno [Fri, 18 Jul 2014 18:15:42 +0000 (18:15 +0000)]
backport for mod_lua: Don't quote values in cookies; Make IE happy again [#56734]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611744 13f79535-47bb-0310-9956-ffa450edef68

10 years agoYes
William A. Rowe Jr [Fri, 18 Jul 2014 17:05:03 +0000 (17:05 +0000)]
Yes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611715 13f79535-47bb-0310-9956-ffa450edef68

10 years agojust make it shut up
Jeff Trawick [Fri, 18 Jul 2014 16:43:10 +0000 (16:43 +0000)]
just make it shut up

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611707 13f79535-47bb-0310-9956-ffa450edef68

10 years agoVote up, note patch (non-2.2) for defect identified by Yann
William A. Rowe Jr [Fri, 18 Jul 2014 15:42:31 +0000 (15:42 +0000)]
Vote up, note patch (non-2.2) for defect identified by Yann

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611677 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose.
Rainer Jung [Fri, 18 Jul 2014 11:46:00 +0000 (11:46 +0000)]
Propose.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611603 13f79535-47bb-0310-9956-ffa450edef68

10 years agoFix typo.
Rainer Jung [Fri, 18 Jul 2014 11:29:17 +0000 (11:29 +0000)]
Fix typo.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611595 13f79535-47bb-0310-9956-ffa450edef68

10 years agoBackport r1513461 to fix some Doxygen warnings/comments, except for the following...
Christophe Jaillet [Fri, 18 Jul 2014 05:54:17 +0000 (05:54 +0000)]
Backport r1513461 to fix some Doxygen warnings/comments, except for the following files which rely on other patches which have not been backported yet:
   - ap_mpm.h: r1493741
   - http_log.h: r1512819
   - httpd.h: r1426877
   - mpm_common.h: which is already in synch with 2.4
So only mpm_var_buf.h remains. This is however needed in order to backport other doxygen clean-up.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611541 13f79535-47bb-0310-9956-ffa450edef68

10 years agoImprove doxygen comment.
Christophe Jaillet [Wed, 16 Jul 2014 22:11:33 +0000 (22:11 +0000)]
Improve doxygen comment.

Improve layout, add trailing '.' in function description, remove unneeded @fn.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611203 13f79535-47bb-0310-9956-ffa450edef68

10 years agoRepaginate some short/long entries
William A. Rowe Jr [Wed, 16 Jul 2014 21:18:39 +0000 (21:18 +0000)]
Repaginate some short/long entries

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611194 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose utf-8 service names for winnt
William A. Rowe Jr [Wed, 16 Jul 2014 20:26:20 +0000 (20:26 +0000)]
Propose utf-8 service names for winnt

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611178 13f79535-47bb-0310-9956-ffa450edef68

10 years agoAdd compatibility note.
Rainer Jung [Wed, 16 Jul 2014 06:06:01 +0000 (06:06 +0000)]
Add compatibility note.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610915 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose
Christophe Jaillet [Tue, 15 Jul 2014 20:11:14 +0000 (20:11 +0000)]
Propose

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610834 13f79535-47bb-0310-9956-ffa450edef68

10 years agopropose trailers fix, didn't make the cut for 2.4.10 because I had backpor troubles.
Eric Covener [Tue, 15 Jul 2014 19:15:14 +0000 (19:15 +0000)]
propose trailers fix, didn't make the cut for 2.4.10 because I had backpor troubles.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610816 13f79535-47bb-0310-9956-ffa450edef68

10 years agoAnd we are at 2.4.11-dev
Jim Jagielski [Tue, 15 Jul 2014 17:14:08 +0000 (17:14 +0000)]
And we are at 2.4.11-dev

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610760 13f79535-47bb-0310-9956-ffa450edef68

10 years agoGet ready to tag 2.4.10
Jim Jagielski [Tue, 15 Jul 2014 17:12:30 +0000 (17:12 +0000)]
Get ready to tag 2.4.10

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610757 13f79535-47bb-0310-9956-ffa450edef68

10 years agoxforms
Jim Jagielski [Tue, 15 Jul 2014 16:47:19 +0000 (16:47 +0000)]
xforms

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610749 13f79535-47bb-0310-9956-ffa450edef68

10 years agoWe know this will happen today :)
Jim Jagielski [Tue, 15 Jul 2014 16:41:48 +0000 (16:41 +0000)]
We know this will happen today :)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610748 13f79535-47bb-0310-9956-ffa450edef68

10 years agochange attribution to Ben
Eric Covener [Tue, 15 Jul 2014 16:36:11 +0000 (16:36 +0000)]
change attribution to Ben

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610745 13f79535-47bb-0310-9956-ffa450edef68

10 years agoCVE-2014-0117 done, the simple/dumb way.
Joe Orton [Tue, 15 Jul 2014 16:20:10 +0000 (16:20 +0000)]
CVE-2014-0117 done, the simple/dumb way.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610741 13f79535-47bb-0310-9956-ffa450edef68

10 years agoExpand -0117 text a bit and credit Eric who wrote the
Joe Orton [Tue, 15 Jul 2014 16:12:46 +0000 (16:12 +0000)]
Expand -0117 text a bit and credit Eric who wrote the
one-liner down first ;)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610738 13f79535-47bb-0310-9956-ffa450edef68

10 years agomod_proxy Connection handling crasher, CVE-2014-0117
Jim Jagielski [Tue, 15 Jul 2014 16:11:04 +0000 (16:11 +0000)]
mod_proxy Connection handling crasher, CVE-2014-0117

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610737 13f79535-47bb-0310-9956-ffa450edef68

10 years agopromote
Jim Jagielski [Tue, 15 Jul 2014 16:07:44 +0000 (16:07 +0000)]
promote

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610736 13f79535-47bb-0310-9956-ffa450edef68

10 years ago+1, Joe
Jeff Trawick [Tue, 15 Jul 2014 16:03:02 +0000 (16:03 +0000)]
+1, Joe

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610733 13f79535-47bb-0310-9956-ffa450edef68

10 years agoReally really think "rushing" this is not wise...
Jim Jagielski [Tue, 15 Jul 2014 14:13:36 +0000 (14:13 +0000)]
Really really think "rushing" this is not wise...

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610704 13f79535-47bb-0310-9956-ffa450edef68

10 years agoVote for Connection header's RFC compliance.
Yann Ylavic [Tue, 15 Jul 2014 14:04:16 +0000 (14:04 +0000)]
Vote for Connection header's RFC compliance.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610701 13f79535-47bb-0310-9956-ffa450edef68

10 years agoCollect -0117 patches... can I make conditional votes?
Joe Orton [Tue, 15 Jul 2014 13:33:37 +0000 (13:33 +0000)]
Collect -0117 patches... can I make conditional votes?

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610691 13f79535-47bb-0310-9956-ffa450edef68

10 years agoFix CHANGES entry from r1587201.
Yann Ylavic [Tue, 15 Jul 2014 12:14:07 +0000 (12:14 +0000)]
Fix CHANGES entry from r1587201.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610670 13f79535-47bb-0310-9956-ffa450edef68

10 years agoFix CVE number for WinNT MPM issue (Thanks Joe)
Jeff Trawick [Tue, 15 Jul 2014 11:41:28 +0000 (11:41 +0000)]
Fix CVE number for WinNT MPM issue (Thanks Joe)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610661 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1610652 from trunk:
Jeff Trawick [Tue, 15 Jul 2014 11:17:49 +0000 (11:17 +0000)]
Merge r1610652 from trunk:

SECURITY (CVE-2014-3523): Fix a memory consumption denial of
service in the WinNT MPM used in all Windows installations.
Workaround: AcceptFilter <protocol> {none|connect}

Submitted by: trawick
Reviewed by: jorton, covener, jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610653 13f79535-47bb-0310-9956-ffa450edef68

10 years agoclarify new use of Timeout for scripts
Jeff Trawick [Tue, 15 Jul 2014 10:52:07 +0000 (10:52 +0000)]
clarify new use of Timeout for scripts

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610641 13f79535-47bb-0310-9956-ffa450edef68

10 years agoAdd missing APLOGNO + fix a typo in a comment
Christophe Jaillet [Mon, 14 Jul 2014 20:48:32 +0000 (20:48 +0000)]
Add missing APLOGNO + fix a typo in a comment

r1610518 in trunk

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610522 13f79535-47bb-0310-9956-ffa450edef68

10 years ago"CGIDScriptTimeout", not "CGIDRequestTimeout"
Jeff Trawick [Mon, 14 Jul 2014 20:42:54 +0000 (20:42 +0000)]
"CGIDScriptTimeout", not "CGIDRequestTimeout"

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610517 13f79535-47bb-0310-9956-ffa450edef68

10 years agoCredit/blame where it's due.
Joe Orton [Mon, 14 Jul 2014 20:35:27 +0000 (20:35 +0000)]
Credit/blame where it's due.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610516 13f79535-47bb-0310-9956-ffa450edef68

10 years agoadd CGIDRequestTimeout to CHANGES
Eric Covener [Mon, 14 Jul 2014 20:23:27 +0000 (20:23 +0000)]
add CGIDRequestTimeout to CHANGES

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610514 13f79535-47bb-0310-9956-ffa450edef68

10 years agomerge r1535125 and r1610509 from trunk:
Eric Covener [Mon, 14 Jul 2014 20:18:26 +0000 (20:18 +0000)]
merge r1535125 and r1610509 from trunk:

    *) SECURITY: CVE-2014-0231 (cve.mitre.org)
       mod_cgid: Fix a denial of service against CGI scripts that do
       not consume stdin that could lead to lingering HTTPD child processes
       filling up the scoreboard and eventually hanging the server.
       [Rainer Jung, Eric Covener, Yann Ylavic]

Submitted By: rjung, covener, ylavic
Reviewed By: trawick, jorton, covener, jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610512 13f79535-47bb-0310-9956-ffa450edef68

10 years agobackport r1610501 from trunk:
Eric Covener [Mon, 14 Jul 2014 20:01:30 +0000 (20:01 +0000)]
backport r1610501 from trunk:

      *) SECURITY: CVE-2014-0118 (cve.mitre.org)
         mod_deflate: The DEFLATE input filter (inflates request bodies) now
         limits the length and compression ratio of inflated request bodies to avoid
         denial of sevice via highly compressed bodies.  See directives
         DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
         and DeflateInflateRatioBurst.

    Thanks to Giancarlo Pellegrino and Davide Balzarotti for reporting the issue.

Submitted By: ylavic, covener
Reviewed By: jorton, covener, jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610503 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge 1610491 from trunk:
Joe Orton [Mon, 14 Jul 2014 19:55:04 +0000 (19:55 +0000)]
Merge 1610491 from trunk:

SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling,
which could lead to a heap buffer overflow.  Thanks to Marek Kroemeke
working with HP's Zero Day Initiative for reporting this.

* include/scoreboard.h: Add ap_copy_scoreboard_worker.

* server/scoreboard.c (ap_copy_scoreboard_worker): New function.

* modules/generators/mod_status.c (status_handler): Use it.

* modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise.

Reviewed by: trawick, jorton, covener, jim
Submitted by: jorton, covener

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610499 13f79535-47bb-0310-9956-ffa450edef68

10 years agoNote CVE name for mod_cache crasher fixed in 2.4.7.
Joe Orton [Mon, 14 Jul 2014 19:36:38 +0000 (19:36 +0000)]
Note CVE name for mod_cache crasher fixed in 2.4.7.

This issue affected httpd versions 2.4.5 and 2.4.6 only.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610495 13f79535-47bb-0310-9956-ffa450edef68

10 years agoDone.
Joe Orton [Mon, 14 Jul 2014 12:29:51 +0000 (12:29 +0000)]
Done.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610400 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge 1610311 from trunk:
Joe Orton [Mon, 14 Jul 2014 12:29:22 +0000 (12:29 +0000)]
Merge 1610311 from trunk:

Extend the scope of SSLSessionCacheTimeout to sessions
resumed by TLS session resumption (RFC 5077).

Submitted by: rjung
Reviewed by: rjung, ylavic, jorton

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610399 13f79535-47bb-0310-9956-ffa450edef68

10 years agoVote, promote.
Joe Orton [Mon, 14 Jul 2014 12:27:53 +0000 (12:27 +0000)]
Vote, promote.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610398 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1572896, r1572911 from trunk:
Jim Jagielski [Mon, 14 Jul 2014 12:09:21 +0000 (12:09 +0000)]
Merge r1572896, r1572911 from trunk:

mod_deflate:
Don't fail when asked to flush inflated data to the user-agent and that
coincides with the end of stream ("Zlib error flushing inflate buffer").
PR 56196.

Submitted By: [Christoph Fausak <christoph.fausak glueckkanja com>]
Committed By: ylavic

mod_deflate: follows up r1572896.
Be safe from successive or post end-of-stream flush buckets.

Submitted by: ylavic
Reviewed/backported by: jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610397 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1452551, r1607960 from trunk:
Jim Jagielski [Mon, 14 Jul 2014 12:07:55 +0000 (12:07 +0000)]
Merge r1452551, r1607960 from trunk:

PR54587: LDAP connections used for authn were not respecting
LDAPConnectionPoolTimeout due to confusion over what "bound" means.

Added some LDAP trace at TRACE5 to track how LDAP connections are
reused and rebound.

make LDAPConnectionPoolTTL more conservative, use r->request_time rather than
end-of-request time, and only update it after a round-trip with the LDAP
server rather than every time we check back into the pool.

Submitted by: covener
Reviewed/backported by: jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610396 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1610207 from trunk:
Rainer Jung [Mon, 14 Jul 2014 06:05:22 +0000 (06:05 +0000)]
Merge r1610207 from trunk:

Forward local IP address as a custom request attribute
like we already do for the remote port.

Both were forgotten in the original AJP 13 spec
but are needed by the Servlet spec. Until now,
Tomcat simply returns for getLocalAddr() the same as
for getLocalName().

The next round of Tomcat releases will look for the
optional new request attribute.

See also Tomcat BZ 56661.

Submitted by: rjung
Reviewed by: trawick, ylavic

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610340 13f79535-47bb-0310-9956-ffa450edef68

10 years agoVote.
Yann Ylavic [Mon, 14 Jul 2014 00:40:54 +0000 (00:40 +0000)]
Vote.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610331 13f79535-47bb-0310-9956-ffa450edef68

10 years agoVote and promote.
Yann Ylavic [Mon, 14 Jul 2014 00:37:35 +0000 (00:37 +0000)]
Vote and promote.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610330 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1609938 from trunk:
Jeff Trawick [Mon, 14 Jul 2014 00:29:06 +0000 (00:29 +0000)]
Merge r1609938 from trunk:

core: Include any error notes set by modules in the canned error
response for 403 errors.

Submitted by: trawick
Reviewed by: minfrin, rjung

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610328 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1609936 from trunk:
Jeff Trawick [Mon, 14 Jul 2014 00:24:33 +0000 (00:24 +0000)]
Merge r1609936 from trunk:

mod_ssl: Set an error note for requests rejected due to
SSLStrictSNIVHostCheck

Submitted by: trawick
Reviewed by: minfrin, rjung

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610327 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1609914 from trunk:
Jeff Trawick [Mon, 14 Jul 2014 00:22:15 +0000 (00:22 +0000)]
Merge r1609914 from trunk:

mod_ssl: Fix issue with redirects to error documents when handling
SNI errors.

Submitted by: trawick
Reviewed by: minfrin, rjung

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610326 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPromote.
Rainer Jung [Sun, 13 Jul 2014 23:21:33 +0000 (23:21 +0000)]
Promote.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610321 13f79535-47bb-0310-9956-ffa450edef68

10 years agoSome easy votes.
Rainer Jung [Sun, 13 Jul 2014 23:20:48 +0000 (23:20 +0000)]
Some easy votes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610319 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose.
Rainer Jung [Sun, 13 Jul 2014 22:36:32 +0000 (22:36 +0000)]
Propose.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610312 13f79535-47bb-0310-9956-ffa450edef68

10 years agovote/promote
Jeff Trawick [Sun, 13 Jul 2014 18:15:35 +0000 (18:15 +0000)]
vote/promote

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610263 13f79535-47bb-0310-9956-ffa450edef68

10 years agoPropose.
Rainer Jung [Sun, 13 Jul 2014 14:57:25 +0000 (14:57 +0000)]
Propose.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610221 13f79535-47bb-0310-9956-ffa450edef68

10 years agoRebuild.
Lucien Gentis [Sun, 13 Jul 2014 12:23:34 +0000 (12:23 +0000)]
Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610179 13f79535-47bb-0310-9956-ffa450edef68

10 years agoXML Update.
Lucien Gentis [Sun, 13 Jul 2014 12:22:14 +0000 (12:22 +0000)]
XML Update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610178 13f79535-47bb-0310-9956-ffa450edef68

10 years agopromote LDAP proposal
Jeff Trawick [Sat, 12 Jul 2014 20:43:36 +0000 (20:43 +0000)]
promote LDAP proposal

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610046 13f79535-47bb-0310-9956-ffa450edef68

10 years agothe dishes are done
Jeff Trawick [Sat, 12 Jul 2014 18:25:35 +0000 (18:25 +0000)]
the dishes are done

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610018 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1496709,r1601995 from trunk:
Jeff Trawick [Sat, 12 Jul 2014 18:19:16 +0000 (18:19 +0000)]
Merge r1496709,r1601995 from trunk:

core: factor out DEFAULT_HANDLER_NAME

Submitted by: jailletc36
Reviewed by: ylavic, trawick

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610017 13f79535-47bb-0310-9956-ffa450edef68

10 years agovote/promote
Jeff Trawick [Sat, 12 Jul 2014 18:13:08 +0000 (18:13 +0000)]
vote/promote

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610016 13f79535-47bb-0310-9956-ffa450edef68

10 years agoMerge r1597349,1598107,1603915,1605827,1605829 from trunk:
Jeff Trawick [Sat, 12 Jul 2014 18:08:09 +0000 (18:08 +0000)]
Merge r1597349,1598107,1603915,1605827,1605829 from trunk:

mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer
larger keys and support up to 8192-bit keys.

Submitted by: rpluem, jorton
Reviewed by: ylavic, kbrand

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610014 13f79535-47bb-0310-9956-ffa450edef68