Graham Leggett [Tue, 26 Sep 2006 14:36:43 +0000 (14:36 +0000)]
mod_cache: From RFC3986 (section 6.2.3.) if a URI contains an
authority component and an empty path, the empty path is to be equivalent
to "/". It explicitly cites the following four URIs as equivalents:
http://example.com
http://example.com/
http://example.com:/
http://example.com:80/
Graham Leggett [Tue, 26 Sep 2006 14:12:36 +0000 (14:12 +0000)]
Don't cache requests with a expires date in the past; otherwise mod_cache will
always try to cache the URL. This bug might lead to numerous rename() errors
on win32 if the URL was previously cached.
Graham Leggett [Tue, 26 Sep 2006 13:29:09 +0000 (13:29 +0000)]
mod_disk_cache: Make sure that only positive integers are accepted
for the CacheMaxFileSize and CacheMinFileSize parameters in the
config file. PR39380 [Niklas Edmundsson <nikke acc.umu.se>]
Nick Kew [Thu, 21 Sep 2006 22:13:34 +0000 (22:13 +0000)]
Generic fix for PR#31759
If a handler returns a value that is neither reserved nor a valid
HTTP response code, log an error and substitute HTTP_INTERNAL_SERVER_ERROR.
Allow a handler to override this explicitly by setting a note.
* Set the new environment variable BALANCER_ROUTE_CHANGED if a worker with a
route different from the one supplied by the client had been chosen or if
the client supplied no routing information for a balancer with sticky
sessions.
* PROXY_WORKER_IS_INITIALIZED checks if PROXY_WORKER_INITIALIZED is set in
worker->s->status, but we need to check here if it is set in worker->status.
As PROXY_WORKER_INITIALIZED is set in worker->s->status in
ap_proxy_initialize_worker_share, which is called just before
ap_proxy_initialize_worker we never initialize the worker. This is very bad
as we create no reslist for the pool in this case.
Jeff Trawick [Tue, 5 Sep 2006 13:08:15 +0000 (13:08 +0000)]
Replace ap_get_server_version with ap_get_server_banner() and
ap_get_server_description().
High-level summary:
The full server version information is now included in the error log at
startup as well as server status reports, irrespective of the setting
of the ServerTokens directive.
Third-party modules must now use ap_get_server_banner() or
ap_get_server_description() in place of ap_get_server_version().
Joshua Slive [Tue, 22 Aug 2006 17:07:54 +0000 (17:07 +0000)]
Allow the typical non-DAV methods to be unrestricted
in our DAV examples (in particular, POST). Also
change <Location> to <Directory> in the docs. This
particular example was not a security problem because
<Location> was being used to *extend* access, rather than
to *restrict* access, but it is better to encourage
people to use <Directory> by default.
Joshua Slive [Sun, 20 Aug 2006 19:46:24 +0000 (19:46 +0000)]
My last effort was a little too succinct and not quite precise
enough. Try being more explicit.
This does leave the danger that people will clip the <Location>
example as the proper way to do things, when they should be
reading on to the <Directory> example. The <Location> example
is only correct when used in conjunction with Alias.
Joshua Slive [Sun, 20 Aug 2006 18:48:24 +0000 (18:48 +0000)]
Add a note about case-sensitivity to the windows platform docs.
Partially in response to the disputed vulnerability:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4110
Joshua Slive [Sun, 20 Aug 2006 18:08:43 +0000 (18:08 +0000)]
Make it clear that url-path is always case-sensitive.
Provide an example of using a regex to make it case-insensitive.
Make it clear that ScriptAlias is only used when you want
BOTH mapping and script-designation.
Partially in response to the disputed vulnerability:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4110
Nick Kew [Fri, 18 Aug 2006 12:16:13 +0000 (12:16 +0000)]
Don't use NULL s->server_hostname as hash lookup key.
Reported by paritosh (at limewire.co.in) on dev@httpd (thread
Re: apache 2.2 crashes at the start time in mod_dbd.c then preparing AuthDBDUserPWQuery)
Fixed by paritosh and Yours Truly.
Chris Darroch [Mon, 14 Aug 2006 22:55:45 +0000 (22:55 +0000)]
Introduce a check_config phase between pre_config and open_logs,
to allow modules to review interdependent configuration directive
values and adjust them while messages can still be logged to the
console.
The open_logs phase is already used somewhat for this purpose by
certain MPMs (winnt, prefork, worker, and event) but only by forcing
their functions ahead of the core ap_open_logs() function, and
since this phase runs after the ap_signal_server function during startup,
it can not be used to generate messages on the console when restarting.
Add the check_config phase to mod_info and mod_example.
Handle relevant MPM directives during this phase and format messages
for both the console and the error log, as appropriate. Bounds and sanity
checks on the values of the MPM directives are handled in sequence in
this phase instead of in the various directive handling functions, since
those functions (e.g., set_max_clients()) may not be called at all if their
directives do not appear in the configuration files, and even if they
are called, there is no guarantee that this will occur in any particular
order.
Remove from the worker and event MPMs the code in the pre_config phase
that alters the configuration node tree by re-ordering ThreadsPerChild
ahead of MaxClients. This code is effective but insufficient; for
example, if ServerLimit follows MaxClients, the test against server_limit
in set_max_clients() is invalid. (In practice, this only results in
incorrect or absent warnings on the console, because server_limit is
set to its configured value when the main loop re-runs the configuration
process.)
Prevent ap_threads_per_child from exceeding thread_limit in the
winnt, worker, and event MPMs. This situation could occur if
ThreadsPerChild was not specified in the configuration files and
ThreadLimit was set to a value smaller than DEFAULT_THREADS_PER_CHILD,
because set_threads_per_child() would never be called and therefore
its bounds check against thread_limit would not be performed.
Remove from the winnt, prefork, worker, and event MPMs the
changed_limit_at_restart flag. Set the first_server_limit and
first_thread_limit values during the first execution of the check_config
function, and use them to detect changes to ServerLimit and ThreadLimit
across restarts and issue appropriately formatted warnings. Remove the
comments about the error log being a "bit bucket"; this was true when
the code was originally committed in r92530 but that was due to a bug
fixed in r92769.
Be consistent about setting all MPM configuration directive values in the
pre_config phase.
Rephrase and reformat the console and log file messages relating to
MPM configuration directives to be consistent across all MPMs. Use
briefer messages when logging to the error log than to the console.
Update miscellaneous stale comments and messages (e.g., reference to
daemons_min_free in worker and event MPMs, "prefork open_logs" in
winnt MPM, and StartServers in netware MPM).
The winnt, netware, beos, and mpmt_os2 MPMs should be tested by developers
with access to those platforms, especially the winnt MPM, which has
unique logic with respect to distinguishing between parent and child
processes during the configuration phases.
Update the English documentation for the worker MPM's ThreadsPerChild
directive, which no longer needs to precede other MPM directives in the
configuration files if it has a non-default value. The German (.de) and
Japanese (.ja) translations should be updated by developers fluent in
those languages.
Mladen Turk [Wed, 2 Aug 2006 15:31:24 +0000 (15:31 +0000)]
Fix return values from wait_for_many_objects.
The return value is index to the signaled thread in
the creted_threads array.
We can not use WAIT_TIMEOUT as return value
because its value is defined as 258, thus limiting
the MaxThreads to that value that leads to the
assertion errors.
Mladen Turk [Wed, 2 Aug 2006 14:36:24 +0000 (14:36 +0000)]
Fix the assertion if the WaitForMutipleObjects
returns WAIT_ABANDONED_NN instead presumed
WAIT_OBJECT_NN. This will correctly close the thread
handle without using invalid thread handle array index.
Spotted when large balancer timeout was set
and all the threads were busy waiting for the
connection:
[Wed Aug 02 14:29:58 2006] [crit] [Wed Aug 02 14:29:58 2006] file \\build-2.2.2\\server\\mpm\\winnt\\child.c, line 1120, assertion "(rv >= 0) && (rv < threads_created)" failed
Mladen Turk [Wed, 2 Aug 2006 07:59:47 +0000 (07:59 +0000)]
Allow optional name=value options within <Proxy
section line. Additional arguments are allowed
only for 'standard' url's, meaning that the wildchar
urls will return error like before.
This allow to specify the worker/balancer parameters
on the definition line, without the need for extra
ProxySet options.
Mladen Turk [Wed, 2 Aug 2006 06:54:01 +0000 (06:54 +0000)]
Enable ProxySet inside <Proxy> section to
create balancer or worker if they were not
already created.
This allows to have ProxySet directive before
BalancerMember directives inside Proxy section.
Jim Jagielski [Mon, 31 Jul 2006 17:01:40 +0000 (17:01 +0000)]
Add in a very simple balancer "set" concept, which allows
for members to be assigned to a particular cluster set
such that members in lower-numbered sets are checked/used
before those in higher ones.
Also bundled in this are some HTML cleanups for the balancer
manager UI. Sorry for the mixins :)
Compiles/builds clean: passes test framework as well
as more normal usage tests ;)
* Rework inflate out filter and give it a similar workflow as the deflate out
filter. This fixes the following bugs in the inflate out filter:
- Incorrect handling of flush buckets.
- Excessive memory usage for large compressed content (because we now
already sent parts down the chain and do not process the whole brigade
first before sending something down the chain).
- Handle the case correctly where the validation bytes at the end of
the compressed data stream are distributed across different buckets /
brigades.
- Fix a memory leak due to not cleaning up the internal structures of
libz in some error cases.
* We can ignore Z_BUF_ERROR in flush_libz_buffer because:
When we call libz_func we can assume that
- avail_in is zero (due to the surrounding code that calls
flush_libz_buffer)
- avail_out is non zero due to the fact that we just emptied
the output buffer and stored it into a brigade
So the only reason for Z_BUF_ERROR is that the internal libz
buffers are now empty and thus we called libz_func one time
too often. This does not hurt. It simply says that we are done.
* Add parameter crc to flush_libz_buffer in order to call the libz's crc32
function on the output buffer if needed. This is actually needed by the
later rework of the inflate out filter.
Mark J. Cox [Thu, 27 Jul 2006 17:03:34 +0000 (17:03 +0000)]
SECURITY: CVE-2006-3747 (cve.mitre.org)
mod_rewrite: Fix an off-by-one security problem in the ldap scheme
handling. For some RewriteRules this could lead to a pointer being
written out of bounds. Reported by Mark Dowd of McAfee.
* Remove all filters that are before the cache_out filter. This ensures
that we kick off the filter stack with our cache_out filter being the
first in the chain. This make sense because we want to restore things
in the same manner as we saved them.
There may be filters before our cache_out filter, because
1. We call ap_set_content_type during cache_select. This causes
Content-Type specific filters to be added.
2. We call the insert_filter hook. This causes filters e.g. like
the ones set with SetOutputFilter to be added.
Roy T. Fielding [Wed, 26 Jul 2006 00:40:53 +0000 (00:40 +0000)]
Fix warning on Darwin 8.7.0 (OS X 10.4.7) due to the prototype for
sendfile_nonblocking being declared outside ifdefs even though the
function is defined and used only when APR_HAS_SENDFILE
* Although the lstat call should rarely ever fail, because we stat'ed the
same file several lines above, check the return value to be save that
nothing bad happens in the case it does fail.
projects / apache / log