granicus.if.org Git - apache/log

]> granicus.if.org Git - apache/log

Christophe Jaillet [Sun, 25 Jun 2017 07:10:19 +0000 (07:10 +0000)]

Add CHANGE entry

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799786 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Sun, 25 Jun 2017 07:05:17 +0000 (07:05 +0000)]

Remove a backported entry.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799785 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Sun, 25 Jun 2017 06:09:43 +0000 (06:09 +0000)]

Since r1753257, "HEAD" method is registered into the registry hash with the M_GET ID.
(r1757672 in 2.4.x)

We iterate over all the values of the registery, so there is no need anymore to have a special case for "HEAD" in 'make_allow()'. It has its own entry now.

With the current code, we have "HEAD" 3 times in the Allow Header field.
This is because we find M_GET 2 times in the registry hash. The first one gives "GET" and "HEAD" (as the special handling), and the second "HEAD" and "HEAD" (as the special handling).

BTW, use APR_ARRAY_PUSH instead of hand coding it, in oder to have the code more readable.

PR 61207

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799784 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Gregg Lewis Smith [Sat, 24 Jun 2017 05:55:22 +0000 (05:55 +0000)]

style: where did the tabs come from?
no code changes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799732 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Gregg Lewis Smith [Sat, 24 Jun 2017 05:49:45 +0000 (05:49 +0000)]

Send a 404 response like other OSs do instead of 403 on Windows when
a path segment or file requested uses a reserved word so Windows
cannot be fingerprinted. PR55887

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799731 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Fri, 23 Jun 2017 15:45:14 +0000 (15:45 +0000)]

xforms updates

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799684 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Luca Toscano [Fri, 23 Jun 2017 15:25:06 +0000 (15:25 +0000)]

core documentation rebuild

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799681 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Luca Toscano [Fri, 23 Jun 2017 15:24:42 +0000 (15:24 +0000)]

core.xml: Wrap a Define directive sentence in a <note>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799680 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

André Malo [Fri, 23 Jun 2017 06:52:36 +0000 (06:52 +0000)]

update transformation

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799649 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Thu, 22 Jun 2017 20:06:48 +0000 (20:06 +0000)]

Fixed wrong revision number references in translations with original mod_alias.xml

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799611 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Thu, 22 Jun 2017 19:20:36 +0000 (19:20 +0000)]

Added updates to files referencing new Spanish translation of mod_alias r1799605

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799606 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Thu, 22 Jun 2017 19:11:16 +0000 (19:11 +0000)]

Added Spanish translation for manual/mod/mod_alias.xml

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799605 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 16:29:54 +0000 (16:29 +0000)]

OK... we display ms, since we want to be able to provide
values for <1sec, so entries should assume ms input when
using bal-mgr

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799485 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 16:24:00 +0000 (16:24 +0000)]

allow balancer-manager to also accept subsecond intervals

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799482 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Wed, 21 Jun 2017 16:13:34 +0000 (16:13 +0000)]

Fixed a small typo (double if) in r1799475

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799478 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Wed, 21 Jun 2017 16:01:23 +0000 (16:01 +0000)]

Fixed a small statement about the result of Redirect when scheme and hostname is not defined in the directive

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799475 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Wed, 21 Jun 2017 15:54:53 +0000 (15:54 +0000)]

util.c: revert r1799375 during veto discussion

https://lists.apache.org/thread.html/c0320136ae7e4cbbae03cb2636dfb9b693b2d7a6ffb4c9a645beadb9@%3Cdev.httpd.apache.org%3E

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799472 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 15:10:00 +0000 (15:10 +0000)]

missed one.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799467 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 15:07:16 +0000 (15:07 +0000)]

xforms... again.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799465 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 15:00:46 +0000 (15:00 +0000)]

some more nits

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799463 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 14:51:09 +0000 (14:51 +0000)]

xforms

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799461 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 14:46:56 +0000 (14:46 +0000)]

start documenting those that use the time-interval format

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799460 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 14:34:44 +0000 (14:34 +0000)]

stupid typos

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799456 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 14:33:29 +0000 (14:33 +0000)]

cforms

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799455 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 14:29:34 +0000 (14:29 +0000)]

Add time-interval as Syntax argument type

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799454 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 13:53:56 +0000 (13:53 +0000)]

Proxy timeout statements now sub-second granularity

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799444 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 13:21:55 +0000 (13:21 +0000)]

unused now

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799438 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 13:21:18 +0000 (13:21 +0000)]

Allow finer control over hcheck intervals... minimum is whatever
the watchdog slice is.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799437 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 12:49:54 +0000 (12:49 +0000)]

Allow WatchdogInterval to be sub 1 second

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799435 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 12:34:25 +0000 (12:34 +0000)]

Not an error... last one is honored

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799431 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 11:06:37 +0000 (11:06 +0000)]

update trunk docs xforms

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799426 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jim Jagielski [Wed, 21 Jun 2017 10:54:44 +0000 (10:54 +0000)]

Make case insensitive

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799425 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 20 Jun 2017 23:55:20 +0000 (23:55 +0000)]

util.c: add a strict Base64 decoding function

ap_pbase64decode_strict() adds to the functionality of
ap_pbase64decode() in two ways:

- the length of the decoded buffer is returned, allowing embedded NULLs
to be retained by the caller
- the input string is strictly checked for Base64 validity, including
correct zero-padding at the end of the string

(This was originally added to the httpdunit feature/backport branch in
r1796208, then reverted in r1799376, since it's currently intended for
trunk only.)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799380 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 20 Jun 2017 23:55:17 +0000 (23:55 +0000)]

ap_get_basic_auth_components: add unit tests

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799379 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 20 Jun 2017 23:42:12 +0000 (23:42 +0000)]

httpdunit: merge to trunk from feature branch

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799378 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 20 Jun 2017 23:34:30 +0000 (23:34 +0000)]

ap_find_token: add unit tests

Add previously embargoed test case for CVE-2017-7668.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1799377 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 20 Jun 2017 23:34:18 +0000 (23:34 +0000)]

Revert new base64 function and tests

This should be trunk-only, not part of the backport branch.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1799376 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 20 Jun 2017 23:08:19 +0000 (23:08 +0000)]

util.c: ensure all TEST_CHAR loops stop at the null terminator

In the aftermath of CVE-2017-7668, decouple the business logic ("is NULL
a T_HTTP_CTRL") from the postcondition ("must not go past the end of the
string"). The NULL-byte classification in the TEST_CHAR table may change
in the future.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799375 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 20 Jun 2017 23:08:18 +0000 (23:08 +0000)]

CVE-2017-3167: add documentation to ap_get_basic_auth_pw()

Now that we've released, add clarifying comments to the now-deprecated
API.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799374 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Ruediger Pluem [Tue, 20 Jun 2017 12:17:52 +0000 (12:17 +0000)]

* The libnghttp2.pc might be found in lib64 on 64 bit systems

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799341 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Mon, 19 Jun 2017 19:08:49 +0000 (19:08 +0000)]

fix for RewriteOptions processing in r1798938

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799261 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Fri, 16 Jun 2017 15:13:03 +0000 (15:13 +0000)]

add RewriteOptions LongURLOptimization

Variable expansion in RewriteCond causes strings to be duplicated
out of r->pool. If the variables are long and many conditions
are evaluated, r->pool can get seriously bloated.

Clear the memory used for variable expansion for each set of conditons
once the set of conditions fails to match.

edit: revised in 1799261

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798938 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Yann Ylavic [Wed, 14 Jun 2017 22:29:17 +0000 (22:29 +0000)]

Quiet spurious gcc warning in ap_parse_form_data ("'escaped_char[0]' may be
used uninitialized in this function").

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798785 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Luis Gil [Wed, 14 Jun 2017 21:57:53 +0000 (21:57 +0000)]

added the line <page href="mod/overrides.html">Sobreescritura de la clase índice .htaccess</page>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798782 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Luis Gil [Wed, 14 Jun 2017 21:51:51 +0000 (21:51 +0000)]

checked what have changed, nothing to update.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798781 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Ruediger Pluem [Mon, 12 Jun 2017 13:15:33 +0000 (13:15 +0000)]

Revert r1798456

* For the time being keep on caching OCSP_RESPONSE_STATUS_TRYLATER. The effect can be limited by setting SSLStaplingErrorCacheTimeout.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798460 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Ruediger Pluem [Mon, 12 Jun 2017 12:53:38 +0000 (12:53 +0000)]

* Only report success, if had real one.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798457 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Ruediger Pluem [Mon, 12 Jun 2017 12:49:06 +0000 (12:49 +0000)]

* Do not cache OCSP_RESPONSE_STATUS_TRYLATER.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798456 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Ruediger Pluem [Mon, 12 Jun 2017 12:48:30 +0000 (12:48 +0000)]

* Mark OCSP_RESPONSE_STATUS_TRYLATER as error response

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798455 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Wed, 7 Jun 2017 00:52:10 +0000 (00:52 +0000)]

allow quoted paths in <IfFile>

The boilerplate code for config sections conflicts with TAKE1
because of the trailing stuff to terminate the opening tag.

Change from TAKE1 to RAW_ARGS and call ap_getword_conf()
directly.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797844 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Wed, 7 Jun 2017 00:24:31 +0000 (00:24 +0000)]

remove taint checking from proxy_handler

rewrite tests with P flag in htaccess broken since r1792169

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797843 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Stefan Eissing [Tue, 6 Jun 2017 09:10:01 +0000 (09:10 +0000)]

On the trunk:

update after backport of mod_http2 fix.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797759 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Luca Toscano [Tue, 6 Jun 2017 08:05:55 +0000 (08:05 +0000)]

Update CHANGES after backports

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797747 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Stefan Eissing [Tue, 6 Jun 2017 07:58:57 +0000 (07:58 +0000)]

On the trunk:

mod_http2: Fix for possible CPU busy loop introduced in v1.10.3 where a stream may keep
the session in continuous check for state changes that never happen.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797745 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Tue, 6 Jun 2017 05:49:27 +0000 (05:49 +0000)]

Fix typo.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797731 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Mon, 5 Jun 2017 13:13:21 +0000 (13:13 +0000)]

whitespace and match 2.4.x

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797662 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Mon, 5 Jun 2017 13:12:25 +0000 (13:12 +0000)]

a few more backported fixes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797661 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Mon, 5 Jun 2017 13:11:11 +0000 (13:11 +0000)]

remove some backported items

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797660 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Sat, 3 Jun 2017 22:04:47 +0000 (22:04 +0000)]

mod_mime: fix quoted pair scanning

Submitted By: ylavic
CVEID: CVE-2017-7679

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797550 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Tue, 30 May 2017 13:39:45 +0000 (13:39 +0000)]

whitespace only

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796864 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Mon, 29 May 2017 22:08:22 +0000 (22:08 +0000)]

New Spanish translations for mod_actions.xml.es and related files referencing or related to it

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796708 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Mon, 29 May 2017 08:49:11 +0000 (08:49 +0000)]

Added missing html Spanish translation for mod_access_compat.html.es

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796596 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Rainer Jung [Sun, 28 May 2017 14:10:09 +0000 (14:10 +0000)]

ab: move option processing for setting a custom
HTTP method outside of the HTTPS only handling.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796493 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Sat, 27 May 2017 21:24:29 +0000 (21:24 +0000)]

Added missing changes for Spanish references to security_tips.html.es in files, missing from commit r1795361

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796460 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Sat, 27 May 2017 21:18:41 +0000 (21:18 +0000)]

Added new Spanish translation for mod_acccess_compat, as well as the update for files referencing it

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796457 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Sat, 27 May 2017 20:21:29 +0000 (20:21 +0000)]

these are backported

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796451 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Sat, 27 May 2017 20:16:30 +0000 (20:16 +0000)]

ctr'ed in 1796447.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796448 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Sat, 27 May 2017 20:13:49 +0000 (20:13 +0000)]

PR61124: ap_parse_form_data() EBCDIC fix

URL-decoding doesn't work on EBCDIC.

Submitted By: Hank Ibell <hwibell gmail.com>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796446 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Lucien Gentis [Sat, 27 May 2017 13:03:01 +0000 (13:03 +0000)]

Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796391 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Lucien Gentis [Sat, 27 May 2017 13:02:09 +0000 (13:02 +0000)]

XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796390 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Sat, 27 May 2017 10:52:22 +0000 (10:52 +0000)]

Move a potential NULL pointer dereference.
Check if 'slave' is NULL before using 'slave->keepalives'.

Remove a redundant assignment which is already done in 'h2_slave_destroy'.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796378 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Fri, 26 May 2017 21:50:33 +0000 (21:50 +0000)]

remove r1792169 taint checks from proxy and status modules

Both of these checks are problematic without further
work.

status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796352 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Fri, 26 May 2017 21:40:11 +0000 (21:40 +0000)]

short-circuit on NULL

Submitted By: jchampion
CVEID: CVE-2017-7668

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796350 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Fri, 26 May 2017 21:29:59 +0000 (21:29 +0000)]

core: deprecate and replace ap_get_basic_auth_pw

*) core: Deprecate ap_get_basic_auth_pw() and add
ap_get_basic_auth_components().

Submitted By: Emmanuel Dreyfus <manu netbsd.org>, Jacob Champion, Eric Covener
CVEID: CVE-2017-3167

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796348 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Fri, 26 May 2017 21:09:32 +0000 (21:09 +0000)]

mod_ssl: fix ctx passed to ssl_io_filter_error()

Consistently pass the expected bio_filter_in_ctx_t
to ssl_io_filter_error().

Submitted By: Yann Ylavic
CVEID: CVE-2017-3169

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796343 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Rich Bowen [Fri, 26 May 2017 16:16:52 +0000 (16:16 +0000)]

fix confusing indentation of examples

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796296 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:42 +0000 (21:18 +0000)]

util.c: add a strict Base64 decoding function

ap_pbase64decode_strict() adds to the functionality of
ap_pbase64decode() in two ways:

- the length of the decoded buffer is returned, allowing embedded NULLs
to be retained by the caller
- the input string is strictly checked for Base64 validity, including
correct zero-padding at the end of the string

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796208 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:40 +0000 (21:18 +0000)]

httpdunit: clean up after ourselves properly

Remove the testcase stubs and object files on `make clean`.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796207 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:38 +0000 (21:18 +0000)]

httpdunit: add CMake support for Windows

Add a CMake version of the httpdunit build system. At the moment, the only
annoyance is that CMake doesn't like globbing source files, so the
generator must be re-run whenever test cases are added.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796206 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:36 +0000 (21:18 +0000)]

httpdunit: fix check.h on Windows

Check seems to have trouble with type definitions when using a
CMake+Windows toolchain. Include apr.h before check.h to ensure pid_t
exists.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796205 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:35 +0000 (21:18 +0000)]

httpdunit: simplify test case generation

Look, a legitimate use of cat!

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796204 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:33 +0000 (21:18 +0000)]

httpdunit_gen_cases: separate declarations from calls

This gets around strict compiler warnings.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796203 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:32 +0000 (21:18 +0000)]

httpdunit: a Check-based unit test suite

Add a unit test suite based on Check:

https://libcheck.github.io/check/

The suite depends on the build system to automatically generate the code
stubs that call every test case.

httpdunit is automatically enabled in the build if configure is able to
find Check via pkg-config. At the moment pkg-config is the only official
(non-deprecated) way to build and link against Check with an autoconf
system, since platforms may distribute Check as a static library.

Note that Check is an LGPL'd library, so we can't distribute test
objects and binaries. Building and running the suite remains optional
and is not required to run the server.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796202 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:30 +0000 (21:18 +0000)]

configure: don't overwrite other_targets when mod_suexec is enabled

Just append to the list.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796201 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:18:28 +0000 (21:18 +0000)]

rules.mk: output directly to target for LT_COMPILE

For source files that exist in another directory, libtool will by
default put the output file in the current working directory instead of
next to the source file. Our build logic would then `touch` an empty
output file in the place where the actual output should have gone.

Replace the touch logic with an explicit -o option to libtool.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796200 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Thu, 25 May 2017 21:12:49 +0000 (21:12 +0000)]

Feature branch for a C-based unit test suite.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/httpdunit@1796198 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Luca Toscano [Thu, 25 May 2017 08:44:55 +0000 (08:44 +0000)]

Core documentation update

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796136 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Luca Toscano [Thu, 25 May 2017 08:44:09 +0000 (08:44 +0000)]

Remove warning about nested If/ElseIf/Else evaluation

As noted by Christophe Jaillet in the dev@ ml nested
if/elseif/else conditions are now evaluated. The code
change has been already backported to 2.4.x.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796135 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 23 May 2017 16:28:46 +0000 (16:28 +0000)]

Merge in APR[-util] macros from branches/trunk-buildconf-noapr

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795931 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Tue, 23 May 2017 16:19:33 +0000 (16:19 +0000)]

buildconf: check in APR[-util] m4 macros

Suggestion by wrowe. These files haven't changed in years; since we need
them anyway, check them in directly. buildconf will still copy over the
latest versions during setup, and SVN will tell us if there are any
changes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-buildconf-noapr@1795928 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Mon, 22 May 2017 17:54:59 +0000 (17:54 +0000)]

Remove empty line.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795834 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Jacob Champion [Mon, 22 May 2017 16:40:54 +0000 (16:40 +0000)]

ab: don't call malloc_init for OpenSSL 1.1.0

Patch by rjung.

The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems
when mixed with procedure linkage stubs with some toolchains (e.g. GCC).
OpenSSL's malloc implementation doesn't recognize that the PLT stub
points back to it, which leads to infinite recursion.

Since the 1.1.0 documentation states that calling this function
explicitly is no longer necessary except "in certain shared-library
situations"(?), get rid of it.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795830 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Sat, 20 May 2017 05:11:44 +0000 (05:11 +0000)]

Fix some style issues.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795652 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Sat, 20 May 2017 05:08:06 +0000 (05:08 +0000)]

Add an explicit NULL to initialise a field in an authn_provider structure, as done in all other places. PR 60636

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795651 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Christophe Jaillet [Fri, 19 May 2017 20:51:51 +0000 (20:51 +0000)]

When processing a 'SetEnv' directive, warn if the environment variable name includes a '='. It is likely a configuration error. PR 60249

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795635 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Daniel Ferradal [Tue, 16 May 2017 19:43:42 +0000 (19:43 +0000)]

Added security_tips.xml.es and related files, included built html.es

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795361 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

William A. Rowe Jr [Tue, 16 May 2017 19:33:36 +0000 (19:33 +0000)]

Remove 3DES by default for users of older crypto librarys; the cipher
has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)

This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795358 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Thu, 11 May 2017 17:10:05 +0000 (17:10 +0000)]

backported

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794857 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Eric Covener [Thu, 11 May 2017 16:46:49 +0000 (16:46 +0000)]

remove recently backported items

(present in 2.4.x CHANGES)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794853 13f79535-47bb-0310-9956-ffa450edef68

commit | commitdiff | tree

Lucien Gentis [Sun, 7 May 2017 15:49:48 +0000 (15:49 +0000)]

Rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794215 13f79535-47bb-0310-9956-ffa450edef68

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom