Rich Bowen [Sat, 2 Mar 2002 02:37:17 +0000 (02:37 +0000)]
Added example of denying, or allowing, particular users to have UserDir
directories.
In a discussion on IRC, it was requested that an explicit example of
this configuration be provided in the documentation.
next_filter of NULL to any ap_sub_req_lookup*() fn implies the subreq
will never be run - or we expect to pass the subreq to fast_redirect.
The comming fix will break invalid ap_sub_req_lookups* expecting to
run subrequests with the next_filter NULL semantic.
Significant cleanup and enable wintty to -always- escape from the service
context when the run-as-user is LocalSystem or has access to the windows
station and desktop. The original method did not give us a visible tty
unless the 'Allow Service to Interact with Desktop' toggle was set.
Cliff Woolley [Fri, 1 Mar 2002 05:43:57 +0000 (05:43 +0000)]
We don't need transfer_brigade() because we already have macros to do that
for us, and faster. :)
Warning, though: transfer_brigade() was equivalent to APR_BRIGADE_CONCAT(),
and I don't think that was the right behavior for one of the two callers!
I changed that one to use APR_BRIGADE_PREPEND() since by my inspection that
looks like what it should be, but please check me on this.
Greg Stein [Fri, 1 Mar 2002 03:25:49 +0000 (03:25 +0000)]
Give mod_dav the ability to output both standard and customized
<D:error> responses. It's crucial for marshalling svn error messages
back over to the client; and someday it will be needed to return
specific <DAV:> errors as dictated by the DeltaV spec.
* mod_dav.h (dav_error): add two new fields -- an optional error
namespace, and an error-tag-name. Remove the 'delayed computation'
function and cxt ptrs in this struct; they were never used.
(dav_new_error_tag): new alternative constructor that takes new
fields.
How can reach our goals if we never have them? So, I ask, "Can we kill
all showstoppers in a week?" Are there enough developers paying attention
to go showstopper hunting?
Doug MacEachern [Thu, 28 Feb 2002 05:28:43 +0000 (05:28 +0000)]
remove #ifdef SHARED_MODULE around ssl library cleanup calls.
SHARED_MODULE is no longer defined, so we were leaking.
plus we always do a full startup/teardown regardless of being a dso or
static.
Doug MacEachern [Thu, 28 Feb 2002 05:17:03 +0000 (05:17 +0000)]
various SSLCACertificatePath fixes:
- return value from apr_dir_read() was checking != APR_SUCCESS rather
than == APR_SUCCESS, so no certs were ever loaded.
- wasn't checking return value of apr_dir_open(), now log an error and
ssl_die() on failure.
Doug MacEachern [Thu, 28 Feb 2002 04:59:07 +0000 (04:59 +0000)]
plug leak in ssl_init_FindCAList() where return value of
X509_NAME_oneline() used for trace logging was not freed.
now passes in a static buffer so no buffer is malloced.
Doug MacEachern [Thu, 28 Feb 2002 03:48:26 +0000 (03:48 +0000)]
need to free the stacks returned by calls to SSL_load_client_CA_file()
in ssl_init_FindCAList(). values are pushed into another stack which
gets freed when SSL context is destroyed.
Aaron Bannert [Thu, 28 Feb 2002 02:56:15 +0000 (02:56 +0000)]
No longer assume SERVER_CONFIG_FILE is in the "conf" directory. Instead
look for it in the $sysconfdir.
This required the use of a new m4 function from APR that retrieves
the fully "expanded", or recursively interpolated, value of the
$sysconfdir variable.
Doug MacEachern [Thu, 28 Feb 2002 01:47:26 +0000 (01:47 +0000)]
always reusing existing private key for given vhost on restarts if key
is encrypted and mtime stamp has not changed. this prevents getting
prompted twice for passphrase on windows and elsewhere when server is
started with -DNO_DETACH.
Doug MacEachern [Thu, 28 Feb 2002 00:01:57 +0000 (00:01 +0000)]
mod_ssl was "leaking" on restart since mc->tTmpKeys table entries
were allocated using apr_palloc out of s->process->pool and pushed
into an apr_array_header_t.
solve the problem by moving from apr_array_header_t's to an apr_hash_t.
also add ssl_asn1_table_{set,unset} wrappers to use malloc/free so we
do not "leak" from s->process->pool.
Allan K. Edwards [Wed, 27 Feb 2002 21:16:19 +0000 (21:16 +0000)]
ownership of the brigade is passed in the ap_pass_brigade call
so make sure that it doesn't get left lying around. This tickled
a bug with mod_deflate and resulted in a bucket being compressed
more than once.
Introduce PassPhraseDialog 'pipe' mechanism. This builds on DougM's
apr-ization of the 'tty', and changes his naming a bit so we clearly
identify the pipe-to and pipe-from the user.
This patch invokes a bidirectional piped dialog to the user.
This is the directive handling commit only, the mechanics patch will
follow. PassPhraseDialog "|/path/to/pipe" will use the bidirectional
pipe to have a 'conversation', along the lines of the tty dialog with
PassPhraseDialog 'builtin'. This is entirely different than the 'exec'
method, which simply runs once for each passphrase, and doesn't allow
for failure/retries, and certainly doesn't offer any sensible 'dialog'.
Aaron Bannert [Wed, 27 Feb 2002 19:40:27 +0000 (19:40 +0000)]
Set defaults for non-autoconf path variables. Also export a couple
variables that for whatever reason weren't being placed into
config_vars.mk.
Warning: This commit alters the "default" layout (ie. when no --enable-layout
is specified). The most notable change will be htdocs in $prefix/share/htdocs,
which works with the autoconf defaults, but may not be what we want. This
will require more work.
This baffled .mak exported build targets for mod_ssl/abs. They will
recognize their output only as .\Release|Debug\mod_ssl.so, etc. Without
the leading .\ kept getting 'dunno how to make ... target'
Must admit, my use case was focused on services. It seems that if we
had a console, we weren't reassigning stdhandles with AllocConsole().
Open the conin/conout very explicitly, and clean up some other cruft.
Aaron Bannert [Wed, 27 Feb 2002 17:16:29 +0000 (17:16 +0000)]
Fix --sysconfdir and --localstatedir, which were being ignored.
Fix --enable-layout to work.
showstoppers--
Note: As far as we can tell, autoconf will not let us override our layout
settings from paramers like --prefix, etc. This is unfortunate, but
we will not let this get in the way of --enable-layout working. This
will be made clear in the docs.
Aaron Bannert [Wed, 27 Feb 2002 17:06:33 +0000 (17:06 +0000)]
Fix --enable-layout to work again.
Fix bug where --sysconfdir and --localstatedir were being ignored by APR.
Caution: When specifying --enable-layout, common arguments like --prefix,
--exec-prefix, etc. will be ignored and the settings from the layout
will be used instead.
I just tried to do a graceful restart while pounding my box with worker
MPM and no segfaults. Am I missing something or were these fixed with
Jeff's latest fixes?
Don't set bytes_sent to be 0 when r->assbackwards since this screws up
logging.
The content length filter seems to track bytes_sent properly regardless
of HTTP version. The HTTP header filter knows not to send C-L (or any
headers) to this client.
Doug MacEachern [Wed, 27 Feb 2002 03:33:38 +0000 (03:33 +0000)]
change builtin passphrase prompt to use stdout rather than stderr.
and switch to using apr_file api for portability.
stderr has already been redirected to the error_log.
rather than attempting to temporarily rehook it to the terminal,
we print the prompt to stdout before EVP_read_pw_string turns
off tty echo. which is also more portable.
Doug MacEachern [Wed, 27 Feb 2002 03:21:09 +0000 (03:21 +0000)]
changing mod_ssl to do a full startup/teardown on each restart rather
than hack to only read passphrase on 1st round startup. this change:
- fixes current segv on restarts (SHARED_MODULE is not defined)
- allows LoadModule ssl_module to be added to httpd.conf on restart
(was core dumping previously)
- allows certs/keys to be changed on restart provided key is not
encrypted or SSLPassPhraseDialog is exec. if key is encrypted and
SSLPassPhraseDialog is builtin, existing private keys will be reused
on restart (which happens currently for any type of key/dialog).
note: mod_ssl currently leaks on restart; leaks more with this change.
fixes to come.
Aaron Bannert [Tue, 26 Feb 2002 18:41:58 +0000 (18:41 +0000)]
These variables need to be delimited with {} or they will conflict with
other variables in the same namespace with a shorter prefix substring.
How did this ever work before? I ran into this while testing some of
the recent layout-fixing patches.
Ryan Bloom [Mon, 25 Feb 2002 06:54:40 +0000 (06:54 +0000)]
I learned about AP_MODE_EXHAUSTIVE while reading some of the new filter
code earlier today. With this mode, the Perchild MPM can finally be
fixed to work with filters. I have changed a comment in the core to make
it clear that this mode is required, but I have mentioned how dangerous
this mode is. Also add a comment to STATUS about my plans.
Hopefully I'll have some time this week to hack through the MPM.
Jeff Trawick [Sun, 24 Feb 2002 20:53:26 +0000 (20:53 +0000)]
restart fixes for worker:
fix a segfault and a window in which we could miss joining
newly-created threads
we can't try to signal workers if the worker queue hasn't
been initialized (or we segfault)
make sure the start thread is done creating threads before
we try to join; otherwise we can just miss some of them and
not be able to clean them up properly
Brian Pane [Sun, 24 Feb 2002 08:33:56 +0000 (08:33 +0000)]
Removed unixd_set_lock_perms(apr_lock_t *), which is no longer
used by any of the MPMs. (This is another step toward eliminating
the httpd's dependencies on the old lock API.)
Brian Pane [Sun, 24 Feb 2002 07:40:05 +0000 (07:40 +0000)]
Fix for the code that handles SSI tokens that span multiple
buckets: if a brigade containing an incomplete "<!--#" token
has been set aside in ctx->ssi_tag_brigade, we need to retrieve
and output the contents of that brigade if the next bucket (in
the next brigade) doesn't actually complete the "<!--#".
As part of this commit, I've commented out the recent changes
to detect flush buckets in the brigade, due to segfaults. (I
think the fix may be to add some checks for sentinels and EOS
when advancing to the next bucket after the flush bucket.)