Merge r1830816, r1830836, r1842882, r1842884 from trunk: (70639d38) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

STATUS

+0 −12

Original line number	Diff line number	Diff line
		@@ -126,18 +126,6 @@ RELEASE SHOWSTOPPERS:
		PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
		[ start all new proposals below, under PATCHES PROPOSED. ]

		*) Easy patches: synch 2.4.x and trunk
		- mod_ssl: Add some missing logno tags.
		- mod_ssl: Simplify code, no functional change
		- mod_slotmem_shm: Fix clang warning
		- mod_negotiation: Remove redundant branch (warning from Coverity).
		trunk patch: http://svn.apache.org/r1830816
		http://svn.apache.org/r1830836
		http://svn.apache.org/r1842882
		http://svn.apache.org/r1842884
		2.4.x patch: svn merge -c 1830816,1830836,1842882,1842884 ^/httpd/httpd/trunk .
		+1: jailletc36, icing, jorton, jim

		*) core: Fix incorrect substitution of env vars in directives containing
		multiple env vars. In ap_resolve_env(), the string returned from
		getenv() should be copied since the returned string may be

+0 −3

Original line number	Diff line number	Diff line
		@@ -1550,9 +1550,6 @@ static void set_language_quality(negotiation_state neg, var_rec variant)
		if (!neg->dont_fiddle_headers) {
		variant->lang_quality = neg->default_lang_quality;
		}
		if (!neg->accept_langs) {
		return; /* no accept-language header */
		}
		return;
		}
		else {

+0 −1

Original line number	Diff line number	Diff line
		@@ -214,7 +214,6 @@ static apr_status_t restore_slotmem(sharedslotdesc_t *desc,
		if (rv == APR_SUCCESS) {
		rv = apr_file_read_full(fp, ptr, nbytes, NULL);
		if (rv == APR_SUCCESS \|\| rv == APR_EOF) {
		rv = APR_SUCCESS; /* for successful return @ EOF */
		/*
		* if at EOF, don't bother checking md5
		* - backwards compatibility

+1 −1

Original line number	Diff line number	Diff line
		@@ -923,7 +923,7 @@ static apr_status_t ssl_init_ctx_cipher_suite(server_rec *s,
		#if SSL_HAVE_PROTOCOL_TLSV1_3
		if (mctx->auth.tls13_ciphers
		&& !SSL_CTX_set_ciphersuites(ctx, mctx->auth.tls13_ciphers)) {
		ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO()
		ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(10127)
		"Unable to configure permitted TLSv1.3 ciphers");
		ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
		return ssl_die(s);

+2 −2

Original line number	Diff line number	Diff line
		@@ -1125,7 +1125,7 @@ static int ssl_hook_Access_modern(request_rec r, SSLSrvConfigRec sc, SSLDirCon
		: sc->server->auth.verify_depth;
		if (sslconn->verify_depth < n) {
		change_vmode = TRUE;
		ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO()
		ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(10128)
		"Reduced client verification depth will "
		"force renegotiation");
		}
		@@ -1144,7 +1144,7 @@ static int ssl_hook_Access_modern(request_rec r, SSLSrvConfigRec sc, SSLDirCon
		return HTTP_FORBIDDEN;
		}

		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO() "verify client post handshake");
		ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10129) "verify client post handshake");

		SSL_set_verify(ssl, vmode_needed, ssl_callback_SSLVerify);