Skip to content
  1. Sep 21, 2005
  3. Sep 20, 2005
  5. Sep 19, 2005
  7. Sep 18, 2005
  9. Sep 12, 2005
  11. Sep 11, 2005
  13. Sep 10, 2005
  15. Sep 09, 2005
  17. Sep 01, 2005
  19. Aug 31, 2005
  21. Aug 30, 2005
    • Colm MacCarthaigh's avatar
      · f68f2b8a
      Colm MacCarthaigh authored 
      Make my PR references consistent with everyone elses.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264881 13f79535-47bb-0310-9956-ffa450edef68
      f68f2b8a
    • Justin Erenkrantz's avatar
      mod_cgid: Refuse to work on Solaris 10 due to OS bugs. · 5aee5df8
      Justin Erenkrantz authored 
      PR: 34264


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264866 13f79535-47bb-0310-9956-ffa450edef68
      5aee5df8
    • Joe Orton's avatar
      Fix CVE CAN-2005-2700: · a344c639
      Joe Orton authored 
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
renegotiation is performed for a transition from "SSLVerifyClient
optional" to "SSLVerifyClient require".

The boolean "verify_old & SSL_VERIFY_PEER_STRICT" is true if the old
context merely has optional verification configured, since the
definition of SSL_VERIFY_PEER_STRICT is
(SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_PEER).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264800 13f79535-47bb-0310-9956-ffa450edef68
      a344c639
    • Colm MacCarthaigh's avatar
      · 390c36d0
      Colm MacCarthaigh authored 
      Fix PR36410; Change how the get_suexec_identity hook is handled by CGID.
Instead of using mod_userdir and mod_suexec specific hacks, we now run the hook
on the httpd side of the handler. 

If this is NULL, we pass on a magic empty_ugid constant, otherwise pass on the
real ugid.

On the cgid side of the equation, we add our own hook, with REALLY_FIRST, and
then order the hooks. This ensures that cgid's doer runs before any other
registered get_suexec_identity doers.

We use cgid's request config to store the ugid. If ugid == empty_ugid, we DON'T
call ap_os_create_privileged_process, because our doer would return the magic
empty_ugid constant. Having the doer return NULL is no good, because then
userdir and mod_suexec's doers would be called. Instead, we call plain old
apr_proc_create(). 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264759 13f79535-47bb-0310-9956-ffa450edef68
      390c36d0
  23. Aug 29, 2005
  25. Aug 28, 2005
  27. Aug 27, 2005
  29. Aug 26, 2005
    • Colm MacCarthaigh's avatar
      · c69524da
      Colm MacCarthaigh authored 
      Implement a "graceful-stop" for the prefork MPM (might aswell do the hard one
first). 

General approach is to send SIGUSR1 to all children (which will de-listen, and
exit when finished), and to gather all children as they exit. 

We don't use a sleep(timeout) for the timeout implementation, because this
would lead to a rut of defunct children until the timeout had expired.

set_graceful_shutdown stolen from Ken Coar. See <3E84B1EC.3050007@Golux.Com>
(28 Mar 2003).



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@240270 13f79535-47bb-0310-9956-ffa450edef68
      c69524da
  31. Aug 25, 2005
  33. Aug 24, 2005
  35. Aug 23, 2005
  37. Aug 20, 2005
  39. Aug 19, 2005
  41. Aug 12, 2005
  43. Aug 11, 2005