git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1761219 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1761218 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1761216 13f79535-47bb-0310-9956-ffa450edef68

This added paragraph about optional and optional_no_ca isn't helpful.

At the TLS layer, the challenge for otpional and required are no different.

Move the caution about _no_ca up into where the option is defined
and reword.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1761215 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760977 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760974 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760590 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760589 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760555 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760549 13f79535-47bb-0310-9956-ffa450edef68

are transmitted unencoded, per RFC3986 section 3.3 grammer. Correct httpd's
behavior to not encode ';' in proxied URI's or Location: response headers.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760444 13f79535-47bb-0310-9956-ffa450edef68

The ap_scan_script_header_* functions were documented to be pass/fail,
but they also have a third "state" that is returned when HTTP conditions
(If-Modified-Since, etc.) aren't met. This has led to some recent bugs,
so document it.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760404 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760279 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_html doc - Added a reference of ProxyHTMLLinks in the ProxyHTMLURLMap description and some examples.
 


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760278 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760181 13f79535-47bb-0310-9956-ffa450edef68

never remember.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760180 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760018 13f79535-47bb-0310-9956-ffa450edef68

This is a follow up of http://svn.apache.org/r1752347;
ap_meet_conditions could return a 412 status that if not
handled causes subsequent bogus reads and wrong messages
logged (like AH01070). After a chat on dev@ the feedback
was to couple HTTP_NOT_MODIFIED with HTTP_PRECONDITION_FAILED,
but any other feedback is welcome.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1759984 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: more const goodiness and checks on h2 request creation, less NULL checking while processing

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1759547 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1759415 13f79535-47bb-0310-9956-ffa450edef68

brigades.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1759386 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1759091 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1759089 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758803 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758558 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758446 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758313 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758311 13f79535-47bb-0310-9956-ffa450edef68

MSDN documentation states that

    Any unused members of [an OVERLAPPED] structure should always be
    initialized to zero before the structure is used in a function call.
    Otherwise, the function may fail and return ERROR_INVALID_PARAMETER.

Prior to this patch, the internal state left over from previous
overlapped I/O was passed into the next call. It's unclear what effect
this might have, if any. (I have not personally witnessed an
ERROR_INVALID_PARAMETER myself.)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758310 13f79535-47bb-0310-9956-ffa450edef68

Further follow-up to the previous commit: now that we no longer patch a
network bucket into the brigade, we can revert to calling
ap_process_connection() directly instead of duplicating its logic.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758309 13f79535-47bb-0310-9956-ffa450edef68

Follow-up to the prior commit: without an incoming data buffer, the
custom network bucket code is now orphaned and we can remove it
entirely. This has the added benefit that we are no longer using the
internal OVERLAPPED.Pointer field, which is discouraged by the MSDN
docs.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758308 13f79535-47bb-0310-9956-ffa450edef68

The 'data' AcceptFilter optimization instructs Windows to wait until
data is received on a connection before completing the AcceptEx
operation. Unfortunately, it seems this isn't performed atomically --
AcceptEx "partially" accepts the incoming connection during the wait for
data, leaving all other incoming connections in the accept queue. This
opens the server to a denial of service.

Since the fix for this requires a substantial rearchitecture (likely
involving multiple outstanding calls to AcceptEx), disable the 'data'
filter for now and replace it with 'connect', which uses the AcceptEx
interface but does not wait for data.

Users running prior releases of httpd on Windows should explicitly move
to a 'connect' AcceptFilter in their configurations if they are
currently using the default 'data' filter.

Many thanks to mludha, Arthur Ramsey, Paul Spangler, and many others for
their assistance in tracking down and diagnosing this issue.

PR: 59970

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758307 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758305 13f79535-47bb-0310-9956-ffa450edef68

created by overloading 'int fold' (1 or 0) as 'int flags', with the same
value 1 for AP_GETLINE_FOLD (which httpd doesn't use), and a new value
2 for AP_GETLINE_CRLF

Enforce CRLF when HttpProtocolOptions Strict is in force.

Correctly introduces a new t/TEST fail.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758304 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758267 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758266 13f79535-47bb-0310-9956-ffa450edef68

and reflecting the current implementation.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758265 13f79535-47bb-0310-9956-ffa450edef68

based on the fact that bad whitespace shall not be permitted
or corrected in any operating mode, while preserving the 
ability to extract bad method/uri/proto for later reporting
and diagnostics.

This change causes badwhitespace in the request line or any
request field line to always fail, and not honor the setting
of the HttpProtocolOptions Unsafe option. Mult SP characters
or trailing SP characters in the request line are still 
permitted in Unsafe mode.

Adjusted several error message emits to match these changes.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758263 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758227 13f79535-47bb-0310-9956-ffa450edef68

This choice is unanimous, although StrictURI (a different RFC) still hasn't
found absolute concensus.

An ap_mmn bump will follow (major, this removes a struct elt)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758226 13f79535-47bb-0310-9956-ffa450edef68