client certificate chain.

PR:  21371


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100605 13f79535-47bb-0310-9956-ffa450edef68

redirection target is not access protected and pass it
to scripts using the REDIRECT_REMOTE_USER environment variable.

PR: 10678, 11602.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100604 13f79535-47bb-0310-9956-ffa450edef68

Ooops, forgot the PR number for my recent mod_rewrite commit (PR #13946)...


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100601 13f79535-47bb-0310-9956-ffa450edef68

mod_rewrite: fix a problem in the proxy support of mod_rewrite. The broken
code was inserting multiple "proxy:" fields in the rewritten URIs.
[Submitted by:  Eider Oliveira <eider@bol.com.br>]
[Updated and reviewed by: Paul J. Reder]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100600 13f79535-47bb-0310-9956-ffa450edef68

the REDIRECT_HANDLER environment variable.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100598 13f79535-47bb-0310-9956-ffa450edef68

the external filter.

PR:    20944

The missing code was identified by Andrew Ho, coded/tested by Jeff
Trawick, and verified yet again by Neil Fraser.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100595 13f79535-47bb-0310-9956-ffa450edef68

which allows the use of handlers for virtual locations.

PR:	8431


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100589 13f79535-47bb-0310-9956-ffa450edef68

Default is: reject

PR: 21059


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100566 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100563 13f79535-47bb-0310-9956-ffa450edef68

SECURITY [CAN-2003-0192]: Fixed a bug whereby certain sequences
of per-directory renegotiations and the SSLCipherSuite directive
being used to upgrade from a weak ciphersuite to a strong one
could result in the weak ciphersuite being used in place of the
strong one.  [Ben Laurie]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100518 13f79535-47bb-0310-9956-ffa450edef68

SECURITY [CAN-2003-0253]: Fixed a bug in prefork MPM causing
temporary denial of service when accept() on a rarely accessed port
returns certain errors.  Reported by Saheed Akhtar
<S.Akhtar@talis.com>.  [Jeff Trawick]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100517 13f79535-47bb-0310-9956-ffa450edef68

SECURITY [CAN-2003-0254]: Fixed a bug in ftp proxy causing denial
of service when target host is IPv6 but proxy server can't create
IPv6 socket.  Fixed by the reporter.  [Yoshioka Tsuneo
<tsuneo.yoshioka@f-secure.com>]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100516 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100515 13f79535-47bb-0310-9956-ffa450edef68

Update the header token parsing code to allow LWS between the token word
and the ':' seperator.  [PR 16520]
[submitted: Kris Verbeeck <kris.verbeeck@advalvas.be> and
            Nicel KM <mnicel@yahoo.com>]
[Reviewed: <coad@measurement-factory.com> and
           Paul J. Reder]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100492 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100482 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100480 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:	Philipp Reisner <philipp.reisner@linbit.com>
Reviewed by:	Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100429 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100427 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100425 13f79535-47bb-0310-9956-ffa450edef68

response.

PR: 21085
Submitted by:	Glenn Nielsen <glenn@apache.org>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100399 13f79535-47bb-0310-9956-ffa450edef68

PR: 21100
Submitted by: info@orangexl.com (Sander Holthaus)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100397 13f79535-47bb-0310-9956-ffa450edef68

Correct the code in ap_check_cache_feshness to check max_age, smax_age,
and expires correctly.
Submitted by:   Thomas Castelle  <tcastelle@generali.fr>
Reviewed and altered by: Paul J. Reder


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100380 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100362 13f79535-47bb-0310-9956-ffa450edef68

PR:             19849
Submitted by:   Glenn Nielsen <glenn@apache.org>
Reviewed by:    Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100343 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100338 13f79535-47bb-0310-9956-ffa450edef68

various operational problems in a threaded MPM, since on the
second attempt to close the socket, the same descriptor was
often already in use by another thread for another purpose.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100320 13f79535-47bb-0310-9956-ffa450edef68

unixd_set_global|proc_mutex_perms().  Allow the functions to be
called for any type of mutex.

This resolves a fatal problem with mod_rewrite on systems where
APR uses flock-based mutex.

It simplifies mod_ssl as well, which had special logic to perform
the chown().  It fixed an init error with mod_ssl on systems where
flock is used when the user had no SSLMutex directive.

The Unix MPMs continue to call unixd_set_global|proc_mutex_perms()
only for SysV sems.  There is no permission problem with flock-based
accept mutexes since the child init logic for the MPMs is done
prior to switching identity.

PR:              20312


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100189 13f79535-47bb-0310-9956-ffa450edef68

This fixes a log corruption issue when flock-based serialization
is used (e.g., FreeBSD).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100187 13f79535-47bb-0310-9956-ffa450edef68

As with 1.3, for proxy requests any such field is from the origin
server; otherwise it will have our server info as controlled by
the ServerTokens directive.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100182 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:    Juan Rivera <Juan.Rivera@citrix.com>
Reviewed by:     Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100175 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100165 13f79535-47bb-0310-9956-ffa450edef68

Promote the issues that have been allocated a full CVE name (to replace CAN)
PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100151 13f79535-47bb-0310-9956-ffa450edef68

PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100150 13f79535-47bb-0310-9956-ffa450edef68

	Allow ExpiresByType to accept and understand minor-type wildcards
	(e.g., text/*).  They'll be used if an exact type match isn't
	found; if there's no wildcard match, the expiry falls back to any
	ExpiresDefault setting as usual.

PR:		7991


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100126 13f79535-47bb-0310-9956-ffa450edef68

hook.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100124 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100101 13f79535-47bb-0310-9956-ffa450edef68

- add a note to STATUS that we don't forget the thing.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100086 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100047 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99989 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99980 13f79535-47bb-0310-9956-ffa450edef68