Skip to content
  1. May 30, 2018
    • Jim Jagielski's avatar
      Merge r1341905, r1342065, r1341930, r1345147, r1344712, r1814465 from trunk: · 40bb4ca3
      Jim Jagielski authored
      suexec: Add support for logging to syslog as an alternative to a
      logfile.
      
      * support/suexec.c (err_output) [AP_LOG_SYSLOG]: Log to syslog.
        (main): Close syslog fd if open, before execv.  Add -V output
        for AP_LOG_SYSLOG.
      
      * configure.in: Add --with-suexec-syslog argument; allow
        --without-suexec-logfile to omit definition of AP_LOG_EXEC.
      
      
      suexec: Support use of setgid/setuid capability bits on Linux, a
      weaker set of privileges than the full setuid/setgid root binary.
      
      * configure.in: Add --enable-suexec-capabilites flag.
      
      * Makefile.in: If configured, use setcap instead of chmod 7555 on
        installed suexec binary.
      
      * modules/arch/unix/mod_unixd.c (unixd_pre_config): Drop test for
        setuid bit if capability bits are used.
      
      * docs/manual/: Add docs.
      
      
      * docs/manual/suexec.html.en: Update for syslog logging.
      
      
      * configure.in: Correct handling of --with-suexec-logfile in r1341905,
        thanks to rpluem.
      
      
      * support/suexec.c: Define AP_LOG_FACILITY.
        (err_output): Use AP_LOG_FACILITY for syslog facility.
      
      Suggested by: kbrand
      
      
      * configure.in: Fix help text for --with-suexec-syslog.
      
      Submitted by: jorton
      Reviewed by: jorton, ylavic, jim
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832565 13f79535-47bb-0310-9956-ffa450edef68
      40bb4ca3
  2. May 29, 2018
  3. Apr 26, 2018
  4. Apr 18, 2018
  5. Apr 09, 2018
  6. Mar 26, 2018
  7. Mar 24, 2018
  8. Mar 23, 2018
  9. Mar 20, 2018
  10. Mar 17, 2018
  11. Mar 15, 2018
  12. Mar 10, 2018
  13. Mar 09, 2018
    • Joe Orton's avatar
      Merge r1617913 from trunk: · e4de5adb
      Joe Orton authored
      * support/ab.c: Fix crash caused by integer overflow when printing stats with
      lot of requests (for example -n 500000000).
      
      Submitted by: jkaluza
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826310 13f79535-47bb-0310-9956-ffa450edef68
      e4de5adb
    • Joe Orton's avatar
      Merge r1667676, r1826207 from trunk: · cc6357f0
      Joe Orton authored
      * mod_access_compat, mod_authz_host: Handle '#' character.
      For mod_access_compat, disable '#' in hostname completely.
      For mod_authz_host, treat '#' as a comment and ignore everything after that.
      This allows better handling of admin errors like
      'Require host localhost# Add example.com later'.
      
      * modules/aaa/mod_authz_host.c (host_check_authorization): Simplify
        comment stripping in "Require host"; log a warning if a comment is
        used in 'Require host', or an error if the expression is empty with
        the comment stripped. (Currently in 2.4, #comment part is parsed)
      
      Submitted by: jkaluza, jorton
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826309 13f79535-47bb-0310-9956-ffa450edef68
      cc6357f0
    • Joe Orton's avatar
      Merge r1532281, r1532289, r1537718 from trunk: · dba3b47d
      Joe Orton authored
      * support/rotatelogs.c (get_now): Return the offset applied to the
        Unix time as a parameter.
        (doRotate): When exploding the time for strtfime formatting, iff in
        -l mode, subtract the offset and explode the real Unix time as a
        local time so %Z etc works correctly.
      
      * support/rotatelogs.c (get_now): Fix the NULL ptr dereferences 
        added in r1532281.
      
      * support/rotatelogs.c: Introduce an adjusted_time_t type to store the
        weird "adjusted time since epoch" type returned by get_now().
        Switch from int to long to fix an unnecessary Y2K38 issue.  Adjust
        use throughout and clean up other type issues.  No functional change
        intended apart from fixing Y2K38.
      
      Submitted by: jorton
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826306 13f79535-47bb-0310-9956-ffa450edef68
      dba3b47d
    • Joe Orton's avatar
      Merge r1811976 from trunk: · 43f1c1f1
      Joe Orton authored
      Add optional _RAW suffix to SSL_*_DN_xx attribute names, allowing
      users to convert an attribute value without conversion to UTF-8.  (A
      public CA has issued certs with attributes tagged as the wrong ASN.1
      string types.)
      
      * modules/ssl/ssl_util_ssl.c (asn1_string_convert): Rename from
        asn1_string_to_utf8; add raw argument. Reimplement _to_utf8 as
        macro.
        (modssl_X509_NAME_ENTRY_to_string): Add raw argument.
      
      * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): Use raw
        string conversion if _RAW suffix is present in DN component.
      
      Submitted by: jorton
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826300 13f79535-47bb-0310-9956-ffa450edef68
      43f1c1f1
  14. Mar 04, 2018
  15. Mar 03, 2018