- Jun 13, 2018
-
-
Christophe Jaillet authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1833471 13f79535-47bb-0310-9956-ffa450edef68
-
- Jun 06, 2018
-
-
Jim Jagielski authored
mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken by 2.4.30. Overwriting server config in pre_config hook breaks EXEC_ON_READ directives, it's automatically created on purpose anyway. PR 62220. Follow up to r1832580: correct CHANGES entry. Submitted by: ylavic Reviewed by: ylavic, wrowe, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1833070 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
mod_remoteip: Set useragent port to zero PR59931 When overriding the useragent address from X-Forwarded-For, zero out what had been initialized as the connection-level port. Submitted By: Hank Ibell <hwibell gmail.com> Reviewed by: ylavic, covener, icing git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1833007 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
mpm_unix(es): cleanup properly on exit in one_process mode. We can't destroy ap_pglobal in the MPMs because clean_child_exit() runs in a DSO which would be unloaded under us. So we defer an ap_terminate() with atexit() in ap_unixd_mpm_set_signals(), all this is static/builtin code in "os/unix/unixd.c". Follow up to r1822537: replace static variable with pool userdata. Also adds a comment and a CHANGES entry. Submitted by: ylavic Reviewed by: ylavic, jim, icing git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1833005 13f79535-47bb-0310-9956-ffa450edef68
-
- May 31, 2018
-
-
Christophe Jaillet authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832644 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
add an <IfFile> config section like <IfDefine> It allows a non httpd config file to be used as a marker directly in httpd.conf without hiding logic in a script in front of apachectl to do test -f and pass extra -D's. This is something we've had in IBM's httpd distro for a little bit and hadn't remembered to share. I've seen some questions/config files come up in a few places lately that would benefit from this as an option. Remove duplicate implementations of conditional section function. No functional change. * server/core.c (start_cond_section): Factor out from start_if*. Adjust to use apr_strmemdup. (test_ifmod_section, test_iffile_section, test_ifdefine_section): Move container-specific tests into callbacks from start_if*. (core_cmds): Adjust <IfFile, <IfDefine, <IfModule to use start_cond_section with callbacks. Add <IfDirective> and <IfSection>: * server/core.c (test_ifdirective_section, test_ifsection_section): New callbacks. (core_cmds): Define new directives. * include/http_config.h, server/config.c (ap_exists_directive): New function. * include/ap_mmn.h: Bump MMN minor for above. * docs/manual/mod/core.xml: Add docs. * server/core.c (start_cond_section): Comment & variable name fixes, no functional change. Submitted by: covener, jorton Reviewed by: jorton, ylavic, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832623 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832612 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_proxy_balancer: Add hot spare member type and corresponding flag (R). Hot spare members are used as drop-in replacements for unusable workers in the same load balancer set. This differs from hot standbys which are only used when all workers in a set are unusable. PR 61140. mod_proxy_balancer: follow up to r1828890: indentation and 80 col. Submitted by: jhriggs, ylavic Reviewed by: jhriggs, jim, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832609 13f79535-47bb-0310-9956-ffa450edef68
-
- May 30, 2018
-
-
Jim Jagielski authored
suexec: Add support for logging to syslog as an alternative to a logfile. * support/suexec.c (err_output) [AP_LOG_SYSLOG]: Log to syslog. (main): Close syslog fd if open, before execv. Add -V output for AP_LOG_SYSLOG. * configure.in: Add --with-suexec-syslog argument; allow --without-suexec-logfile to omit definition of AP_LOG_EXEC. suexec: Support use of setgid/setuid capability bits on Linux, a weaker set of privileges than the full setuid/setgid root binary. * configure.in: Add --enable-suexec-capabilites flag. * Makefile.in: If configured, use setcap instead of chmod 7555 on installed suexec binary. * modules/arch/unix/mod_unixd.c (unixd_pre_config): Drop test for setuid bit if capability bits are used. * docs/manual/: Add docs. * docs/manual/suexec.html.en: Update for syslog logging. * configure.in: Correct handling of --with-suexec-logfile in r1341905, thanks to rpluem. * support/suexec.c: Define AP_LOG_FACILITY. (err_output): Use AP_LOG_FACILITY for syslog facility. Suggested by: kbrand * configure.in: Fix help text for --with-suexec-syslog. Submitted by: jorton Reviewed by: jorton, ylavic, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832565 13f79535-47bb-0310-9956-ffa450edef68
-
- May 29, 2018
-
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832499 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832498 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
* modules/ssl/ssl_engine_init.c (ssl_init_Module): Don't enable SSL for a vhost if SSLEnable is not used and no certs are configured, even if the Listen protocol is "https". Restores behaviour to that prior to r1809303 for configs which would now otherwise fail at startup. Submitted by: jorton Reviewed by: jorton, jim, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832495 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
if the ErrorLog directive is configured with the 'syslog' prefix. PR 62102 trunk patch: none, as far as I can see the code in trunk diverged too much due to the code in STALLED for ap_errorlog_provider. Submitted by: elukey, jhriggs, jailletc36 Reviewed by: elukey, jhriggs, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832493 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
Instrument 'bbout' mod_http2: use proper ARP defined for formatting apr_off_t On the trunk: mod_http2: on level trace2, log any unsuccessful HTTP/2 direct connection upgrade with base64 encoding to unify its appearance in possible bug reports. On the trunk: * mod_http2: calculate unencrypted connection sniffing base64 only when log level is at required height. [Ruediger Pluem] On the trunk: mod_http2: accurate reporting of h2 data input/output per request via mod_logio. Fixes an issue where output sizes where counted n-times on reused slave connections. See gituhub issue: https://github.com/icing/mod_h2/issues/158 Submitted by: jailletc36, icing, icing, icing, icing Reviewed by: icing, jim, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832489 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
On the trunk: mod_http2: always wake up any conditional waits when streams are aborted. Fixes race conditions where timeouts would trigger instead. Submitted by: icing Reviewed by: icing, jim, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832487 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
* When mod_http2 is loaded more then ThreadsPerChild backend connections can be useful as mod_http2 has an additional thread pool on top of ThreadsPerChild. But leave the default with ThreadsPerChild. * Add some some comment why we do not limit hmax any longer mod_proxy: follow up to r1822849. Get the help(er) of mod_http2 to determine how much connections should be handled in the reslist by default (i.e. max_threads). mod_proxy: follow up to r1822849 and r1822878. Does r1822878's "static" APR_RETRIEVE_OPTIONAL_FN work if, say, mod_proxy is builtin but mod_http2 isn't? Not worth taking the risk here since it's not a fast path... Note: if this is an issue, I'm afraid it applies elsewhere too. mod_proxy: follow up to r1822849 and r1822879. Fix my maths, thanks Stefan and Rüdiger! needs mod_http2.h * Add missing CHANGES entry for revisions 1822849,1822858,1822878,1822879,1822883,1828485 Submitted by: rpluem, ylavic, ylavic, ylavic, gsmith, rpluem Reviewed by: rpluem, jim, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832485 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 26, 2018
-
-
Jim Jagielski authored
PR62186: preserve %<m for ErrorDocument internal redirects *) core: Preserve the original HTTP request method in the '%<m' LogFormat when an path-based ErrorDocument is used. PR 62186. [Micha Lenk <micha lenk.info>] Submitted By: Micha Lenk Committed By: covener Submitted by: covener Reviewed by: covener, jhriggs, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1830248 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 18, 2018
-
-
Daniel Ruggeri authored
trunk patch: http://svn.apache.org/r1827196 2.4.x patch: svn merge -c 1827196 ^/httpd/httpd/trunk . +1: icing, ylavic, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1829486 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 09, 2018
-
-
Jim Jagielski authored
mod_dumpio: do nothing below log level TRACE7. For instance, depending on EnableMMAP/Sendfile configuration, don't split file brigades to 8K heap buckets upon reading. mod_dumpio: follow up to r1818802. Negate APLOGctrace7(c) test! Also, return DECLINED when nothing is to be done, same result as OK but possibly more semantically correct. Submitted by: ylavic Reviewed by: jailletc36, jorton, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1828743 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_md: Fix compilation with OpenSSL before version 1.0.2. Symbol ASN1_TIME_diff is only available for 1.0.2+, but luckily alternative code we can use is already available, originally written for the LibreSSL case. Submitted by: rjung Reviewed by: rjung, ylavic, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1828741 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_ssl: Fix merging of proxy SSL context outside <Proxy> sections. Regression introduced in 2.4.30. PR 62232. The proxy SSL_CTX was not inherited from the vhost (the only available in 2.4.29) in/for any directory context besides <Proxy>... Mostly debugged and fixed by Rainer, thanks! Submitted by: ylavic Reviewed by: ylavic, rpluem, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1828735 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
copy apr_sockaddr_is_wildcard to maintain 1.4.x support. CHANGES for r1827654 Submitted by: covener Reviewed by: covener, ylavic, rpluem, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1828734 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1828672 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
modules/md/mod_md.h is now a new public API also used by other modules (currently mod_ssl), so it must be in the include path. It was missing for cmake builds. Note that this change does not yet enable building mod_md itself using cmake. That part is still missing. CTR (cmake builds only). Backport of r1828669 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1828670 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 26, 2018
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827782 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 24, 2018
-
-
Christophe Jaillet authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827651 13f79535-47bb-0310-9956-ffa450edef68
-
Christophe Jaillet authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827650 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827635 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
bump CVE's to top of each release git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827634 13f79535-47bb-0310-9956-ffa450edef68
-
Daniel Ruggeri authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827622 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 23, 2018
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827594 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 20, 2018
-
-
Eric Covener authored
PR62200: EBCDIC: ap_rgetline APR_ENOSPC On EBCDIC systems, translation does not occur in ap_rgetline() if the line is larger than the buffer size. (note: No STATUS vote for EBCDIC fix) Submitted By: Hank Ibell Committed By: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827360 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 17, 2018
-
-
Daniel Ruggeri authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1827120 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 15, 2018
-
-
Yann Ylavic authored
Fix timeout logging in ap_process_request(). We can't use 'r' after ap_process_request_after_handler(), the core output filter might have cleaned up its deferred bucket brigade on error, including the EOR bucket. Reported by: steffenal Closes SpiderLabs/ModSecurity#1542 Follow up to r1826556: CHANGES entry. Submitted by: ylavic Reviewed by: ylavic, covener, rjung git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826899 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
mod_slotmem_shm: SHMs need to be attached in MPM winnt children processes. We can't (re-)create them since they exist already and are owned by the parent process. Submitted by: ylavic Reviewed by: ylavic, covener, rjung git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826897 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
htpasswd/htdigest: Disable support for bcrypt on EBCDIC platforms. apr-util's bcrypt implementation doesn't tolerate EBCDIC. Submitted by: rjung Reviewed by: rjung, covener, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826892 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
ab: try all destination socket addresses returned by apr_sockaddr_info_get instead of failing on first one when not available. Needed for instance if localhost resolves to both ::1 and 127.0.0.1 e.g. if both are in /etc/hosts. ab: Use only one connection to determine working destination socket address. Submitted by: rjung Reviewed by: rjung, covener, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826891 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
htpasswd/htdbm: report the right limit when get_password() overflows. Submitted by: rjung Reviewed by: rjung, covener, jailletc36 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826888 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
htpasswd: Don't fail in -v mode if password file is unwritable. PR 61631. Submitted by: rjung Reviewed by: rjung, ylavic, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826887 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
htpasswd: don't point to (unused) stack memory on output to make static analysers happy. PR 60634. Submitted by: rjung Reviewed by: rjung, ylavic, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826886 13f79535-47bb-0310-9956-ffa450edef68
-