Skip to content
  1. Sep 05, 2018
    • Yann Ylavic's avatar
      util_filter: protect ap_filter_t private fields from external (ab)use. · 1c4f17b8
      Yann Ylavic authored
      Introduce opaque struct ap_filter_private to move ap_filter_t "pending", "bb"
      and "deferred_pool" fields to the "priv" side of things.
      
      This allows to trust values set internally (only!) in util_filter code, and
      make useful assertions between the different functions calls, along with the
      usual nice extensibility property.
      
      Likewise, the private struct ap_filter_conn_ctx in conn_rec (from r1839997)
      allows now to implement the new ap_acquire_brigade() and ap_release_brigade()
      functions useful to get a brigade with c->pool's lifetime. They obsolete
      ap_reuse_brigade_from_pool() which is replaced where previously used.
      
      Some comments added in ap_request_core_filter() regarding the lifetime of the
      data it plays with, up to EOR...
      
      MAJOR bumped (once again).
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1840149 13f79535-47bb-0310-9956-ffa450edef68
      1c4f17b8
  2. Sep 04, 2018
  3. Sep 03, 2018
    • Yann Ylavic's avatar
      core: always allocate filters (ap_filter_t) on f->c->pool. · b156c592
      Yann Ylavic authored
      When filters are allocated on f->r->pool, they may be destroyed any time
      underneath themselves which makes it hard for them to be passed the EOR and
      forward it (*f can't be dereferenced anymore when the EOR is destroyed, thus
      before request filters return).
      
      On the util_filter side, it also makes it impossible to flush pending request
      filters when they have set aside the EOR, since f->bb can't be accessed after
      it's passed to the f->next.
      
      So we always use f->c->pool to allocate filters and pending brigades, and to
      avoid leaks with keepalive requests (long living connections handling multiple
      requests), filters and brigades are recycled with a cleanup on f->r->pool.
      
      Recycling is done (generically) with a spare data ring (void pointers), and a
      filter(s) context struct is associated with the conn_rec to maintain the rings
      by connection, that is:
      
          struct ap_filter_conn_ctx {
              struct ap_filter_ring *pending_input_filters;
              struct ap_filter_ring *pending_output_filters;
      
              struct ap_filter_spare_ring *spare_containers,
                                          *spare_brigades,
                                          *spare_filters,
                                          *spare_flushes;
              int flushing;
          };
      
      MMN major bumped (again).
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839997 13f79535-47bb-0310-9956-ffa450edef68
      b156c592
    • Stefan Eissing's avatar
      On the trunk: · c1b278a3
      Stefan Eissing authored
      Reverting change 1839920, making TLSv1.3 part of "all" again, if supported by the SSL library.
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839946 13f79535-47bb-0310-9956-ffa450edef68
      c1b278a3
    • Yann Ylavic's avatar
      util_filter: split pending filters ring in two: input and output ones. · 3c6c689c
      Yann Ylavic authored
      Pending input and output are now maintained separately in respectively
      c->pending_input_filters and c->pending_output_filters, which improves
      both performances and debug-ability.
      
      Also, struct ap_filter_ring is made opaque, it's only used by util_filter
      and this will allow us to later change it e.g. to a dual ring+apr_hash to
      avoid quadratic search in ap_filter_prepare_brigade().
      
      MMN major bumped due to the change in conn_rec (this is trunk only code
      anyway for now).
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839933 13f79535-47bb-0310-9956-ffa450edef68
      3c6c689c
    • Stefan Eissing's avatar
      On the trunk: · 9aba7000
      Stefan Eissing authored
      SSL protocl TLSv1.3 no longer part of 'all' when configured. Needs to be added explicitly.
      When using 'modern' as SSL policy, TLSv1.3 is enabled.
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1839920 13f79535-47bb-0310-9956-ffa450edef68
      9aba7000
  4. Aug 31, 2018
  5. Aug 29, 2018
  6. Aug 28, 2018
  7. Aug 27, 2018
  8. Aug 26, 2018
  9. Aug 24, 2018
  10. Aug 22, 2018
  11. Aug 20, 2018
  12. Aug 18, 2018
  13. Aug 17, 2018