We may have to experimt a bit to get best results. This is a first
attempt.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99303 13f79535-47bb-0310-9956-ffa450edef68

	Note this change (as previously written, it implied that 1.3.5
	had this vulnerability, which is not true). I'm not sure if
	"httpd 2.0" is the preferred name.

-    <p>Note that in versions previous to 2.0.46 no escaping has been performed
+    <p>Note that in httpd 2.0 versions prior to 2.0.46, no escaping was performed
     on the strings from <code>%...r</code>, <code>%...i</code> and
     <code>%...o</code>. This was mainly to comply with the requirements of
     the Common Log Format. This implied that clients could insert control
     characters into the log, so you had to be quite careful when dealing
     with raw log files.</p>

-    <p>For security reasons starting with 2.0.46 non-printable and
+    <p>For security reasons, starting with 2.0.46, non-printable and
     other special characters are escaped mostly by using
     <code>\x<var>hh</var></code> sequences, where <var>hh</var> stands for
     the hexadecimal representation of the raw byte. Exceptions from this
     rule are <code>"</code> and <code>\</code> which are escaped by prepending
-    a backslash, and all whitespace characters that are written in their
-    C-notation (<code>\n</code>, <code>\t</code> etc).</p>
+    a backslash, and all whitespace characters which are written in their
+    C-style notation (<code>\n</code>, <code>\t</code> etc).</p>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99302 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99298 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99294 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:	Hiroaki KAWAI <hawk@bcl.t.u-tokyo.ac.jp>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99293 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99292 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:	Hiroaki KAWAI <hawk@bcl.t.u-tokyo.ac.jp>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99291 13f79535-47bb-0310-9956-ffa450edef68

I changed the references to the auth modules, so that they're matching
the new model, but it probably needs a rewrite anyway.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99288 13f79535-47bb-0310-9956-ffa450edef68

Reviewed by: Astrid Ke�ler, Erik Abele


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99283 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99282 13f79535-47bb-0310-9956-ffa450edef68

complete successfully.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99280 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99279 13f79535-47bb-0310-9956-ffa450edef68

MODSSL_INFO_CB_ARG_TYPE already includes 'SSL' in its type.  Don't duplicate.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99278 13f79535-47bb-0310-9956-ffa450edef68

additionally add reference revision number to de.xml


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99275 13f79535-47bb-0310-9956-ffa450edef68

RFC says.

PR: 18443


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99271 13f79535-47bb-0310-9956-ffa450edef68

- required some changes in DTD, CSS and style/lang/* files

Reviewed by: Astrid Ke�ler, Erik Abele


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99270 13f79535-47bb-0310-9956-ffa450edef68

  Solve SSL-C breakage introduced in mod_ssl.h rev 1.129 and
  ssl_engine_kernel.c rev 1.88.  SSL* is not const under SSL-C.

  I've confirmed Jeff's comment that the original patch doesn't harm
  earlier OpenSSL versions which declared no arguments at all.

  I suspect now that we could fold
     #define MODSSL_BIO_CB_ARG_TYPE const char
     #define MODSSL_CRYPTO_CB_ARG_TYPE const char
     #define MODSSL_INFO_CB_ARG_TYPE const SSL*
  into a single MODSSL_CB_ARG_CONST define, but this works for now.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99263 13f79535-47bb-0310-9956-ffa450edef68

  Noop MS DevStudio IDE change
 to include ssl_toolkit_compat.h
  in the list of project headers.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99261 13f79535-47bb-0310-9956-ffa450edef68

  Note the recent SSL-C fixes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99260 13f79535-47bb-0310-9956-ffa450edef68

as a third parameter rather than manually computing it ourselves.

Add the ' prefix'd --enable-layout so that this can work with an autoconf-2.54+
generated configure.  (Previously, the option would not be dropped with 2.54
or 2.57 since it unconditionally adds single-quotes which our case statement
would not catch.)

Try to shorten long invocations of APR_SUBDIR_CONFIG where possible.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99257 13f79535-47bb-0310-9956-ffa450edef68

- Moved mime.types back to the default location.
- Added mod_ldap and friends, mod_cache and friends.
- Added openldap dependancy.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99256 13f79535-47bb-0310-9956-ffa450edef68

  Have some consistency!  Fixes logic I introduced in 1.37.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99253 13f79535-47bb-0310-9956-ffa450edef68

  Reapply the fix *intended* by rev 1.79 in a safer manner.  Prior to
  all assignments and the final SSL_free(), free ssl_conn->client_cert
  to avoid leaks of this refcounted X509*.  Prereleasing refcounted
  objects is unsafe programming; fix applied to both branches.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99252 13f79535-47bb-0310-9956-ffa450edef68

  EVP_PKEY_free() is refcounted on OpenSSL, but NOT under RSA SSL-C.
  Eliminate a number of test failures by conditionally reverting rev 1.79
  pubkey handling in ssl_engine_kernel.c, except under OpenSSL.

  Also revert a rev 1.79 bogisity for all toolkits; it's entirely bogus
  to release a refcount after setting aside the results in a persistant
  structure, in this case sslconn->client_cert from SSL_get_peer_certificate()
  mustn't be freed while sslconn is still in play.  The proper patch (not
  written yet) is to invoke the X509_free(sslconn->client_cert) when we
  cleanup the sslconn structure.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99250 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99248 13f79535-47bb-0310-9956-ffa450edef68

  A cosmetic change to 1.79 - a real X509 *cert is in play, don't use
  that same variable to retrieve/release the quick lookup and discard
  of the peercert.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99244 13f79535-47bb-0310-9956-ffa450edef68

- add references from the subdocuments to the index file (<parentdocument>)
- fix German sitemap reference revision # to be up-to-date


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99243 13f79535-47bb-0310-9956-ffa450edef68

It may be confusing for people new to apache development.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99241 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99238 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99235 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99232 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99227 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99224 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99221 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99218 13f79535-47bb-0310-9956-ffa450edef68

add a status header.

PR: 18332


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99216 13f79535-47bb-0310-9956-ffa450edef68

(and update transformation)

PR: 18623
Reviewed by: Joshua Slive


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99214 13f79535-47bb-0310-9956-ffa450edef68

from the apache install directory)

further changes are needed to automatically pick up apr and apr-util
include directories; for now, "-Wc,-I/path" needs to be added to the
apxs -c invocation to work around that problem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99213 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99212 13f79535-47bb-0310-9956-ffa450edef68

mod_ext_filter/mod_cgi script children (e.g., exec failure).  This
was broken after such children stopped inheriting the error log
handle.

(For this to work with mod_ext_filter, that module's LogStderr option
has to be on.)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99211 13f79535-47bb-0310-9956-ffa450edef68