Work around broken cache management in mod_ldap: If LDAPSharedCacheSize is too
small, try to free some memory by purging the cache and log a warning.

Also increase the default LDAPSharedCacheSize to 500000. This is a more
realistic size suitable for the default values of 1024 for LdapCacheEntries and
LdapOpCacheEntries.

PR: 46749

Submitted by: sf
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@892257 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@892256 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@892255 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@891656 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@891642 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@891604 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@891588 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@891105 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@890441 13f79535-47bb-0310-9956-ffa450edef68

Add link from glossary entry for regular expressions to the wikipedia entry,
which seems to be a good reference for PCRE's flavor of regular expression syntax.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@890440 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@890372 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@889971 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@887984 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@886859 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@886801 13f79535-47bb-0310-9956-ffa450edef68

with Fedora. Remove the use of the apachectl script, as a script calling
another script makes no sense. Test for the pidfile specifically, so
that Redhat's scripts don't fall back to using pidof and returning the
status of other httpd processes running on the same box.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@885608 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@885298 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@885280 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@883003 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@882483 13f79535-47bb-0310-9956-ffa450edef68

Return consistent error status for proxy unable to connect
PR 46971

Submitted by: niq
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@882153 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@882152 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@882150 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@882149 13f79535-47bb-0310-9956-ffa450edef68

  mod_charsert_lite: Start honoring the 'NoImplicitAdd' CharsetOption.  
  Unsettable since 2.2.9, before that a no-op.

Reviewed By: covener, trawick, poirier



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@881824 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@881818 13f79535-47bb-0310-9956-ffa450edef68

Apache Jackrabbit.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@881816 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@881810 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@881251 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@880817 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@833879 13f79535-47bb-0310-9956-ffa450edef68

SECURITY: Partial fix for CVE-2009-3555:

Reject client-initiated renegotiations; this is sufficient to prevent
the attack for any configuration which does not require renegotiation
due to per-directory/per-location access control configuration.

Configuration with per-directory/per-location access control
requirements (such as "SSLVerifyClient require") are still vulnerable
to CVE-2009-3555 with this patch applied (if using OpenSSL <= 0.9.8k).

* modules/ssl/ssl_private.h (SSLConnRec): Add reneg_state field.
  (ssl_callback_Info): Renamed from ssl_callback_LogTracingState.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Install
  the (renamed) info callback unconditionally.

* modules/ssl/ssl_engine_io.c (ssl_filter_ctx_t): Add config pointer
  to SSLConnRec.
  (bio_filter_out_write, bio_filter_in_read): Fail with
  APR_ECONNABORTED if the reneg state is set to RENEG_ABORT.

* modules/ssl/ssl_engine_kernel.c (log_tracing_state): Factored out
  of ssl_callback_LogTracingState.
  (ssl_callback_Info): New function.

Submitted by: jorton, rpluem
Reviewed by: jorton, rpluem, dirkx


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@833622 13f79535-47bb-0310-9956-ffa450edef68

are addressed. Anybody else in favor?


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@833118 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@833097 13f79535-47bb-0310-9956-ffa450edef68

ServerAlias and Listen accumulate, not supercede.  The latter of course is n/a to vhosts!

Additional rewording of vhost details.

PR48125



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@832902 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@832164 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@832129 13f79535-47bb-0310-9956-ffa450edef68

mod_rewrite: Make sure that a hostname:port isn't fully qualified if
the request is a CONNECT request.

Submitted by: Bill Zajac <billz consultla.com>
Reviewed by: sf, minfrin, covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@832124 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@831696 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@831645 13f79535-47bb-0310-9956-ffa450edef68