git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796864 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796708 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796596 13f79535-47bb-0310-9956-ffa450edef68

HTTP method outside of the HTTPS only handling.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796493 13f79535-47bb-0310-9956-ffa450edef68

Added missing changes for Spanish references to security_tips.html.es in files, missing from commit r1795361

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796460 13f79535-47bb-0310-9956-ffa450edef68

Added new Spanish translation for mod_acccess_compat, as well as the update for files referencing it

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796457 13f79535-47bb-0310-9956-ffa450edef68

these are backported


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796451 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796448 13f79535-47bb-0310-9956-ffa450edef68

URL-decoding doesn't work on EBCDIC.

Submitted By: Hank Ibell <hwibell gmail.com>




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796446 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796391 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796390 13f79535-47bb-0310-9956-ffa450edef68

Check if 'slave' is NULL before using 'slave->keepalives'.

Remove a redundant assignment which is already done in 'h2_slave_destroy'.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796378 13f79535-47bb-0310-9956-ffa450edef68

Both of these checks are problematic without further
work.

status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796352 13f79535-47bb-0310-9956-ffa450edef68

Submitted By: jchampion



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796350 13f79535-47bb-0310-9956-ffa450edef68

  *) core: Deprecate ap_get_basic_auth_pw() and add 
    ap_get_basic_auth_components(). 

Submitted By: Emmanuel Dreyfus <manu netbsd.org>, Jacob Champion, Eric Covener




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796348 13f79535-47bb-0310-9956-ffa450edef68

Consistently pass the expected bio_filter_in_ctx_t
to ssl_io_filter_error(). 

Submitted By: Yann Ylavic




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796343 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796296 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796136 13f79535-47bb-0310-9956-ffa450edef68

As noted by Christophe Jaillet in the dev@ ml nested
if/elseif/else conditions are now evaluated. The code
change has been already backported to 2.4.x.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796135 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795931 13f79535-47bb-0310-9956-ffa450edef68

Suggestion by wrowe. These files haven't changed in years; since we need
them anyway, check them in directly. buildconf will still copy over the
latest versions during setup, and SVN will tell us if there are any
changes (once I remove the svnignore).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-buildconf-noapr@1795928 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795834 13f79535-47bb-0310-9956-ffa450edef68

Patch by rjung.

The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems
when mixed with procedure linkage stubs with some toolchains (e.g. GCC).
OpenSSL's malloc implementation doesn't recognize that the PLT stub
points back to it, which leads to infinite recursion.

Since the 1.1.0 documentation states that calling this function
explicitly is no longer necessary except "in certain shared-library
situations"(?), get rid of it.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795830 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795652 13f79535-47bb-0310-9956-ffa450edef68

Add an explicit NULL to initialise a field in an authn_provider structure, as done in all other places.  PR 60636

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795651 13f79535-47bb-0310-9956-ffa450edef68

When processing a 'SetEnv' directive, warn if the environment variable name includes a '='. It is likely a configuration error.   PR 60249

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795635 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795361 13f79535-47bb-0310-9956-ffa450edef68

has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)

This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1795358 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794857 13f79535-47bb-0310-9956-ffa450edef68

(present in 2.4.x CHANGES)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794853 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794215 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794214 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794163 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794161 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794160 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794159 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794143 13f79535-47bb-0310-9956-ffa450edef68

This sentence has been discussed in the docs@
mailing list since it wasn't super clear for
some people. I propose to just remove it,
the rest of the content is already clear in
my opinion.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794142 13f79535-47bb-0310-9956-ffa450edef68

update after mod_http2 backport



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794053 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: fail requests without ERROR log in case we need to read interim
     responses and see only garbage. This can happen if proxied servers send
     data where none should be, e.g. a body for a HEAD request.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1794049 13f79535-47bb-0310-9956-ffa450edef68