Skip to content
GitLab
  1. 23 May, 2017 3 commits
    • Jim Jagielski's avatar
      Merge r1795830 from trunk: · 2d388a7a
      Jim Jagielski authored 
      ab: don't call malloc_init for OpenSSL 1.1.0

Patch by rjung.

The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems
when mixed with procedure linkage stubs with some toolchains (e.g. GCC).
OpenSSL's malloc implementation doesn't recognize that the PLT stub
points back to it, which leads to infinite recursion.

Since the 1.1.0 documentation states that calling this function
explicitly is no longer necessary except "in certain shared-library
situations"(?), get rid of it.
Submitted by: jchampion
Reviewed by: jchampion, ylavic, gsmith


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795907 13f79535-47bb-0310-9956-ffa450edef68
      2d388a7a
    • Jim Jagielski's avatar
      Merge r1792589 from trunk: · 0e4494a2
      Jim Jagielski authored 
      Evaluate nested If/ElseIf/Else config sections

It has been reported multiple times that nested
If/ElseIf/Else sections are not evaluated but
silently ignored.

This patch adds a simple recursion to the ap_if_walk
logic in order to allow arbitrary nested configs.
The overhead seems negligible compared to the actual
version of the ap_if_walk, but more expert feedback
is surely needed since this code gets called for every
HTTP request.

Tests are going to be added to t/apache/if_sections.t


Submitted by: elukey
Reviewed by: elukey, jim, yalvic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795906 13f79535-47bb-0310-9956-ffa450edef68
      0e4494a2
    • Christophe Jaillet's avatar
      Proposal · 632e9417
      Christophe Jaillet authored 
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795877 13f79535-47bb-0310-9956-ffa450edef68
      632e9417
  3. 22 May, 2017 8 commits
  5. 16 May, 2017 1 commit
    • William A. Rowe Jr's avatar
      Remove 3DES by default for users of older crypto librarys; the cipher · fe5c12ec
      William A. Rowe Jr authored 
      has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)

This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795359 13f79535-47bb-0310-9956-ffa450edef68
      fe5c12ec
  7. 11 May, 2017 1 commit
    • Eric Covener's avatar
      Merge r1791400 from trunk: · 53463dbf
      Eric Covener authored 
      mod_substitute: use local/native LF for splitting

On platforms where the APR_ASCII_LF != '\n', like EBCDIC systems,
strmatch or pcre patterns from the source or config will be in
the native encoding, and this module will really only work on 
content in the native encoding.

(mod_substitute runs before mod_charset_lite for a similar reason)

I thought #if APR_CHARSET_EBCDIC or even #ifdef __MVS__ was overkill
here. 



(CTR due to ebcdic-only)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794856 13f79535-47bb-0310-9956-ffa450edef68
      53463dbf
  9. 06 May, 2017 2 commits
  11. 05 May, 2017 3 commits
  13. 02 May, 2017 6 commits
  15. 01 May, 2017 5 commits
  17. 29 Apr, 2017 2 commits
  19. 28 Apr, 2017 1 commit
  21. 27 Apr, 2017 4 commits
  23. 26 Apr, 2017 2 commits
  25. 25 Apr, 2017 2 commits