Skip to content
  1. May 23, 2017
    • Jim Jagielski's avatar
      Merge r1795830 from trunk: · 2d388a7a
      Jim Jagielski authored
      ab: don't call malloc_init for OpenSSL 1.1.0
      
      Patch by rjung.
      
      The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems
      when mixed with procedure linkage stubs with some toolchains (e.g. GCC).
      OpenSSL's malloc implementation doesn't recognize that the PLT stub
      points back to it, which leads to infinite recursion.
      
      Since the 1.1.0 documentation states that calling this function
      explicitly is no longer necessary except "in certain shared-library
      situations"(?), get rid of it.
      Submitted by: jchampion
      Reviewed by: jchampion, ylavic, gsmith
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795907 13f79535-47bb-0310-9956-ffa450edef68
      2d388a7a
    • Jim Jagielski's avatar
      Merge r1792589 from trunk: · 0e4494a2
      Jim Jagielski authored
      Evaluate nested If/ElseIf/Else config sections
      
      It has been reported multiple times that nested
      If/ElseIf/Else sections are not evaluated but
      silently ignored.
      
      This patch adds a simple recursion to the ap_if_walk
      logic in order to allow arbitrary nested configs.
      The overhead seems negligible compared to the actual
      version of the ap_if_walk, but more expert feedback
      is surely needed since this code gets called for every
      HTTP request.
      
      Tests are going to be added to t/apache/if_sections.t
      
      
      Submitted by: elukey
      Reviewed by: elukey, jim, yalvic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795906 13f79535-47bb-0310-9956-ffa450edef68
      0e4494a2
    • Christophe Jaillet's avatar
      Proposal · 632e9417
      Christophe Jaillet authored
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795877 13f79535-47bb-0310-9956-ffa450edef68
      632e9417
  2. May 22, 2017
  3. May 16, 2017
    • William A. Rowe Jr's avatar
      Remove 3DES by default for users of older crypto librarys; the cipher · fe5c12ec
      William A. Rowe Jr authored
      has been reclassified in current OpenSSL releases as WEAK due to 112
      or fewer bits of remaining cipher strength, while the Sweet32 disclosure
      extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
      same issue, is never enabled by default in OpenSSL, due to patent concerns.)
      
      This commit does not change default httpd behavior, but alters the suggested
      behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
      no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
      The same net effect occurs where OpenSSL is updated to 1.1.0.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795359 13f79535-47bb-0310-9956-ffa450edef68
      fe5c12ec
  4. May 11, 2017
    • Eric Covener's avatar
      Merge r1791400 from trunk: · 53463dbf
      Eric Covener authored
      mod_substitute: use local/native LF for splitting
      
      On platforms where the APR_ASCII_LF != '\n', like EBCDIC systems,
      strmatch or pcre patterns from the source or config will be in
      the native encoding, and this module will really only work on 
      content in the native encoding.
      
      (mod_substitute runs before mod_charset_lite for a similar reason)
      
      I thought #if APR_CHARSET_EBCDIC or even #ifdef __MVS__ was overkill
      here. 
      
      
      
      (CTR due to ebcdic-only)
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794856 13f79535-47bb-0310-9956-ffa450edef68
      53463dbf
  5. May 06, 2017
  6. May 05, 2017
  7. May 02, 2017
  8. May 01, 2017
  9. Apr 29, 2017
  10. Apr 28, 2017
  11. Apr 27, 2017
  12. Apr 26, 2017
  13. Apr 25, 2017