Skip to content
GitLab
  1. 02 Dec, 2004 1 commit
  3. 29 Nov, 2004 1 commit
  5. 27 Nov, 2004 2 commits
  7. 24 Nov, 2004 1 commit
  9. 22 Nov, 2004 1 commit
  11. 20 Nov, 2004 1 commit
  13. 19 Nov, 2004 1 commit
  15. 11 Nov, 2004 1 commit
  17. 10 Nov, 2004 4 commits
  19. 06 Nov, 2004 2 commits
  21. 05 Nov, 2004 2 commits
  23. 04 Nov, 2004 1 commit
  25. 03 Nov, 2004 1 commit
  27. 02 Nov, 2004 1 commit
  29. 01 Nov, 2004 1 commit
  31. 29 Oct, 2004 1 commit
  33. 25 Oct, 2004 1 commit
    • Paul Querna's avatar
      This will put some messages in the error log when some people try a lame · d140d3c4
      Paul Querna authored 
      DoS by just opening a socket, and never sending any data.

Ivan suggested such a change about a month ago, to match the 1.3 behavoir.

Today I helped OSU's Admins figure out that someone was trying this 'attack'
against their mirror server.  The server status just showed hundreds of
Apache Children stuck in Reading.  This will at least hint to the admins
where the problem is by telling them about it in the error log.

Inspired by: Rici Lake, Ivan Ristic <ivanr webkreator.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105583 13f79535-47bb-0310-9956-ffa450edef68
      d140d3c4
  35. 23 Oct, 2004 5 commits
  37. 22 Oct, 2004 1 commit
  39. 18 Oct, 2004 1 commit
  41. 14 Oct, 2004 1 commit
  43. 13 Oct, 2004 1 commit
  45. 10 Oct, 2004 1 commit
  47. 08 Oct, 2004 1 commit
    • Joe Orton's avatar
      Fix CAN-2004-0885: · d107d7d6
      Joe Orton authored 
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
correct cipher suite has been negotiated, else deny access.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
0.9.7, prevent session resumption during a renegotiation to force the
client to negotiate a new (and acceptable) cipher suite.

Submitted by: Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105396 13f79535-47bb-0310-9956-ffa450edef68
      d107d7d6
  49. 04 Oct, 2004 1 commit
  51. 03 Oct, 2004 2 commits
  53. 02 Oct, 2004 1 commit
  55. 29 Sep, 2004 1 commit
  57. 28 Sep, 2004 1 commit
    • Justin Erenkrantz's avatar
      Try to correctly follow RFC 2616 13.3 on validating stale cache responses by · 3a37af26
      Justin Erenkrantz authored 
      teaching mod_cache's cache_select_url and cache_save_filter how to deal with
this corner case.

* modules/experimental/cache_storage.c
  (cache_select_url): If we have a stale entry, save the handle so that
  cache_save_filter can use it later, and make the request conditional.
* modules/experimental/cache_util.c
  (ap_cache_request_is_conditional): Take in a table rather than request_rec.
* modules/experimental/mod_cache.c
  (cache_out_filter): Fix bogus comment.
  (cache_save_filter): If we have already responded to the client, block all
  data; correctly merge in 'stale' handles that are not really stale; set
  r->status where appropriate; serve cached response if 'fresh'
* modules/experimental/mod_cache.h
  (cache_info): Add a status field.
  (cache_request_rec): Add stale handle field and note we may block responses.
  (ap_cache_request_is_conditional): Update prototype.
* modules/experimental/mod_disk_cache.c
  (store_headers): Use cache_info status instead of r->status.
* modules/experimental/mod_mem_cache.c
  (recall_headers): Properly recall the status field.
  (store_headers): Store the status field via cache_info status.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105322 13f79535-47bb-0310-9956-ffa450edef68
      3a37af26