mod_substitute: Make maximum line length configurable.


Add docs for new directive SubstituteMaxLineLength
in mod_substitute.

Submitted by: rjung
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1634523 13f79535-47bb-0310-9956-ffa450edef68

mod_substitute: Fix memory limitation in case of
regexp plus flatten.

The maxlen argument of ap_varbuf_regsub() is unsigned.
Passing in "AP_SUBST_MAX_LINE_LENGTH - vb.strlen"
in case vb.strlen got to big didn't result in the
expected error but instead was handled as a very big
maxlen.


Add CHANGES for r1628104.
(mod_substitue: Fix memory limitation in case of
regexp plus flatten.)

Submitted by: rjung
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1634522 13f79535-47bb-0310-9956-ffa450edef68

PR53218
Allow for longer worker names and make truncation a non-fatal
error... 


Correct loglevel.


oops... prepend 0

Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1634520 13f79535-47bb-0310-9956-ffa450edef68

mod_dav: set r->status_line in dav_error_response.
It's used as argument in next ap_rvputs call. PR 55426.

Submitted by: jkaluza
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1634519 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_http: Avoid (unlikely) access to freed memory.

Submitted by: ylavic
Reviewed by: ylavic, jorton, rjung
Backported by: jailletc36

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1632736 13f79535-47bb-0310-9956-ffa450edef68

http_protocol: fix logic in ap_method_list_(add|remove) in order:
       - to correctly reset bits
       - not to modify the 'method_mask' bitfield unnecessarily

Submitted by: jailletc36
Reviewed by: jailletc36, ylavic, rjung
Backported by: jailletc36

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1632440 13f79535-47bb-0310-9956-ffa450edef68

mod_slotmem: Increase log level for some originally debug messages.

Submitted by: jim
Reviewed by: jim, ylavic, rjung
Backported by: jailletc36

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1632437 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1631685 13f79535-47bb-0310-9956-ffa450edef68

In 2.4.10, AuthLDAPBindDN might not be used for some LDAP searches, causing 
LDAP authz failures if AuthLDAPBindDN was able to search through more of
LDAP than web users.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1631119 13f79535-47bb-0310-9956-ffa450edef68

mod_macro: Remove APLOG_NOERRNO. Add some APLOGNO. Fix some alignment.

Submitted by: jailletc36
Reviewed by: jailletc36, rjung, covener
backported by: jailletc36

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1631118 13f79535-47bb-0310-9956-ffa450edef68

SECURITY (CVE-2014-3581): Fix a mod_cache NULL pointer deference
in Content-Type handling.

mod_cache: Avoid a crash when Content-Type has an empty value. PR56924.

Submitted By: Mark Montague <mark catseye.org>
Reviewed By: Jan Kaluza

Submitted by: jkaluza
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1627749 13f79535-47bb-0310-9956-ffa450edef68

don't let handlers start with r->status = 304 during a failed revalidation

PR56881



Fix typo in comment.

Submitted by: covener, rjung
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1627745 13f79535-47bb-0310-9956-ffa450edef68

mod_status should honor remote_ip as documented

Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1627744 13f79535-47bb-0310-9956-ffa450edef68

to be seen from auth stanzas under virtual hosts. PR 56870. [Eric Covener]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1626203 13f79535-47bb-0310-9956-ffa450edef68

Fix a cmake compatiblity issue related to quoting with cmake 2.8.12
and later.

PR: 56615
Submitted by: Chuck Liu <cliu81 gmail.com>, trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1625199 13f79535-47bb-0310-9956-ffa450edef68

PR56832 -- mod_ratelimit reports at ERROR level everytime a lower-level filter
encounters an error. Since the core output filter only emits TRACE1, a higher
level filter shouldn't log the same condition as ERROR.


Submitted by: covener
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1622708 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1622359 13f79535-47bb-0310-9956-ffa450edef68

Avoid useless warning message when parsing a section guarded by <IfDefine foo> if $(foo) is used within the section.
PR 56503

Submitted by: jailletc36
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621603 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_fcgi: Fix faulty logging of large amounts of stderr from the
application.

PR: 56858
Submitted by: Manuel Mausz <manuel-asf mausz.at>
Reviewed by: trawick

Submitted by: trawick
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621602 13f79535-47bb-0310-9956-ffa450edef68

PR53420: Proxy responses with error status and
"ProxyErrorOverride On" hang until proxy timeout.

Regression from 2.2. It was introduced by r912063
in order to fix PR41646.


Switch preference for headers, Transfer-Encoding
first, Content-Length second.

Addition to r1615289.

Submitted by: rjung
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621601 13f79535-47bb-0310-9956-ffa450edef68

part of the trailers fix 


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621552 13f79535-47bb-0310-9956-ffa450edef68

core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier.  Adds "MergeTrailers" directive to restore
legacy behavior.

Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener
Backports: r1610814
Reviewed by: covener, wrowe, ylavic



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619884 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611744 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611595 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611194 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610760 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610745 13f79535-47bb-0310-9956-ffa450edef68

one-liner down first ;)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610738 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610737 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610670 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610661 13f79535-47bb-0310-9956-ffa450edef68

SECURITY (CVE-2014-3523): Fix a memory consumption denial of
service in the WinNT MPM used in all Windows installations.
Workaround: AcceptFilter <protocol> {none|connect}

Submitted by: trawick
Reviewed by: jorton, covener, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610653 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610641 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610517 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610516 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610514 13f79535-47bb-0310-9956-ffa450edef68

    *) SECURITY: CVE-2014-0231 (cve.mitre.org)
       mod_cgid: Fix a denial of service against CGI scripts that do
       not consume stdin that could lead to lingering HTTPD child processes
       filling up the scoreboard and eventually hanging the server.
       [Rainer Jung, Eric Covener, Yann Ylavic]

Submitted By: rjung, covener, ylavic
Reviewed By: trawick, jorton, covener, jim




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610512 13f79535-47bb-0310-9956-ffa450edef68

      *) SECURITY: CVE-2014-0118 (cve.mitre.org)
         mod_deflate: The DEFLATE input filter (inflates request bodies) now
         limits the length and compression ratio of inflated request bodies to avoid
         denial of sevice via highly compressed bodies.  See directives
         DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
         and DeflateInflateRatioBurst.

    Thanks to Giancarlo Pellegrino and Davide Balzarotti for reporting the issue.

Submitted By: ylavic, covener
Reviewed By: jorton, covener, jim 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610503 13f79535-47bb-0310-9956-ffa450edef68

SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling,
which could lead to a heap buffer overflow.  Thanks to Marek Kroemeke
working with HP's Zero Day Initiative for reporting this.

* include/scoreboard.h: Add ap_copy_scoreboard_worker.

* server/scoreboard.c (ap_copy_scoreboard_worker): New function.

* modules/generators/mod_status.c (status_handler): Use it.

* modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise.

Reviewed by: trawick, jorton, covener, jim
Submitted by: jorton, covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610499 13f79535-47bb-0310-9956-ffa450edef68

This issue affected httpd versions 2.4.5 and 2.4.6 only.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610495 13f79535-47bb-0310-9956-ffa450edef68