git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735457 13f79535-47bb-0310-9956-ffa450edef68

Ensure that httpd exits with an error status when the MPM fails
to run.  [Yann Ylavic]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735381 13f79535-47bb-0310-9956-ffa450edef68

[PATCH] mod_rewrite: double escaping of query strings in server context
(like PR50447, for server context)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735379 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735239 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734917 13f79535-47bb-0310-9956-ffa450edef68

mod_reqtimeout: Prevent long response times from triggering a timeout once
the request has been fully read.  PR 59045.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734416 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734413 13f79535-47bb-0310-9956-ffa450edef68

mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake()
hook returns an error.

Submitted by: minfrin
Reviewed by: minfrin, jim, ylavic
Backported by: ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734396 13f79535-47bb-0310-9956-ffa450edef68

mod_rewrite: Add QSL|qslast flag to allow rewrites to files with 
literal question marks in their names. 

PR 58777. 





git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734259 13f79535-47bb-0310-9956-ffa450edef68

reverted in trunk in r1732896. The fix is bad and breaks old loop
avoidance.

Reviewed By: covener, ylavic, jim



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734257 13f79535-47bb-0310-9956-ffa450edef68

mod_ssl: when SSLVerify is disabled (NONE), don't force a renegotiation if
the SSLVerifyDepth applied with the default/handshaken vhost differs from
the one applicable with the finally selected vhost.

Submitted by: ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733476 13f79535-47bb-0310-9956-ffa450edef68

Fix crash in ap_mpm_pod_check call caused by NULL dereference of its parameter
when starting httpd as single process (httpd -X).


Revert changes on mpm_event and mpm_worker from r1711479.
The POD is not used in one process mode for those MPMs.

Follow up to r1711479 and r1733064: CHANGES entry.
Submitted by: jkaluza, ylavic, ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733475 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy: Play/restore the TLS-SNI on new backend connections which
had to be issued because the remote closed the previous/reusable one
during idle (keep-alive) time.


mod_proxy: follow up to r1729826: really copy conn->ssl_hostname.

mod_proxy: follow up to r1729826 + r1729847.
Adjust stacked ssl_hostname maximum size.

mod_proxy: follow up to r1729826 + r1729847 + r1732986.
Don't use magic constants.
Submitted by: ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733474 13f79535-47bb-0310-9956-ffa450edef68

event: slave connection init, vhost early config
Submitted by: icing
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733473 13f79535-47bb-0310-9956-ffa450edef68

hostname: Test and log useragent_host per-request across various modules,
including the scoreboard, expression and rewrite engines, setenvif,
authz_host, access_compat, custom logging, ssl and REMOTE_HOST variables.
PR55348  [William Rowe]

This is the complete change set which applies cleanly to 2.4.x as well,
the server/scoreboard.c will follow, which does not apply due to drift.



A rather ugly patch since the code was refactored recently to exclude
the simple patch for 2.4.x, illustrated below.

Completes the changeset r1729930 and resolves all 2.4.19-dev corrections,
but other 2.5.0-dev specific changes may still be needed on trunk.

--- server/scoreboard.c	(revision 1729907)
+++ server/scoreboard.c	(working copy)
@@ -491,9 +491,8 @@
             ws->conn_bytes = 0;
         }
         if (r) {
-            const char *client = ap_get_remote_host(c, r->per_dir_config,
-                                 REMOTE_NOLOOKUP, NULL);
-            if (!client || !strcmp(client, c->client_ip)) {
+            const char *client;
+            if (!(client = ap_get_useragent_host(r, REMOTE_NOLOOKUP, NULL))) {
                 apr_cpystrn(ws->client, r->useragent_ip, sizeof(ws->client));
             }
             else {


Submitted by: wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733282 13f79535-47bb-0310-9956-ffa450edef68

Introduce an ap_get_useragent_host() accessor to replace the old
ap_get_remote_host() in most applications, but preserve the original
behavior for all ap_get_remote_host() consumers (mostly, because we
don't have the request_rec in the first place, and also to avoid any
unintended consequences).

This accessor continues to store the remote_host of connection based
uesr agents within the conn_rec for optimization.  Only where some
other module modifies the useragent_addr will we perform a per-request
query of the remote_host.

(Fixed compilation issues noted by Ranier, applies to 2.4.x trunk,
modulo CHANGES and ap_mmn.h)


Submitted by: wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733281 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733278 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733259 13f79535-47bb-0310-9956-ffa450edef68

* Introduce SSLOCSPProxyURL in order to do OCSP requests via a HTTP proxy.
  Documentation to follow.


* Change entry and documentation for SSLOCSPProxyURL
Submitted by: rpluem
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733066 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1732281 13f79535-47bb-0310-9956-ffa450edef68

mod_cache_socache: Fix a possible cached entity body corruption when it
is received from an origin server in multiple batches and forwarded by
mod_proxy.

Upstream buckets should be setaside when saving response body (store_body),
but since those will finally be flatten in the cache buffer (commit_entity),
let's save them directly into the buffer to avoid heap allocation(s) and
the final copy.

Reported by: Mike Pastore <mike oobak.org> 

Submitted by: ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1731082 13f79535-47bb-0310-9956-ffa450edef68

mod_alias: Introduce expression parser support for Alias, ScriptAlias
and Redirect.


Use unsigned bit fields.


mod_alias: follow up to r1653941.
Fill empty APLOGNO().


mod_alias: follow up to r1653941.
Limit Redirect expressions to directory (Location) context
and redirect statuses (implicit or explicit).


mod_alias: follow up to r1686853.
Factorize code (no functional change).
Submitted by: minfrin, ylavic, ylavic, ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1731081 13f79535-47bb-0310-9956-ffa450edef68

Prevent an external proxy from presenting an internal proxy
in mod_remoteip.c. PR 55962.

Submitted by: mrumph
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1730684 13f79535-47bb-0310-9956-ffa450edef68

allow expressions to be used in SetHandler. Opt-in with expr= prefix.



from feedback, assume all parameters to SetHandler are expressions.

I couldnt come up with a plausible handler name that was an 
invalid expression.


1726233 temporarily broke UDS r->handler case sensitivity


1726233 temporarily broke UDS r->handler case sensitivity

Submitted by: covener
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1729876 13f79535-47bb-0310-9956-ffa450edef68

* Ensure that proto_num and protocol is set in another "error out early" edge
  case. This can happen with invalid CONNECT requests as described in the PR.

PR: 58929

Submitted by: rpluem
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1729875 13f79535-47bb-0310-9956-ffa450edef68

handling TIMEUP on SSL inputs by allowing later retries
Submitted by: icing
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1729874 13f79535-47bb-0310-9956-ffa450edef68

detected by coccinelle).

There are some more but they are easier to
backport once these here are applied.

Backport of r1725392, r1725394, r1725395
and r1725468 from trunk.

Submitted by: rjung
Reviewed by: jim, ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1729495 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1727397 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1727393 13f79535-47bb-0310-9956-ffa450edef68

 
  *) mod_proxy_fcgi: Suppress HTTP error 503 and message 01075, 
     "Error dispatching request", when the cause appears to be 
     the client closing the connection. 

PR58118.  

Submitted By: Tobias Adolph <adolph lrz.de>
Committed By: covener


Submitted by: covener
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1726019 13f79535-47bb-0310-9956-ffa450edef68

flush errors are TRACE1 in the core output filter now.



Remove APLOGNO after moving log message to
TRACE1 in r1724847.

Submitted by: covener, rjung
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1726018 13f79535-47bb-0310-9956-ffa450edef68

  *) mod_rewrite: Avoid looping on relative substitutions that
     result in the same filename we started with. PR 58854.
     [Eric Covener]


Previously, the comparison of old and new filename happened before
some prefixes might be added.


Submitted by: covener
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1726016 13f79535-47bb-0310-9956-ffa450edef68

Add common extension "m4a" for MPEG 4 Audio to
mime.types.

As a reference see Wikipedia:
https://en.wikipedia.org/wiki/MPEG-4_Part_14#.MP4_versus_.M4A

PR: 57895

Submitted by: rjung
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1725509 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1725500 13f79535-47bb-0310-9956-ffa450edef68

add GlobalLog directive to allow a diagnostic log to be inherited
by all virtual hosts, even if they define their own logs.

Submitted By: Edward Lu <Chaosed0 gmail.com>
Committed by: covener



document GlobalLog

Submitted by: covener
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1722340 13f79535-47bb-0310-9956-ffa450edef68

r1715014 somehow put it in 2.4.17, whereas it was really backported in 2.4.18.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1721907 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1718694 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1718692 13f79535-47bb-0310-9956-ffa450edef68

using c->master for ssl var lookups when c holds no valid SSLConnRec. Fixes PR58666.
Submitted by: icing
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1718331 13f79535-47bb-0310-9956-ffa450edef68

Fix the use of the default 'flush' provider.
Improve documentation for the "flusher" parameter.
Remove useless empty lines.

See http://mail-archives.apache.org/mod_mbox/httpd-dev/200812.mbox/%3C494226C0.4050407@force-elite.com%3E for some more explanation.
A python script is given there to test.
I had to tweak it to have it work
(use:
        fd, payload = passfd.recvfd(conn.fileno())
instead of:
        fd = passfd.recvfd(conn.fileno())
)


This is a r1058621 regression, where somehow "char *flusher" has been turned into a "char flusher[]". So it is been broken since the beginning of 2.4.x

After this change (i.e. r1058621), 'flusher' is no more a pointer (NULL'ed when the structure it belongs to is created) but the address of an array within a structure. It can not be NULL anymore.
So, we now have to look at the content of the array itself to see if it has been initialized or if we have to use the default value instead.
Submitted by: jailletc36
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1718324 13f79535-47bb-0310-9956-ffa450edef68