Skip to content
  1. Oct 08, 2005
  2. Oct 07, 2005
  3. Oct 06, 2005
  4. Oct 05, 2005
  5. Oct 03, 2005
  6. Oct 01, 2005
  7. Sep 30, 2005
  8. Sep 29, 2005
  9. Sep 25, 2005
  10. Sep 23, 2005
  11. Sep 21, 2005
  12. Sep 20, 2005
  13. Sep 19, 2005
  14. Sep 18, 2005
  15. Sep 12, 2005
  16. Sep 11, 2005
  17. Sep 10, 2005
  18. Sep 09, 2005
  19. Sep 01, 2005
  20. Aug 31, 2005
  21. Aug 30, 2005
    • Colm MacCarthaigh's avatar
      · f68f2b8a
      Colm MacCarthaigh authored
      Make my PR references consistent with everyone elses.
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264881 13f79535-47bb-0310-9956-ffa450edef68
      f68f2b8a
    • Justin Erenkrantz's avatar
      mod_cgid: Refuse to work on Solaris 10 due to OS bugs. · 5aee5df8
      Justin Erenkrantz authored
      PR: 34264
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264866 13f79535-47bb-0310-9956-ffa450edef68
      5aee5df8
    • Joe Orton's avatar
      Fix CVE CAN-2005-2700: · a344c639
      Joe Orton authored
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
      renegotiation is performed for a transition from "SSLVerifyClient
      optional" to "SSLVerifyClient require".
      
      The boolean "verify_old & SSL_VERIFY_PEER_STRICT" is true if the old
      context merely has optional verification configured, since the
      definition of SSL_VERIFY_PEER_STRICT is
      (SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_PEER).
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264800 13f79535-47bb-0310-9956-ffa450edef68
      a344c639
    • Colm MacCarthaigh's avatar
      · 390c36d0
      Colm MacCarthaigh authored
      Fix PR36410; Change how the get_suexec_identity hook is handled by CGID.
      Instead of using mod_userdir and mod_suexec specific hacks, we now run the hook
      on the httpd side of the handler. 
      
      If this is NULL, we pass on a magic empty_ugid constant, otherwise pass on the
      real ugid.
      
      On the cgid side of the equation, we add our own hook, with REALLY_FIRST, and
      then order the hooks. This ensures that cgid's doer runs before any other
      registered get_suexec_identity doers.
      
      We use cgid's request config to store the ugid. If ugid == empty_ugid, we DON'T
      call ap_os_create_privileged_process, because our doer would return the magic
      empty_ugid constant. Having the doer return NULL is no good, because then
      userdir and mod_suexec's doers would be called. Instead, we call plain old
      apr_proc_create(). 
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264759 13f79535-47bb-0310-9956-ffa450edef68
      390c36d0
  22. Aug 29, 2005
  23. Aug 28, 2005