- Dec 02, 2014
-
-
Jim Jagielski authored
*) SECURITY: CVE-2014-8109 (cve.mitre.org) mod_lua: Fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments. PR57204 [Edward Lu <Chaosed0 gmail.com>] Submitted By: Edward Lu Committed By: covener Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642861 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
avoid dereferencing a recently apr_pool_clear()'ed event_conn_state_t *cs in several paths where ptrans is being recycled at the end of a request. event, eventopt: follow up to r1638879 and r1639960. Clear the pool in ap_push_pool() before recycling. Submitted by: covener, ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642859 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
don't call notify_suspend() in a worker thread after start_lingering_close_common may have put the socket back into the pollset. If it becomes readable too quickly, cs can be free'ed or accessed concurrently. Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642858 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_proxy_connect: Don't issue AH02447 on sockets hangups, let the read determine whether it is a normal close or a real error. PR 57168. Abort the client or backend connection on polling errors, but don't forcibly abort the client side at the end (the core filters will do that otherwise when necessary), so that lingering close and SSL shutdown can occur on normal close. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642857 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_proxy_wstunnel: abort backend connection on polling error to avoid further processing (lingering close, SSL shutdown). Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642856 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_proxy_fcgi, mod_authnz_fcgi: stop reading the response and issue an error when parsing or forwarding the response fails. Follow up to r1640040: CHANGES entry. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642855 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642854 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642853 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
core: Do not match files when using DirectoryMatch. PR41867. Submitted by: jkaluza Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642852 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
* server/scoreboard.c: Check for child_num < 0 also in ap_update_child_status and ap_update_child_status_from_conn. PR 56767. Submitted by: jkaluza Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642851 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_auth_basic: Fix comment mentioning 403 instead of 401. Submitted by: jkaluza Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642850 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 01, 2014
-
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642678 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 30, 2014
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642593 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
use an actual list since we're gong to the trouble to use -in git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642592 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642589 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
even out some whitespace add a few more examples per feedback git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642587 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642500 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 29, 2014
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642485 13f79535-47bb-0310-9956-ffa450edef68
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642457 13f79535-47bb-0310-9956-ffa450edef68
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642456 13f79535-47bb-0310-9956-ffa450edef68
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642455 13f79535-47bb-0310-9956-ffa450edef68
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642454 13f79535-47bb-0310-9956-ffa450edef68
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642453 13f79535-47bb-0310-9956-ffa450edef68
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642452 13f79535-47bb-0310-9956-ffa450edef68
-
Christophe Jaillet authored
* mod_ssl: call ERR_free_strings() with OpenSSL >= 0.9.8e. Fixes memory leak in mod_ssl on graceful restart. PR 53435. Submitted by: jkaluza Reviewed by: jkaluza, ylavic, covener Backported by: jailletc36 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642404 13f79535-47bb-0310-9956-ffa450edef68
-
Christophe Jaillet authored
ssl: Axe needless string duplication in setup for call to apr_proc_create() Fix sscanf format spotted by cppcheck fix indent. fix style Private function doesn't need ap_ prefix. tab vs space rename variables: s should be the server_rec Submitted by: trawick, jailletc36, jailletc36, jailletc36, takashi, jailletc36, sf Reviewed by: jailletc36, ylavic, covener Backported by: jailletc36 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642403 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 28, 2014
-
-
Richard Bowen authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642311 13f79535-47bb-0310-9956-ffa450edef68
-
Jan Kaluža authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642273 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 26, 2014
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641891 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
add a few more expresion examples to illustrate functions and -f git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641890 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
promote git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641751 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641750 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641748 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 25, 2014
-
-
Jan Kaluža authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641608 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641552 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org) Fix a potential crash with response headers' size above 8K. The code changes to mod_authnz_fcgi keep the handle_headers() function in sync between the two modules. mod_authnz_fcgi does not have this issue because it allocated a separate byte for terminating '\0'. Submitted by: ylavic, trawick Reviewed by: ylavic, trawick, mrumph git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641551 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 24, 2014
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641437 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
move text outside of example for readability. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641436 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641417 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
steal the sethandler example from mod_proxy.html and mention worker issue git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641416 13f79535-47bb-0310-9956-ffa450edef68
-