Not strictly necessary for trunk, but in 2.4.x if the main ErrorLog is
using syslog, these messages are lost.  In trunk, the low-level logging
routines reach up and find the syslog provider when no server_rec is provided
but that backport is stalled.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833827 13f79535-47bb-0310-9956-ffa450edef68

LibreSSL seems to be openssl-1.1 API compatible only in version 2.8 (master).
So use that for MODSSL_USE_OPENSSL_PRE_1_1_API instead of 2.7, the two 2.7
compatibility-exceptions are handled explicitely but overall it's simpler.

Regarding CRYPTO_malloc_init vs OPENSSL_malloc_init, libreSSL uses none, the
former used to be a no-op but depends is LIBRESSL_INTERNAL in latest versions,
while the latter has never been (and will never be) defined. So don't call any
with LibreSSL.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833598 13f79535-47bb-0310-9956-ffa450edef68

More meaningful than SSL_OP_NO_TLSv1_3, hopefully...


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833589 13f79535-47bb-0310-9956-ffa450edef68

This is already forbidden by the protocol, enforced by OpenSSL, and the
current logic can't work (ssl_callback_Info() may be called multiple times
with TLS 1.3).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833588 13f79535-47bb-0310-9956-ffa450edef68

Both libapr[-util], mod_ssl, mod_crypto and mod_session_crypto can use the
same crypto library (e.g. openssl), use the new APR crypto loading API so
that they can work together and initialize/terminate the lib approprietly,
either once for all or on demand and reusable by the others.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833452 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833416 13f79535-47bb-0310-9956-ffa450edef68

apr_pcalloc can be turned into apr_palloc (the allocated memory is fully initialized by the subsequent memcpy/strcpy) and '(int)strlen(p)' can be replaced by 'plen - 1' to save some cycles.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833415 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833400 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833383 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833368 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833242 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833241 13f79535-47bb-0310-9956-ffa450edef68

  check-no rule.  Only regenerate the test suite on repeated
  "make check" run if a header file has changed.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833122 13f79535-47bb-0310-9956-ffa450edef68

This function, along with ap_make_etag(), is used by the default_handler in
core.c, and in several modules other than builtin mod_http, breaking static
linking and httpdunit tests build.

The move is done by "svn move modules/http/http_etag.c server/util_etag.c".
MMN major bumped, not backportable (as is) to 2.4.x.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833083 13f79535-47bb-0310-9956-ffa450edef68

  ap_process_request): Cache and retrieve the brigade structure used
  to send EOR and FLUSH between requests in c->pool userdata, to avoid
  allocating a brigade structure per-request out of c->pool.

Submitted by: rpluem, jorton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833014 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1833013 13f79535-47bb-0310-9956-ffa450edef68

 * eliminated SSLPolicyRec as name no longer used
 * eliminated some left over parameters in internal functions due to policy def removal
 * reverted a NULL test, necessary before


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832994 13f79535-47bb-0310-9956-ffa450edef68

  Remove unused bucket allocator created off pconf.
  Tag the subpool.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832991 13f79535-47bb-0310-9956-ffa450edef68

  for debugging unless debug-level logging is enabled.  No functional change.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832951 13f79535-47bb-0310-9956-ffa450edef68

 * mod_proxy_http2: ressurrecting some of the good parts of r1831231 and using memcpy instead of strncpy to make intentions more clear


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832937 13f79535-47bb-0310-9956-ffa450edef68

 * MDNotifyCmd can now specify arguments to the command


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832935 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832934 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832880 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832879 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832613 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832581 13f79535-47bb-0310-9956-ffa450edef68

Overwriting server config in pre_config hook breaks EXEC_ON_READ directives,
it's automatically created on purpose anyway.

PR 62220.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832580 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832500 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832497 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832479 13f79535-47bb-0310-9956-ffa450edef68

delays on systemd.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832383 13f79535-47bb-0310-9956-ffa450edef68

So add it here too.

Probably spotted with the help of the Coccinelle software (Thx Julia for the patch and for Coccinelle)

See PR 53016

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832351 13f79535-47bb-0310-9956-ffa450edef68

So add it here too.

Probably spotted with the help of the Coccinelle software (Thx Julia for the patch and for Coccinelle)

See PR 53015

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832348 13f79535-47bb-0310-9956-ffa450edef68

The SSLRandomSeed  builtin, uses 128 bytes of stack, not 1kb of scoreboard data.

See PR 54752

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832346 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832333 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832332 13f79535-47bb-0310-9956-ffa450edef68

This can not be a runtime ixsue, because, in such a case, we would assert and abort before.

 PR 59819.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832317 13f79535-47bb-0310-9956-ffa450edef68

If several directories are given in a UserDir directive, only files in the first existing one are checked. If the file is not found there, the other possible directories are not checked. The doc clearly states that they will be checked one by one, until a match is found or an external redirect is performed.

 PR 59636.

While at it, add some debug messages to better understand what is performed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832306 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_hcheck: add some hyperlinks, improve syntax highlight, add some missing trailing dot, be more consistent with other modules in the way 'Syntax' lines are displayed

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832294 13f79535-47bb-0310-9956-ffa450edef68

In 'ap_proxy_cookie_reverse_map', iterate over each token of the 'Set-Cookie' header field in order to avoid updating the wrong one.

This could happen if the header field has something like 'fakepath=foo;path=bar". In this case fakepath would be updated instead of path.


We don't need regex anymore in order to parse the field values and 'ap_proxy_strmatch_domain' and 'ap_proxy_strmatch_path' are now useless. (and should be axed IMHO)

PR 61560

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832280 13f79535-47bb-0310-9956-ffa450edef68