- Dec 29, 2007
-
-
Ruediger Pluem authored
platforms and avoid a regression with conditional PUT's on lock and etag. Add a warning to the documentation of FileETAG that changes of the ETAG format can cause conditionals to fail on mod_dav_fs provided backends. PR: 44152 Submitted by: Michael Clark <michael metaparadigm.com> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607437 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607403 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607402 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 28, 2007
-
-
Ruediger Pluem authored
by redirecting to other URLs. Reported by SecurityReason. Submitted by: Mark Cox, Joe Orton Reviewed by: security@httpd.apache.org git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607282 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607276 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
output of the balancer manager. Reported by SecurityReason. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607275 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
parameter. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607273 13f79535-47bb-0310-9956-ffa450edef68
-
Nick Kew authored
discussion on-list). This is not a full-and-final fix, because we don't ourselves do anything useful with these ETags. But at least we're no longer screwing up clients. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607219 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 24, 2007
-
-
Ruediger Pluem authored
mod_proxy_balancer, mod_proxy_ftp, mod_info, mod_dav without a character set to ISO-8859-1. Submitted by: jorton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@606693 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 21, 2007
-
-
Guenter Knauf authored
Submitted by: Kaspar Brand <asfbugz velox.ch> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@606190 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 14, 2007
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@604321 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 13, 2007
-
-
Ruediger Pluem authored
Pointed out by: Takashi Sato <serai lans-tv.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@604000 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 12, 2007
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@603738 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 11, 2007
-
-
Jeff Trawick authored
This has no security impact since the browser cannot be tricked into sending arbitrary method strings. (words from jorton) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@603346 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
installer. This will permit the installation tool to remove all running instances before attempting to remove the .exe. Note that since the introduction of CriticalSections, our compatibility with NT 4 was destroyed, and at this point that is no loss (there are no more security updates to NT 4 ergo it's not an OS we want connected to the internet, anyways). The WTS api calls require 2000 or later, but I'm not wrapping them since nobody notices the same issue with CriticalSections. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@603238 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
member of the proxy_conn_rec struct as we destroy this data more frequently than other data in the proxy_conn_rec struct like hostname and addr (at least in the case where we have keepalive connections that timed out and were closed by the backend). This fixes a memory leak with short lived and broken connections. PR: 44026 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@603237 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
time) but empty it (via APR_BRIGADE_PREPEND) and reuse it. Submitted by: Stefan Fritsch <sf sfritsch.de> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@603227 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 10, 2007
-
-
Mladen Turk authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@602795 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 09, 2007
-
-
Ruediger Pluem authored
PR: 23567 Submitted by: Stefan Fritsch <sf sfritsch.de> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@602735 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@602682 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 08, 2007
-
-
Ruediger Pluem authored
Basicly the persistence is created by keeping the conn_rec structure created for our backend connection (whether http or https) in the connection pool. This required to adjust scoreboard.c in a way that its functions can properly deal with a NULL scoreboard handle by ignoring the call or returning an error code. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@602542 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@602509 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 03, 2007
-
-
William A. Rowe Jr authored
Determined to be not generally exploitable, but a flaw in any case. PR: 44014 Submitted by: Victor Stinner <victor.stinner inl.fr> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@600645 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 01, 2007
-
-
Ruediger Pluem authored
This will not change the logic if no "-l" gets used, and it will spare one call to apr_time_now() in case "-l" gets used and more important it gives the code better atomicity, because in fact between the two calls there is a slight change of jumping oder the DST boundary - for historic reasons the same code block is used two times with a slightly different way of transforming apr_time_t to int (once division by APR_USEC_PER_SEC, once call to apr_time_sec()), so let's unify it. - finally move the block into a function, because it gets used already two times. PR: 44004 Submitted by: Rainer Jung <rainer.jung kippdata.de> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@600154 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 29, 2007
-
-
Nick Kew authored
filter_init problem remains, we should make it clear to users at startup time. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@599393 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
* modules/ssl/ssl_engine_config.c (modssl_ctx_init, modssl_ctx_cfg_merge): Initialize and merge OCSP config options. (ssl_cmd_SSLOCSPOverrideResponder, ssl_cmd_SSLOCSPDefaultResponder, ssl_cmd_SSLOCSPEnable): Add functions. * modules/ssl/mod_ssl.c (ssl_config_cmds): Add config options. * modules/ssl/ssl_private.h: Add prototypes, config options to modssl_ctx_t. * modules/ssl/ssl_util_ocsp.c: New file, utility interface for dispatching OCSP requests. * modules/ssl/ssl_engine_ocsp.c: New file, interface for performing OCSP validation. * modules/ssl/ssl_engine_kernel.c (ssl_callback_SSLVerify): Perform OCSP validation if configured, and the cert is so-far verified to be trusted. Fail if OCSP validation is configured an the optional-no-ca check tripped. * modules/ssl/config.m4: Check for OCSP support, build new files. * modules/ssl/mod_ssl.dsp: Build new files. * modules/ssl/ssl_toolkit_compat.h: Include headers for OCSP interfaces. PR: 41123 Submitted by: Marc Stern <marc.stern approach.be>, Joe Orton Reviewed by: Steve Henson <steve openssl.org> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@599385 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 26, 2007
-
-
Nick Kew authored
PR 43956 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@598299 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@598274 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 20, 2007
-
-
Jeff Trawick authored
IOW, accept and respect either -l or UTC offset when rotating based on file size. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@596796 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@596713 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
example invocations now flagged as invalid: specifying UTC offset with size-based rotation specifying -l with size-based rotation specifying both -l and UTC offset range checking of integer parameters not attempted; basic data type issues may need to be addressed first such as the use of unsigned int for max file size git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@596698 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 19, 2007
-
-
Ruediger Pluem authored
struct. PR: 37064 Submitted by: Kobayashi <kobayashi firstserver.co.jp> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@596448 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 16, 2007
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@595676 13f79535-47bb-0310-9956-ffa450edef68
-
Nick Kew authored
PR#43882 (Björn Höhrmann) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@595672 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@595666 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 15, 2007
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@595475 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 14, 2007
-
-
Jeff Trawick authored
that the connection is not persistent if the MPM process handling the request is already exiting when the response header is built. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@594839 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 13, 2007
-
-
Paul Querna authored
To enable, pass something like this to configure: --enable-serf --with-serf=/usr/local/serf/0.1.2 To try it out, put something like this in your httpd.conf: <Location /> SerfPass http://httpd.apache.org/ </Location> LocationMatch and all related directives can also be used, magical eh? [1] - http://code.google.com/p/serf/ git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@594425 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 10, 2007
-
-
Ruediger Pluem authored
PR: 43649 Submitted by: Jose Kahan <jose w3.org> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@593816 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 08, 2007
-
-
Jeff Trawick authored
mod_charset_lite: Don't crash when the request has no associated filename. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@593177 13f79535-47bb-0310-9956-ffa450edef68
-