(and adjust version info in CHANGES, ap_mmn comment, core.xml)

core: New CGIVar directive can configure REQUEST_URI to represent the
current URI being processed instead of always the original request.

Submitted by: trawick
Reviewed by: ylavic, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1741250 13f79535-47bb-0310-9956-ffa450edef68

scoreboard/status: Keep previous worker connection/request data when idle as
prior to 2.4.20.


scoreboard/status: follow up to r1739008.
Restore (completely) pre-2.4.20 behaviour w.r.t. preserved values.
r1739008 was still unnessessarily blanking some values for the time of
BUSY_READ -> BUSY_WRITE (with blocking MPMs).


scoreboard/status: follow up to 1739146.
Comment not needed anymore...


Clarify CHANGES entry, including the correct version for the
restored behaviour.

Submitted by: ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1741240 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: disabling mmap on file buckets, changing r->protocol to HTTP/2.0


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1740112 13f79535-47bb-0310-9956-ffa450edef68

in 2.4.7. The change affects third party modules
using the mod_proxy shared memory structure 
proxy_worker_shared. Examples are third party
balancer lbmethod modules.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1738184 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1737701 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1737393 13f79535-47bb-0310-9956-ffa450edef68

Fix bug 58528 - Do not read .htaccess if override and overridelist are "None"

Submitted by: druggeri
Reviewed by: druggeri, ylavic, wrowe



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1737366 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_express: Fix possible use of DB handle after close.
PR 59230.

Submitted by: Petr <pgajdos suse.cz>
Reviewed by: ylavic, trawick, wrowe



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1737363 13f79535-47bb-0310-9956-ffa450edef68

core/util_script: relax alphanumeric filter of enviroment variable names
on Windows to allow '(' and ')' for passing PROGRAMFILES(X86) et.al.
unadulterated in 64 bit versions of Windows. PR 46751.

Submitted by: gsmith
Reviewed by: jailletc36, sf, ylavic



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1737360 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: backport of version 1.4.6


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1737255 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: fix for scoreboard updates missing, mem leak fix for slave connections


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1736465 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1736312 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1736069 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1736067 13f79535-47bb-0310-9956-ffa450edef68

mod_include now sets DOCUMENT_ARGS.

* Like DOCUMENT_URI, this is for the SSI document, not for any
  subrequest called for the include directive.
* Like QUERY_STRING, this is just r->args (or empty string if there are
  none), unlike QUERY_STRING_UNESCAPED.

The name of the variable is taken from the Zeus SSI implementation.

Follow-up to r1734817: suexec passes through mod_include's DOCUMENT_ARGS

Follow-up to r1734817: Reorder, mention compatibility

Submitted by: trawick
Reviewed by: jim, ylavic




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735963 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735955 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735927 13f79535-47bb-0310-9956-ffa450edef68

mod_ssl: Add hooks to allow other modules to perform processing at
several stages of initialization and connection handling.  See
mod_ssl_openssl.h.

This is enough to allow implementation of Certificate Transparency
outside of mod_ssl.


Initialize post_handshake_rc for case where a failure has
already occurred (doesn't change execution but avoids warning
with some levels of gcc).

Pointed out by: kbrand

Submitted by: trawick
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735886 13f79535-47bb-0310-9956-ffa450edef68

* mod_ssl: Free dhparams when getting DH params. This fixes issue when
  SSLCryptoDevice does not get unregistered because of non-zero refcount
  during the mod_ssl unload happening on httpd startup.


mod_ssl: follow up to r1720129.
Free ecparams read from certificate file(s) on startup.

Follow up to r1720129 and r1723295: CHANGES entry.

Rephrase r1733088 since leaking means horrible things in cryptography.
This is not a security fix :p
Submitted by: jkaluza, ylavic, ylavic, ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735770 13f79535-47bb-0310-9956-ffa450edef68

expr support for HTTP2 variable
Submitted by: icing
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735769 13f79535-47bb-0310-9956-ffa450edef68

Since ssl_run_pre_handshake() is not (yet) in 2.4.x, mention ssl_init_ssl_connection() instead.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735650 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: stream cleanup on GOAWAY handling, PUSHes prohibited after client GOAWAY.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735610 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735457 13f79535-47bb-0310-9956-ffa450edef68

Ensure that httpd exits with an error status when the MPM fails
to run.  [Yann Ylavic]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735381 13f79535-47bb-0310-9956-ffa450edef68

[PATCH] mod_rewrite: double escaping of query strings in server context
(like PR50447, for server context)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735379 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1735239 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734917 13f79535-47bb-0310-9956-ffa450edef68

mod_reqtimeout: Prevent long response times from triggering a timeout once
the request has been fully read.  PR 59045.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734416 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734413 13f79535-47bb-0310-9956-ffa450edef68

mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake()
hook returns an error.

Submitted by: minfrin
Reviewed by: minfrin, jim, ylavic
Backported by: ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734396 13f79535-47bb-0310-9956-ffa450edef68

mod_rewrite: Add QSL|qslast flag to allow rewrites to files with 
literal question marks in their names. 

PR 58777. 





git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734259 13f79535-47bb-0310-9956-ffa450edef68

reverted in trunk in r1732896. The fix is bad and breaks old loop
avoidance.

Reviewed By: covener, ylavic, jim



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1734257 13f79535-47bb-0310-9956-ffa450edef68

mod_ssl: when SSLVerify is disabled (NONE), don't force a renegotiation if
the SSLVerifyDepth applied with the default/handshaken vhost differs from
the one applicable with the finally selected vhost.

Submitted by: ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733476 13f79535-47bb-0310-9956-ffa450edef68

Fix crash in ap_mpm_pod_check call caused by NULL dereference of its parameter
when starting httpd as single process (httpd -X).


Revert changes on mpm_event and mpm_worker from r1711479.
The POD is not used in one process mode for those MPMs.

Follow up to r1711479 and r1733064: CHANGES entry.
Submitted by: jkaluza, ylavic, ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733475 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy: Play/restore the TLS-SNI on new backend connections which
had to be issued because the remote closed the previous/reusable one
during idle (keep-alive) time.


mod_proxy: follow up to r1729826: really copy conn->ssl_hostname.

mod_proxy: follow up to r1729826 + r1729847.
Adjust stacked ssl_hostname maximum size.

mod_proxy: follow up to r1729826 + r1729847 + r1732986.
Don't use magic constants.
Submitted by: ylavic
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733474 13f79535-47bb-0310-9956-ffa450edef68

event: slave connection init, vhost early config
Submitted by: icing
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733473 13f79535-47bb-0310-9956-ffa450edef68

hostname: Test and log useragent_host per-request across various modules,
including the scoreboard, expression and rewrite engines, setenvif,
authz_host, access_compat, custom logging, ssl and REMOTE_HOST variables.
PR55348  [William Rowe]

This is the complete change set which applies cleanly to 2.4.x as well,
the server/scoreboard.c will follow, which does not apply due to drift.



A rather ugly patch since the code was refactored recently to exclude
the simple patch for 2.4.x, illustrated below.

Completes the changeset r1729930 and resolves all 2.4.19-dev corrections,
but other 2.5.0-dev specific changes may still be needed on trunk.

--- server/scoreboard.c	(revision 1729907)
+++ server/scoreboard.c	(working copy)
@@ -491,9 +491,8 @@
             ws->conn_bytes = 0;
         }
         if (r) {
-            const char *client = ap_get_remote_host(c, r->per_dir_config,
-                                 REMOTE_NOLOOKUP, NULL);
-            if (!client || !strcmp(client, c->client_ip)) {
+            const char *client;
+            if (!(client = ap_get_useragent_host(r, REMOTE_NOLOOKUP, NULL))) {
                 apr_cpystrn(ws->client, r->useragent_ip, sizeof(ws->client));
             }
             else {


Submitted by: wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733282 13f79535-47bb-0310-9956-ffa450edef68

Introduce an ap_get_useragent_host() accessor to replace the old
ap_get_remote_host() in most applications, but preserve the original
behavior for all ap_get_remote_host() consumers (mostly, because we
don't have the request_rec in the first place, and also to avoid any
unintended consequences).

This accessor continues to store the remote_host of connection based
uesr agents within the conn_rec for optimization.  Only where some
other module modifies the useragent_addr will we perform a per-request
query of the remote_host.

(Fixed compilation issues noted by Ranier, applies to 2.4.x trunk,
modulo CHANGES and ap_mmn.h)


Submitted by: wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733281 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733278 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1733259 13f79535-47bb-0310-9956-ffa450edef68