- Jul 26, 2014
-
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1613704 13f79535-47bb-0310-9956-ffa450edef68
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1613703 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1613655 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 24, 2014
-
-
Eric Covener authored
two commenters were confused authnprovideralias providing special config to authz providers git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1613320 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 18, 2014
-
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611818 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611817 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611816 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
Redo what was reverted in r1572627. Don't reuse a SSL backend connection whose SNI differs. PR 55782. This may happen when ProxyPreserveHost is on and the proxy-worker handles connections to different Hosts. Follows up r1572606. MMN minor bump required by proxy_conn_rec change. mod_proxy: follows up r1572630. Don't reuse a SSL backend connection with no SNI for a request requiring SNI. mod_proxy: Add comment and avoid ternary operator as condition (no functional change). Submitted by: ylavic Reviewed by: ylavic, rpluem, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611813 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611809 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
mod_deflate: fix decompression of files larger than 4GB. According to RFC1952, Input SIZE (compLen) contains the size of the original input data modulo 2^32. PR: 56062 Submitted by: Lukas Bezdicka Reviewed by: ylavic, breser, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611806 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611796 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611771 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611768 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611766 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611672 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
+ if (!apr_is_empty_table(rp->trailers_in)) { + apr_table_do(add_trailers, rp->trailers_out, ^ + rp->trailers_in, NULL); + apr_table_clear(rp->trailers_in); + } git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611597 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611596 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
add patch/proposal for CVE-2013-5704 trailers thing git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611522 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 17, 2014
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611499 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611497 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611468 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_deflate: Don't fail when asked to flush inflated data to the user-agent and that coincides with the end of stream ("Zlib error flushing inflate buffer"). PR 56196. Submitted By: [Christoph Fausak <christoph.fausak glueckkanja com>] Committed By: ylavic mod_deflate: follows up r1572896. Be safe from successive or post end-of-stream flush buckets. Add missing CHANGES entries for r1572655,1572663,1572668-1572671,1573224,1586745,1587594,1587639,1590509, r1572092, and r1572896,1572911. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611428 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
*) SECURITY: CVE-2014-0118 (cve.mitre.org) mod_deflate: The DEFLATE input filter (inflates request bodies) now limits the length and compression ratio of inflated request bodies to avoid denial of sevice via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst. Thanks to Giancarlo Pellegrino and Davide Balzarotti for reporting the issue. Submitted By: ylavic, covener Reviewed By: jorton, covener, jim Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611426 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611425 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611424 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611414 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611331 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611326 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611319 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611318 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 16, 2014
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611195 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Reverts r1529559 partially (specifically the dav_xml_escape_uri) bit. Reverts r1531505 entirely. * modules/dav/main/mod_dav.c (dav_xml_escape_uri): Revert the piece of r1529559 that removes the URI escaping from this function. * modules/dav/main/props.c (dav_do_prop_subreq): Escape the URI before doing a sub request with it. This resolves some properties like getcontenttype from failing to be returned for files that contain characters that require encoding in their path. * modules/dav/main/mod_dav.h (dav_resource): Note the inconsistency in the documentation. * modules/dav/fs/repos.c (dav_fs_get_resource): Don't use the unparsed_uri to set the uri field of the resource. This is the correct fix for the double encoding in mod_dav_fs that led to the dav_xml_escape_uri() change and r1531505. (dav_fs_walker, dav_fs_append_uri): Revert r1531505 changes. Submitted by: breser PR: 56480 Backports: r1602338 Reviewed by: breser, rpluem, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611189 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
mod_cgid: Fix a denial of service against CGI scripts that do not consume stdin that could lead to lingering HTTPD child processes filling up the scoreboard and eventually hanging the server. Submitted by: Rainer Jung, Eric Covener, Yann Ylavic Backports: r1610509, r1535125 Reviewed by: covener, trawick, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611185 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1611179 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1610995 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
resumed by TLS session resumption (RFC 5077). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1610914 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1610891 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1610888 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 15, 2014
-
-
Rainer Jung authored
Forward local IP address as a custom request attribute like we already do for the remote port. Both were forgotten in the original AJP 13 spec but are needed by the Servlet spec. Until now, Tomcat simply returns for getLocalAddr() the same as for getLocalName(). The next round of Tomcat releases will look for the optional new request attribute. See also Tomcat BZ 56661. Submitted by: rjung Reviewed by: trawick, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1610867 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1610717 13f79535-47bb-0310-9956-ffa450edef68
-