- Dec 06, 2016
-
-
Jim Jagielski authored
mod_session_crypto: Authenticate the session data/cookie with a MAC (SipHash) to prevent deciphering or tampering with a padding oracle attack. mod_session_crypto: follow up to r1772812: CHANGES entry. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772925 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
The default value of 'inherit' should be AP_LUA_INHERIT_UNSET. With this value, the behavior is the same as 'parent-first' in the 'LuaInherit' directive If not explicitelly initialized, its value is 0 because of the 'apr_calloc 'in 'create_dir_config'. 0 means 'AP_LUA_INHERIT_NONE' PR 60419 Missing CHNAGES for r1772489 Submitted by: jailletc36 Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772922 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772895 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 05, 2016
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772685 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
r1772419 | covener | 2016-12-02 19:10:53 -0500 (Fri, 02 Dec 2016) | 7 lines Merge r1772418 from trunk: loop in checking response headers w/ HTTPProtocolOptions Unsafe ------------------------------------------------------------------------ r1772236 | wrowe | 2016-12-01 11:29:27 -0500 (Thu, 01 Dec 2016) | 8 lines Appears we cannot disallow this whitespace, since the chunk BNF coexisted with the implied *LWS rule, before RFC7230 eliminated the later. Whether this is actually OWS or BWS is an editorial decision beyond our pay grade. Backports: r1765475 Submitted by: wrowe ------------------------------------------------------------------------ r1771697 | rpluem | 2016-11-28 04:59:00 -0500 (Mon, 28 Nov 2016) | 4 lines Merge r1771690 from trunk: * Fix numbers count in comment. ------------------------------------------------------------------------ r1771696 | rpluem | 2016-11-28 04:56:42 -0500 (Mon, 28 Nov 2016) | 1 line * Revert 1771372: As Bill points out correctly. Only backport trunk revisions to this branch. ------------------------------------------------------------------------ r1771372 | rpluem | 2016-11-25 14:55:18 -0500 (Fri, 25 Nov 2016) | 1 line * Fix numbers count in comment. ------------------------------------------------------------------------ r1770870 | wrowe | 2016-11-22 13:44:21 -0500 (Tue, 22 Nov 2016) | 3 lines Optimize away one more strchr. Backports: 1770869 ------------------------------------------------------------------------ r1770868 | wrowe | 2016-11-22 13:34:25 -0500 (Tue, 22 Nov 2016) | 8 lines List discussion resulted in rejecting all but SP characters in the request line, but in the strict mode prioritize excessive space testing over bad space testing (which is captured later) and make both more efficient (at this test ll[0] is already whitespace or \0 char). Also correct a comment. Backports: r1770867 Submitted by: wrowe ------------------------------------------------------------------------ r1770846 | covener | 2016-11-22 09:32:45 -0500 (Tue, 22 Nov 2016) | 5 lines Merge r1770817 from trunk: Removing unused warning after r1764961 changes. ------------------------------------------------------------------------ r1770789 | covener | 2016-11-21 20:58:06 -0500 (Mon, 21 Nov 2016) | 25 lines Merge r1770786 from trunk: remove Location: header checks for absolute URL https://tools.ietf.org/html/rfc7231#section-7.1.2 The "Location" header field is used in some responses to refer to a specific resource in relation to the response. The type of relationship is defined by the combination of request method and status code semantics. Location = URI-reference The field value consists of a single URI-reference. When it has the form of a relative reference ([RFC3986], Section 4.2), the final value is computed by resolving it against the effective request URI ([RFC3986], Section 5). There is even an example with no scheme: Location: /People.html#tim ------------------------------------------------------------------------ r1770386 | wrowe | 2016-11-18 09:45:32 -0500 (Fri, 18 Nov 2016) | 6 lines Backport: r1769965 Submitted by: wrowe, rpluem Actually cause the Host header to be overridden, as noted by rpluem, and simplify now that there isn't a log-only mode. ------------------------------------------------------------------------ r1770173 | wrowe | 2016-11-17 07:09:32 -0500 (Thu, 17 Nov 2016) | 1 line Merge of r1765451 did not apply cleanly, drop unneeded prototype. ------------------------------------------------------------------------ r1769675 | wrowe | 2016-11-14 13:57:12 -0500 (Mon, 14 Nov 2016) | 1 line Add an entry about RFC strictness ------------------------------------------------------------------------ r1769674 | wrowe | 2016-11-14 13:54:42 -0500 (Mon, 14 Nov 2016) | 1 line Clean up CHANGES for clarity ------------------------------------------------------------------------ r1769672 | wrowe | 2016-11-14 13:15:07 -0500 (Mon, 14 Nov 2016) | 31 lines Dropped the never-released ap_has_cntrls() as it had very limited and inefficient application at that, added ap_scan_vchar_obstext() to accomplish a similar purpose. Dropped HttpProtocolOptions StrictURL option, this will be better handled in the future with a specific directive and perhaps multiple levels of scrutiny, use ap_scan_vchar_obstext() to simply ensure there are no control characters or whitespace within the URI. Changed the scanning of the response header table by check_headers() to follow the same rulesets as reading request headers. Disallow any CTL character within a response header value, and any CTL or whitespace in response header field name, even in strict mode. Apply HttpProtocolOptions Strict to chunk header parsing, invalid whitespace is invalid, line termination must follow CRLF convention. Submitted by: wrowe Backport: r1764961,1765112-1765115 When redrawing the parser, ap_get_http_token looked to be useful, but there's no application for this yet in httpd, so hold off adding this function when we backport the enhancements. ap_scan_http_token was entirely sufficient. If the community wants this new function, we can add it when backporting work is complete. This patch, and the earlier patches Friday actually demanded an mmn major bump due to struct member changes. In any final backport, new members must be added to the end of the struct to retain an mmn minor designation. Submitted by: wrowe Backport: r1765451 ------------------------------------------------------------------------ r1769669 | wrowe | 2016-11-14 12:59:10 -0500 (Mon, 14 Nov 2016) | 124 lines Fix syntax Submitted by: jailletc36 Backport: r1756862 Introduce StrictURI|UnsafeURI for RFC3986 enforcement Submitted by: wrowe Backport: r1756959 Surpress noise about syntax Submitted by: wrowe Backport: r1756978 Yann is correct, % is distinct from reserved and unreserved Submitted by: wrowe Backport: r1757062 As commented, ensure we don't flag a request as a rejected 0.9 request if we identified any other parsing errors and handle all 0.9 request errors as 400 BAD REQUEST, presuming HTTP/1.0 to deliver the error details. Do not report 0.9 issues as 505 INVALID PROTOCOL because the client apparently specified no protocol, and 505 post-dates the simple HTTP request mechanism. Submitted by: wrowe Backport: r1757065 Rename LenientWhitespace to UnsafeWhitespace and change StrictWhitespace to the default behavior, after discussion with fielding et al about the purpose of section 3.5. Update the documentation to clarify this. This patch removes whitespace considerations from the Strict|Unsafe toggle and consolidates them all in the StrictWhitespace|UnsafeWhitespace toggle. Added a bunch of logic comments to read_request_line parsing. Dropped the badwhitespace list for an all-or-nothing toggle in rrl. Leading space before the method is optimized to be evaluated only once. Toggled the request from HTTP/0.9 to HTTP/1.0 for more BAD_REQUEST cases. Moved s/[\n\v\f\r]/ / cleanup logic earlier in the cycle, to operate on each individual line read, and catch bad whitespace errors earlier. This changes the obs-fold to more efficiently condense whitespace and forces concatinatination with a single SP, always. Overrides are not necessary since obs-fold is clearly deprecated. Submitted by: wrowe Backport: r1757589 Also catch invalid spaces between the URI <> Protocol in StrictWhitespace mode. (matching the test for the Method <> URI) Submitted by: wrowe Backport: r1757593 Correct RFC reference text (link was right) Submitted by: wrowe Backport: r1757711 First survey results, all intrinsicly bad input will be logged at the debug level, no louder. This patch intentionally dodges the Limit* constrained tests since administrators may shoot themselves in the foot, or be confronted with impossibly long cookie values, etc. Adjust the documentation to match. Submitted by: wrowe Backport: r1757920 Correct URL failure reporting. Drop the second reporting of HEAD over HTTP/0.9 requests, we short-circuit this early now in read_request_line() when presented anything other than the sole "GET" method permitted by spec. Revert to the correct APLOGNO ID for this case Submitted by: wrowe Backport: r1757921, r1757924 Folding StrictWhitespace into the Strict ruleset of RFC7230, per dev@ poll. This choice is unanimous, although StrictURI (a different RFC) still hasn't found absolute concensus. Submitted by: wrowe Backport: r1758226 Correct the parser construction for several optimizations, based on the fact that bad whitespace shall not be permitted or corrected in any operating mode, while preserving the ability to extract bad method/uri/proto for later reporting and diagnostics. This change causes badwhitespace in the request line or any request field line to always fail, and not honor the setting of the HttpProtocolOptions Unsafe option. Mult SP characters or trailing SP characters in the request line are still permitted in Unsafe mode. Adjusted several error message emits to match these changes. Submitted by: wrowe Backport: r1758263 Clarify documentation based on concensus decisions discussed on dev@ and reflecting the current implementation, clean up stray <p> Submitted by: wrowe Backport: r1758265, r1758266 New optional flag to enforce <CR><LF> line delimiters in ap_[r]getline, created by overloading 'int fold' (1 or 0) as 'int flags', with the same value 1 for AP_GETLINE_FOLD (which httpd doesn't use), and a new value 2 for AP_GETLINE_CRLF Enforce CRLF when HttpProtocolOptions Strict is in force. Correctly introduces a new t/TEST fail. Submitted by: wrowe Backport: r1758304 Calm some overly agressive crlf handling, and clarify Submitted by: wrowe Backport: r1758305, r1758313 Review of IE 11, Firefox 48 and Chrome 53 all indicate that ';' URI characters are transmitted unencoded, per RFC3986 section 3.3 grammer. Correct httpd's behavior to not encode ';' in proxied URI's or Location: response headers. Submitted by: wrowe Backport: r1760444 ------------------------------------------------------------------------ r1769664 | wrowe | 2016-11-14 12:07:40 -0500 (Mon, 14 Nov 2016) | 48 lines Drop unused, previously sscanf() target variables Submitted by: wrowe Backport: r1756821 Drop redundant == --rrl_none evaluation Submitted by: rpluem Backport: r1756823 server/protocol.c (read_request_line): Fix compiler warnings with GCC. Submitted by: jorton Backport: r1756824 Correct request header handling of whitespace with the new possible config of HttpProtocolOptions Unsafe StrictWhitespace I have elected not to preserve any significance to excess whitespace in the now-deprecated obs-fold code path, that's certainly open for discussion. This can be reviewed by tweaking t/conf/extra.conf to switch Strict to Unsafe. Submitted by: wrowe Backport: r1756847 A band-aid to resolve an immediate IBM MVS'ism Submitted by: wrowe Backport: r1756849 Resolve Netware (and other arch) build error for non-portable isascii() Submitted by: wrowe Backport: r1756934 Generally, the cart comes before the horse, this mirrors apr_lib.h Submitted by: wrowe Backport: r1756937 After lengthy investigation with covener's assistance, it seems we cannot use a static table. We cannot change this to dynamic use of the local iconv without build changes to avoid such use on cross-platform builds. I'm satisfied if we trust iscntrl to at least catch all the most lethal C0 Ctrls (we are promised it catches bad carriage control/line endings) and leave this in the short term with an XXX to revisit at a future time. The token stop never needed this table, because we can use the affirmative list of token characters to define it. Submitted by: wrowe, covener Backport: r1756946 ------------------------------------------------------------------------ r1769662 | wrowe | 2016-11-14 12:01:20 -0500 (Mon, 14 Nov 2016) | 46 lines Rename the previously undocumented HTTPProtocol directive to EnforceHTTPProtocol, and invert the default behavior to strictly observe RFC 7230 unless otherwise configured. And Document This. The relaxation option is renamed 'Unsafe'. 'Strict' is no longer case sensitive. 'min=0.9|1.0' is now the verbose 'Allow0.9' or 'Require1.0' case-insenstive grammer. The exclusivity tests have been modified to detect conflicts. The 'strict,log' option failed to enforce strict conformance, and has been removed. Unsafe, informational logging is possible in any loadable module, after the request data is unsafely accepted. This triggers a group of failures in t/apache/headers.t as expected since those patterns violated RFC 7230 section 3.2.4. Submitted by: wrowe Backport: r1756540 Correct AP_HTTP_CONFORMANCE_ flags Submitted by: wrowe Backport: r1756555 Renaming this directive to HttpProtocolOptions after discussion on dev@ Submitted by: wrowe Backport: r1756649 Perform correct, strict parsing of the request line, handling the http protocol tag, url and method appropriately, and attempting to extract values even in the presence of unusual whitespace in keeping with section 3.5, prior to responding with whatever error reply is needed. Conforms to RFC7230 in all respects, the section 3.5 optional behavior can be disabled by the user with a new HttpProtocolOptions StrictWhitespace flag. In all cases, the_request is regenerated from the parsed components with exactly two space characters. Shift sf's 'strict' method check from the Strict behavior because it violates forward proxy logic, adding a new RegisteredMethods flag, as it will certainly be useful to some. Submitted by: wrowe Backport: r1756729 ------------------------------------------------------------------------ r1769649 | wrowe | 2016-11-14 10:29:20 -0500 (Mon, 14 Nov 2016) | 124 lines Improve legibility of reviewing the generated table, using hex rather than dec Submitted by: wrowe Backport: r1754536 Correct T_HTTP_TOKEN_STOP per RFC2068 (2.2) - RFC7230 (3.2.6), which has always defined 'token' as CHAR or VCHAR - visible USASCII only. NUL char is also a stop, end of parsing. Submitted by: wrowe Backport: r1754538 Be more explicit about NUL in case iscntrl is inconsistent Submitted by: wrowe Backport: r1754539 Introduce T_HTTP_CTRLS for efficiently finding non-text chars Submitted by: wrowe Backport: r1754540 Introduce ap_scan_http_field_content, ap_scan_http_token and ap_get_http_token [later reverted] for more efficient string handling. Submitted by: wrowe Backport: r1754541 With NUL as a TOKEN_STOP, this code is more efficient Submitted by: wrowe Backport: r1754544 We arrive here for more than one cause; offer a more general statement Submitted by: wrowe Backport: r1754547 Strictly observe spec on obs-fold Submitted by: wrowe Backport: r1754548 Leave an emphatic TODO per Jeff's observations Submitted by: trawick Backport: r1754555 Introduce ap_scan_http_token / ap_scan_http_field_content for a much more efficient pass through the header text; rather than reparsing the strings over and over under the HTTP_CONFORMANCE_STRICT fules. Improve logic and legibility by eliminating multiple repetitive tests of the STRICT flag, and simply reorder 'classic' behavior first and this new parser second to simplify the diff. Because of the whitespace change (which I had wished to dodge), reading this --ignore-all-space is a whole lot easier. Particularly against 2.4.x branch, which is now identical in the 'classic' logic flow. Both of which I'll share with dev@ Submitted by: wrowe Backport: r1754556 Friendly catch by Rüdiger, restore line mis-removed by the previous commit Submitted by: rpluem Backport: r1754568 Clean up doubled-'{' Correct usage for ap_scan_http_token (had used _get_ syntax) Correct logic, detect no 'token' chars, or missing ':' Submitted by: wrowe, rpluem Backport: r1754569,r1754570,r1754577 Replacement solution to identify VCHAR/ASCII symbols, even in EBCDIC. Looking for someone with an EBCDIC environment to post the output of the test_char.h generated file for verification. Submitted by: wrowe Backport: r1754579 Clean up an edge case where obs-fold continuation preceeds the first header, as with r1755098, but this time ensure the previous header processing logic ensures there was a previous header as identified by jchampion. This patch restructures the loop for legibility with a loop continuation, allowing us to flatten all of this hard-to-follow code. The subsequent patch will be a whitespace-only change for formatting. Testing len > 0 is redundant when *field is a "\0" and mismatches here, folded flag was a no-op, unused once we added continue; logic. Fix these as initially attempted in r1755114. Improve comments and reflow whitespace. Submitted by: wrowe Backport: r1755123,r1755124,r1755125,r1755126 As promised, reduce this logic by net 9 code lines, shifting the burden of killing trailing whitespace to the purpose-agnostic read logic. Whitespace before or after an obs-fold, and before or after a field value have no semantic purpose at all. Because we are building a buffer for all folded values, reducing the size of the newly allocated buffer is always to our advantage. Submitted by: wrowe Backport: r1755233 Treat empty obs-fold line as a noop, eliminate all intra-obs-fold excess whitespace, and observe the 1 SP per obs-folding per spec. Submitted by: wrowe Backport: r1755234,r1755235,r1755236 Treat empty obs-fold line as abusive traffic. Submitted by: wrowe Backport: r1755263 Stop reflecting irrelevant data to the request error notes, particularly for abusive and malformed traffic the non-technical consumer of a user-agent has no control over. Simply take note where the administrator-configured limits have been exceeded, that administrator can find details in the error log if desired. Submitted by: wrowe Backport: r1755264 Follow up to r1755264. Don't crash when ap_rgetline() returns a NULL field on ENOSPC. Submitted by: ylavic Backport: r1755343 Follow on to r1755264, for the case of merged header length exceptions, and ensure the field header name is truncated to a sane log width. Submitted by: wrowe Backport: r1755744 ------------------------------------------------------------------------ r1769454 | wrowe | 2016-11-12 18:47:29 -0500 (Sat, 12 Nov 2016) | 2 lines Partial Backport of r1746884, no-op changes that introduce patch conflicts. ------------------------------------------------------------------------ r1768978 | wrowe | 2016-11-09 09:39:05 -0500 (Wed, 09 Nov 2016) | 5 lines Backports: r1687643 Submitted by: covener be less weird in comment ------------------------------------------------------------------------ r1768977 | wrowe | 2016-11-09 09:37:34 -0500 (Wed, 09 Nov 2016) | 5 lines Backports: r1687642 Submitted by: covener elaborate on a misleading comment ------------------------------------------------------------------------ r1768971 | wrowe | 2016-11-09 09:32:09 -0500 (Wed, 09 Nov 2016) | 8 lines core: Follow up to r1664205 (previously backported) Don't let invalid r->proto_num/protocol out of read_request_line() reach the output filters (when responding with 400 Bad Request). Suggested by: rpluem Backports: r1664576 ------------------------------------------------------------------------ r1768969 | wrowe | 2016-11-09 09:23:00 -0500 (Wed, 09 Nov 2016) | 10 lines Backport: r1610383 Submitted by: jailletc36 Simplify code. Cases where 'loc' doesn't have any ':' or is starting with ':' are already handled by 'ap_is_url()' Calling 'apr_isascii()' seems useless. ------------------------------------------------------------------------ r1768968 | wrowe | 2016-11-09 09:20:45 -0500 (Wed, 09 Nov 2016) | 4 lines Backport: r1546860 Submitted by: jailletc36 Fix missing space in message of protocol.c (other r1546860 changes ignored) ------------------------------------------------------------------------ r1768093 | wrowe | 2016-11-04 16:50:45 -0400 (Fri, 04 Nov 2016) | 7 lines ap_rgetline_core() now pulls from r->proto_input_filters for better input filtering behavior during chunked trailer processing by ap_http_filter(). Backports: r1446421 Submitted by: joes ------------------------------------------------------------------------ r1768090 | wrowe | 2016-11-04 16:47:00 -0400 (Fri, 04 Nov 2016) | 7 lines Stupid CodeWarrior compiler cant take vars with struct inits. Ensure that is_v6literal is always initialized Backports: r1428145, r1436457 Submitted by: fuankg, rpluem ------------------------------------------------------------------------ r1768036 | wrowe | 2016-11-04 10:20:16 -0400 (Fri, 04 Nov 2016) | 40 lines Add an option to enforce stricter HTTP conformance This is a first stab, the checks will likely have to be revised. For now, we check * if the request line contains control characters * if the request uri has fragment or username/password * that the request method is standard or registered with RegisterHttpMethod * that the request protocol is of the form HTTP/[1-9]+.[0-9]+, or missing for 0.9 * if there is garbage in the request line after the protocol * if any request header contains control characters * if any request header has an empty name * for the host name in the URL or Host header: - if an IPv4 dotted decimal address: Reject octal or hex values, require exactly four parts - if a DNS host name: Reject non-alphanumeric characters besides '.' and '-'. As a side effect, this rejects multiple Host headers. * if any response header contains control characters * if any response header has an empty name * that the Location response header (if present) has a valid scheme and is absolute If we have a host name both from the URL and the Host header, we replace the Host header with the value from the URL to enforce RFC conformance. There is a log-only mode, but the loglevels of the logged messages need some thought/work. Currently, the checks for incoming data log for 'core' and the checks for outgoing data log for 'http'. Maybe we need a way to configure the loglevels separately from the core/http loglevels. change protocol number parsing in strict mode according to HTTPbis draft - only accept single digit version components - don't accept white-space after protocol specification Clean up comment, fix log tags. Submitted by: sf Backports: r1426877, r1426879, r1426988, r1426992 ------------------------------------------------------------------------ r1768035 | wrowe | 2016-11-04 10:14:59 -0400 (Fri, 04 Nov 2016) | 14 lines Correctly parse an IPv6 literal host specification in an absolute URL in the request line. - Fix handling of brackets [ ] surrounding the IPv6 address. - Skip parsing r->hostname again if not necessary. - Do some checks that the IPv6 address is sane. This is not done by apr_parse_addr_port(). log client error at level debug, log broken Host header value Backports: r1407006, r1426827 Submitted by: sf ------------------------------------------------------------------------ r1767942 | wrowe | 2016-11-03 14:01:23 -0400 (Thu, 03 Nov 2016) | 5 lines Expose ap_method_register() to the admin with a new RegisterHttpMethod directive. Backports: r1407599 Submitted by: sf ------------------------------------------------------------------------ r1767941 | wrowe | 2016-11-03 13:57:50 -0400 (Thu, 03 Nov 2016) | 9 lines New directive HttpProtocol which allows to disable HTTP/0.9 support with min=0.9|1.0 syntax. A tighter restriction off the version in the request line is still possible with <If "%{SERVER_PROTOCOL_NUM} ..."> . Submitted by: sf Backports: r1406719, r1407643, r1425366 ------------------------------------------------------------------------ r1767912 | wrowe | 2016-11-03 11:55:18 -0400 (Thu, 03 Nov 2016) | 1 line Branch to bring http protocol parsing in 2.4.x in sync with trunk ------------------------------------------------------------------------ git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772678 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 04, 2016
-
-
Stefan Eissing authored
SECURITY: CVE-2016-8740 mod_http2: properly crafted, endless HTTP/2 CONTINUATION frames could be used to exhaust all server's memory. Reported by: Naveen Tiwari <naveen.tiwari@asu.edu> and CDF/SEFCOM at Arizona State University mod_http2: wseaking cleanup assertion on streams that have never been scheduled git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772579 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 02, 2016
-
-
Jim Jagielski authored
Don't take over scoreboard slots from gracefully finishing threads Otherwise the old and the new thread will both update the same scoreboard slot with undefined results. add comments Document which directives set which variables Make ap_find_child_by_pid() look at all slots that have ever been used. This is preparation to allow to use more scoreboard slots in mpm event. mpm_event: minor code simplification - move variable initializations into declarations - use max_workers variable mpm_event: don't re-use scoreboard slots that are still in use This causes inconsistent data in the scoreboard (due to async connections) and makes it difficult to determine what is going on. Therefore it is not a useful fix for the scoreboard-full issues (PR 53555). The consent on the dev list is that we should allocate/use more scoreboard entries instead. Use all available scoreboard slots Allow to use all slots up to Serv...
-
Jim Jagielski authored
When shutting down a process, free resources early Due to lingering connections, shutting down a process may take a very long time. Free all recycled pools early in the hope that we can already give some memory back to the OS. rename some variables to be more descriptive pid -> pslot tid -> tslot remove unused 'sd' Terminate keep-alive connections when dying When shutting down a process gracefully, terminate keep-alive connections so that we don't get any new requests which may keep the dying process alive longer. Exit threads early during shutdown During graceful shutdown, if there are more running worker threads than open connections, terminate some threads. This frees resources faster, which may be needed for new processes. Exit threads early during shutdown, part 2 Follow up to r1738466: During graceful shutdown, when the listener thread is closing a connection, it needs to wake up a worker thread so that it may terminate. Submitted by: sf Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772334 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Display process slot number in the async overview Fix the number of column for 'Async connections'. There are only 3 columns (writing, keep-alive, closing), not 4. Try to improve the code layout for it to be more readable. Each <th> is on its own line so keep the corresponding "colspan" <td> fields grouped together. r1738628 introduced a new column, 'Slot'. Add an empty cell for it in the last line of the table, in order to fix the layout of the Totals. Replace tab by spaces to be consistent mod_status: note stopping procs in async info table * add new column "stopping", denoting if a process is shutting down * add additional "(old gen)", if a process is from before a graceful reload * add counts of processes and stopping processes to summary line Submitted by: sf, jailletc36, jailletc36, sf Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772333 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Merge r1597533, r1649491, r1665216, r1756553, r1756631, r1726675, r1718496, r1718476, r1747469 from trunk: mod_cache: try to use the key of a possible open but stale cache entry if we have one in cache_try_lock(). PR 50317 Submitted by: Ruediger Pluem * modules/cache/mod_socache_memcache.c (socache_mc_store): Pass through expiration time. Submitted by: Faidon Liambotis <paravoid debian.org>, jorton * mod_cache: Preserve the Content-Type in case of 304 response. 304 does not contain Content-Type and mod_mime regenerates the Content-Type based on the r->filename. This later leads to original Content-Type to be lost (overwriten by whatever mod_mime generates). mod_cache: Use the actual URI path and query-string for identifying the cached entity (key), such that rewrites are taken into account when running afterwards (CacheQuickHandler off). PR 21935. mod_cache: follow up to r1756553: log the real/actual cached URI (debug). better s-maxage support + *) mod_cache: Consider Cache-Control: s-maxage in expiration + calculations. [Eric Covener] + + *) mod_cache: Allow caching of responses with an Expires header + in the past that also has Cache-Control: max-age or s-maxage. + PR55156. [Eric Covener] remove dead code leftover from r1023387. Prior to this revision, there was an apr_atoi64 in this context. Now, ap_cache_control() sets control.max_age (which is checked here) when the maxage value was parsed OK. duplicate debug-level AH00764 in the just-validated path. Rename ap_casecmpstr[n]() to ap_cstr_casecmp[n](), update with APR doxygen Submitted by: jkaluza, jorton, jkaluza, ylavic, ylavic, covener, covener, covener, wrowe Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1772331 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 23, 2016
-
-
Stefan Eissing authored
mod_http2: new directive H2EarlyHints git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1771018 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 22, 2016
-
-
Jim Jagielski authored
mod_ssl: Fix quick renegotiation (OptRenegotiaton) with no intermediate in the client certificate chain. PR 55786. This is done by handling an empty cert chain as no/NULL chain. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1770838 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 21, 2016
-
-
Jim Jagielski authored
Avoid adding duplicate subequest filters, as they would not be stripped properly during an ap_internal_fast_redirect. Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1770672 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 14, 2016
-
-
Yann Ylavic authored
ab: follow up to r1733537: CHANGES entry. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1769610 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1769601 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1769599 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Eissing authored
mod_http2: new directive 'H2PushResource' to enable early pushes before processing of the main request starts. Resources are announced to the client in Link headers on a 103 early hint response. All responses with status code <400 are inspected for Link header and trigger pushes accordingly. 304 still does prevent pushes. 'H2PushResource' can mark resources as 'critical' which gives them higher priority than the main resource. This leads to preferred scheduling for processing and, when content is available, will send it first. 'critical' is also recognized on Link headers. mod_proxy_http2: uris in Link headers are now mapped back to a suitable local url when available. Relative uris with an absolute path are mapped as well. This makes reverse proxy mapping available for resources announced in this header. With 103 interim responses being forwarded to the main client connection, this effectively allows early pushing of resources by a reverse proxied backend server. adding support for newly proposed 103 status code. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1769595 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 04, 2016
-
-
Jim Jagielski authored
http: Respond with "408 Request Timeout" when a timeout occurs while reading the request body. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1768079 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mpm_unix: Apache fails to start if previously crashed then restarted with the same PID (e.g. in container). PR 60261. Proposed by: Val <valentin.bremond gmail.com> Reviewed by: ylavic Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1768078 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 02, 2016
-
-
Eric Covener authored
cleanup next git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767647 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 01, 2016
-
-
Stefan Eissing authored
mod_http2/mod_proxy_http2 improvments as in CHANGES git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767563 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_remoteip: Use r->useragent_addr as the root trusted address for verifying. This fixes issue resulting in setting of bad useragent_ip when internal redirection has been generated as response to the request (typically as result of "ErrorDocument 40x"). In this case, the original request has been handled by mod_remoteip and its useragent_ip has been changed properly, but when internal redirection to ErrorDocument has been generated later, the mod_remoteip's handler has been executed again with *the same* c->client_addr as in the original request. If c->client_addr IP is trusted, this results in bad useragent_ip being set. When using r->useragent_addr as the root trusted address instead of c->client_addr, the internal redirection uses the first non-trusted IP in this particular case, so it won't change the r->useragent_ip during the internal redirection to ErrorDocument. Submitted by: jkaluza Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767483 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767482 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 27, 2016
-
-
Stefan Eissing authored
mod_http2: v1.7.7, connection shutdown revisited, AP_DEBUG_ASSERT transformed to real asserts git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766856 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 24, 2016
-
-
Stefan Eissing authored
mod_proxy_{http,ajp,fcgi}: don't reuse backend connections with data available before the request is sent. PR 57832. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766372 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 17, 2016
-
-
Stefan Eissing authored
mod_http2/mod_proxy_http2: 100-continue implementation, PING checks on aged backend connections git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1765327 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 11, 2016
-
-
Stefan Eissing authored
mod_proxy_http2: renaming duplicate symbol clash between h2_proxy_util and h2_util externals git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1764238 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 03, 2016
-
-
Stefan Eissing authored
mod_http2: rewrite of how responses and trailers are transferred between master and slave connection. Reduction of internal states for tasks and streams, stability. Heuristic id generation for slave connections to better keep promise of connection ids unique at given point int time. Fix for mod_cgid interop in high load situtations. Fix for handling of incoming trailers when no request body is sent. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1763163 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 19, 2016
-
-
Stefan Eissing authored
mod_http2: fix for output blocking race condition git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1761478 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 06, 2016
-
-
Jim Jagielski authored
mpm_winnt: remove 'data' AcceptFilter in favor of 'connect' The 'data' AcceptFilter optimization instructs Windows to wait until data is received on a connection before completing the AcceptEx operation. Unfortunately, it seems this isn't performed atomically -- AcceptEx "partially" accepts the incoming connection during the wait for data, leaving all other incoming connections in the accept queue. This opens the server to a denial of service. Since the fix for this requires a substantial rearchitecture (likely involving multiple outstanding calls to AcceptEx), disable the 'data' filter for now and replace it with 'connect', which uses the AcceptEx interface but does not wait for data. Users running prior releases of httpd on Windows should explicitly move to a 'connect' AcceptFilter in their configurations if they are currently using the default 'data' filter. Many thanks to mludha, Arthur Ramsey, Paul Spangler, and many others for their assistance in tracking down and diagnosing this issue. PR: 59970 mpm_winnt: remove the AcceptEx data network bucket Follow-up to the prior commit: without an incoming data buffer, the custom network bucket code is now orphaned and we can remove it entirely. This has the added benefit that we are no longer using the internal OVERLAPPED.Pointer field, which is discouraged by the MSDN docs. mpm_winnt: remove duplication of ap_process_connection Further follow-up to the previous commit: now that we no longer patch a network bucket into the brigade, we can revert to calling ap_process_connection() directly instead of duplicating its logic. docs: rebuild Submitted by: jchampion Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1759471 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 01, 2016
-
-
Stefan Eissing authored
mod_cgid: Resolve a case where a short CGI response causes a subsequent CGI to be killed prematurely, resulting in a truncated subsequent response. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1758798 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 30, 2016
-
-
Jim Jagielski authored
* Add missing copy of hcuri and hcexpr ftom the worker to the health check worker. PR: 60038 Submitted by: zdeno <zdeno@scnet.sk> Submitted by: rpluem Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1758373 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 27, 2016
-
-
Stefan Eissing authored
mod_http2: fixed bug in stream shutdown, support for nghttp2 invalid header callback from 1.14.0 and onwards. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1758011 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 25, 2016
-
-
Jim Jagielski authored
mod_reqtimeout: Fix body timeout disabling for CONNECT requests to avoid triggering mod_proxy_connect's AH01018 once the tunnel is established. https://bugzilla.mozilla.org/show_bug.cgi?id=1279483#c9 mod_reqtimeout: follow up to r1754391: fix missing "else". Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1757675 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
ab: add SNI support when available. ab: follow up to r1750854: put the -I at the right place for apr_getopt(). ab: follow up to r1750854. Use SNI when available by default, and invert -I logic to now disable it. ab: follow up to r1750854: some comments and better naming. ab: follow up to r1750854: still better naming, and a C89 fix. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1757674 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_proxy_fcgi: avoid loops serving proxied error documents This commit should solve the issue indicated in PR 55415. Httpd loops while serving a error document if: 1) The error document's content is proxied. 2) ProxyErrorOverride is set. The solution proposed is to limit the use of ap_die only to the initial request. I tested the change with very basic scenarios but I am not sure if I got all the use cases, feedback is really welcome. Submitted by: elukey Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1757671 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Force mod_proxy_fcgi to read the whole FCGI response even when the content has not been modified (HTTP 304). The problem is described in PR 59838. This patch should avoid bogus reads causing the following issues with HTTP 304 responses: - AH01068: Got bogus version X, expected 1 - AH01069: Got bogus rid X, expected 1 - AH01075: Error dispatching request to : - HTTP 503 logged instead of 304 (even if the external client gets correctly a 304) As discussed on IRC the HTTP_PRECONDITION_FAILED use case should be handled like the HTTP_NOT_MODIFIED one but it will be done in a separate commit. Submitted by: elukey Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1757670 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Fix spelling in comments and text files. No functional change. PR 59990 Submitted by: rjung Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1757669 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 24, 2016
-
-
Stefan Eissing authored
merge of 1752145,1753498,1753541,1754129,1754414,1754534,1755323,1756844,1757524,1757534,1757540 from trunk mod_http2: backport of latest changes - intermediate responses - graceful shutdown of connections - ht debug draft update git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1757542 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 16, 2016
-
-
Yann Ylavic authored
* Prevent redirect loops between workers within a balancer by limiting the number of redirects to the number balancer members. PR: 59864 Submitted by: rpluem Reviewed by: rpluem, jim, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1756563 13f79535-47bb-0310-9956-ffa450edef68
-