- Sep 26, 2014
-
-
Jim Jagielski authored
mod_status should honor remote_ip as documented Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1627744 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 19, 2014
-
-
Jan Kaluža authored
to be seen from auth stanzas under virtual hosts. PR 56870. [Eric Covener] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1626203 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 16, 2014
-
-
Jeff Trawick authored
Fix a cmake compatiblity issue related to quoting with cmake 2.8.12 and later. PR: 56615 Submitted by: Chuck Liu <cliu81 gmail.com>, trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1625199 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 05, 2014
-
-
Jim Jagielski authored
PR56832 -- mod_ratelimit reports at ERROR level everytime a lower-level filter encounters an error. Since the core output filter only emits TRACE1, a higher level filter shouldn't log the same condition as ERROR. Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1622708 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 03, 2014
-
-
Stefan Fritsch authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1622359 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 31, 2014
-
-
Jim Jagielski authored
Avoid useless warning message when parsing a section guarded by <IfDefine foo> if $(foo) is used within the section. PR 56503 Submitted by: jailletc36 Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621603 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_proxy_fcgi: Fix faulty logging of large amounts of stderr from the application. PR: 56858 Submitted by: Manuel Mausz <manuel-asf mausz.at> Reviewed by: trawick Submitted by: trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621602 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
PR53420: Proxy responses with error status and "ProxyErrorOverride On" hang until proxy timeout. Regression from 2.2. It was introduced by r912063 in order to fix PR41646. Switch preference for headers, Transfer-Encoding first, Content-Length second. Addition to r1615289. Submitted by: rjung Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621601 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
part of the trailers fix git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1621552 13f79535-47bb-0310-9956-ffa450edef68
-
- Aug 22, 2014
-
-
William A. Rowe Jr authored
core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior. Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener Backports: r1610814 Reviewed by: covener, wrowe, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619884 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 18, 2014
-
-
Daniel Gruno authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611744 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611595 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 16, 2014
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611194 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 15, 2014
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610760 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610745 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
one-liner down first ;) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610738 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610737 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610670 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610661 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
SECURITY (CVE-2014-3523): Fix a memory consumption denial of service in the WinNT MPM used in all Windows installations. Workaround: AcceptFilter <protocol> {none|connect} Submitted by: trawick Reviewed by: jorton, covener, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610653 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610641 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 14, 2014
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610517 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610516 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610514 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
*) SECURITY: CVE-2014-0231 (cve.mitre.org) mod_cgid: Fix a denial of service against CGI scripts that do not consume stdin that could lead to lingering HTTPD child processes filling up the scoreboard and eventually hanging the server. [Rainer Jung, Eric Covener, Yann Ylavic] Submitted By: rjung, covener, ylavic Reviewed By: trawick, jorton, covener, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610512 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
*) SECURITY: CVE-2014-0118 (cve.mitre.org) mod_deflate: The DEFLATE input filter (inflates request bodies) now limits the length and compression ratio of inflated request bodies to avoid denial of sevice via highly compressed bodies. See directives DeflateInflateLimitRequestBody, DeflateInflateRatioLimit, and DeflateInflateRatioBurst. Thanks to Giancarlo Pellegrino and Davide Balzarotti for reporting the issue. Submitted By: ylavic, covener Reviewed By: jorton, covener, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610503 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this. * include/scoreboard.h: Add ap_copy_scoreboard_worker. * server/scoreboard.c (ap_copy_scoreboard_worker): New function. * modules/generators/mod_status.c (status_handler): Use it. * modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise. Reviewed by: trawick, jorton, covener, jim Submitted by: jorton, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610499 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
This issue affected httpd versions 2.4.5 and 2.4.6 only. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610495 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Extend the scope of SSLSessionCacheTimeout to sessions resumed by TLS session resumption (RFC 5077). Submitted by: rjung Reviewed by: rjung, ylavic, jorton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610399 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_deflate: Don't fail when asked to flush inflated data to the user-agent and that coincides with the end of stream ("Zlib error flushing inflate buffer"). PR 56196. Submitted By: [Christoph Fausak <christoph.fausak glueckkanja com>] Committed By: ylavic mod_deflate: follows up r1572896. Be safe from successive or post end-of-stream flush buckets. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610397 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
PR54587: LDAP connections used for authn were not respecting LDAPConnectionPoolTimeout due to confusion over what "bound" means. Added some LDAP trace at TRACE5 to track how LDAP connections are reused and rebound. make LDAPConnectionPoolTTL more conservative, use r->request_time rather than end-of-request time, and only update it after a round-trip with the LDAP server rather than every time we check back into the pool. Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610396 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
Forward local IP address as a custom request attribute like we already do for the remote port. Both were forgotten in the original AJP 13 spec but are needed by the Servlet spec. Until now, Tomcat simply returns for getLocalAddr() the same as for getLocalName(). The next round of Tomcat releases will look for the optional new request attribute. See also Tomcat BZ 56661. Submitted by: rjung Reviewed by: trawick, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610340 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
core: Include any error notes set by modules in the canned error response for 403 errors. Submitted by: trawick Reviewed by: minfrin, rjung git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610328 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
mod_ssl: Set an error note for requests rejected due to SSLStrictSNIVHostCheck Submitted by: trawick Reviewed by: minfrin, rjung git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610327 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
SNI errors. Submitted by: trawick Reviewed by: minfrin, rjung git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610326 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 12, 2014
-
-
Jeff Trawick authored
mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer larger keys and support up to 8192-bit keys. Submitted by: rpluem, jorton Reviewed by: ylavic, kbrand git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610014 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
Fix PR 56480: PROPFIND walker doesn't encode hrefs properly Reverts r1529559 partially (specifically the dav_xml_escape_uri) bit. Reverts r1531505 entirely. * modules/dav/main/mod_dav.c (dav_xml_escape_uri): Revert the piece of r1529559 that removes the URI escaping from this function. * modules/dav/main/props.c (dav_do_prop_subreq): Escape the URI before doing a sub request with it. This resolves some properties like getcontenttype from failing to be returned for files that contain characters that require encoding in their path. * modules/dav/main/mod_dav.h (dav_resource): Note the inconsistency in the documentation. * modules/dav/fs/repos.c (dav_fs_get_resource): Don't use the unparsed_uri to set the uri field of the resource. This is the correct fix for the double encoding in mod_dav_fs that led to the dav_xml_escape_uri() change and r1531505. (dav_fs_walker, dav_fs_append_uri): Revert r1531505 changes. Submitted by: breser Reviewed by: ylavic, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610013 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 08, 2014
-
-
Jeff Trawick authored
Follow up to r1527220/r1588852: Implement better error checking/reporting around notification of abrupt parent process termination. It is likely that something bad is happening here based on these user reports: https://www.apachelounge.com/viewtopic.php?p=27848 http://mail-archives.apache.org/mod_mbox/httpd-users/201406.mbox/%3CCAC%2BRZnuwLD%2BJnoy2TYO8oeAWt6bFLMa%3DEhfDf9hS3cuuGUHXAw%40mail.gmail.com%3E w-up to r1606368: HANDLE is PVOID which is void * (fix format string) Submitted by: trawick Reviewed by: covener, gsmith git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1608907 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1608780 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_proxy: When ping/pong is configured for a worker, don't send or forward "100 Continue" (interim) response to the client if it does not expect one. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1608762 13f79535-47bb-0310-9956-ffa450edef68
-