- Jul 23, 2010
-
-
Guenter Knauf authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@966953 13f79535-47bb-0310-9956-ffa450edef68
-
Guenter Knauf authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@966949 13f79535-47bb-0310-9956-ffa450edef68
-
Guenter Knauf authored
- removed obsolete -prefix compiler switch since already defined global for all files - removed obsolete include paths - changed include paths to use internal vars so hat apr/apr-util builds outside source tree - removed trailing tabs and spaces, other minor cosmetic changes git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@966915 13f79535-47bb-0310-9956-ffa450edef68
-
- Jul 20, 2010
-
-
Rainer Jung authored
I kept "back slash" when explicitely used in comparison with "forward slash". Backport of r965792 from trunk and of r965799 from 2.2.x. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@965803 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
Thanks to Denis Howe for the hint. PR49620. Backport of r965798 from 2.2.x. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@965801 13f79535-47bb-0310-9956-ffa450edef68
-
- May 14, 2010
-
-
Rainer Jung authored
been committed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@944165 13f79535-47bb-0310-9956-ffa450edef68
-
- May 13, 2010
-
-
Jeff Trawick authored
CVE-2009-3095: mod_proxy_ftp sanity check authn credentials. Submitted by: Stefan Fritsch <sf fritsch.de>, Joe Orton Reviewed by: pgollucci, poirier, rjung, trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943980 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943977 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
*) SECURITY: CVE-2009-3094 (cve.mitre.org) mod_proxy_ftp: NULL pointer dereference on error paths. [Stefan Fritsch <sf fritsch.de>, Joe Orton] Reviewed by: pgollucci, poirier, trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943925 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943923 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943882 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943880 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
SECURITY: Partial fix for CVE-2009-3555: Reject client-initiated renegotiations; this is sufficient to prevent the attack for any configuration which does not require renegotiation due to per-directory/per-location access control configuration. Configuration with per-directory/per-location access control requirements (such as "SSLVerifyClient require") are still vulnerable to CVE-2009-3555 with this patch applied (if using OpenSSL != 0.9.8l). * modules/ssl/ssl_private.h (SSLConnRec): Add reneg_state field. (ssl_callback_Info): Renamed from ssl_callback_LogTracingState. * modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Install the (renamed) info callback unconditionally. * modules/ssl/ssl_engine_io.c (ssl_filter_ctx_t): Add config pointer to SSLConnRec. (bio_filter_out_write, bio_filter_in_read): Fail with APR_ECONNABORTED if the reneg state is set to RENEG_ABORT. * modules/ssl/ssl_engine_kernel.c (log_tracing_state): Factored out of ssl_callback_LogTracingState. (ssl_callback_Info): New function. Submitted by: jorton, rpluem, rjung Reviewed by: rjung, rpluem, pgollucci git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943879 13f79535-47bb-0310-9956-ffa450edef68
-
Daniel Earl Poirier authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943869 13f79535-47bb-0310-9956-ffa450edef68
-
- May 12, 2010
-
-
Philip M. Gollucci authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943750 13f79535-47bb-0310-9956-ffa450edef68
-
Philip M. Gollucci authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943749 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
I haven't properly reviewed/tested these yet myself, but I'd guess that some among us may be in a good position to review. (And I should get to it eventually.) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@943603 13f79535-47bb-0310-9956-ffa450edef68
-
- May 10, 2010
-
-
Richard Bowen authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@942939 13f79535-47bb-0310-9956-ffa450edef68
-
- May 07, 2010
-
-
Philip M. Gollucci authored
As previously discussed with wrowe, treast this the same way roy treats mime.types git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@942211 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 16, 2010
-
-
Rainer Jung authored
to 2.0.x. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@923801 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 11, 2010
-
-
Jeff Trawick authored
SECURITY: CVE-2010-0434 (cve.mitre.org) Ensure each subrequest has a shallow copy of headers_in so that the parent request headers are not corrupted. Elimiates a problematic optimization in the case of no request body. PR: 48359 Submitted by: Jake Scott, William Rowe, Ruediger Pluem Reviewed by: wrowe, trawick, rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921910 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
*) SECURITY: CVE-2008-2364 (cve.mitre.org) mod_proxy_http: Better handling of excessive interim responses from origin server to prevent potential denial of service and high memory usage. Reported by Ryujiro Shibuya. [Ruediger Pluem, Joe Orton, Jim Jagielski] Reviewed by: trawick, wrowe, rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921908 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921839 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 10, 2010
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921303 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 09, 2010
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921146 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921143 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921086 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921081 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
to the 2.0.x branch for now. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@921002 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@920995 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. Submitted by: Brett Gervasoni <brettg senseofsecurity.com>, trawick Reviewed by: trawick, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@920961 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 15, 2010
-
-
Nilgun Belma Buguner authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@899795 13f79535-47bb-0310-9956-ffa450edef68
-
Nilgun Belma Buguner authored
Translated by: Nilgün Belma Bugüner <nilgun belgeler.org> Reviewed by: Orhan Berent <berent belgeler.org> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@899794 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 11, 2010
-
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@897806 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@897805 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 05, 2010
-
-
Roy T. Fielding authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@896280 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 22, 2009
-
-
Takashi Sato authored
Submitted by: HANAWA Yoshio <hanawa dino.co.jp> Reviewed by: takashi git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@893242 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 20, 2009
-
-
Takashi Sato authored
Submitted by: OZAWA Sakuro <ozawa feedforce.jp> Reviewed by: takashi git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@892570 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 14, 2009
-
-
Richard Bowen authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@890374 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 12, 2009
-
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@889972 13f79535-47bb-0310-9956-ffa450edef68
-