Skip to content
  1. Nov 19, 2004
  3. Nov 11, 2004
  5. Nov 10, 2004
  7. Nov 06, 2004
  9. Nov 05, 2004
  11. Nov 04, 2004
  13. Nov 03, 2004
  15. Nov 02, 2004
  17. Nov 01, 2004
  19. Oct 29, 2004
  21. Oct 25, 2004
    • Paul Querna's avatar
      This will put some messages in the error log when some people try a lame · d140d3c4
      Paul Querna authored 
      DoS by just opening a socket, and never sending any data.

Ivan suggested such a change about a month ago, to match the 1.3 behavoir.

Today I helped OSU's Admins figure out that someone was trying this 'attack'
against their mirror server.  The server status just showed hundreds of
Apache Children stuck in Reading.  This will at least hint to the admins
where the problem is by telling them about it in the error log.

Inspired by: Rici Lake, Ivan Ristic <ivanr webkreator.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105583 13f79535-47bb-0310-9956-ffa450edef68
      d140d3c4
  23. Oct 23, 2004
  25. Oct 22, 2004
  27. Oct 18, 2004
  29. Oct 14, 2004
  31. Oct 13, 2004
  33. Oct 10, 2004
  35. Oct 08, 2004
    • Joe Orton's avatar
      Fix CAN-2004-0885: · d107d7d6
      Joe Orton authored 
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
correct cipher suite has been negotiated, else deny access.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
0.9.7, prevent session resumption during a renegotiation to force the
client to negotiate a new (and acceptable) cipher suite.

Submitted by: Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105396 13f79535-47bb-0310-9956-ffa450edef68
      d107d7d6
  37. Oct 04, 2004
  39. Oct 03, 2004
  41. Oct 02, 2004
  43. Sep 29, 2004
  45. Sep 28, 2004
    • Justin Erenkrantz's avatar
      Try to correctly follow RFC 2616 13.3 on validating stale cache responses by · 3a37af26
      Justin Erenkrantz authored 
      teaching mod_cache's cache_select_url and cache_save_filter how to deal with
this corner case.

* modules/experimental/cache_storage.c
  (cache_select_url): If we have a stale entry, save the handle so that
  cache_save_filter can use it later, and make the request conditional.
* modules/experimental/cache_util.c
  (ap_cache_request_is_conditional): Take in a table rather than request_rec.
* modules/experimental/mod_cache.c
  (cache_out_filter): Fix bogus comment.
  (cache_save_filter): If we have already responded to the client, block all
  data; correctly merge in 'stale' handles that are not really stale; set
  r->status where appropriate; serve cached response if 'fresh'
* modules/experimental/mod_cache.h
  (cache_info): Add a status field.
  (cache_request_rec): Add stale handle field and note we may block responses.
  (ap_cache_request_is_conditional): Update prototype.
* modules/experimental/mod_disk_cache.c
  (store_headers): Use cache_info status instead of r->status.
* modules/experimental/mod_mem_cache.c
  (recall_headers): Properly recall the status field.
  (store_headers): Store the status field via cache_info status.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105322 13f79535-47bb-0310-9956-ffa450edef68
      3a37af26
    • Justin Erenkrantz's avatar
      mod_disk_cache: Do not store aborted content. · 30aa9ac5
      Justin Erenkrantz authored 
      PR: 21492
Submitted by:	R�diger Pl�m <r.pluem t-online.de>
Reviewed by:	Justin Erenkrantz


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105317 13f79535-47bb-0310-9956-ffa450edef68
      30aa9ac5
    • Justin Erenkrantz's avatar
      mod_disk_cache: Correctly store cached content type. · e90ce9ce
      Justin Erenkrantz authored 
      PR: 30278
Submitted by:	R�diger Pl�m <r.pluem t-online.de>
Reviewed by:	Justin Erenkrantz


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105315 13f79535-47bb-0310-9956-ffa450edef68
      e90ce9ce
  47. Sep 24, 2004
  49. Sep 23, 2004
  51. Sep 22, 2004
  53. Sep 21, 2004
    • Justin Erenkrantz's avatar
      Fix Expires (freshness) handling in mod_cache. · c65e6d74
      Justin Erenkrantz authored 
      Previously, if the cached copy was stale, the response would go into an
indeterminate state.  Therefore, the freshness check must be done before we
'accept' the response and, if it fails (i.e.  stale), we can't allow any side
effects.

This caused a number of changes to how mod_disk_cache reads its headers as
ap_scan_script_header_err() purposely has side-effects and that's
unacceptable.  So, factor out only what we need.

Also, remove the broken conditional filter code as you can't reliably alter the
filter list once the response is started.  (Regardless, cache_select_url()
has the freshness checks now.)

Assist to Sascha Schumann for reporting mod_cache was busted.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@105236 13f79535-47bb-0310-9956-ffa450edef68
      c65e6d74