Skip to content
  1. May 29, 2018
    • Yann Ylavic's avatar
      Merge r1829513 from trunk: · 2743d1b7
      Yann Ylavic authored
      * modules/ssl/ssl_engine_init.c (ssl_init_Module): Don't enable SSL
        for a vhost if SSLEnable is not used and no certs are configured,
        even if the Listen protocol is "https".  Restores behaviour to that
        prior to r1809303 for configs which would now otherwise fail at
        startup.
      
      Submitted by: jorton
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832495 13f79535-47bb-0310-9956-ffa450edef68
      2743d1b7
    • Yann Ylavic's avatar
      core: use strncmp in check_errorlog_dir and core_dump_config when checking · 394bc0c0
      Yann Ylavic authored
      if the ErrorLog directive is configured with the 'syslog' prefix. PR 62102
      
      trunk patch: none, as far as I can see the code in trunk diverged too much
                due to the code in STALLED for ap_errorlog_provider.
       
      Submitted by: elukey, jhriggs, jailletc36
      Reviewed by: elukey, jhriggs, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832493 13f79535-47bb-0310-9956-ffa450edef68
      394bc0c0
    • Yann Ylavic's avatar
      Merge r1826687, r1827166, r1828210, r1828232, r1828687 from trunk: · bc2f0bff
      Yann Ylavic authored
      Instrument 'bbout'
      
      
      mod_http2: use proper ARP defined for formatting apr_off_t
      
      
      On the trunk:
      
      mod_http2: on level trace2, log any unsuccessful HTTP/2 direct connection upgrade
           with base64 encoding to unify its appearance in possible bug reports.
      
      
      On the trunk:
      
      * mod_http2: calculate unencrypted connection sniffing base64 only when log level is at required height. [Ruediger Pluem]
      
      
      On the trunk:
      
      mod_http2: accurate reporting of h2 data input/output per request via mod_logio. Fixes
           an issue where output sizes where counted n-times on reused slave connections. See
           gituhub issue: https://github.com/icing/mod_h2/issues/158
      
      
      Submitted by: jailletc36, icing, icing, icing, icing
      Reviewed by: icing, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832489 13f79535-47bb-0310-9956-ffa450edef68
      bc2f0bff
    • Yann Ylavic's avatar
      Merge r1828879 from trunk: · 808a94d0
      Yann Ylavic authored
      On the trunk:
      
      mod_http2: always wake up any conditional waits when streams are aborted. Fixes race conditions where timeouts would trigger instead.
      
      Submitted by: icing
      Reviewed by: icing, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832487 13f79535-47bb-0310-9956-ffa450edef68
      808a94d0
    • Yann Ylavic's avatar
      Merge r1822849, r1822858, r1822878, r1822879, r1822883, r1828485, r1828493 from trunk: · 082e9783
      Yann Ylavic authored
      * When mod_http2 is loaded more then ThreadsPerChild backend connections can
        be useful as mod_http2 has an additional thread pool on top of
        ThreadsPerChild.
        But leave the default with ThreadsPerChild.
      
      
      * Add some some comment why we do not limit hmax any longer
      
      
      mod_proxy: follow up to r1822849.
      
      Get the help(er) of mod_http2 to determine how much connections should
      be handled in the reslist by default (i.e. max_threads).
      
      
      mod_proxy: follow up to r1822849 and r1822878.
      
      Does r1822878's "static" APR_RETRIEVE_OPTIONAL_FN work if, say, mod_proxy is
      builtin but mod_http2 isn't?
      
      Not worth taking the risk here since it's not a fast path...
      
      Note: if this is an issue, I'm afraid it applies elsewhere too.
      
      
      mod_proxy: follow up to r1822849 and r1822879.
      
      Fix my maths, thanks Stefan and Rüdiger!
      
      
      needs mod_http2.h
      
      
      * Add missing CHANGES entry for revisions 1822849,1822858,1822878,1822879,1822883,1828485
      
      
      Submitted by: rpluem, ylavic, ylavic, ylavic, gsmith, rpluem
      Reviewed by: rpluem, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832485 13f79535-47bb-0310-9956-ffa450edef68
      082e9783
  2. Apr 26, 2018
  3. Apr 18, 2018
  4. Apr 09, 2018
  5. Mar 26, 2018
  6. Mar 24, 2018
  7. Mar 23, 2018
  8. Mar 20, 2018
  9. Mar 17, 2018
  10. Mar 15, 2018
  11. Mar 10, 2018
  12. Mar 09, 2018
    • Joe Orton's avatar
      Merge r1617913 from trunk: · e4de5adb
      Joe Orton authored
      * support/ab.c: Fix crash caused by integer overflow when printing stats with
      lot of requests (for example -n 500000000).
      
      Submitted by: jkaluza
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826310 13f79535-47bb-0310-9956-ffa450edef68
      e4de5adb
    • Joe Orton's avatar
      Merge r1667676, r1826207 from trunk: · cc6357f0
      Joe Orton authored
      * mod_access_compat, mod_authz_host: Handle '#' character.
      For mod_access_compat, disable '#' in hostname completely.
      For mod_authz_host, treat '#' as a comment and ignore everything after that.
      This allows better handling of admin errors like
      'Require host localhost# Add example.com later'.
      
      * modules/aaa/mod_authz_host.c (host_check_authorization): Simplify
        comment stripping in "Require host"; log a warning if a comment is
        used in 'Require host', or an error if the expression is empty with
        the comment stripped. (Currently in 2.4, #comment part is parsed)
      
      Submitted by: jkaluza, jorton
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826309 13f79535-47bb-0310-9956-ffa450edef68
      cc6357f0
    • Joe Orton's avatar
      Merge r1532281, r1532289, r1537718 from trunk: · dba3b47d
      Joe Orton authored
      * support/rotatelogs.c (get_now): Return the offset applied to the
        Unix time as a parameter.
        (doRotate): When exploding the time for strtfime formatting, iff in
        -l mode, subtract the offset and explode the real Unix time as a
        local time so %Z etc works correctly.
      
      * support/rotatelogs.c (get_now): Fix the NULL ptr dereferences 
        added in r1532281.
      
      * support/rotatelogs.c: Introduce an adjusted_time_t type to store the
        weird "adjusted time since epoch" type returned by get_now().
        Switch from int to long to fix an unnecessary Y2K38 issue.  Adjust
        use throughout and clean up other type issues.  No functional change
        intended apart from fixing Y2K38.
      
      Submitted by: jorton
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826306 13f79535-47bb-0310-9956-ffa450edef68
      dba3b47d
    • Joe Orton's avatar
      Merge r1811976 from trunk: · 43f1c1f1
      Joe Orton authored
      Add optional _RAW suffix to SSL_*_DN_xx attribute names, allowing
      users to convert an attribute value without conversion to UTF-8.  (A
      public CA has issued certs with attributes tagged as the wrong ASN.1
      string types.)
      
      * modules/ssl/ssl_util_ssl.c (asn1_string_convert): Rename from
        asn1_string_to_utf8; add raw argument. Reimplement _to_utf8 as
        macro.
        (modssl_X509_NAME_ENTRY_to_string): Add raw argument.
      
      * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): Use raw
        string conversion if _RAW suffix is present in DN component.
      
      Submitted by: jorton
      Reviewed by: jorton, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826300 13f79535-47bb-0310-9956-ffa450edef68
      43f1c1f1
  13. Mar 04, 2018
  14. Mar 03, 2018
    • Daniel Ruggeri's avatar
      Post 2.4.31 tag updates · 27990eea
      Daniel Ruggeri authored
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1825777 13f79535-47bb-0310-9956-ffa450edef68
      27990eea
    • Yann Ylavic's avatar
      Merge r1802040, r1807876, r1808014, r1805490, r1823886 from trunk: · 7b22490b
      Yann Ylavic authored
      mod_proxy_fcgi: Add the support for mod_proxy's
                      flushpackets and flushwait params
      
      This change was requested on the development mailing
      list in order to fill another gap between mod_fcgi
      and mod_proxy_fcgi, namely the -flush funtionality.
      
      The more evolved core trunk code would not need this
      feature becuse of the non-blocking writes, but it
      is be needed in 2.4.x.
      
      
      mod_proxy_fcgi: limit the flush buckets inserted when flushpackets=on|auto
      
      This commit is a follow up of r1802040 based on Jacob's
      feedback, namely inserting the FLUSH buckets only when
      really needed and useful, not always.
      
      
      mod_proxy_fcgi: follow up to r1807876.
      Fix mixed declarations and code [-Wdeclaration-after-statement].
      
      Fix a compilation warning introduced by r1802040.
      mod_proxy_fcgi.c:893:19: warning: ‘flushpoll’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      
      This warning is a false positive.
      
      
      mod_proxy_fcgi: prioritize the check for mayflush when using flushpackets
      
      The mayflush variable should be checked before the rest
      to avoid polling when not needed.
      
      Suggested by Yann Ylavic on the dev@ mailing list.
      
      
      Submitted by: elukey, ylavic, jailletc36, elukey
      Reviewed by: elukey, jim, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1825765 13f79535-47bb-0310-9956-ffa450edef68
      7b22490b
  15. Feb 20, 2018
    • Yann Ylavic's avatar
      Merge r1823047, r1824454, r1824463, r1824464, r1824497, r1824862, r1824877 from trunk: · f70828d2
      Yann Ylavic authored
      mpm_event: move lingering close "sucker" from the listener to worker(s).
      
      This was the last non-constant time action performed by the listener thread.
      
      It's now handled by the worker thread directly after entering lingering close,
      which should directly address the cases when the socket is already closed
      remotely at that time, hence avoid more scheduling (it may be the common case
      for some scenarios).
      
      And it's only if the above would need blocking (i.e. more data to suck) that
      the socket is added to the pollset for the listener to re-schedule a worker
      later when ready. If no worker is available at that time then the socket is
      forcibly closed (similarly to what's done for keepalive connections in this
      case).
      
      Also, since process_lingering_close() is now called by a worker thread and
      with almost no depth in the call stack, we can grow the size of the "suck"
      buffer from 2K to 32K to potentially call recv() up to sixteen times less.
      
      
      mpm_event: follow up to r1823047.
      
      Update clogged counter on read_request retry too.
      
      
      mpm_event: follow up to r1823047: simplify "clogging" logic (reentrance).
      
      
      mpm_event: follow up to r1823047: complete state validation after processing.
      
      
      mpm_event: follow up to r1823047: CHANGES entry.
      
      
      mpm_event: follow up to r1823047 and r1824464.
      
      MMN bump for CONN_STATE_NUM, plus don't consider CONN_STATE_LINGER_* as valid
      states returned process_connection (never have been).
      
      
      mpm_event: follow up to r1823047 and r1824862.
      
      Revert (broken) functional change from r1824862.
      
      
      Submitted by: ylavic
      Reviewed by: ylavic, minfrin, jim
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1824879 13f79535-47bb-0310-9956-ffa450edef68
      f70828d2
    • Yann Ylavic's avatar
      Revert r1824868 (and r1824869). · a35bb6eb
      Yann Ylavic authored
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1824874 13f79535-47bb-0310-9956-ffa450edef68
      a35bb6eb