- Nov 14, 2016
-
-
William A. Rowe Jr authored
Submitted by: wrowe Backport: r1756821 Drop redundant == --rrl_none evaluation Submitted by: rpluem Backport: r1756823 server/protocol.c (read_request_line): Fix compiler warnings with GCC. Submitted by: jorton Backport: r1756824 Correct request header handling of whitespace with the new possible config of HttpProtocolOptions Unsafe StrictWhitespace I have elected not to preserve any significance to excess whitespace in the now-deprecated obs-fold code path, that's certainly open for discussion. This can be reviewed by tweaking t/conf/extra.conf to switch Strict to Unsafe. Submitted by: wrowe Backport: r1756847 A band-aid to resolve an immediate IBM MVS'ism Submitted by: wrowe Backport: r1756849 Resolve Netware (and other arch) build error for non-portable isascii() Submitted by: wrowe Backport: r1756934 Generally, the cart comes before the horse, this mirrors apr_lib.h Submitted by: wrowe Backport: r1756937 After lengthy investigation with covener's assistance, it seems we cannot use a static table. We cannot change this to dynamic use of the local iconv without build changes to avoid such use on cross-platform builds. I'm satisfied if we trust iscntrl to at least catch all the most lethal C0 Ctrls (we are promised it catches bad carriage control/line endings) and leave this in the short term with an XXX to revisit at a future time. The token stop never needed this table, because we can use the affirmative list of token characters to define it. Submitted by: wrowe, covener Backport: r1756946 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1769664 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Rename the previously undocumented HTTPProtocol directive to EnforceHTTPProtocol, and invert the default behavior to strictly observe RFC 7230 unless otherwise configured. And Document This. The relaxation option is renamed 'Unsafe'. 'Strict' is no longer case sensitive. 'min=0.9|1.0' is now the verbose 'Allow0.9' or 'Require1.0' case-insenstive grammer. The exclusivity tests have been modified to detect conflicts. The 'strict,log' option failed to enforce strict conformance, and has been removed. Unsafe, informational logging is possible in any loadable module, after the request data is unsafely accepted. This triggers a group of failures in t/apache/headers.t as expected since those patterns violated RFC 7230 section 3.2.4. Submitted by: wrowe Backport: r1756540 Correct AP_HTTP_CONFORMANCE_ flags Submitted by: wrowe Backport: r1756555 Renaming this directive to HttpProtocolOptions after discussion on dev@ Submitted by: wrowe Backport: r1756649 Perform correct, strict parsing of the request line, handling the http protocol tag, url and method appropriately, and attempting to extract values even in the presence of unusual whitespace in keeping with section 3.5, prior to responding with whatever error reply is needed. Conforms to RFC7230 in all respects, the section 3.5 optional behavior can be disabled by the user with a new HttpProtocolOptions StrictWhitespace flag. In all cases, the_request is regenerated from the parsed components with exactly two space characters. Shift sf's 'strict' method check from the Strict behavior because it violates forward proxy logic, adding a new RegisteredMethods flag, as it will certainly be useful to some. Submitted by: wrowe Backport: r1756729 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1769662 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Submitted by: wrowe Backport: r1754536 Correct T_HTTP_TOKEN_STOP per RFC2068 (2.2) - RFC7230 (3.2.6), which has always defined 'token' as CHAR or VCHAR - visible USASCII only. NUL char is also a stop, end of parsing. Submitted by: wrowe Backport: r1754538 Be more explicit about NUL in case iscntrl is inconsistent Submitted by: wrowe Backport: r1754539 Introduce T_HTTP_CTRLS for efficiently finding non-text chars Submitted by: wrowe Backport: r1754540 Introduce ap_scan_http_field_content, ap_scan_http_token and ap_get_http_token [later reverted] for more efficient string handling. Submitted by: wrowe Backport: r1754541 With NUL as a TOKEN_STOP, this code is more efficient Submitted by: wrowe Backport: r1754544 We arrive here for more than one cause; offer a more general statement Submitted by: wrowe Backport: r1754547 Strictly observe spec on obs-fold Submitted by: wrowe Backport: r1754548 Leave an emphatic TODO per Jeff's observations Submitted by: trawick Backport: r1754555 Introduce ap_scan_http_token / ap_scan_http_field_content for a much more efficient pass through the header text; rather than reparsing the strings over and over under the HTTP_CONFORMANCE_STRICT fules. Improve logic and legibility by eliminating multiple repetitive tests of the STRICT flag, and simply reorder 'classic' behavior first and this new parser second to simplify the diff. Because of the whitespace change (which I had wished to dodge), reading this --ignore-all-space is a whole lot easier. Particularly against 2.4.x branch, which is now identical in the 'classic' logic flow. Both of which I'll share with dev@ Submitted by: wrowe Backport: r1754556 Friendly catch by Rüdiger, restore line mis-removed by the previous commit Submitted by: rpluem Backport: r1754568 Clean up doubled-'{' Correct usage for ap_scan_http_token (had used _get_ syntax) Correct logic, detect no 'token' chars, or missing ':' Submitted by: wrowe, rpluem Backport: r1754569,r1754570,r1754577 Replacement solution to identify VCHAR/ASCII symbols, even in EBCDIC. Looking for someone with an EBCDIC environment to post the output of the test_char.h generated file for verification. Submitted by: wrowe Backport: r1754579 Clean up an edge case where obs-fold continuation preceeds the first header, as with r1755098, but this time ensure the previous header processing logic ensures there was a previous header as identified by jchampion. This patch restructures the loop for legibility with a loop continuation, allowing us to flatten all of this hard-to-follow code. The subsequent patch will be a whitespace-only change for formatting. Testing len > 0 is redundant when *field is a "\0" and mismatches here, folded flag was a no-op, unused once we added continue; logic. Fix these as initially attempted in r1755114. Improve comments and reflow whitespace. Submitted by: wrowe Backport: r1755123,r1755124,r1755125,r1755126 As promised, reduce this logic by net 9 code lines, shifting the burden of killing trailing whitespace to the purpose-agnostic read logic. Whitespace before or after an obs-fold, and before or after a field value have no semantic purpose at all. Because we are building a buffer for all folded values, reducing the size of the newly allocated buffer is always to our advantage. Submitted by: wrowe Backport: r1755233 Treat empty obs-fold line as a noop, eliminate all intra-obs-fold excess whitespace, and observe the 1 SP per obs-folding per spec. Submitted by: wrowe Backport: r1755234,r1755235,r1755236 Treat empty obs-fold line as abusive traffic. Submitted by: wrowe Backport: r1755263 Stop reflecting irrelevant data to the request error notes, particularly for abusive and malformed traffic the non-technical consumer of a user-agent has no control over. Simply take note where the administrator-configured limits have been exceeded, that administrator can find details in the error log if desired. Submitted by: wrowe Backport: r1755264 Follow up to r1755264. Don't crash when ap_rgetline() returns a NULL field on ENOSPC. Submitted by: ylavic Backport: r1755343 Follow on to r1755264, for the case of merged header length exceptions, and ensure the field header name is truncated to a sane log width. Submitted by: wrowe Backport: r1755744 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1769649 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 12, 2016
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1769454 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 09, 2016
-
-
William A. Rowe Jr authored
Submitted by: covener be less weird in comment git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768978 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Submitted by: covener elaborate on a misleading comment git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768977 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
core: Follow up to r1664205 (previously backported) Don't let invalid r->proto_num/protocol out of read_request_line() reach the output filters (when responding with 400 Bad Request). Suggested by: rpluem Backports: r1664576 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768971 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Submitted by: jailletc36 Simplify code. Cases where 'loc' doesn't have any ':' or is starting with ':' are already handled by 'ap_is_url()' Calling 'apr_isascii()' seems useless. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768969 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Submitted by: jailletc36 Fix missing space in message of protocol.c (other r1546860 changes ignored) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768968 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 04, 2016
-
-
William A. Rowe Jr authored
for better input filtering behavior during chunked trailer processing by ap_http_filter(). Backports: r1446421 Submitted by: joes git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768093 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Ensure that is_v6literal is always initialized Backports: r1428145, r1436457 Submitted by: fuankg, rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768090 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
This is a first stab, the checks will likely have to be revised. For now, we check * if the request line contains control characters * if the request uri has fragment or username/password * that the request method is standard or registered with RegisterHttpMethod * that the request protocol is of the form HTTP/[1-9]+.[0-9]+, or missing for 0.9 * if there is garbage in the request line after the protocol * if any request header contains control characters * if any request header has an empty name * for the host name in the URL or Host header: - if an IPv4 dotted decimal address: Reject octal or hex values, require exactly four parts - if a DNS host name: Reject non-alphanumeric characters besides '.' and '-'. As a side effect, this rejects multiple Host headers. * if any response header contains control characters * if any response header has an empty name * that the Location response header (if present) has a valid scheme and is absolute If we have a host name both from the URL and the Host header, we replace the Host header with the value from the URL to enforce RFC conformance. There is a log-only mode, but the loglevels of the logged messages need some thought/work. Currently, the checks for incoming data log for 'core' and the checks for outgoing data log for 'http'. Maybe we need a way to configure the loglevels separately from the core/http loglevels. change protocol number parsing in strict mode according to HTTPbis draft - only accept single digit version components - don't accept white-space after protocol specification Clean up comment, fix log tags. Submitted by: sf Backports: r1426877, r1426879, r1426988, r1426992 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768036 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
in the request line. - Fix handling of brackets [ ] surrounding the IPv6 address. - Skip parsing r->hostname again if not necessary. - Do some checks that the IPv6 address is sane. This is not done by apr_parse_addr_port(). log client error at level debug, log broken Host header value Backports: r1407006, r1426827 Submitted by: sf git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768035 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 03, 2016
-
-
William A. Rowe Jr authored
directive. Backports: r1407599 Submitted by: sf git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1767942 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
with min=0.9|1.0 syntax. A tighter restriction off the version in the request line is still possible with <If "%{SERVER_PROTOCOL_NUM} ..."> . Submitted by: sf Backports: r1406719, r1407643, r1425366 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1767941 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1767912 13f79535-47bb-0310-9956-ffa450edef68
-
Luis Gil authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767869 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Eissing authored
mod_http2: fix for beam double cleanup crashes introduced in 1.7.7 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767805 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 02, 2016
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767655 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
re-propose PR58292 with the revision that was sitting in trunk. e--This line, and those below, will be ignored-- M STATUS git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767651 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767650 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767649 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767648 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
cleanup next git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767647 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 01, 2016
-
-
Stefan Eissing authored
mod_http2/mod_proxy_http2 improvments as in CHANGES git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767563 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_remoteip: Use r->useragent_addr as the root trusted address for verifying. This fixes issue resulting in setting of bad useragent_ip when internal redirection has been generated as response to the request (typically as result of "ErrorDocument 40x"). In this case, the original request has been handled by mod_remoteip and its useragent_ip has been changed properly, but when internal redirection to ErrorDocument has been generated later, the mod_remoteip's handler has been executed again with *the same* c->client_addr as in the original request. If c->client_addr IP is trusted, this results in bad useragent_ip being set. When using r->useragent_addr as the root trusted address instead of c->client_addr, the internal redirection uses the first non-trusted IP in this particular case, so it won't change the r->useragent_ip during the internal redirection to ErrorDocument. Submitted by: jkaluza Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767483 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767482 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767481 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1767480 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 28, 2016
-
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766909 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 27, 2016
-
-
Yann Ylavic authored
Add mod_proxy_hcheck to the Netware build system. Contributed by NormW. Submitted by: rjung git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766906 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
Proposed by Norm. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766905 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Eissing authored
mod_http2: v1.7.7, connection shutdown revisited, AP_DEBUG_ASSERT transformed to real asserts git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766856 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 26, 2016
-
-
Jim Jagielski authored
mod_dav: Fix a potential cause of unbounded memory usage or incorrect behavior in a routine that sends <DAV:response>'s to the output filters. The dav_send_one_response() function accepts the current head of the output filter list as an argument, but the actual head can change between calls to ap_pass_brigade(). This can happen with self-removing filters, e.g., with the filter from mod_headers or mod_deflate. Consequently, executing an already removed filter can either cause unwanted memory usage or incorrect behavior. This patch changes the signature of the existing mod_dav's public API, dav_send_one_response(), because this API is not yet a part of any 2.4.x release. * modules/dav/main/mod_dav.c (dav_send_one_response): Accept a request_rec instead of an ap_filter_t. Write the response to r->output_filters. (dav_send_multistatus, dav_stream_response): Update these calling sites of dav_send_one_response(). * modules/dav/main/mod_dav.h (dav_send_one_response): Adjust definition. Submitted by: kotkov Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766683 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 24, 2016
-
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766447 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766446 13f79535-47bb-0310-9956-ffa450edef68
-
Yann Ylavic authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766381 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Eissing authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766373 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Eissing authored
mod_proxy_{http,ajp,fcgi}: don't reuse backend connections with data available before the request is sent. PR 57832. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766372 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Eissing authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1766369 13f79535-47bb-0310-9956-ffa450edef68
-