Skip to content
  1. Sep 30, 2005
  2. Sep 29, 2005
  3. Sep 25, 2005
  4. Sep 23, 2005
  5. Sep 21, 2005
  6. Sep 20, 2005
  7. Sep 19, 2005
  8. Sep 18, 2005
  9. Sep 12, 2005
  10. Sep 11, 2005
  11. Sep 10, 2005
  12. Sep 09, 2005
  13. Sep 01, 2005
  14. Aug 31, 2005
  15. Aug 30, 2005
    • Colm MacCarthaigh's avatar
      · f68f2b8a
      Colm MacCarthaigh authored
      Make my PR references consistent with everyone elses.
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264881 13f79535-47bb-0310-9956-ffa450edef68
      f68f2b8a
    • Justin Erenkrantz's avatar
      mod_cgid: Refuse to work on Solaris 10 due to OS bugs. · 5aee5df8
      Justin Erenkrantz authored
      PR: 34264
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264866 13f79535-47bb-0310-9956-ffa450edef68
      5aee5df8
    • Joe Orton's avatar
      Fix CVE CAN-2005-2700: · a344c639
      Joe Orton authored
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
      renegotiation is performed for a transition from "SSLVerifyClient
      optional" to "SSLVerifyClient require".
      
      The boolean "verify_old & SSL_VERIFY_PEER_STRICT" is true if the old
      context merely has optional verification configured, since the
      definition of SSL_VERIFY_PEER_STRICT is
      (SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_PEER).
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264800 13f79535-47bb-0310-9956-ffa450edef68
      a344c639
    • Colm MacCarthaigh's avatar
      · 390c36d0
      Colm MacCarthaigh authored
      Fix PR36410; Change how the get_suexec_identity hook is handled by CGID.
      Instead of using mod_userdir and mod_suexec specific hacks, we now run the hook
      on the httpd side of the handler. 
      
      If this is NULL, we pass on a magic empty_ugid constant, otherwise pass on the
      real ugid.
      
      On the cgid side of the equation, we add our own hook, with REALLY_FIRST, and
      then order the hooks. This ensures that cgid's doer runs before any other
      registered get_suexec_identity doers.
      
      We use cgid's request config to store the ugid. If ugid == empty_ugid, we DON'T
      call ap_os_create_privileged_process, because our doer would return the magic
      empty_ugid constant. Having the doer return NULL is no good, because then
      userdir and mod_suexec's doers would be called. Instead, we call plain old
      apr_proc_create(). 
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264759 13f79535-47bb-0310-9956-ffa450edef68
      390c36d0
  16. Aug 29, 2005
  17. Aug 28, 2005
  18. Aug 27, 2005
  19. Aug 26, 2005
    • Colm MacCarthaigh's avatar
      · c69524da
      Colm MacCarthaigh authored
      Implement a "graceful-stop" for the prefork MPM (might aswell do the hard one
      first). 
      
      General approach is to send SIGUSR1 to all children (which will de-listen, and
      exit when finished), and to gather all children as they exit. 
      
      We don't use a sleep(timeout) for the timeout implementation, because this
      would lead to a rut of defunct children until the timeout had expired.
      
      set_graceful_shutdown stolen from Ken Coar. See <3E84B1EC.3050007@Golux.Com>
      (28 Mar 2003).
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@240270 13f79535-47bb-0310-9956-ffa450edef68
      c69524da
  20. Aug 25, 2005
  21. Aug 24, 2005
  22. Aug 23, 2005
  23. Aug 20, 2005