- Apr 09, 2003
-
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99309 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99304 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
We may have to experimt a bit to get best results. This is a first attempt. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99303 13f79535-47bb-0310-9956-ffa450edef68
-
Chris Pepper authored
Note this change (as previously written, it implied that 1.3.5 had this vulnerability, which is not true). I'm not sure if "httpd 2.0" is the preferred name. - <p>Note that in versions previous to 2.0.46 no escaping has been performed + <p>Note that in httpd 2.0 versions prior to 2.0.46, no escaping was performed on the strings from <code>%...r</code>, <code>%...i</code> and <code>%...o</code>. This was mainly to comply with the requirements of the Common Log Format. This implied that clients could insert control characters into the log, so you had to be quite careful when dealing with raw log files.</p> - <p>For security reasons starting with 2.0.46 non-printable and + <p>For security reasons, starting with 2.0.46, non-printable and other special characters are escaped mostly by using <code>\x<var>hh</var></code> sequences, where <var>hh</var> stands for the hexadecimal representation of the raw byte. Exceptions from this rule are <code>"</code> and <code>\</code> which are escaped by prepending - a backslash, and all whitespace characters that are written in their - C-notation (<code>\n</code>, <code>\t</code> etc).</p> + a backslash, and all whitespace characters which are written in their + C-style notation (<code>\n</code>, <code>\t</code> etc).</p> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99302 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 07, 2003
-
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99298 13f79535-47bb-0310-9956-ffa450edef68
-
Yoshiki Hayashi authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99294 13f79535-47bb-0310-9956-ffa450edef68
-
Yoshiki Hayashi authored
Submitted by: Hiroaki KAWAI <hawk@bcl.t.u-tokyo.ac.jp> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99293 13f79535-47bb-0310-9956-ffa450edef68
-
Yoshiki Hayashi authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99292 13f79535-47bb-0310-9956-ffa450edef68
-
Yoshiki Hayashi authored
Submitted by: Hiroaki KAWAI <hawk@bcl.t.u-tokyo.ac.jp> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99291 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
I changed the references to the auth modules, so that they're matching the new model, but it probably needs a rewrite anyway. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99288 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 06, 2003
-
-
Andre Malo authored
Reviewed by: Astrid Ke�ler, Erik Abele git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99283 13f79535-47bb-0310-9956-ffa450edef68
-
Richard Bowen authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99282 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
complete successfully. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99280 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99279 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
MODSSL_INFO_CB_ARG_TYPE already includes 'SSL' in its type. Don't duplicate. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99278 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
additionally add reference revision number to de.xml git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99275 13f79535-47bb-0310-9956-ffa450edef68
-
Joshua Slive authored
RFC says. PR: 18443 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99271 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
- required some changes in DTD, CSS and style/lang/* files Reviewed by: Astrid Ke�ler, Erik Abele git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99270 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 05, 2003
-
-
William A. Rowe Jr authored
Solve SSL-C breakage introduced in mod_ssl.h rev 1.129 and ssl_engine_kernel.c rev 1.88. SSL* is not const under SSL-C. I've confirmed Jeff's comment that the original patch doesn't harm earlier OpenSSL versions which declared no arguments at all. I suspect now that we could fold #define MODSSL_BIO_CB_ARG_TYPE const char #define MODSSL_CRYPTO_CB_ARG_TYPE const char #define MODSSL_INFO_CB_ARG_TYPE const SSL* into a single MODSSL_CB_ARG_CONST define, but this works for now. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99263 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Noop MS DevStudio IDE change to include ssl_toolkit_compat.h in the list of project headers. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99261 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Note the recent SSL-C fixes. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99260 13f79535-47bb-0310-9956-ffa450edef68
-
Justin Erenkrantz authored
as a third parameter rather than manually computing it ourselves. Add the ' prefix'd --enable-layout so that this can work with an autoconf-2.54+ generated configure. (Previously, the option would not be dropped with 2.54 or 2.57 since it unconditionally adds single-quotes which our case statement would not catch.) Try to shorten long invocations of APR_SUBDIR_CONFIG where possible. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99257 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
- Moved mime.types back to the default location. - Added mod_ldap and friends, mod_cache and friends. - Added openldap dependancy. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99256 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Have some consistency! Fixes logic I introduced in 1.37. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99253 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
Reapply the fix *intended* by rev 1.79 in a safer manner. Prior to all assignments and the final SSL_free(), free ssl_conn->client_cert to avoid leaks of this refcounted X509*. Prereleasing refcounted objects is unsafe programming; fix applied to both branches. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99252 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
EVP_PKEY_free() is refcounted on OpenSSL, but NOT under RSA SSL-C. Eliminate a number of test failures by conditionally reverting rev 1.79 pubkey handling in ssl_engine_kernel.c, except under OpenSSL. Also revert a rev 1.79 bogisity for all toolkits; it's entirely bogus to release a refcount after setting aside the results in a persistant structure, in this case sslconn->client_cert from SSL_get_peer_certificate() mustn't be freed while sslconn is still in play. The proper patch (not written yet) is to invoke the X509_free(sslconn->client_cert) when we cleanup the sslconn structure. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99250 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99248 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
A cosmetic change to 1.79 - a real X509 *cert is in play, don't use that same variable to retrieve/release the quick lookup and discard of the peercert. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99244 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
- add references from the subdocuments to the index file (<parentdocument>) - fix German sitemap reference revision # to be up-to-date git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99243 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
It may be confusing for people new to apache development. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99241 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99238 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99235 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99232 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99227 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99224 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99221 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99218 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 04, 2003
-
-
Andre Malo authored
add a status header. PR: 18332 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99216 13f79535-47bb-0310-9956-ffa450edef68
-
Andre Malo authored
(and update transformation) PR: 18623 Reviewed by: Joshua Slive git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99214 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
from the apache install directory) further changes are needed to automatically pick up apr and apr-util include directories; for now, "-Wc,-I/path" needs to be added to the apxs -c invocation to work around that problem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99213 13f79535-47bb-0310-9956-ffa450edef68
-