- Nov 19, 2013
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1543475 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 17, 2013
-
-
Graham Leggett authored
trunk patch: https://svn.apache.org/viewvc?view=revision&revision=1540161 https://svn.apache.org/viewvc?view=revision&revision=1540163 https://svn.apache.org/viewvc?view=revision&revision=1540178 https://svn.apache.org/viewvc?view=revision&revision=1540179 https://svn.apache.org/viewvc?view=revision&revision=1540220 http://svn.apache.org/viewvc?view=revision&revision=r1542413 2.4.x patch: http://people.apache.org/~jim/patches/slotmem-error2.patch Submitted by: jim Reviewed by: jorton, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542803 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 16, 2013
-
-
Graham Leggett authored
trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1451706 http://svn.apache.org/viewvc?view=revision&revision=1517365 http://svn.apache.org/viewvc?view=revision&revision=1529442 2.4.x patch: http://people.apache.org/~jim/patches/httpd-2.4-event-v3.patch Submitted by: jim Reviewed by: rjung, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542560 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
and align w/ trunk. trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1409214 http://svn.apache.org/viewvc?view=revision&revision=1410004 2.4.x patch: http://people.apache.org/~jim/patches/httpd-2.4-podx-v2.patch Submitted by: jim Reviewed by: rjung, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542557 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
trunk patch: https://svn.apache.org/r1542338 Submitted by: Mike Rumph <mike.rumph oracle.com> Reviewed by: trawick, covener, sf git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542549 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 15, 2013
-
-
Jim Jagielski authored
Switch from private FastCGI protocol handling to util_fcgi API. Use apr_socket_timeout_get instead of hard-coded 30 seconds timeout. Bring some envvar flexibility from mod_authnz_fcgi to mod_proxy_fcgi: mod_proxy_fcgi: Remove 64K limit on encoded length of all envvars. An individual envvar with an encoded length of more than 16K will be omitted. Borrow a fix from mod_authnz_fcgi: mod_proxy_fcgi: Handle reading protocol data that is split between packets. Use ap_log_rdata() to dump the FastCGI header, axing a bunch of custom data dumping code. Submitted by: trawick, jkaluza, trawick, trawick, trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542330 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Streamline ephemeral key handling: - drop support for ephemeral RSA keys (only allowed/needed for export ciphers) - drop pTmpKeys from the per-process SSLModConfigRec, and remove the temp key generation at startup (unnecessary for DHE/ECDHE) - unconditionally disable null and export-grade ciphers by always prepending "!aNULL:!eNULL:!EXP:" to any cipher suite string - do not configure per-connection SSL_tmp_*_callbacks, as it is sufficient to set them for the SSL_CTX - set default curve for ECDHE at startup, obviating the need for a per-handshake callback, for the time being (and also configure SSL_OP_SINGLE_ECDH_USE, previously left out) For additional background, see https://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%3C52358ED1.2070704@velox.ch%3E Follow-up fixes for r1526168: - drop SSL_TMP_KEY_* constants from ssl_private.h, too - make sure we also disable aNULL, eNULL and EXP ciphers for per-directory SSLCipherSuite directives - apply the same treatment to SSLProxyCipherSuite Increase minimum required OpenSSL version to 0.9.8a (in preparation for the next mod_ssl commit, which will rely on the get_rfcX_prime_Y functions added in that release): - remove obsolete #defines / macros - in ssl_private.h, regroup definitions based on whether they depend on TLS extension support or not - for ECC and SRP support, set HAVE_X and change the rather awkward #ifndef OPENSSL_NO_X lines accordingly For the discussion prior to taking this step, see https://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%3C524275C7.9060408%40velox.ch%3E Improve ephemeral key handling (companion to r1526168): - allow to configure custom DHE or ECDHE parameters via the SSLCertificateFile directive, and adapt its documentation accordingly (addresses PR 49559) - add standardized DH parameters from RFCs 2409 and 3526, use them based on the length of the certificate's RSA/DSA key, and add a FAQ entry for clients which limit DH support to 1024 bits (such as Java 7 and earlier) - move ssl_dh_GetParamFromFile() from ssl_engine_dh.c to ssl_util_ssl.c, and add ssl_ec_GetParamFromFile() - drop ssl_engine_dh.c from mod_ssl For the standardized DH parameters, OpenSSL version 0.9.8a or later is required, which was therefore made a new minimum requirement in r1527294. PR 55616 (add missing APLOGNO), part 2 Submitted by: kbrand Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542327 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 14, 2013
-
-
Jeff Trawick authored
Add experimental cmake-based build system for Windows. (Support for both trunk and 2.4.x has been removed for this first commit to the 2.4.x branch.) Thanks tdonovan for sharing your earlier version! A lot of good stuff is from Tom; a lot of bad stuff is from me. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541921 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 13, 2013
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541519 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541516 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541494 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541373 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541372 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 09, 2013
-
-
Jim Jagielski authored
substitution string when using Header edit trunk patch: http://people.apache.org/~druggeri/patches/HeaderEditENV.trunk.patch 2.4.x patch: http://people.apache.org/~druggeri/patches/HeaderEditENV.2.4.patch +1: druggeri, covener, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1540313 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Support optional initialization arguments for socache providers in mod_authn_socache. Submitted by: chrisd Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1540312 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 28, 2013
-
-
Jim Jagielski authored
mod_session: Reset the max-age on session save. PR 47476. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1536321 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_session: After parsing the value of the header specified by the SessionHeader directive, remove the value from the response. PR 55279. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1536320 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 18, 2013
-
-
Jim Jagielski authored
Fix PR 55397: dav_resource->uri treated as an unparsed uri. The change made for PR 54611 caused this field to be treated as unescaped. mod_dav_svn however, provided escaped URIs. Essentially breaking support for paths with non-URI safe characters in SVN. Adjust the code so that dav_resource->uri is assumed to be escaped and adjust mod_dav_fs so that it uses escaped URIs in this field. * modules/dav/fs/repos.c (dav_fs_get_resource): Use the unparsed_uri to contruct the resource uri. * modules/dav/main/mod_dav.c (dav_xml_escape_uri): Do not uri escape, just handle xml escaping. (dav_created): Assume that locn if provided is escaped. (dav_method_copymove, dav_method_bind): Use the unparsed_uri on the request when calling dav_created() to adjust to locn assuming it is escaped. * modules/dav/main/mod_dav.h (dav_resource): Document that uri is escaped. Followup to r1529559: mod_dav_fs: Fix encoding of hrefs in PROPFIND response. Previous commit missed encoding the names of the children of the PROPFIND request when the depth wasn't 0. * modules/dav/fs/repos.c (dav_fs_append_uri): New function (dav_fs_walker): Use dav_fs_append_uri() and adjust length calculations to use the encoded length. Submitted by: breser Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1533448 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_dav: Fix PR 55306. Makes mod_dav no longer require that the lock token be provided when the source of a COPY is locked. The prior behavior was in violating of RFC 4918 which says that the lock token is only required on resources that may be modified by the method. * modules/dav/main/mod_dav.h (DAV_VALIDATE_NO_MODIFY): New flag to be passed to dav_validate_* functions. * modules/dav/main/mod_dav.c (dav_method_copymove): Use the new flag when calling dav_validate_request() on the COPY source. * modules/dav/main/util.c (dav_validate_resource_state): Use the flag to decide to ignore if the lock token is not provided. Submitted by: breser Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1533447 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 14, 2013
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1531914 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 10, 2013
-
-
Jim Jagielski authored
WinNT MPM: Exit the child if the parent process crashes or is terminated. Submitted by: Oracle, via trawick The original modification was made some years ago for Oracle HTTP Server by an Oracle employee. trawick made additional changes for style and for trunk/2.4.x changes. Follow up to r1526666: Use SYNCHRONIZE instead of PROCESS_ALL_ACCESS because a. it is sufficient b. it avoids an issue where PROCESS_ALL_ACCESS is larger on newer SDKs, resulting in a run-time error when running on older Windows Close the handle. Submitted by: Ivan Zhakov <ivan visualsvn.com> Submitted by: trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1531000 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
core: Don't truncate output when sending is interrupted by a signal, such as from an exiting CGI process. PR: 55643 Submitted by: trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530999 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 08, 2013
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530311 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
core: Add missing Reason-Phrase in HTTP response headers. PR 54946. Submitted by: rjung Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530281 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
core: Add missing Reason-Phrase in HTTP response headers. PR 54946. Submitted by: rjung Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530280 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 07, 2013
-
-
Eric Covener authored
*) mod_rewrite: Make rewrite websocket aware to allow proxying. PR 55598. [Chris Harris <chris.harris kitware com>] Submitted By: [Chris Harris <chris.harris kitware com> Reviewed By: jim, rjung, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530032 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 03, 2013
-
-
Rainer Jung authored
Proposed by: covener Reviewed by: jim, rjung Backport of r1528143 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528970 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
they occured. §rd patch of P45355. Proposed by: jailletc36 Reviewed by: jim, rjung Backport of r1488471 from turnk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528965 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
exiting gracefully. Submitted by: Oracle, via trawick This modification was made some years ago for Oracle HTTP Server by an Oracle employee. Proposed by: trawick Reviewed by: jim, rjung Backport of r1526220 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528962 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
PR54948 Proposed by: covener Reviewed by: jim, rjung Backport of r1485675 and r1525000 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528958 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
passwords from digest to basic authentication. Proposed by: chrisd Reviewed by: jim, rjung Backport of r1514064 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528957 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 02, 2013
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528438 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 01, 2013
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528058 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Add a new -l parameter in order not to check the length of the responses. This can be usefull with dynamic pages. PR9945, PR27888, PR42040 Submitted by: jailletc36 Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1528053 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 26, 2013
-
-
Jim Jagielski authored
follow up to r1513454: fill in missing log number Submitted by: trawick Reviewed/backported by: jim * util_fcgi API to 2.4.x (allows mod_proxy_fcgi to be kept in sync, along with other less important reasons) trunk: http://svn.apache.org/r1513454 and http://svn.apache.org/r1513492 2.4.x: copy server/util_fcgi.c and include/util_fcgi.h, then apply http://people.apache.org/~trawick/patch-after-copying-util_fcgi-splat.txt +1: trawick, jim, chrisd git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1526598 13f79535-47bb-0310-9956-ffa450edef68
-
Jeff Trawick authored
APLOG_STARTUP messages shouldn't have custom ErrorLogFormat applied. Reviewed by: jim, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1526442 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 17, 2013
-
-
Jim Jagielski authored
mod_auth_digest: Be more specific when the realm mismatches because the realm has not been specified. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1524172 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Add note to balancer manager whether changes will/will not survive a restart Submitted by: druggeri Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1524169 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_cache: Avoid a crash with strcmp() when the hostname is not provided. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1524167 13f79535-47bb-0310-9956-ffa450edef68
-
- Sep 14, 2013
-
-
Christophe Jaillet authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1523292 13f79535-47bb-0310-9956-ffa450edef68
-