Commits · 8f4f82fafe25f9d950d378194fadbe68804f8646 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Jun 01, 2017

propose ap_get-basic_auth_pw deprecation · 8f4f82fa

Eric Covener authored Jun 01, 2017



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1797210 13f79535-47bb-0310-9956-ffa450edef68

8f4f82fa

May 31, 2017

Vote. · 92c1c389

Yann Ylavic authored May 31, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1797055 13f79535-47bb-0310-9956-ffa450edef68

92c1c389

· 7848cbe5

Eric Covener authored May 31, 2017

found my system problem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1797039 13f79535-47bb-0310-9956-ffa450edef68

7848cbe5

add proposal · 4d542954

Eric Covener authored May 31, 2017



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1797037 13f79535-47bb-0310-9956-ffa450edef68

4d542954

Vote, promote. · 247fd508

Yann Ylavic authored May 31, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1796985 13f79535-47bb-0310-9956-ffa450edef68

247fd508

Concur · 12b86f39

William A. Rowe Jr authored May 31, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1796964 13f79535-47bb-0310-9956-ffa450edef68

12b86f39

May 30, 2017

Propose. · 5f3bd9e6

Jacob Champion authored May 30, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1796941 13f79535-47bb-0310-9956-ffa450edef68

5f3bd9e6

May 16, 2017

Remove 3DES by default for users of older crypto librarys; the cipher · 50af83b2

William A. Rowe Jr authored May 16, 2017

has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)

This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1795360 13f79535-47bb-0310-9956-ffa450edef68

50af83b2

May 06, 2017

update transformation · aa4587ed

André Malo authored May 06, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1794165 13f79535-47bb-0310-9956-ffa450edef68

aa4587ed

Feb 17, 2017

* server/core.c (merge_core_server_configs): Fix merging of · b4b864b0

Joe Orton authored Feb 17, 2017

HttpProtocolOptions from global to vhost context.

Reviewed by: jorton, wrowe, covener

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1783440 13f79535-47bb-0310-9956-ffa450edef68

b4b864b0

Feb 07, 2017

note 2.2.32 release in STATUS · 0682a1ec

Eric Covener authored Feb 07, 2017



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1781967 13f79535-47bb-0310-9956-ffa450edef68

0682a1ec

Jan 21, 2017

XML update. · 427e37b9

Lucien Gentis authored Jan 21, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1779733 13f79535-47bb-0310-9956-ffa450edef68

427e37b9

Jan 19, 2017

As per http://httpd.apache.org/docs/2.4/programs/httpd.html#comment_6187 · 67bbb4a9

Rich Bowen authored Jan 19, 2017

the -R option has been gone for ages.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1779471 13f79535-47bb-0310-9956-ffa450edef68

67bbb4a9

Jan 15, 2017

Rebuild. · a77b0c53

Lucien Gentis authored Jan 15, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778914 13f79535-47bb-0310-9956-ffa450edef68

a77b0c53

XML update. · 1060f9c3

Lucien Gentis authored Jan 15, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778913 13f79535-47bb-0310-9956-ffa450edef68

1060f9c3

Jan 14, 2017

Rebuild. · 07a67b06

Lucien Gentis authored Jan 14, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778811 13f79535-47bb-0310-9956-ffa450edef68

07a67b06

XML update. · 0fe9d388

Lucien Gentis authored Jan 14, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778810 13f79535-47bb-0310-9956-ffa450edef68

0fe9d388

Jan 09, 2017

And we are at 2.2.33-dev · 8e9c0867

William A. Rowe Jr authored Jan 09, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778014 13f79535-47bb-0310-9956-ffa450edef68

8e9c0867

Prepare to tag 2.2.32 · 5ce0d607

William A. Rowe Jr authored Jan 09, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778011 13f79535-47bb-0310-9956-ffa450edef68

5ce0d607

Add warning, as suggested on dev@; rinse and repeat for Announcement · 58629893
William A. Rowe Jr authored Jan 09, 2017
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778010 13f79535-47bb-0310-9956-ffa450edef68
```
58629893

** NOTE: the vendor states "This mitigation has been assigned the identifier · 4b635482

William A. Rowe Jr authored Jan 09, 2017

CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability. **



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778007 13f79535-47bb-0310-9956-ffa450edef68

4b635482

update transformation · 0771150a

André Malo authored Jan 09, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778005 13f79535-47bb-0310-9956-ffa450edef68

0771150a

Regenerated all docs for release · ceb842dc

William A. Rowe Jr authored Jan 09, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1778000 13f79535-47bb-0310-9956-ffa450edef68

ceb842dc

http: allow folding in check_headers(), still compliant with RFC 7230 (3.2.4). · 19887a59

William A. Rowe Jr authored Jan 09, 2017

Backports: r1777460, r1777672
Submitted by: ylavic
Reviewed by: ylavic, covener, wrowe


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777999 13f79535-47bb-0310-9956-ffa450edef68

19887a59

Reviewed and approved, because 2.2.x is not likely to have another bugfix · 1371b2a9

William A. Rowe Jr authored Jan 09, 2017

release beyond security fixes.

For the same reason, demote months-old proposal to stalled, as this is not
likely to gain another reviewer.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777998 13f79535-47bb-0310-9956-ffa450edef68

1371b2a9

Jan 08, 2017

Rebuild. · f420351d

Lucien Gentis authored Jan 08, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777895 13f79535-47bb-0310-9956-ffa450edef68

f420351d

XML updates. · 292863d8

Lucien Gentis authored Jan 08, 2017


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777894 13f79535-47bb-0310-9956-ffa450edef68

292863d8

Jan 07, 2017

Comment. · 47330504

Yann Ylavic authored Jan 07, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777782 13f79535-47bb-0310-9956-ffa450edef68

47330504

Backported. · 4149bdbc

Yann Ylavic authored Jan 07, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777780 13f79535-47bb-0310-9956-ffa450edef68

4149bdbc

Merge r1634120 from trunk: · d632cc65

Yann Ylavic authored Jan 07, 2017

* Use the correct server name for SNI in case the backend SSL connection itself
  is established via a proxy server.

PR: 57139
Submitted by: Szabolcs Gyurko <szabolcs gyurko.org>

Committed by: rpluem
Backported by: ylavic
Reviewed by: ylavic, wrowe, covener, orlikowski


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777779 13f79535-47bb-0310-9956-ffa450edef68

d632cc65

Merge r1729826, r1729847, r1732986, r1733056 from trunk: · 7156a844

Yann Ylavic authored Jan 07, 2017

mod_proxy: Play/restore the TLS-SNI on new backend connections which
had to be issued because the remote closed the previous/reusable one
during idle (keep-alive) time.

mod_proxy: follow up to r1729826: really copy conn->ssl_hostname.

mod_proxy: follow up to r1729826 + r1729847.
Adjust stacked ssl_hostname maximum size.

mod_proxy: follow up to r1729826 + r1729847 + r1732986.
Don't use magic constants.

Submitted by: ylavic
Reviewed by: ylavic, wrowe, covener, orlikowski


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777778 13f79535-47bb-0310-9956-ffa450edef68

7156a844

Merge r1753592 from trunk: · 632f3122

Yann Ylavic authored Jan 07, 2017

* Do not overwrite r->status with access_status if access_status is OK or DONE
  as in this case r->status might contain the true response code.

PR: 59869

Submitted by: rpluem
Reviewed/backported by: ylavic, wrowe, covener, orlikowski


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777775 13f79535-47bb-0310-9956-ffa450edef68

632f3122

dev@ votes noted · 2277a085

William A. Rowe Jr authored Jan 07, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777751 13f79535-47bb-0310-9956-ffa450edef68

2277a085

vote/promote · 7cb8d07d

Eric Covener authored Jan 07, 2017



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777746 13f79535-47bb-0310-9956-ffa450edef68

7cb8d07d

Required to build on Windows and NetWare, plus the actual fix... · 00a9177b

Yann Ylavic authored Jan 07, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777740 13f79535-47bb-0310-9956-ffa450edef68

00a9177b

Jan 06, 2017

Update. · 8b0f7876

Yann Ylavic authored Jan 06, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777734 13f79535-47bb-0310-9956-ffa450edef68

8b0f7876

minor issue with folding patch · cbd14124

Eric Covener authored Jan 06, 2017



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777701 13f79535-47bb-0310-9956-ffa450edef68

cbd14124

Update, per dev@ review. · e573e5be

Yann Ylavic authored Jan 06, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777682 13f79535-47bb-0310-9956-ffa450edef68

e573e5be

Jan 05, 2017

Clarify why a backport patch is needed. · a0c20721

Yann Ylavic authored Jan 05, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777523 13f79535-47bb-0310-9956-ffa450edef68

a0c20721

Propose, just in case... · 4dd0022d

Yann Ylavic authored Jan 05, 2017

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777521 13f79535-47bb-0310-9956-ffa450edef68

4dd0022d