Commits · 935bb7f7ddc1d2fc9b930431a0baee7266f91696 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Feb 16, 2010

Graham Leggett authored Feb 16, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910737 13f79535-47bb-0310-9956-ffa450edef68

935bb7f7

Propose. · b192c379

Graham Leggett authored Feb 16, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910708 13f79535-47bb-0310-9956-ffa450edef68

b192c379

Update transformations. · 3192c1a6

Rainer Jung authored Feb 16, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910449 13f79535-47bb-0310-9956-ffa450edef68

3192c1a6

Feb 15, 2010

· 10818feb

Jim Jagielski authored Feb 15, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910322 13f79535-47bb-0310-9956-ffa450edef68

10818feb

*) worker: Don't report server has reached MaxClients until it has. · d03c932b

Jim Jagielski authored Feb 15, 2010

Add message when server gets within MinSpareThreads of MaxClients.
PR 46996. [Dan Poirier]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910320 13f79535-47bb-0310-9956-ffa450edef68

d03c932b

* mod_ssl: Improve environment variable extraction to be more · a43f2054

Jim Jagielski authored Feb 15, 2010

    efficient and to correctly handle DNs with duplicate tags.
       PR 45975.
          Trunk Patch: http://svn.apache.org/viewvc?view=rev&revision=724717
                          http://svn.apache.org/viewvc?view=rev&revision=813165
                                          http://svn.apache.org/viewvc?view=rev&revision=820401
                                             2.2.x Patch: http://people.apache.org/~minfrin/ssl-env2.diff
                                                +1: minfrin, fuankg, jim




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910319 13f79535-47bb-0310-9956-ffa450edef68

a43f2054

upgrade · 95e14722

Jim Jagielski authored Feb 15, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910259 13f79535-47bb-0310-9956-ffa450edef68

95e14722

cast votes · bdcd3184

Jim Jagielski authored Feb 15, 2010



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910258 13f79535-47bb-0310-9956-ffa450edef68

bdcd3184

Update backport proposal: add later bg fixes. · 6821c98c

Rainer Jung authored Feb 15, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910138 13f79535-47bb-0310-9956-ffa450edef68

6821c98c

Feb 14, 2010
- AuthLDAPBindAuthoritative backport developed conflicts, resolve and supply patches · 80bef23a
  Eric Covener authored Feb 14, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@910063 13f79535-47bb-0310-9956-ffa450edef68
```
  80bef23a
Feb 13, 2010

Propose. · 6dad3259

Graham Leggett authored Feb 13, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@909901 13f79535-47bb-0310-9956-ffa450edef68

6dad3259

Comment, vote. · 3227b441

Graham Leggett authored Feb 13, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@909892 13f79535-47bb-0310-9956-ffa450edef68

3227b441

Propose. · bbf68001

Graham Leggett authored Feb 13, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@909879 13f79535-47bb-0310-9956-ffa450edef68

bbf68001

Feb 12, 2010

Add proposal. · cfe71624

Rainer Jung authored Feb 12, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@909377 13f79535-47bb-0310-9956-ffa450edef68

cfe71624

Feb 04, 2010

Propose backport: fix Maxclients warning · a70fa1d1

Daniel Earl Poirier authored Feb 04, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@906563 13f79535-47bb-0310-9956-ffa450edef68

a70fa1d1

Feb 01, 2010

Propose. · a1d661f2

Graham Leggett authored Feb 01, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@905421 13f79535-47bb-0310-9956-ffa450edef68

a1d661f2

Propose. · 56afc4e8

Graham Leggett authored Feb 01, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@905414 13f79535-47bb-0310-9956-ffa450edef68

56afc4e8

Jan 27, 2010

Provide pointer to discussion thread · 5cac3b61

William A. Rowe Jr authored Jan 27, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@903785 13f79535-47bb-0310-9956-ffa450edef68

5cac3b61

Backport r902641: change log level of ldap authn failure message. · d1d26e32

Nick Kew authored Jan 27, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@903518 13f79535-47bb-0310-9956-ffa450edef68

d1d26e32

Backport (trivial) r897570 · b22796f8

Nick Kew authored Jan 27, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@903517 13f79535-47bb-0310-9956-ffa450edef68

b22796f8

Veto, promote · 2be0f2e3

Nick Kew authored Jan 27, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@903514 13f79535-47bb-0310-9956-ffa450edef68

2be0f2e3

Now that we have a resolution working on www.a.o, time to backport · 5ab516aa
William A. Rowe Jr authored Jan 27, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@903513 13f79535-47bb-0310-9956-ffa450edef68
```
5ab516aa

Jan 25, 2010

Update backport proposal to current trunk version · 652beb79

Stefan Fritsch authored Jan 25, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@902997 13f79535-47bb-0310-9956-ffa450edef68

652beb79

Jan 24, 2010

Query backport proposal; looks like a conditional +1 · 08e9b628

Nick Kew authored Jan 24, 2010

Oops, clashed with fuankg vote.  This is not an objection, just a query.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@902669 13f79535-47bb-0310-9956-ffa450edef68

08e9b628

vote. · 5fd31462

Guenter Knauf authored Jan 24, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@902668 13f79535-47bb-0310-9956-ffa450edef68

5fd31462

vote · c4b0a835

Stefan Fritsch authored Jan 24, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@902647 13f79535-47bb-0310-9956-ffa450edef68

c4b0a835

propose an LDAP one-liner to reduce log severity · 8e907f49

Eric Covener authored Jan 24, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@902645 13f79535-47bb-0310-9956-ffa450edef68

8e907f49

fix my r896956 which made LDAP_OPT_NETWORK_TIMEOUT seem more powerful due to · 11d70ed1

Eric Covener authored Jan 24, 2010

my misunderstanding.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@902643 13f79535-47bb-0310-9956-ffa450edef68

11d70ed1

Jan 15, 2010

update transformation · e9538c8d

Nilgun Belma Buguner authored Jan 15, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@899841 13f79535-47bb-0310-9956-ffa450edef68

e9538c8d

update for sync with English docs. · bb27ab9b

Nilgun Belma Buguner authored Jan 15, 2010

Translated by: Nilgün Belma Bugüner <nilgun belgeler.org>
Reviewed by: Orhan Berent <berent belgeler.org>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@899840 13f79535-47bb-0310-9956-ffa450edef68

bb27ab9b

Jan 14, 2010

Clarify references to arguments in the Header directive documentation. · 00d2bce9

Daniel Earl Poirier authored Jan 14, 2010

(The first argument is optional, so referring to any argument by
absolute position is ambiguous).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@899257 13f79535-47bb-0310-9956-ffa450edef68

00d2bce9

Jan 10, 2010

vote · e1f76ec1

Stefan Fritsch authored Jan 10, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@897593 13f79535-47bb-0310-9956-ffa450edef68

e1f76ec1

Jan 09, 2010

Propose backport - cleanup of duplication · de208040

Nick Kew authored Jan 09, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@897574 13f79535-47bb-0310-9956-ffa450edef68

de208040

Backport r807015 · 2fe10851

Nick Kew authored Jan 09, 2010

PR 35999 - preserve port over internal redirection
Patch by Jonas Ringh
Reviewed niq, covener, sf


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@897568 13f79535-47bb-0310-9956-ffa450edef68

2fe10851

vote and promote · 1933988f

Stefan Fritsch authored Jan 09, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@897549 13f79535-47bb-0310-9956-ffa450edef68

1933988f

Propose mod_reqtimeout for backport · 7b3eab9a

Stefan Fritsch authored Jan 09, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@897527 13f79535-47bb-0310-9956-ffa450edef68

7b3eab9a

Jan 07, 2010

Merge r896897 from trunk: · e9fe6c47

Eric Covener authored Jan 07, 2010

clarify LDAPConnectionTimeout behavior/availability which is really just
passed along to the SDK when applicable.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@896956 13f79535-47bb-0310-9956-ffa450edef68

e9fe6c47

Merge r891282 from trunk: · 18dd70ea

Ruediger Pluem authored Jan 07, 2010

Further mitigation for the TLS renegotation attack, CVE-2009-3555:

* modules/ssl/ssl_engine_kernel.c (has_buffered_data): New function.
  (ssl_hook_Access): Forcibly disable keepalive for the connection if
  there is any buffered data readable from the input filter stack.

* modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Ensure that the
  BIO uses blocking operations when invoked outside direct control of
  the httpd filter stack.

Thanks to Hartmut Keil <Hartmut.Keil adnovum.ch> for proposing this
technique.

Submitted by: jorton
Reviewed by: rpluem, jim, trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@896900 13f79535-47bb-0310-9956-ffa450edef68

18dd70ea

Jan 06, 2010

vote+promote mod_ssl legacy renegotiation improvement · 9b31b8dd

Jeff Trawick authored Jan 06, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@896689 13f79535-47bb-0310-9956-ffa450edef68

9b31b8dd

Merge r896299 from trunk: · c975aa49

Eric Covener authored Jan 06, 2010

clarify that FileETag is for static files only, and explicitly mention
that ETags aren't generated for files parsed by mod_include.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@896300 13f79535-47bb-0310-9956-ffa450edef68

c975aa49