- Jan 06, 2014
-
-
Kaspar Brand authored
Add support for OpenSSL configuration commands by introducing the SSLOpenSSLConfCmd directive. Proposed by: kbrand Reviewed by: drh, trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555683 13f79535-47bb-0310-9956-ffa450edef68
-
- Jan 05, 2014
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555639 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555563 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555560 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Remove <Proxy ~ wildcard-url> syntax which: - is equivalent to <ProxyMatch wildcard-url> - has never been documented - incorrectly checks parameters (!cmd->path should be !cmd->path[0]) - is buggy (! is missing in front of strncasecmp) Submitted by: jailletc36 Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555552 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_authz_user: Support the expression parser within the require directives. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555548 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_authnz_host: Support the expression parser within the require directives. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555545 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_authnz_groupfile: Support the expression parser within the require directives. Pass the correct pointer that made it past the test suite. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555543 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_authnz_dbm: Support the expression parser within the require directives. Pass the correct pointer that made it past the test suite. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555541 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_authnz_dbd: Support the expression parser within the require directives. Pass the correct pointer that made it past the test suite. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555540 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_authnz_ldap: Support the expression parser within the require directives. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1555539 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 26, 2013
-
-
Graham Leggett authored
trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1534321 http://svn.apache.org/viewvc?view=revision&revision=1550061 Submitted by: Jan Kaluza <jkaluza redhat.com> Reviewed by: jim, jorton, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1553540 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 18, 2013
-
-
Jim Jagielski authored
mod_socache_shmcb.c: Remove arbitrary restriction on shared memory size previously limited to 64MB. Limit SHMCB_MAX_SIZE to min(UINT_MAX, APR_SIZE_MAX) to match the current code Submitted by: minfrin, sf Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1551932 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 29, 2013
-
-
Daniel Gruno authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1546547 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 22, 2013
-
-
Jeff Trawick authored
to the 2.4.x branch in r1542560 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1544676 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 19, 2013
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1543513 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1543475 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 17, 2013
-
-
Graham Leggett authored
trunk patch: https://svn.apache.org/viewvc?view=revision&revision=1540161 https://svn.apache.org/viewvc?view=revision&revision=1540163 https://svn.apache.org/viewvc?view=revision&revision=1540178 https://svn.apache.org/viewvc?view=revision&revision=1540179 https://svn.apache.org/viewvc?view=revision&revision=1540220 http://svn.apache.org/viewvc?view=revision&revision=r1542413 2.4.x patch: http://people.apache.org/~jim/patches/slotmem-error2.patch Submitted by: jim Reviewed by: jorton, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542803 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 16, 2013
-
-
Graham Leggett authored
trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1451706 http://svn.apache.org/viewvc?view=revision&revision=1517365 http://svn.apache.org/viewvc?view=revision&revision=1529442 2.4.x patch: http://people.apache.org/~jim/patches/httpd-2.4-event-v3.patch Submitted by: jim Reviewed by: rjung, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542560 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
and align w/ trunk. trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1409214 http://svn.apache.org/viewvc?view=revision&revision=1410004 2.4.x patch: http://people.apache.org/~jim/patches/httpd-2.4-podx-v2.patch Submitted by: jim Reviewed by: rjung, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542557 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
trunk patch: https://svn.apache.org/r1542338 Submitted by: Mike Rumph <mike.rumph oracle.com> Reviewed by: trawick, covener, sf git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542549 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 15, 2013
-
-
Jim Jagielski authored
Switch from private FastCGI protocol handling to util_fcgi API. Use apr_socket_timeout_get instead of hard-coded 30 seconds timeout. Bring some envvar flexibility from mod_authnz_fcgi to mod_proxy_fcgi: mod_proxy_fcgi: Remove 64K limit on encoded length of all envvars. An individual envvar with an encoded length of more than 16K will be omitted. Borrow a fix from mod_authnz_fcgi: mod_proxy_fcgi: Handle reading protocol data that is split between packets. Use ap_log_rdata() to dump the FastCGI header, axing a bunch of custom data dumping code. Submitted by: trawick, jkaluza, trawick, trawick, trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542330 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Streamline ephemeral key handling: - drop support for ephemeral RSA keys (only allowed/needed for export ciphers) - drop pTmpKeys from the per-process SSLModConfigRec, and remove the temp key generation at startup (unnecessary for DHE/ECDHE) - unconditionally disable null and export-grade ciphers by always prepending "!aNULL:!eNULL:!EXP:" to any cipher suite string - do not configure per-connection SSL_tmp_*_callbacks, as it is sufficient to set them for the SSL_CTX - set default curve for ECDHE at startup, obviating the need for a per-handshake callback, for the time being (and also configure SSL_OP_SINGLE_ECDH_USE, previously left out) For additional background, see https://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%3C52358ED1.2070704@velox.ch%3E Follow-up fixes for r1526168: - drop SSL_TMP_KEY_* constants from ssl_private.h, too - make sure we also disable aNULL, eNULL and EXP ciphers for per-directory SSLCipherSuite directives - apply the same treatment to SSLProxyCipherSuite Increase minimum required OpenSSL version to 0.9.8a (in preparation for the next mod_ssl commit, which will rely on the get_rfcX_prime_Y functions added in that release): - remove obsolete #defines / macros - in ssl_private.h, regroup definitions based on whether they depend on TLS extension support or not - for ECC and SRP support, set HAVE_X and change the rather awkward #ifndef OPENSSL_NO_X lines accordingly For the discussion prior to taking this step, see https://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%3C524275C7.9060408%40velox.ch%3E Improve ephemeral key handling (companion to r1526168): - allow to configure custom DHE or ECDHE parameters via the SSLCertificateFile directive, and adapt its documentation accordingly (addresses PR 49559) - add standardized DH parameters from RFCs 2409 and 3526, use them based on the length of the certificate's RSA/DSA key, and add a FAQ entry for clients which limit DH support to 1024 bits (such as Java 7 and earlier) - move ssl_dh_GetParamFromFile() from ssl_engine_dh.c to ssl_util_ssl.c, and add ssl_ec_GetParamFromFile() - drop ssl_engine_dh.c from mod_ssl For the standardized DH parameters, OpenSSL version 0.9.8a or later is required, which was therefore made a new minimum requirement in r1527294. PR 55616 (add missing APLOGNO), part 2 Submitted by: kbrand Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1542327 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 14, 2013
-
-
Jeff Trawick authored
Add experimental cmake-based build system for Windows. (Support for both trunk and 2.4.x has been removed for this first commit to the 2.4.x branch.) Thanks tdonovan for sharing your earlier version! A lot of good stuff is from Tom; a lot of bad stuff is from me. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541921 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 13, 2013
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541519 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541516 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541494 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541373 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1541372 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 09, 2013
-
-
Jim Jagielski authored
substitution string when using Header edit trunk patch: http://people.apache.org/~druggeri/patches/HeaderEditENV.trunk.patch 2.4.x patch: http://people.apache.org/~druggeri/patches/HeaderEditENV.2.4.patch +1: druggeri, covener, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1540313 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Support optional initialization arguments for socache providers in mod_authn_socache. Submitted by: chrisd Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1540312 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 28, 2013
-
-
Jim Jagielski authored
mod_session: Reset the max-age on session save. PR 47476. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1536321 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_session: After parsing the value of the header specified by the SessionHeader directive, remove the value from the response. PR 55279. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1536320 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 18, 2013
-
-
Jim Jagielski authored
Fix PR 55397: dav_resource->uri treated as an unparsed uri. The change made for PR 54611 caused this field to be treated as unescaped. mod_dav_svn however, provided escaped URIs. Essentially breaking support for paths with non-URI safe characters in SVN. Adjust the code so that dav_resource->uri is assumed to be escaped and adjust mod_dav_fs so that it uses escaped URIs in this field. * modules/dav/fs/repos.c (dav_fs_get_resource): Use the unparsed_uri to contruct the resource uri. * modules/dav/main/mod_dav.c (dav_xml_escape_uri): Do not uri escape, just handle xml escaping. (dav_created): Assume that locn if provided is escaped. (dav_method_copymove, dav_method_bind): Use the unparsed_uri on the request when calling dav_created() to adjust to locn assuming it is escaped. * modules/dav/main/mod_dav.h (dav_resource): Document that uri is escaped. Followup to r1529559: mod_dav_fs: Fix encoding of hrefs in PROPFIND response. Previous commit missed encoding the names of the children of the PROPFIND request when the depth wasn't 0. * modules/dav/fs/repos.c (dav_fs_append_uri): New function (dav_fs_walker): Use dav_fs_append_uri() and adjust length calculations to use the encoded length. Submitted by: breser Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1533448 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
mod_dav: Fix PR 55306. Makes mod_dav no longer require that the lock token be provided when the source of a COPY is locked. The prior behavior was in violating of RFC 4918 which says that the lock token is only required on resources that may be modified by the method. * modules/dav/main/mod_dav.h (DAV_VALIDATE_NO_MODIFY): New flag to be passed to dav_validate_* functions. * modules/dav/main/mod_dav.c (dav_method_copymove): Use the new flag when calling dav_validate_request() on the COPY source. * modules/dav/main/util.c (dav_validate_resource_state): Use the flag to decide to ignore if the lock token is not provided. Submitted by: breser Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1533447 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 14, 2013
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1531914 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 10, 2013
-
-
Jim Jagielski authored
WinNT MPM: Exit the child if the parent process crashes or is terminated. Submitted by: Oracle, via trawick The original modification was made some years ago for Oracle HTTP Server by an Oracle employee. trawick made additional changes for style and for trunk/2.4.x changes. Follow up to r1526666: Use SYNCHRONIZE instead of PROCESS_ALL_ACCESS because a. it is sufficient b. it avoids an issue where PROCESS_ALL_ACCESS is larger on newer SDKs, resulting in a run-time error when running on older Windows Close the handle. Submitted by: Ivan Zhakov <ivan visualsvn.com> Submitted by: trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1531000 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
core: Don't truncate output when sending is interrupted by a signal, such as from an exiting CGI process. PR: 55643 Submitted by: trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530999 13f79535-47bb-0310-9956-ffa450edef68
-
- Oct 08, 2013
-
-
Jeff Trawick authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530311 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
core: Add missing Reason-Phrase in HTTP response headers. PR 54946. Submitted by: rjung Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1530281 13f79535-47bb-0310-9956-ffa450edef68
-