git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1161535 13f79535-47bb-0310-9956-ffa450edef68

by keeping orig brigade untouched and avoiding 1byte brigades
(related to CVE-2011-3192)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1161534 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1161011 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1161005 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1161002 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1160863 13f79535-47bb-0310-9956-ffa450edef68

Bointon (bug ID 51669)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1160345 13f79535-47bb-0310-9956-ffa450edef68

possibly addressing some confusion for bug ID 51352


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1160342 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1159986 13f79535-47bb-0310-9956-ffa450edef68

Submitted by: Christophe Jaillet <christophe jaillet wanadoo fr>,
              Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1159896 13f79535-47bb-0310-9956-ffa450edef68

a LocationMatch.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1158022 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157993 13f79535-47bb-0310-9956-ffa450edef68

stood down if the original filter was not added by configuration.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157976 13f79535-47bb-0310-9956-ffa450edef68

Fix logic of APLOG_IS_LEVEL check.
Use X509_NAME_print_ex() instead of deprecated X509_NAME_oneline().
Use i2a_ASN1_INTEGER for printing the serial number.
Add notBefore and notAfter dates to log line.
Check for null cert argument (addresses PR 47408).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157712 13f79535-47bb-0310-9956-ffa450edef68

s/lderrno/uldap_ld_errno, but keep it internal.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157678 13f79535-47bb-0310-9956-ffa450edef68

few other paths that have us returning LDAP_OTHER (since
only 'server down' is retryable, we want to work hard to get
it returned when appropriate)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157677 13f79535-47bb-0310-9956-ffa450edef68

Remove some more unneeded defines from ssl_private.h.

At runtime, warn when mod_ssl is started with an OpenSSL version
older than the one it was originally compiled against.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157575 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157363 13f79535-47bb-0310-9956-ffa450edef68

8K length limit for expressions. Strings/Regexs in an expression are still
limited to 8K, though.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157362 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157361 13f79535-47bb-0310-9956-ffa450edef68

Remove unused label
Remove unused var


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157357 13f79535-47bb-0310-9956-ffa450edef68

Increase length limit of lines in the configuration file to 16MB.
Increase length limit of lines in the group file to 16MB.

PR: 45888, 50824, 43084

Windows and Netware build changes are untested.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157354 13f79535-47bb-0310-9956-ffa450edef68

An alternative on at least some IBM client libraries:

  http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.IBMDS.doc/progref281.htm#opttimeout



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157111 13f79535-47bb-0310-9956-ffa450edef68

  double-free (and segfault) with bad arg to SSLCryptoDevice.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157105 13f79535-47bb-0310-9956-ffa450edef68

  autoconf 2.63, where an empty "else" clause gets 
  generated from the args if present with only whitespace.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157094 13f79535-47bb-0310-9956-ffa450edef68

number of retries (LDAPRetries, default 3) and configurable delay between 
retries (LDAPRetryDelay, no delay by default).

The LDAP connection is re-initted every other retry, instead of
on the fifth retry -- this was a much more recent addition then
the basic looping behavior.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156790 13f79535-47bb-0310-9956-ffa450edef68

because it's causing the ample retries in mod_ldap to be multiplied by this
outter loop.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156007 13f79535-47bb-0310-9956-ffa450edef68

ldap_simple_bind(). 


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156001 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1155061 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154944 13f79535-47bb-0310-9956-ffa450edef68

"lock in" any value since the non +/- syntax can zap whatever it wants.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154940 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154875 13f79535-47bb-0310-9956-ffa450edef68

in a server context with RewiteEngine off, then later referenced.

Submitted By: Ben Noordhuis
Reviewed By: covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154808 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154769 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154762 13f79535-47bb-0310-9956-ffa450edef68

Access is not necessarily denied because a single requirement failed to grant 
access, and mod_authz_core is already reporting at DEBUG the require line and 
the providers result.

Elaborate on one remaining legitimate message to include the require line.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154706 13f79535-47bb-0310-9956-ffa450edef68

remove #ifdef'ed code which was relevant for earlier versions only.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154688 13f79535-47bb-0310-9956-ffa450edef68

after support for non-OpenSSL toolkits has been dropped.

Replace macros by their value proper where feasible, and keep
those definitions in ssl_private.h which depend on specific
OpenSSL versions.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154687 13f79535-47bb-0310-9956-ffa450edef68

and remove #ifdef'ed code from mod_ssl and ab where applicable.

Consensus for dropping support for SSL/TLS toolkits other
than OpenSSL was reached on dev@httpd in June 2010 (message
with ID <20100602162310.GA11156@redhat.com> and follow-ups).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154683 13f79535-47bb-0310-9956-ffa450edef68

their fixup hook, and headers are also not sent on non-2xx responses.

Submitted by:  Sami J. Mäkinen
Reviewed by: Eric Covener (modified to just run REALLY_FIRST)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154620 13f79535-47bb-0310-9956-ffa450edef68