Skip to content
  1. Oct 17, 2017
  2. Oct 16, 2017
  3. Oct 15, 2017
  4. Oct 13, 2017
  5. Oct 12, 2017
  6. Oct 11, 2017
  7. Oct 10, 2017
    • Joe Orton's avatar
      Merged*3. · 33333437
      Joe Orton authored
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1811750 13f79535-47bb-0310-9956-ffa450edef68
      33333437
    • Joe Orton's avatar
      Merge r1809209 from trunk: · fdd7b66f
      Joe Orton authored
      Fix a segmentation fault if AuthzDBDQuery is not set.
      
      PR: 61546
      Submitted by: Lubos Uhliarik <luhliari redhat.com>
      Reviewed by: jailletc36, ylavic, elukey
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1811749 13f79535-47bb-0310-9956-ffa450edef68
      fdd7b66f
    • Joe Orton's avatar
      Merge r1664565 from trunk: · 542a8ecb
      Joe Orton authored
      *) mod_rewrite: Add support for starting External Rewriting Programs
         as non-root user on UNIX systems by specifying username and group name
         as third argument of RewriteMap directive.
      
      Submitted by: jkaluza
      Reviewed by: jorton, wrowe, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1811748 13f79535-47bb-0310-9956-ffa450edef68
      542a8ecb
    • Joe Orton's avatar
      Merge r1808230 from trunk: · 85189e49
      Joe Orton authored
      * server/protocol.c (ap_content_length_filter): Rewrite the content
        length filter to avoid arbitrary memory consumption for streaming
        responses (e.g. large CGI script output).  Ensures C-L is still
        generated in common cases (static content, small CGI script output),
        but this DOES change behaviour and some responses will end up
        chunked rather than C-L computed.
      
      PR: 61222
      Submitted by: jorton, rpluem
      Reviewed by: jorton, wrowe, ylavic
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1811746 13f79535-47bb-0310-9956-ffa450edef68
      85189e49
    • Yann Ylavic's avatar
      Merge r1736186 from trunk: · 10732433
      Yann Ylavic authored
      mod_ssl: return non ambiguous value in ssl_callback_SessionTicket() for
      encryption mode (we used to return 0, OpenSSL documents returning 1 instead).
      
      Practically this does not change anything since OpenSSL will only check for
      >= 0 return value (non error) for encryption mode (the other possible return
      values are only relevant for decryption mode).
      
      However the OpenSSL documentation for SSL_CTX_set_tlsext_ticket_key_cb()
      states:
      "
      The return value of the cb function is used by OpenSSL to determine what
      further processing will occur. The following return values have meaning:
      
      2
          This indicates that the ctx and hctx have been set and the session can
          continue on those parameters. Additionally it indicates that the session
          ticket is in a renewal period and should be replaced. The OpenSSL library
          will call cb again with an enc argument of 1 to set the new ticket (see
          RFC5077 3.3 paragraph 2).
      
      1
          This indicates that the ctx and hctx have been set and the session can
          continue on those parameters.
      
      0
          This indicates that it was not possible to set/retrieve a session ticket
          and the SSL/TLS session will continue by by negotiating a set of
          cryptographic parameters or using the alternate SSL/TLS resumption
          mechanism, session ids.
          If called with enc equal to 0 the library will call the cb again to get a
          new set of parameters.
      
      less than 0
          This indicates an error.
      "
      
      So 0 is not appropriate in our code, 1 is what we really want (and it won't
      break if OpenSSL later changes its checks on the callback return value).
      
      Reported/Proposed by: oknet on github, pull request #18.
      Reviewed by: jorton, ylavic, wrowe
      [Closes #18]
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1811742 13f79535-47bb-0310-9956-ffa450edef68
      10732433