Skip to content
  1. Aug 30, 2005
    • Joe Orton's avatar
      Fix CVE CAN-2005-2700: · a344c639
      Joe Orton authored
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
      renegotiation is performed for a transition from "SSLVerifyClient
      optional" to "SSLVerifyClient require".
      
      The boolean "verify_old & SSL_VERIFY_PEER_STRICT" is true if the old
      context merely has optional verification configured, since the
      definition of SSL_VERIFY_PEER_STRICT is
      (SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_PEER).
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264800 13f79535-47bb-0310-9956-ffa450edef68
      a344c639
    • Colm MacCarthaigh's avatar
      · bc340de5
      Colm MacCarthaigh authored
      If uid_t and gid_t are unsigned on a platform (hurd, for example), using -1
      may cause a compiler warning. 
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264788 13f79535-47bb-0310-9956-ffa450edef68
      bc340de5
    • Colm MacCarthaigh's avatar
      · 390c36d0
      Colm MacCarthaigh authored
      Fix PR36410; Change how the get_suexec_identity hook is handled by CGID.
      Instead of using mod_userdir and mod_suexec specific hacks, we now run the hook
      on the httpd side of the handler. 
      
      If this is NULL, we pass on a magic empty_ugid constant, otherwise pass on the
      real ugid.
      
      On the cgid side of the equation, we add our own hook, with REALLY_FIRST, and
      then order the hooks. This ensures that cgid's doer runs before any other
      registered get_suexec_identity doers.
      
      We use cgid's request config to store the ugid. If ugid == empty_ugid, we DON'T
      call ap_os_create_privileged_process, because our doer would return the magic
      empty_ugid constant. Having the doer return NULL is no good, because then
      userdir and mod_suexec's doers would be called. Instead, we call plain old
      apr_proc_create(). 
      
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264759 13f79535-47bb-0310-9956-ffa450edef68
      390c36d0
    • Joe Orton's avatar
      Fix a grammar mistake; note what happens when the timeout is · 4a28da9a
      Joe Orton authored
      reached.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@264737 13f79535-47bb-0310-9956-ffa450edef68
      4a28da9a
  2. Aug 29, 2005
  3. Aug 28, 2005
  4. Aug 27, 2005
  5. Aug 26, 2005
  6. Aug 25, 2005