Time for disclosure details

  If anyone sees credit-where-credit-is-due that I've missed, please
  add those individuals.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99332 13f79535-47bb-0310-9956-ffa450edef68

document but all variants of it (i.e. one basename), such as avail. languages,
formats etc.

(Note, that it's still a noop for the output.)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99330 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99326 13f79535-47bb-0310-9956-ffa450edef68

(not backported yet; but later)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99325 13f79535-47bb-0310-9956-ffa450edef68

least for url stability reasons.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99322 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99321 13f79535-47bb-0310-9956-ffa450edef68

name.  (Heck, I'm lucky if I get people to call me by my first name.)

Also split out something I didn't explicitly say as well, but may be true.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99320 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99319 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:	Hiroaki KAWAI <hawk@bcl.t.u-tokyo.ac.jp>
Reviewed by:	Yoshiki Hayashi


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99318 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99316 13f79535-47bb-0310-9956-ffa450edef68

future if we sind up with lots of versions.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99315 13f79535-47bb-0310-9956-ffa450edef68

backward-compatibility policy.  We assume that people preserve their
own config files, rather than going back to the default each time.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99314 13f79535-47bb-0310-9956-ffa450edef68

  Please consider and vote - see what this choice has done to us
  r.e. .tar.gz.md5 files and so forth.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99313 13f79535-47bb-0310-9956-ffa450edef68

a note on perchild:
  perchild exception handling was busted before this and is still busted
  the problem I noticed was that a client that exposes a segfault never
  gets its connection dropped and the parent never notices that the
  child process that segfaulted hasexited


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99312 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99310 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99309 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99304 13f79535-47bb-0310-9956-ffa450edef68

We may have to experimt a bit to get best results. This is a first
attempt.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99303 13f79535-47bb-0310-9956-ffa450edef68

	Note this change (as previously written, it implied that 1.3.5
	had this vulnerability, which is not true). I'm not sure if
	"httpd 2.0" is the preferred name.

-    <p>Note that in versions previous to 2.0.46 no escaping has been performed
+    <p>Note that in httpd 2.0 versions prior to 2.0.46, no escaping was performed
     on the strings from <code>%...r</code>, <code>%...i</code> and
     <code>%...o</code>. This was mainly to comply with the requirements of
     the Common Log Format. This implied that clients could insert control
     characters into the log, so you had to be quite careful when dealing
     with raw log files.</p>

-    <p>For security reasons starting with 2.0.46 non-printable and
+    <p>For security reasons, starting with 2.0.46, non-printable and
     other special characters are escaped mostly by using
     <code>\x<var>hh</var></code> sequences, where <var>hh</var> stands for
     the hexadecimal representation of the raw byte. Exceptions from this
     rule are <code>"</code> and <code>\</code> which are escaped by prepending
-    a backslash, and all whitespace characters that are written in their
-    C-notation (<code>\n</code>, <code>\t</code> etc).</p>
+    a backslash, and all whitespace characters which are written in their
+    C-style notation (<code>\n</code>, <code>\t</code> etc).</p>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99302 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99298 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99294 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:	Hiroaki KAWAI <hawk@bcl.t.u-tokyo.ac.jp>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99293 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99292 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:	Hiroaki KAWAI <hawk@bcl.t.u-tokyo.ac.jp>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99291 13f79535-47bb-0310-9956-ffa450edef68

I changed the references to the auth modules, so that they're matching
the new model, but it probably needs a rewrite anyway.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99288 13f79535-47bb-0310-9956-ffa450edef68

Reviewed by: Astrid Ke�ler, Erik Abele


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99283 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99282 13f79535-47bb-0310-9956-ffa450edef68

complete successfully.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99280 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99279 13f79535-47bb-0310-9956-ffa450edef68

MODSSL_INFO_CB_ARG_TYPE already includes 'SSL' in its type.  Don't duplicate.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99278 13f79535-47bb-0310-9956-ffa450edef68

additionally add reference revision number to de.xml


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99275 13f79535-47bb-0310-9956-ffa450edef68

RFC says.

PR: 18443


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99271 13f79535-47bb-0310-9956-ffa450edef68

- required some changes in DTD, CSS and style/lang/* files

Reviewed by: Astrid Ke�ler, Erik Abele


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99270 13f79535-47bb-0310-9956-ffa450edef68

  Solve SSL-C breakage introduced in mod_ssl.h rev 1.129 and
  ssl_engine_kernel.c rev 1.88.  SSL* is not const under SSL-C.

  I've confirmed Jeff's comment that the original patch doesn't harm
  earlier OpenSSL versions which declared no arguments at all.

  I suspect now that we could fold
     #define MODSSL_BIO_CB_ARG_TYPE const char
     #define MODSSL_CRYPTO_CB_ARG_TYPE const char
     #define MODSSL_INFO_CB_ARG_TYPE const SSL*
  into a single MODSSL_CB_ARG_CONST define, but this works for now.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99263 13f79535-47bb-0310-9956-ffa450edef68

  Noop MS DevStudio IDE change
 to include ssl_toolkit_compat.h
  in the list of project headers.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99261 13f79535-47bb-0310-9956-ffa450edef68

  Note the recent SSL-C fixes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99260 13f79535-47bb-0310-9956-ffa450edef68

as a third parameter rather than manually computing it ourselves.

Add the ' prefix'd --enable-layout so that this can work with an autoconf-2.54+
generated configure.  (Previously, the option would not be dropped with 2.54
or 2.57 since it unconditionally adds single-quotes which our case statement
would not catch.)

Try to shorten long invocations of APR_SUBDIR_CONFIG where possible.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99257 13f79535-47bb-0310-9956-ffa450edef68

- Moved mime.types back to the default location.
- Added mod_ldap and friends, mod_cache and friends.
- Added openldap dependancy.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99256 13f79535-47bb-0310-9956-ffa450edef68

  Have some consistency!  Fixes logic I introduced in 1.37.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99253 13f79535-47bb-0310-9956-ffa450edef68

  Reapply the fix *intended* by rev 1.79 in a safer manner.  Prior to
  all assignments and the final SSL_free(), free ssl_conn->client_cert
  to avoid leaks of this refcounted X509*.  Prereleasing refcounted
  objects is unsafe programming; fix applied to both branches.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99252 13f79535-47bb-0310-9956-ffa450edef68