git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@549417 13f79535-47bb-0310-9956-ffa450edef68

* modules/generators/mod_status.c (status_handler): Specify charset in
content-type to prevent browsers doing charset "detection", which
allows an XSS attack.  Use logitem-escaping on the request string to
make it charset-neutral.

Reported by: Stefan Esser <sesser hardened-php.net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@549159 13f79535-47bb-0310-9956-ffa450edef68

not affected by this change.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@549131 13f79535-47bb-0310-9956-ffa450edef68

Apache child process PIDs and uses that to check validity
of what's in the scoreboard.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@547987 13f79535-47bb-0310-9956-ffa450edef68

Add a clogging_input_filters variable to the conn_rec, enabling the Event MPM to know when its running with an input filter that buffers its own data, like mod_ssl.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@546328 13f79535-47bb-0310-9956-ffa450edef68

Add support for distributed caching of SSL Sessions inside memcached, using apr_memcache, which is present in APR-Util 1.3/trunk.

This was originally written at ApacheCon US 2005 (San Diego), and was sent to the list:
http://mail-archives.apache.org/mod_mbox/httpd-dev/200512.mbox/%3C439C6C07.9030904@force-elite.com%3E

This version is slightly cleaned up, and of course, uses the now bundled apr_memcache, rather than an external dependency.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@545379 13f79535-47bb-0310-9956-ffa450edef68

mod_mem_cache: Copy headers into longer lived storage; header names and
values could previously point to cleaned up storage

PR: 41551
Submitted by: Davi Arnaut <davi haxent.com.br>
Reviewed by: covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@543515 13f79535-47bb-0310-9956-ffa450edef68

response or are invalid.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@539621 13f79535-47bb-0310-9956-ffa450edef68

* modules/cache/mod_cache.c
  (cache_save_filter): Properly handle HEAD responses when we have a stale handle.

(This patch was revised by Justin/Ruediger.)

Submitted by: Niklas Edmundsson
Reviewed by: Justin, Ruediger


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@539620 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@539433 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@539431 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@539282 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@539119 13f79535-47bb-0310-9956-ffa450edef68

representation if Expires is not set.

* modules/cache/mod_cache.c
  (cache_save_filter): If Cache-Control max-age is set and Expires isn't,
  let that value control our expiration.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@539063 13f79535-47bb-0310-9956-ffa450edef68

let us later throw away the renegotiated content due to a name mismatch.

We do not need to update the ->name field just before writing the headers as
the computed ->name on open and create is sufficient.  Updating ->name here is
essentially a no-op - except in the case of Vary where the key has internally
changed (to account for the Vary prefix), but the original name has not.
However, writing the Vary'd-accounted key means that when we read the cache
next that we will error out and disregard the just renegotiated response and
fetch the content all over again - oops!

(This is largely a case where I think we may have overthought ourselves; hence
the explanation is here in the commit rather than in the file itself.)

* modules/cache/mod_disk_cache.c
  (store_headers): The originally opened ->name is sufficient.
* CHANGES: Combined with r538992, note that renegotiation for Vary's seem to
  work far better.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@538997 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@538869 13f79535-47bb-0310-9956-ffa450edef68

so per Sec. 13.9 permit queries with just max-age instead of only Expires.

* modules/cache/mod_cache.c
  (cache_save_filter): Be closer to RFC 2616's intent for query arguments.
* CHANGES: Update.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@538807 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@535907 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@534536 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@534074 13f79535-47bb-0310-9956-ffa450edef68

processing of error responses (4xx, 5xx) will be altered.

PR: 39245

This is based on a patch submitted by Bart van der Schans <schans hippo.nl>
and tweaked slightly by me based on discussions on dev@ since April 2006.
I think rpleum was the first to mention the 1xx issue.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@527969 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@526914 13f79535-47bb-0310-9956-ffa450edef68

<crypt.h>, such as z/OS.

We assume that the ancient code in htpasswd has it right --
all but Windows, TPF, and NetWare have crypt().

Submitted by: David Jones <oscaremma gmail.com>
Reviewed by: wrowe, trawick



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@526892 13f79535-47bb-0310-9956-ffa450edef68

so the hardware library can pick up the locking callbacks. Fixes PR 20951.
Tested on Linux with trunk and an nCipher nShield card, and on Solaris 10/Sparc
on 2.0.55 with an nCipher NetHSM.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@525709 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@520735 13f79535-47bb-0310-9956-ffa450edef68

*) adds compile-time/run time SSL-C version support
*) simplify a ton of overly-verbose legacy code
*) split the compiled-against v.s. runtime library
*) precache the results of the version string touchup



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@520701 13f79535-47bb-0310-9956-ffa450edef68

* modules/http/http_etag.c (etag_uint64_to_hex): Renamed from
etag_ulong_to_hex; take an apr_uint64_t argument.
(ap_make_etag): Adjust to use new function and macro names.
Pass arguments directly to etag_uint64_to_hex without casting
down to unsigned long.

PR: 40064


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@517238 13f79535-47bb-0310-9956-ffa450edef68

Submitted by: Filip Hanik <devlist hanik.com>
Reviewed by: trawick



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@516175 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@509654 13f79535-47bb-0310-9956-ffa450edef68

for SDKs that define LDAP_NO_LIMIT to something other than -1.

Submitted by: David Jones <oscaremma gmail.com>
Reviewed by:  trawick



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@509237 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@508645 13f79535-47bb-0310-9956-ffa450edef68

  on each request in the request_config. During consecutive runs of
  cache_generate_key_default during processing the request we restore it
  from there as we might not be able to generate the same key again as
  the ingredients used to compose the key might have changed and we constantly
  must use a key that could be generated during the quick handler phase.

PR: 41475


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@506621 13f79535-47bb-0310-9956-ffa450edef68

for 'deprecated'


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@504892 13f79535-47bb-0310-9956-ffa450edef68

  even if no expiration time is specified. Futhermore the query string will not
  be used for key generation such that requests to the same URI path, but with
  different query strings are mapped to the same cache entity. Turning this
  setting to ON violates RFC 2616/13.9 and thus it is turned off by default.

PR: 41484
Submitted by: Fredrik Widlund <fredrik.widlund qbrick.com>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@504183 13f79535-47bb-0310-9956-ffa450edef68

database configurations from the main server.  The post_config hook function
determines the minimal set of distinct configurations necessary so that
database connection pools are shared between virtual hosts whenever possible.

The SQL statements which should be prepared for each database connection
are now stored in a hash for each virtual host during the configuration
phase, and these hashes are merged in the normal manner using
apr_hash_overlay() with that of the main server.  This allows for statements
to be de-registered by DBDPrepareSQL, if desired.  The post_config hook
function then compares the statements registered for each virtual host
when determining if a separate configuration group is required.  The
changes in r424798, r432560, r432562, and r466641, which still have problems
with configuration inheritance, are therefore no longer necessary.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@503931 13f79535-47bb-0310-9956-ffa450edef68

PR: 41056 / 19954
Submitted by: jfclere, jim
Reviewed by: jim



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@503863 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@502797 13f79535-47bb-0310-9956-ffa450edef68

Revert the read-while-caching and large-file-crash fixes for mod_disk_cache,
ready to start again.

Reverted: r450105 r450188 r462571 r462601 r462696 r467655 r467684 r468044
r468373 r468409 r470455



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@502365 13f79535-47bb-0310-9956-ffa450edef68

      when invoked without variable name(s). 


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@502323 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@501132 13f79535-47bb-0310-9956-ffa450edef68