git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1069947 13f79535-47bb-0310-9956-ffa450edef68

take precedence if present. PR 35247.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1069942 13f79535-47bb-0310-9956-ffa450edef68

  startup failure in cases where multiple vhosts share the same
  "vhost-id" and private key file.  The cached-key case would
  previously cause an abrupt return from the function, which could
  prevent processing of configured keypairs for other vhosts.  There
  is no apparent reason to check for a "cache hit" against cached keys
  using *any* algorithm types; instead only check against a key with
  the matching type.

Submitted by: Masahiro Matsuya <matsuya redhat.com>, jorton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1069772 13f79535-47bb-0310-9956-ffa450edef68

PR: 50735
Submitted by: Mark Montague <mark catseye.org>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1068778 13f79535-47bb-0310-9956-ffa450edef68

  Update mpm_state in the signal handlers such that it is correct in
  children during a graceful stop/restart too.

PR: 41743
Submitted by: Andrew Punch <andrew.punch 247realmedia.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1068389 13f79535-47bb-0310-9956-ffa450edef68

breaks MacOS X and wherever this code will go, server/main.c does not seem to be the right place.
See
http://mail-archives.apache.org/mod_mbox/httpd-dev/201102.mbox/%3C01930193-8A3B-4635-9EB0-5EE31349E49C@jaguNET.com%3E


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1067483 13f79535-47bb-0310-9956-ffa450edef68

PR: 50619
Submitted by: Matt Miller <m miller f5 com>, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1066944 13f79535-47bb-0310-9956-ffa450edef68

PR 50434


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1061791 13f79535-47bb-0310-9956-ffa450edef68

ap_resolve_env() to look for variables defined in this way. This allows to use
the variables in the config using the ${VAR} syntax known from envvar
interpolation


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1061465 13f79535-47bb-0310-9956-ffa450edef68

headers configurable: ProxyAddHeaders, defaulting to 'On'.
http://www.mail-archive.com/dev@httpd.apache.org/msg49971.html


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1060795 13f79535-47bb-0310-9956-ffa450edef68

mod_slotmem_shm.

Consumers still need to choose the slot sizes
appropriate for consistent alignment.
mod_slotmem_shm only cares about the alignment
for the first slot.

We use the APR default alignment.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1060108 13f79535-47bb-0310-9956-ffa450edef68

  config hooks for OCSP response time skew, maximum age, timeout.

* modules/ssl/ssl_engine_ocsp.c (verify_ocsp_status): Respect
  config settings for above.

* docs/: Update accordingly.

Submitted by: Kaspar Brand <httpd-dev.2011 velox.ch>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1059917 13f79535-47bb-0310-9956-ffa450edef68

  "coalesce" filter which buffers the plaintext, and remove buffering
  of the SSL records -- i.e. buffer before the SSL output filter,
  rather than after it.  This aims to reduce the network overhead
  imposed by the output of many small brigades (such as produced by
  chunked HTTP response), which can now be transformed into a few
  large TLS records rather than many small ones.

  (ssl_filter_ctx_t): Remove "nobuffer" field.
  (bio_filter_out_ctx_t): Remove length, buffer, blen fields.
  (bio_filter_out_pass): Split from bio_filter_out_flush.
  (bio_filter_out_write): Remove handling of buffer.
  (bio_filter_out_ctrl): Adjust to reflect lack of buffer.
  (ssl_io_filter_coalesce): Add new filter...
  (ssl_io_filter_init): ...add it to the filter chain...
  (ssl_io_filter_register): ...and register it.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1059910 13f79535-47bb-0310-9956-ffa450edef68

This makes <If> apply to all requests, not only to file base requests and
it allows to use <If> inside <Directory>, <Location>, and <Files> sections.

The merging of <If> sections always happens after the merging of <Location>
sections, even if the <If> section is embedded inside a <Directory> or
<Files> section.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1059867 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1058660 13f79535-47bb-0310-9956-ffa450edef68

PR: 47022
Submitted by: Jordi Prats <jordi prats gmail com>, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1057048 13f79535-47bb-0310-9956-ffa450edef68

AP_MPMQ_MAX_THREADS: Single threaded means one thread per child, not zero
AP_MPMQ_MAX_DAEMONS: Max # daemons by config is determined by MaxClients, not
                     ServerLimit


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1057045 13f79535-47bb-0310-9956-ffa450edef68

        section->op == AUTHZ_LOGIC_AND
        auth_result == AUTHZ_DENIED_NO_USER
        child_result == AUTHZ_GRANTED
to return AUTHZ_GRANTED instead of AUTHZ_DENIED_NO_USER.

While there, refactor the if blocks to make them a bit more readable.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1056713 13f79535-47bb-0310-9956-ffa450edef68

of "provider" and likely confusion with AuthnCacheSOCache.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1055447 13f79535-47bb-0310-9956-ffa450edef68

of the backend connection, instead of misusing the pool of the frontend
request. Fixes a thread safety issue where buckets set aside in the
backend connection leak into other threads, and then disappear when
the frontend request is cleaned up, in turn causing corrupted buckets
to make other threads spin.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1055250 13f79535-47bb-0310-9956-ffa450edef68

to be RFC 2253 compatible, convert non-ASCII characters to UTF8, and 
escape other special characters with backslashes. The old format can
still be used with the LegacyDNStringFormat argument to SSLOptions.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1054323 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053872 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053750 13f79535-47bb-0310-9956-ffa450edef68

PR: 49512
Submitted by: Mark Drayton <mark markdrayton info>, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053726 13f79535-47bb-0310-9956-ffa450edef68

    Change the default of the Header directive to apply to responses of all types
    instead of just 2xx successful responses.

This turned out to be do more harm than good for anything other 
than "set", since "always" doesn't ever see/operate on existing 
r->headers_out headers -- just err_headers_out. 

I think onsuccess needs to remain the default and this needs to move into a 
doc revamp.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053516 13f79535-47bb-0310-9956-ffa450edef68

mod_headers defaults.

Should I flag this CHANGES entry in any way?


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053515 13f79535-47bb-0310-9956-ffa450edef68

This patch disallows the mixing of relative (+/-) and absolute Options where insensible.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053375 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053358 13f79535-47bb-0310-9956-ffa450edef68

whose names contain invalid characters. Describe in the docs how to restore the
old behaviour.

Submitted by: Malte S. Stretz <mss apache org>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053353 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053309 13f79535-47bb-0310-9956-ffa450edef68

VH addresses as name-based virtual hosts.  This also combines _default_ and *
into a single type of wildcard since these presented a false dichotomy between
address specs.

These are post-config only changes and do not change the runtime lookups.

The biggest loss here is that an unintended duplication of virtual host addresses
can no longer be reported as directly in the past, but should still be debuggabl
via apachectl -S (unintended NVH).  These problems are a drop in the bucket compared
to the difficulty users have with using NameVirtualHost.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053230 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1052419 13f79535-47bb-0310-9956-ffa450edef68

further processing.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1051582 13f79535-47bb-0310-9956-ffa450edef68

  round of reading.

PR: 50481


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1051468 13f79535-47bb-0310-9956-ffa450edef68

instead of '401 UNAUTHORIZED' if authorization fails for an authenticated user

PR: 40721


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1050677 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1045185 13f79535-47bb-0310-9956-ffa450edef68

you haven't modified it.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1044673 13f79535-47bb-0310-9956-ffa450edef68

such as per-directory mod_rewrite substitutions.   This would be left floating 
around in the request_rec with a pcalloc'ed value, so the core fixup
hook thought some module had overridden it.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1043023 13f79535-47bb-0310-9956-ffa450edef68

are merged with RewriteOptions Inherit.

Submitted By: Jérôme Grandjanny <jerome.grandjanny cea.fr> 
Reviewed By: covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1042255 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1042209 13f79535-47bb-0310-9956-ffa450edef68