filesystem name are rejected with 403.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101310 13f79535-47bb-0310-9956-ffa450edef68

by mod_usertrack. This is because of the use of strstr() in spot_cookie() the
original mod_usertrack.c to find the name of the cookie. strstr(), by virtue of
looking for a substring instead of an exact match, can mis-identify the cookie
"MyID" as the cookie "ID" or "My". So, if you were looking for the value of the
cookie "ID", but only the cookie "MyID" was returned by the browser,
mod_usertrack.c would return the value of the "MyID" cookie in place of the
"ID" you were looking for.

Even more seriously, because strstr is invoked before the cookie name is
separated from its cookie value, a cookie and value like
"myCookie=thisisnotIDeal" will be a false positive if you told mod_usertrack
the cookie name was ID. Furthermore, using this example, "eal" will get logged
as the value of the cookie; now that strstr has incorrectly identified the
substring "ID" as the cookie name, the following "e" (assumed to be the "="
sign) gets discarded, and the remaining content used as the value of
the cookie.

Replacing the strstr() with a more robust regex match fixes this problem.

PR:    16661
Submitted by:   Manni Wood <manniwood@planet-save.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101306 13f79535-47bb-0310-9956-ffa450edef68

  SSL-C doesn't declare the char* file arg const, so we shouldn't either.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101303 13f79535-47bb-0310-9956-ffa450edef68

config file name.

Submitted by:   Aryeh Katz <aryeh@secured-services.com>
Reviewed by:    G�nter Knauf, Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101297 13f79535-47bb-0310-9956-ffa450edef68

5.004:

  my $cntopen = () = ($before =~ m|^\s*<[^/].*$|mg);


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101296 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101294 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101293 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101292 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101289 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101287 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101285 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101280 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101278 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101277 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101269 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101267 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101253 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101247 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101243 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101236 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101234 13f79535-47bb-0310-9956-ffa450edef68

 This fixes the cache code so that responses can be cached if they have
 an Expires header but no Etag or Last-Modified headers. PR 23130.
 Submitted by: <bjorn@exoweb.net>
 Reviewed by: Paul J. Reder


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101231 13f79535-47bb-0310-9956-ffa450edef68

Fix a couple of AIX xlc_r compiler issues in the cache code I previously
committed. [Paul J. Reder]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101221 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101220 13f79535-47bb-0310-9956-ffa450edef68

  Modified the cache code to be header-location agnostic. Also
  fixed a number of other cache code bugs related to PR 15852.
  Includes a patch submitted by Sushma Rai <rsushma@novell.com>.
  This fixes mod_mem_cache but not mod_disk_cache yet so I'm not
  closing the PR since that is what they are using. [Paul J. Reder]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101218 13f79535-47bb-0310-9956-ffa450edef68

use APR'd dbm. mod_ssl had hacked sdbm for larger sizes.

PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101214 13f79535-47bb-0310-9956-ffa450edef68

Submitted by:	Aryeh Katz
Reviewed by:	Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101211 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101207 13f79535-47bb-0310-9956-ffa450edef68

be available which is required for the recent bucket_alloc changes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101200 13f79535-47bb-0310-9956-ffa450edef68

  By rights this should be a subst - but it gets us building.
  Need to revisit pulling this and httpd-std.conf.in so we can
  drop all win32 specifics.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101199 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101197 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101196 13f79535-47bb-0310-9956-ffa450edef68

  Simplify includes - we always (in HTTPD 2.1 forward) are looking
  for the openssl/foo.h headers explicitly.  Fix the abs.dsp build
  to define HAVE_OPENSSL instead of USE_SSL so the correct headers
  are included upfront.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101195 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101194 13f79535-47bb-0310-9956-ffa450edef68

  Account for apr-1.lib and apriconv-1.lib changes, HTTPD 2.1/APR 1.0 only.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101193 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101178 13f79535-47bb-0310-9956-ffa450edef68

what was in 2.0 because it was more recent, but it turns out that was
the wrong choice.  reverts to 2.0 to follow


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101173 13f79535-47bb-0310-9956-ffa450edef68

PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101171 13f79535-47bb-0310-9956-ffa450edef68

to debug, as it is of interest only to developers.

PR:                9011


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101165 13f79535-47bb-0310-9956-ffa450edef68

explicit bucket_alloc_destroy(), which is redundant


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101164 13f79535-47bb-0310-9956-ffa450edef68