to TLS backends (but avoid for pure SSLv2/SSLv3)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1175416 13f79535-47bb-0310-9956-ffa450edef68

situations.  Use them in most places where malloc, and friends are used.
This results in clean error messages in an out of memory situation instead of
segfaulting or silently malfunctioning. In some places, it just allows to
remove some logging code.

PR 51568, PR 51569, PR 51571.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1172686 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1172019 13f79535-47bb-0310-9956-ffa450edef68

  request matches the VirtualHost address.

PR: 51709
Submitted by: Micha Lenk <micha lenk.info>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1172002 13f79535-47bb-0310-9956-ffa450edef68

PR: 45110


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1171249 13f79535-47bb-0310-9956-ffa450edef68

use in mod_lbmethod_heartbeat and mod_serf to
- replace some needles use of apr_generate_random_bytes
- remove code duplication


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1171247 13f79535-47bb-0310-9956-ffa450edef68

more control over acceptable Range headers:

        See: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/311

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1169756 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1167156 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1167151 13f79535-47bb-0310-9956-ffa450edef68

if called from a virtual host with mod_ldap directives in it.  Did not
affect mod_authnz_ldap's usage of mod_ldap.  [Eric Covener]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1166823 13f79535-47bb-0310-9956-ffa450edef68

have a filter that doesn't like byteranges.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1166667 13f79535-47bb-0310-9956-ffa450edef68

 * allow "none" to be expressed in config
 * send Accept-Ranges: none with MaxRanges none
 * stop accepting confusing/ambiguous "0", start accepting "unlimited".



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1166282 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1165779 13f79535-47bb-0310-9956-ffa450edef68

- completely delegate CRL processing to OpenSSL
- introduce a new [Proxy]CARevocationCheck directive
- drop ssl_callback_SSLVerify_CRL from ssl_engine_kernel.c
- remove X509_STORE from modssl_ctx_t
- drop CRL store helper functions from ssl_util_ssl.c
- avoid sending "certificate_expired" SSL alerts to peers
  when the nextUpdate field of a CRL is in the past


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1165056 13f79535-47bb-0310-9956-ffa450edef68

  Range: bytes=-1

  Resulted in the first two bytes delivered, not in the last one.

PR: 51748
Submitted by: low_priority <lowprio20 gmail.com>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1163985 13f79535-47bb-0310-9956-ffa450edef68

applicable) Ranges before returning the complete resource.

(minor mmn bump for core_dir_config addition)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1162584 13f79535-47bb-0310-9956-ffa450edef68

a LocationMatch.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1158022 13f79535-47bb-0310-9956-ffa450edef68

stood down if the original filter was not added by configuration.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157976 13f79535-47bb-0310-9956-ffa450edef68

Fix logic of APLOG_IS_LEVEL check.
Use X509_NAME_print_ex() instead of deprecated X509_NAME_oneline().
Use i2a_ASN1_INTEGER for printing the serial number.
Add notBefore and notAfter dates to log line.
Check for null cert argument (addresses PR 47408).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157712 13f79535-47bb-0310-9956-ffa450edef68

Increase length limit of lines in the configuration file to 16MB.
Increase length limit of lines in the group file to 16MB.

PR: 45888, 50824, 43084

Windows and Netware build changes are untested.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157354 13f79535-47bb-0310-9956-ffa450edef68

An alternative on at least some IBM client libraries:

  http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.IBMDS.doc/progref281.htm#opttimeout



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157111 13f79535-47bb-0310-9956-ffa450edef68

number of retries (LDAPRetries, default 3) and configurable delay between 
retries (LDAPRetryDelay, no delay by default).

The LDAP connection is re-initted every other retry, instead of
on the fifth retry -- this was a much more recent addition then
the basic looping behavior.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156790 13f79535-47bb-0310-9956-ffa450edef68

because it's causing the ample retries in mod_ldap to be multiplied by this
outter loop.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156007 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154875 13f79535-47bb-0310-9956-ffa450edef68

in a server context with RewiteEngine off, then later referenced.

Submitted By: Ben Noordhuis
Reviewed By: covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154808 13f79535-47bb-0310-9956-ffa450edef68

remove #ifdef'ed code which was relevant for earlier versions only.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154688 13f79535-47bb-0310-9956-ffa450edef68

after support for non-OpenSSL toolkits has been dropped.

Replace macros by their value proper where feasible, and keep
those definitions in ssl_private.h which depend on specific
OpenSSL versions.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154687 13f79535-47bb-0310-9956-ffa450edef68

and remove #ifdef'ed code from mod_ssl and ab where applicable.

Consensus for dropping support for SSL/TLS toolkits other
than OpenSSL was reached on dev@httpd in June 2010 (message
with ID <20100602162310.GA11156@redhat.com> and follow-ups).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154683 13f79535-47bb-0310-9956-ffa450edef68

their fixup hook, and headers are also not sent on non-2xx responses.

Submitted by:  Sami J. Mäkinen
Reviewed by: Eric Covener (modified to just run REALLY_FIRST)



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154620 13f79535-47bb-0310-9956-ffa450edef68

request notes for logging

PR: 30195


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154342 13f79535-47bb-0310-9956-ffa450edef68

apr-util


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154114 13f79535-47bb-0310-9956-ffa450edef68

- add new NOT_IN_HTACCESS flag for ap_check_cmd_context() 
- describe the need for this in new_api_2_4.xml
- forbid Define and UnDefine in .htaccess


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1153676 13f79535-47bb-0310-9956-ffa450edef68

PR: 51590
Submitted by: Torsten Foertsch <torsten foertsch gmx net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1152943 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1152855 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1152452 13f79535-47bb-0310-9956-ffa450edef68

packets.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1152379 13f79535-47bb-0310-9956-ffa450edef68

e.g. to reverse proxy "Location: https://other-internal-server/login" with
ProxyPassReverse https://public-address/ https://other-internal-server/



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1152273 13f79535-47bb-0310-9956-ffa450edef68

was a time span where crashes would be neither visible on the console nor
logged in the error log.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1151234 13f79535-47bb-0310-9956-ffa450edef68

    
PR: 43696
Submitted by: Arun Bhalla <arun shme net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1151233 13f79535-47bb-0310-9956-ffa450edef68

not allow an empty parameter list for the
AllowMethods directive.

Furthermore switch from AP_MODULE_DECLARE_DATA
to AP_DECLARE_MODULE (the module was brought in
after the big logging refactoring).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1151143 13f79535-47bb-0310-9956-ffa450edef68