git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796474 13f79535-47bb-0310-9956-ffa450edef68

propose


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796454 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796453 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796450 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796449 13f79535-47bb-0310-9956-ffa450edef68

PR61124: ap_parse_form_data() EBCDIC fix

URL-decoding doesn't work on EBCDIC.

Submitted By: Hank Ibell <hwibell gmail.com>

(CTR for EBCDIC fix)




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796447 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796393 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796392 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796351 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796349 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796344 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796300 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796297 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796152 13f79535-47bb-0310-9956-ffa450edef68

Remove warning about nested If/ElseIf/Else evaluation

As noted by Christophe Jaillet in the dev@ ml nested
if/elseif/else conditions are now evaluated. The code
change has been already backported to 2.4.x.


Submitted by: elukey



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796151 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796150 13f79535-47bb-0310-9956-ffa450edef68

Backport r1772559, r1774492, r1774493, r1774505 + reorder section/module in order to synch with trunk.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1796131 13f79535-47bb-0310-9956-ffa450edef68

which had been approved and committed.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795908 13f79535-47bb-0310-9956-ffa450edef68

ab: don't call malloc_init for OpenSSL 1.1.0

Patch by rjung.

The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems
when mixed with procedure linkage stubs with some toolchains (e.g. GCC).
OpenSSL's malloc implementation doesn't recognize that the PLT stub
points back to it, which leads to infinite recursion.

Since the 1.1.0 documentation states that calling this function
explicitly is no longer necessary except "in certain shared-library
situations"(?), get rid of it.
Submitted by: jchampion
Reviewed by: jchampion, ylavic, gsmith


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795907 13f79535-47bb-0310-9956-ffa450edef68

Evaluate nested If/ElseIf/Else config sections

It has been reported multiple times that nested
If/ElseIf/Else sections are not evaluated but
silently ignored.

This patch adds a simple recursion to the ap_if_walk
logic in order to allow arbitrary nested configs.
The overhead seems negligible compared to the actual
version of the ap_if_walk, but more expert feedback
is surely needed since this code gets called for every
HTTP request.

Tests are going to be added to t/apache/if_sections.t


Submitted by: elukey
Reviewed by: elukey, jim, yalvic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795906 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795877 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795865 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795852 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795851 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795850 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795831 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795811 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795809 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795808 13f79535-47bb-0310-9956-ffa450edef68

has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)

This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795359 13f79535-47bb-0310-9956-ffa450edef68

mod_substitute: use local/native LF for splitting

On platforms where the APR_ASCII_LF != '\n', like EBCDIC systems,
strmatch or pcre patterns from the source or config will be in
the native encoding, and this module will really only work on 
content in the native encoding.

(mod_substitute runs before mod_charset_lite for a similar reason)

I thought #if APR_CHARSET_EBCDIC or even #ifdef __MVS__ was overkill
here. 



(CTR due to ebcdic-only)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794856 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794164 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794162 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794064 13f79535-47bb-0310-9956-ffa450edef68

Merged /httpd/httpd/trunk:r1793533,1794049

mod_http2: fail requests without ERROR log in case we need to read interim
     responses and see only garbage. This can happen if proxied servers send
     data where none should be, e.g. a body for a HEAD request.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794052 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1794007 13f79535-47bb-0310-9956-ffa450edef68

Merged /httpd/httpd/trunk:r1792212,1793525

mod_proxy_http2: adding support for Reverse Proxy Request headers.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1793532 13f79535-47bb-0310-9956-ffa450edef68

Save a few bytes in the conf pool.

'push_item' and 'add_alt' already duplicate their parameters, so we can safely use the temp_pool here.

Use 'ap_cstr_casecmp' to simplify code.

Remove useless case. We know that to can not be NULL at this point.

Follow up to r1772812: update APLOGNO().

* modules/ssl/ssl_engine_kernel.c: Constify the ssl_hook_Fixup_vars array itself.


winnt/service: each log message should use its own APLOGNO.
Submitted by: jailletc36, ylavic, jorton, ylavic
Reviewed by: jailletc36, covener, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1793466 13f79535-47bb-0310-9956-ffa450edef68

PR61009: be as helpful as possible during -V operation

A configtest isn't useful if you're just trying to get compile settings.
Move the settings dump up to just after ap_read_config(), which has
already done the minimum necessary to figure out which MPM is in use.

Even if ap_read_config() failed, still print as many compile settings as
we can. The user will see the error log entry on stderr.
Submitted by: jchampion
Reviewed by: jchampion, covener, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1793465 13f79535-47bb-0310-9956-ffa450edef68

mod_brotli: Unbreak building other filter modules without libbrotlienc.

Don't add -lbrotlienc to the MOD_LDFLAGS unconditionally.  And, when
adding it, use MOD_BROTLI_LDADD to avoid linking all filter modules
against this library.


mod_brotli: Rewrite the autoconf script in a, hopefully, less convoluted way.

Explicitly handle different cases when we do a pkg-config lookup
(<nothing>, --with-brotli or --with-brotli=yes) or examine the path
provided by the user (--with-brotli=PATH).

This lays the groundwork to simplify the switch to the official Brotli
library (https://github.com/google/brotli), instead of expecting the
install layout of a third-party wrapper (https://github.com/bagder/libbrotli).


mod_brotli: Update makefiles to use the library layout of the official
Brotli repository.

With the recent update (https://github.com/google/brotli/pull/464), the
official repository now produces pkg-config metadata files (brotli.pc),
and has a fixed library layout (libbrotlicommon/libbrotlienc/libbrotlidec)
on both Windows and Linux.  Expect this layout in the makefiles, and take
advantage of the pkg-config metadata, if it's available.


mod_brotli: Update makefile to cope with the pkg-config layout change
in https://github.com/google/brotli/commit/fe9f9a9

There's a typo in the upstream commit [1] (s/brotlicommon/libbrotlicommon)
that currently produces an unusable libbrotlienc.pc file, but hopefully
this is going to be fixed there.

[1] https://github.com/google/brotli/commit/fe9f9a9#diff-af3b638bc2a3e6c650974192a53c7291R409

Submitted by: kotkov
Reviewed by: kotkov, covener, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1793464 13f79535-47bb-0310-9956-ffa450edef68