- May 15, 2009
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@775314 13f79535-47bb-0310-9956-ffa450edef68
-
- May 14, 2009
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774746 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774745 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774744 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774743 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774742 13f79535-47bb-0310-9956-ffa450edef68
-
- May 13, 2009
-
-
Roy T. Fielding authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774547 13f79535-47bb-0310-9956-ffa450edef68
-
Roy T. Fielding authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774501 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774443 13f79535-47bb-0310-9956-ffa450edef68
-
Richard Bowen authored
https://issues.apache.org/bugzilla/show_bug.cgi?id=47186 to avoid double-escaping of URIs. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@774162 13f79535-47bb-0310-9956-ffa450edef68
-
- May 12, 2009
-
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773882 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
Reviewed By: jorton, rpluem, covener Security fix for CVE-2009-1195: fix Options handling such that 'AllowOverride Options=IncludesNoExec' does not permit Includes with exec= enabled to be configured in an .htaccess file: * include/http_core.h: Change semantics of Includes/IncludeNoExec options bits to be additive; OPT_INCLUDES now means SSI is enabled without exec=. OPT_INCLUDES|OPT_INC_WITH_EXEC means SSI is enabled with exec=. * server/core.c (create_core_dir_config): Remove defunct OPT_INCNOEXEC from default override_opts; no functional change. (merge_core_dir_configs): Update logic to ensure that exec= is disabled in a context where IncludesNoexec is configured, even if Includes-with-exec is permitted in the inherited options set. (set_allow_opts, set_options): Update to reflect new semantics of OPT_INCLUDES, OPT_INC_WITH_EXEC. * server/config.c: Update to remove OPT_INCNOEXEC from default override_opts; no functional change. * modules/filters/mod_include.c (includes_filter): Update to reflect new options semantics - disable exec= support if the OPT_INC_WITH_EXEC bit is not set. Submitted by: Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, jorton Thanks to: Vincent Danon <vdanon redhat.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773881 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773880 13f79535-47bb-0310-9956-ffa450edef68
-
- May 10, 2009
-
-
Ruediger Pluem authored
* Escape pathes of filenames in 406 responses to avoid HTML injections and HTTP response splitting. PR: 46837 Submitted by: Geoff Keating <geoffk apple.com> Reviewed by: rpluem, jim, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773354 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
Prevent a case of SSI timefmt-smashing with filter chains including multiple INCLUDES filters: * modules/filters/mod_include.c (add_include_vars): Drop unused timefmt argument. (add_include_vars_lazy): Take timefmt argument. (get_include_var, handle_printenv): Pass time format from context. PR: 39369 Submitted by: jorton Reviewed by: rpluem, jim, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773352 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
* modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating a proxy rule in directory context, do escape the filename by default, since mod_proxy will not escape in that case due to the (deliberate) fixup hook ordering. Thanks to: rpluem PR: 46428 Submitted by: jorton Reviewed by: rpluem, jim, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773351 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773348 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773345 13f79535-47bb-0310-9956-ffa450edef68
-
- May 08, 2009
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773058 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773056 13f79535-47bb-0310-9956-ffa450edef68
-
- May 06, 2009
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@772393 13f79535-47bb-0310-9956-ffa450edef68
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@772388 13f79535-47bb-0310-9956-ffa450edef68
-
- May 05, 2009
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771967 13f79535-47bb-0310-9956-ffa450edef68
-
- May 04, 2009
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771434 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Change r->content_type when mod_headers sets the Content-Type header Submitted by: issac Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771433 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771430 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771429 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
(triggers restart for console use). Documentation backport of r769134 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771328 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771255 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771249 13f79535-47bb-0310-9956-ffa450edef68
-
- May 03, 2009
-
-
Lucien Gentis authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@771068 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 30, 2009
-
-
Jean-Frederic Clere authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@770332 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 27, 2009
-
-
William A. Rowe Jr authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@769163 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 25, 2009
-
-
Ruediger Pluem authored
* Fix an error in the documentation. Submitted by: rpluem Reviewed by: pluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@768536 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
* Check more strictly that the backend follows the AJP protocol. Submitted by: mturk Reviewed by: rpluem, jim, jfclere git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@768507 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
* Avoid delivering content from a previous request which failed to send a request body by closing the connection to the backend in this case instead of reusing it. CVE: CVE-2009-1191 (cve.mitre.org) PR: 46949 Submitted by: rpluem Reviewed by: rpluem, wrowe, jfclere git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@768506 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
* Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives to enable stricter checking of remote server certificates. (docs/manual/mod/mod_ssl.xml) Documentation of SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN. (modules/proxy/mod_proxy_http.c) Set the hostname of the request URL as note on the connection. (modules/ssl/ssl_private.h) Add proxy_ssl_check_peer_expire and proxy_ssl_check_peer_cn fields to the SSLSrvConfigRec. (modules/ssl/ssl_engine_config.c) Directives stuff for SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN. (modules/ssl/ssl_engine_io.c) Check whether the remote servers certificate is expired / if there is a mismatch between the requested hostanme and the remote server certificates CN field. Be able to parse ASN1 times. (modules/ssl/mod_ssl.c) Directives stuff for SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN. Submitted by: rpluem Reviewed by: rpluem, jim, jfclere git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@768504 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
Submitted by: jim Reviewed by: jim, rpluem, jfclere git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@768503 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@768502 13f79535-47bb-0310-9956-ffa450edef68
-
- Apr 23, 2009
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@767815 13f79535-47bb-0310-9956-ffa450edef68
-