Commits · dd3ea1a8c78c1f632cbdb18aefc3af7b6d791ee9 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Nov 10, 2009

Revert removal of the key_type byte in the lock key. There is no need to break · dd3ea1a8

Stefan Fritsch authored Nov 10, 2009

the format on systems without inodes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834533 13f79535-47bb-0310-9956-ffa450edef68

dd3ea1a8

fix off by one error · 5c59b3f2

Stefan Fritsch authored Nov 10, 2009

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834500 13f79535-47bb-0310-9956-ffa450edef68

5c59b3f2

Fix broken config check for *max timeouts · ae340e7c

Stefan Fritsch authored Nov 10, 2009

Fix floating point exception for *minrate == 0


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834499 13f79535-47bb-0310-9956-ffa450edef68

ae340e7c

fix e-mail address format · fffb85cd

Jeff Trawick authored Nov 10, 2009

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834440 13f79535-47bb-0310-9956-ffa450edef68

fffb85cd

enable support for ECC keys and ECDH ciphers. Tested against · 02f1bb53

Sander Temme authored Nov 10, 2009

OpenSSL 1.0.0b3.  [Vipul Gupta vipul.gupta sun.com, Sander Temme]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834378 13f79535-47bb-0310-9956-ffa450edef68

02f1bb53

Nov 09, 2009

mod_dav_fs: Include uri when logging a PUT error due to connection abort. · cf50b445
Stefan Fritsch authored Nov 09, 2009
```
PR: 38149


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834245 13f79535-47bb-0310-9956-ffa450edef68
```
cf50b445

Return 409 instead of 500 for a LOCK request if the parent resource does not · 24e39d09

Stefan Fritsch authored Nov 09, 2009

exist or is not a collection.

PR: 43465


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834230 13f79535-47bb-0310-9956-ffa450edef68

24e39d09

There is a bug report for r834073, therefore add a CHANGES entry. · 8ded7dc5

Stefan Fritsch authored Nov 09, 2009

Fix litmus warning: According to RFC2518, COPY to non-existant collection
should give 409 CONFLICT.

PR: 39299


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834107 13f79535-47bb-0310-9956-ffa450edef68

8ded7dc5

Fix compiler warning · 9b034d62

Stefan Fritsch authored Nov 09, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834079 13f79535-47bb-0310-9956-ffa450edef68

9b034d62

Fix litmus warning: According to RFC2518, COPY to non-existant collection · e510011e

Stefan Fritsch authored Nov 09, 2009

should give 409 CONFLICT.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834073 13f79535-47bb-0310-9956-ffa450edef68

e510011e

Don't delete the whole file if a PUT with content-range failed. · ecbee9d8

Stefan Fritsch authored Nov 09, 2009

PR: 42896


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834062 13f79535-47bb-0310-9956-ffa450edef68

ecbee9d8

Make PUT with DAV_MODE_WRITE_TRUNC create a temporary file first and, when the · e571e947

Stefan Fritsch authored Nov 09, 2009

transfer has been completed successfully, move it over the old file.

Since this would break inode keyed locking, switch to filename keyed locking
exclusively.

PR: 39815
Submitted by: Paul Querna, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834049 13f79535-47bb-0310-9956-ffa450edef68

e571e947

Instead of checking device ids, try rename first and in case of EXDEV, · ab74d9c3

Stefan Fritsch authored Nov 09, 2009

fallback to copy.

From rename(2) on Linux: Linux permits a file system to be mounted at multiple
points, but rename() does not work across different mount points, even
if the same file system is mounted on both.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834019 13f79535-47bb-0310-9956-ffa450edef68

ab74d9c3

Also remove trailing whitespace in the value · 941fc578

Stefan Fritsch authored Nov 09, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834013 13f79535-47bb-0310-9956-ffa450edef68

941fc578

Simplify code by using apr_strtok · 39a2ee49

Stefan Fritsch authored Nov 09, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@834006 13f79535-47bb-0310-9956-ffa450edef68

39a2ee49

Nov 08, 2009

Rebuild html from xml typo fixes. · 61a062f7

Richard Bowen authored Nov 08, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833936 13f79535-47bb-0310-9956-ffa450edef68

61a062f7

Little typos. · 46cbbdd0

Lucien Gentis authored Nov 08, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833878 13f79535-47bb-0310-9956-ffa450edef68

46cbbdd0

Nov 07, 2009

mod_log_config: Make ${cookie}C correctly match whole cookie names · 09d59b3d

Stefan Fritsch authored Nov 07, 2009

instead of substrings.

PR: 28037
Submitted by: Dan Franklin <dan dan-franklin.com>, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833738 13f79535-47bb-0310-9956-ffa450edef68

09d59b3d

Update. · 65e3a33b

Lucien Gentis authored Nov 07, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833722 13f79535-47bb-0310-9956-ffa450edef68

65e3a33b

Typo correction. Thanks Lucien. · 522930c8

Richard Bowen authored Nov 07, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833721 13f79535-47bb-0310-9956-ffa450edef68

522930c8

Nov 06, 2009

Some additional new feature goodness to be part of 2.4. Please review · c7db255b
Sander Temme authored Nov 06, 2009
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833596 13f79535-47bb-0310-9956-ffa450edef68
```
c7db255b

* modules/ssl/ssl_engine_kernel.c (ssl_callback_Info): Add parentheses · 6370d9f4

Joe Orton authored Nov 06, 2009

  around bitwise-and.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833593 13f79535-47bb-0310-9956-ffa450edef68

6370d9f4

update pollset to reflect changed connection state before closing the socket; · 3949aeae

Jeff Trawick authored Nov 06, 2009

otherwise the pollset-remove can crash (at least with select-based poll, since
fd is now -1)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833583 13f79535-47bb-0310-9956-ffa450edef68

3949aeae

SECURITY: Partial fix for CVE-2009-3555: · 06f68fdc

Joe Orton authored Nov 06, 2009

Reject client-initiated renegotiations; this is sufficient to prevent
the attack for any configuration which does not require renegotiation
due to per-directory/per-location access control configuration.

Configuration with per-directory/per-location access control
requirements (such as "SSLVerifyClient require") are still vulnerable
to CVE-2009-3555 with this patch applied (if using OpenSSL <= 0.9.8k).

* modules/ssl/ssl_private.h (SSLConnRec): Add reneg_state field.
  (ssl_callback_Info): Renamed from ssl_callback_LogTracingState.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Install
  the (renamed) info callback unconditionally.

* modules/ssl/ssl_engine_io.c (ssl_filter_ctx_t): Add config pointer
  to SSLConnRec.
  (bio_filter_out_write, bio_filter_in_read): Fail with
  APR_ECONNABORTED if the reneg state is set to RENEG_ABORT.

* modules/ssl/ssl_engine_kernel.c (log_tracing_state): Factored out
  of ssl_callback_LogTracingState.
  (ssl_callback_Info): New function.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833582 13f79535-47bb-0310-9956-ffa450edef68

06f68fdc

Remove mod_unique_id from the default build. · e142a869

Sander Temme authored Nov 06, 2009

Reviewed by: sctemme, niq, rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833477 13f79535-47bb-0310-9956-ffa450edef68

e142a869

Update. · 14685660

Lucien Gentis authored Nov 06, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833393 13f79535-47bb-0310-9956-ffa450edef68

14685660

Touch file, SVN testing. Eeek =) · 90d15a39

Tony Stevenson authored Nov 06, 2009

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833322 13f79535-47bb-0310-9956-ffa450edef68

90d15a39

Nov 05, 2009

expose r->notes to lua · 5f638b16

Brian McCallister authored Nov 05, 2009

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833141 13f79535-47bb-0310-9956-ffa450edef68

5f638b16

seealso list in all the various docs. · 25fd826e

Richard Bowen authored Nov 05, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833139 13f79535-47bb-0310-9956-ffa450edef68

25fd826e

Little typo. · 3aeae32c

Lucien Gentis authored Nov 05, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833090 13f79535-47bb-0310-9956-ffa450edef68

3aeae32c

Moves the "canonial URL" example to remapping · 3e5660bf

Richard Bowen authored Nov 05, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833061 13f79535-47bb-0310-9956-ffa450edef68

3e5660bf

Moves the "dynamically regenerated" rule to advanced. · 48ba0f5c

Richard Bowen authored Nov 05, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832977 13f79535-47bb-0310-9956-ffa450edef68

48ba0f5c

Removing a ruleset that not only doesn't have a description, but also · 6e1d06e9

Richard Bowen authored Nov 05, 2009

can't possibly work, since it contains a fully-qualified URL in the
RewriteRule. Feel free to revert iff you can provide a description and a
functional rule.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832976 13f79535-47bb-0310-9956-ffa450edef68

6e1d06e9

Moves the 'browser-specific' rule into remapping. · 6414ad1a

Richard Bowen authored Nov 05, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832973 13f79535-47bb-0310-9956-ffa450edef68

6414ad1a

Moves the 'sharding' rule into the 'advanced' doc. · f79cbd6b

Richard Bowen authored Nov 05, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832971 13f79535-47bb-0310-9956-ffa450edef68

f79cbd6b

I'm actually not terribly thrilled with the notion of an "advanced" doc, · a0aaa887

Richard Bowen authored Nov 05, 2009

because that's such an arbitrary designation, and I'm afraid that it
will become a catch-all. So if someone wants to do this differently, I
certainly won't object.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832962 13f79535-47bb-0310-9956-ffa450edef68

a0aaa887

Removing this rule entirely, because it's not meaningful. It relies on · 69eeefe9

Richard Bowen authored Nov 05, 2009

REMOTE_IDENT. Browsers stopped sending REMOTE_IDENT 15 years ago, and
even when they did, it wasn't trustworthy.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832952 13f79535-47bb-0310-9956-ffa450edef68

69eeefe9

* modules/ssl/ssl_toolkit_compat.h: Fix compat with older OpenSSL. · 3cd4c0dc
Joe Orton authored Nov 05, 2009
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832943 13f79535-47bb-0310-9956-ffa450edef68
```
3cd4c0dc

Relocates another rule. · bdea8fd3

Richard Bowen authored Nov 05, 2009

Please also note that this rule refers to before and after 1.3b6.
That's embarrassing. It would be great if someone would apply the
relevant changes to the 2.2 and 2.0 docs also.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832935 13f79535-47bb-0310-9956-ffa450edef68

bdea8fd3

Relocates another recipe, and updates it. · 78658311

Richard Bowen authored Nov 05, 2009


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832923 13f79535-47bb-0310-9956-ffa450edef68

78658311