git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791849 13f79535-47bb-0310-9956-ffa450edef68

Start from 10027 to match the current trunk (r1791845), which will be
merged into shortly.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791848 13f79535-47bb-0310-9956-ffa450edef68

This should help during testing and debugging. Use APLOG_NOTICE for now,
until we fix PR60999, so that people can actually see the log message.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791847 13f79535-47bb-0310-9956-ffa450edef68

This is most likely a follow-up to r1628833.

At some point during the OpenSSL 1.0.2 beta, the contract for custom
extension callbacks changed from "returning -1 skips the extension" to
"returning -1 will issue a TLS fatal alert". This caused mod_ssl_ct to
abort TLS connections that it intended to ignore. Zero is the correct
return value for "do nothing" in 1.0.2.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791845 13f79535-47bb-0310-9956-ffa450edef68

LanguagePriority by a first-order comparison and drop negligable translations
from our ordered priority preference list entirely.

A better comparison would be total number of documents in-sync, or some
convoluted weight ordering each document by which are more in sync than
others. Leaving that puzzle to an interested hacker.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791807 13f79535-47bb-0310-9956-ffa450edef68

update after mod_http2 backport.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791790 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: normalize zombie slot state before pushing it on the free list.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791773 13f79535-47bb-0310-9956-ffa450edef68

...but at the moment, this won't actually get logged unless you're
running in debug mode, due to an unrelated bug (PR60999).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791733 13f79535-47bb-0310-9956-ffa450edef68

CRYPTO_THREADID_set_callback() is write-once, so if mod_ssl is unloaded
and reloaded into a different address, we'll crash if OpenSSL wasn't
also unloaded and reloaded at the same time. This can happen if another
module or library is using OpenSSL as well.

- OpenSSL 1.1.0 isn't affected.
- Certain platforms (Windows, BeOS, and POSIX-compliant systems) can
  make use of the default THREADID callback in OpenSSL 1.0.x.
- If the deprecated CRYPTO_set_id_callback() is available, we can use it
  instead of CRYPTO_THREADID_set_callback().

Otherwise, we have to fall back to CRYPTO_THREADID_set_callback(), but
hopefully that applies to a small percentage of users at this point.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791732 13f79535-47bb-0310-9956-ffa450edef68

Mark the things that are busted.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791731 13f79535-47bb-0310-9956-ffa450edef68

Should make it easier to see what's going on in the next few changes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791730 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: MaxKeepAliveRequests now limits the number of times a 
     slave connection gets reused. 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791669 13f79535-47bb-0310-9956-ffa450edef68

On platforms where the APR_ASCII_LF != '\n', like EBCDIC systems,
strmatch or pcre patterns from the source or config will be in
the native encoding, and this module will really only work on 
content in the native encoding.

(mod_substitute runs before mod_charset_lite for a similar reason)

I thought #if APR_CHARSET_EBCDIC or even #ifdef __MVS__ was overkill
here. 




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791400 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: client streams that lack the EOF flag get now forcefully
     closed with a RST_STREAM (NO_ERROR) when the request has been answered.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791388 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: only when 'HttpProtocolOptions Unsafe' is configured, will
     control characters in response headers or trailers be forwarded to the
     client. Otherwise, in the default configuration, a request will eiher 
     fail with status 500 or the stream will be reset by a RST_STREAM frame. 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791377 13f79535-47bb-0310-9956-ffa450edef68

Increase the number of threads from three to ten. Patch by rjung.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791309 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791238 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791234 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791055 13f79535-47bb-0310-9956-ffa450edef68

This is step one for fixing, or at least mitigating, PR60947. Determine
which platforms can use the default OpenSSL (1.0.x) threadid-callback,
by recording the address of errno for several threads and testing that
they're all different.

The result of this test is put into the new macro,
AP_OPENSSL_USE_ERRNO_THREADID.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791054 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/trunk-openssl-threadid@1791053 13f79535-47bb-0310-9956-ffa450edef68

do not recycle the socket.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790978 13f79535-47bb-0310-9956-ffa450edef68

mpm_winnt: always invoke ap_lingering_close() at connection end.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790973 13f79535-47bb-0310-9956-ffa450edef68

the "Serving pre-compressed content" section of the docs.

Generally speaking, this section would benefit from a rewrite pointing
out how to configure a mod_deflate + mod_brotli configuration with
precompressed contents, but for now at least fix the mistakes in the
configuration.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790871 13f79535-47bb-0310-9956-ffa450edef68

in the documentation (BrotliCompressionQuality, BrotliCompressionWindow,
BrotliCompressionMaxInputBlock, BrotliAlterETag).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790870 13f79535-47bb-0310-9956-ffa450edef68

in the documentation.

Currently, mod_brotli only allows dynamic output compression, and doesn't
have the server-side decompression capability.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790869 13f79535-47bb-0310-9956-ffa450edef68

the documentation.

The previous description explained the semantics of this variable as
if it has been a (non-existing) "force-brotli".


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790868 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790866 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790860 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: explicit int conversions to silence warnings in mod-h2 build.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790855 13f79535-47bb-0310-9956-ffa450edef68

that has been referring to httpd 2.2.x.

There's no mod_brotli in 2.2.x.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790853 13f79535-47bb-0310-9956-ffa450edef68

The 0.6.0 version has just been released [1], and it contains the
necessary API required for mod_brotli.

[1] https://github.com/google/brotli/releases/tag/v0.6.0

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790852 13f79535-47bb-0310-9956-ffa450edef68

update after mod_http2 backport



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790850 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_http2: no longer mapping link headers when preserve host is on.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790842 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_http2: 1 is true.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790827 13f79535-47bb-0310-9956-ffa450edef68

mod_proxy_http2: Reliability of reconnect handling improved.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790826 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: fixed two deadlocks introduced by removing nested mplx locking earlier.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790754 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790694 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790693 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790692 13f79535-47bb-0310-9956-ffa450edef68