Commits · e7239fc4e7a4cffbc1a12f2f39597a6262827bde · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

Feb 03, 2010

* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Add · e7239fc4

Joe Orton authored Feb 03, 2010

  SSL_SECURE_RENEG variable to indicate support for secure reneg.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup_vars): Export
  SSL_SECURE_RENEG in the default set of variable.s


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@906057 13f79535-47bb-0310-9956-ffa450edef68

e7239fc4

New releases of OpenSSL will only allow secure renegotiation by · 20ebf99c

Joe Orton authored Feb 03, 2010

default.  Add an "SSLInsecureRenegotiation" directive to enable
renegotiation against unpatched clients, to ease transition:

* modules/ssl/ssl_private.h (struct SSLSrvConfigRec): Add
  insecure_reneg field.

* modules/ssl/ssl_engine_config.c (ssl_config_server_new,
  ssl_config_server_merge): Handle the insecure_reneg flag.
  (ssl_cmd_SSLInsecureRenegotiation): New function.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): Set the
  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION option if insecure_reneg is
  enabled.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Log level of
  support for secure reneg.

* modules/ssl/mod_ssl.c: Add the directive definition.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@906039 13f79535-47bb-0310-9956-ffa450edef68

20ebf99c

Feb 02, 2010

* Use loglevel value for parsing · fb453f41

Ruediger Pluem authored Feb 02, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905546 13f79535-47bb-0310-9956-ffa450edef68

fb453f41

mod_session: Session expiry was being initialised, but not updated · 85f2731d

Graham Leggett authored Feb 02, 2010

on each session save, resulting in timed out sessions when there
should not have been. Fixed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905490 13f79535-47bb-0310-9956-ffa450edef68

85f2731d

Update transformations. · 5da4e391

Graham Leggett authored Feb 02, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905482 13f79535-47bb-0310-9956-ffa450edef68

5da4e391

Feb 01, 2010

replace duplicate code with new function ap_parse_log_level() · f7b70dab
Stefan Fritsch authored Feb 01, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905454 13f79535-47bb-0310-9956-ffa450edef68
```
f7b70dab

mod_log_config: Add the R option to log the handler used within the · 9e61eb23

Graham Leggett authored Feb 01, 2010

request.
Submitted by: Christian Folini <christian.folini netnea com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905420 13f79535-47bb-0310-9956-ffa450edef68

9e61eb23

Allow fine control over the removal of Last-Modified and ETag headers · 5d4f3cd9

Graham Leggett authored Feb 01, 2010

within the INCLUDES filter, making it possible to cache responses if
desired. Fix the default value of the SSIAccessEnable directive.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905406 13f79535-47bb-0310-9956-ffa450edef68

5d4f3cd9

Jan 31, 2010
- Updates for french files, and a little typo in manual/mod/mod_autoindex.xml. · 084bc75c
  Lucien Gentis authored Jan 31, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905041 13f79535-47bb-0310-9956-ffa450edef68
```
  084bc75c
Jan 30, 2010

Replace the Define !FOO syntax by a new UnDefine directive. · b666a931
Stefan Fritsch authored Jan 30, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@904853 13f79535-47bb-0310-9956-ffa450edef68
```
b666a931

Allow the Define directive to undefine a variable by prefixing the · f96f37a7

Stefan Fritsch authored Jan 30, 2010

argument with a '!'.

PR: 35350


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@904768 13f79535-47bb-0310-9956-ffa450edef68

f96f37a7

Ooops. We are at 2.3.6 by now. · 8c048e88

Stefan Fritsch authored Jan 30, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@904766 13f79535-47bb-0310-9956-ffa450edef68

8c048e88

Make ap_pregsub(), used by AliasMatch and friends, use the same syntax · cfe5146a

Stefan Fritsch authored Jan 30, 2010

for regex backreferences as mod_rewrite and mod_include: Remove the use
of '&' as an alias for '$0' and allow to escape any character with a
backslash.

Document the use of $0.

PR: 48351


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@904765 13f79535-47bb-0310-9956-ffa450edef68

cfe5146a

Update transformations · b9aa238e

Stefan Fritsch authored Jan 30, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@904763 13f79535-47bb-0310-9956-ffa450edef68

b9aa238e

Jan 27, 2010

* Make autoindex.t from perl testframework work again · bf101646

Ruediger Pluem authored Jan 27, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903794 13f79535-47bb-0310-9956-ffa450edef68

bf101646

Fix two typos revealed by xmllint · b3d3f234

William A. Rowe Jr authored Jan 27, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903780 13f79535-47bb-0310-9956-ffa450edef68

b3d3f234

Move core flags into core.xml directives · 275e1296

William A. Rowe Jr authored Jan 27, 2010

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903777 13f79535-47bb-0310-9956-ffa450edef68

275e1296

* Remove unused variable to silence compiler warning · 24751b12

Ruediger Pluem authored Jan 27, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903748 13f79535-47bb-0310-9956-ffa450edef68

24751b12

* We need to return an int as result of the pre_config hook. · 6c78003d
Ruediger Pluem authored Jan 27, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903607 13f79535-47bb-0310-9956-ffa450edef68
```
6c78003d

Jan 26, 2010

Use correct comment style. · 225578f1

Richard Bowen authored Jan 26, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903302 13f79535-47bb-0310-9956-ffa450edef68

225578f1

alphabetical order is a good thing. · 3d66f024

Richard Bowen authored Jan 26, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903057 13f79535-47bb-0310-9956-ffa450edef68

3d66f024

Rebuild HTML · 4c677611

Richard Bowen authored Jan 26, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903056 13f79535-47bb-0310-9956-ffa450edef68

4c677611

Adds documentation for the new AddAltClass IndexOption, and for the new · f67465ec

Richard Bowen authored Jan 26, 2010

CSS classes provided by IndexStyleSheet



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903055 13f79535-47bb-0310-9956-ffa450edef68

f67465ec

Applies the patch provided in ticket 34014, enhancing the CSS abilities · ecf24705

Richard Bowen authored Jan 26, 2010

of mod_autoindex. Documentation to follow momentarily.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903052 13f79535-47bb-0310-9956-ffa450edef68

ecf24705

Fix default OSCP stapling port. · 9943c369

William A. Rowe Jr authored Jan 26, 2010

Submitted by: Dr Stephen Henson <steve openssl.org>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903026 13f79535-47bb-0310-9956-ffa450edef68

9943c369

Refactor mod_status out of the ExtendedStatus toggle picture, as other · 8b17a874

William A. Rowe Jr authored Jan 26, 2010

modules can and should be able to use this scoreboard information.
Rename suggestions for such a directive are welcomed.

Note that mod_status toggles the default, to present the ExtendedStatus
for server operators, whenever it is loaded. Docs changes to follow.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@903020 13f79535-47bb-0310-9956-ffa450edef68

8b17a874

Jan 24, 2010

mod_authnz_ldap: If AuthLDAPCharsetConfig is set, also convert the password to · 0b8693ff

Stefan Fritsch authored Jan 24, 2010

UTF-8.

PR: 45318
Adapted patch from Johannes Müller


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902654 13f79535-47bb-0310-9956-ffa450edef68

0b8693ff

ab: Fix number of requests per second in HTML output being to large by a · 6a9151f8

Stefan Fritsch authored Jan 24, 2010

factor of 1000

PR: 48594


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902642 13f79535-47bb-0310-9956-ffa450edef68

6a9151f8

Change LDAP authentication failures (user->DN or password check) to log · e513f626

Eric Covener authored Jan 24, 2010

level INFO from log level WARNING. This is still liberal for authn
providers.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902641 13f79535-47bb-0310-9956-ffa450edef68

e513f626

Note that a firewall silently dropping packets is a mis-configuration. · 37a45f66
Stefan Fritsch authored Jan 24, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902605 13f79535-47bb-0310-9956-ffa450edef68
```
37a45f66

Move the ldap_simple_bind() + ldap_result() code implementing a timeout · 93268700

Stefan Fritsch authored Jan 24, 2010

into a utility function and use it to replace the other occurence of
ldap_simple_bind_s().

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902604 13f79535-47bb-0310-9956-ffa450edef68

93268700

changed strcasestr() to ap_strcasestr() to fix broken NetWare compile. · da714782
Guenter Knauf authored Jan 24, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902593 13f79535-47bb-0310-9956-ffa450edef68
```
da714782

Jan 23, 2010

fix LDAPConnectionTimeout, take a stab at newly added LDAPTimeout · 506a9215
Eric Covener authored Jan 23, 2010
```
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902445 13f79535-47bb-0310-9956-ffa450edef68
```
506a9215

Update transformations · 06ae1032

Stefan Fritsch authored Jan 23, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902436 13f79535-47bb-0310-9956-ffa450edef68

06ae1032

Rename RequestTimeout into RequestReadTimeout and change the configuration · 815e3b53

Stefan Fritsch authored Jan 23, 2010

syntax again. Hopefully this makes it easier to understand.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902434 13f79535-47bb-0310-9956-ffa450edef68

815e3b53

Jan 22, 2010

fix maintainer mode ap_strstr() argument mismatch warnings · f843b422

Jeff Trawick authored Jan 22, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@902245 13f79535-47bb-0310-9956-ffa450edef68

f843b422

Jan 21, 2010

roll on to 2.3.6-dev · c846b7e3

Paul Querna authored Jan 21, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@901884 13f79535-47bb-0310-9956-ffa450edef68

c846b7e3

prep for 2.3.5 tag · b63cfaa0

Paul Querna authored Jan 21, 2010


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@901881 13f79535-47bb-0310-9956-ffa450edef68

b63cfaa0

Because the redirect-request survives logging, we don't have the · 8fb05878

William A. Rowe Jr authored Jan 21, 2010

same exposure as subrequests, and this change would have doubled
the headers. Revert this bit of the headers_in 'consistification'

Noted by rpluem.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@901589 13f79535-47bb-0310-9956-ffa450edef68

8fb05878

Correctly align the behavior of headers_in to be consistent with the · 21a756a8

William A. Rowe Jr authored Jan 21, 2010

treatment of headers_out, resolving PR 48359 by keeping subrequest
scope changes out of the main request headers. This ensures that all
requests-without-bodies behave as the requests-with-bodies code has.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@901578 13f79535-47bb-0310-9956-ffa450edef68

21a756a8