Implement a (bounded) buffer of request body data to provide a limited
but safe fix for the mod_ssl renegotiation-vs-requests-with-bodies
bug:

* modules/ssl/ssl_private.h (ssl_io_buffer_fill): Add prototype.

* modules/ssl/ssl_engine_io.c (ssl_io_buffer_fill,
ssl_io_filter_buffer): New functions.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): If a
renegotiation is needed, and the request has a non-zero
content-length, or a t-e header (and 100-continue was not requested),
call ssl_io_buffer_fill to set aside the request body data if
possible, then proceed with the negotiation.

PR: 12355


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@291425 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@291271 13f79535-47bb-0310-9956-ffa450edef68

significant enough to warrant its own CHANGES entry.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@291128 13f79535-47bb-0310-9956-ffa450edef68

* server/request.c (core_opts_merge): When AllowOverride is specified
for the directory, ignore the inherited override_opts field.

PR: 35330
Submitted by: kabe <kabe sra-tohoku.co.jp>
Reviewed by: jorton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@291125 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290970 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290969 13f79535-47bb-0310-9956-ffa450edef68

Add <glossary> tag for mime-type where appropriate.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290817 13f79535-47bb-0310-9956-ffa450edef68

Add APR to the glossary and link it in where appropriate.


Missed an end tag in the glossary.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290805 13f79535-47bb-0310-9956-ffa450edef68

Fix dtd to match <glossary> change in xsl.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290761 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290756 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290754 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290748 13f79535-47bb-0310-9956-ffa450edef68

  Add TraceEnable compatibility tag, and ./build.sh all causing
  lots and lots of noise this time.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290730 13f79535-47bb-0310-9956-ffa450edef68

Any failure in apr_stat on a symlink currently gives
"Symbolic link not allowed", which results in much head-scratching
if the actual problem is a broken link of some sort.  The real
fix would be to propogate the correct apr_stat error into the
error log, but that would require more refactoring than I'm
prepared to do.  This change simply expands the error message
to include both possibilities.  It improves the situation for
PR28515 but does not solve it.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290727 13f79535-47bb-0310-9956-ffa450edef68

The arrow indicator for a glossary link was cute, but I found it way too
disturbing to the flow of text.  Here I replace it with a dashed-unline.
Also, allow the omission of the ref attribute where the glossary term is
exactly equal to the link contents.


Omit reference to pre-2.0.48 versions.


Add some <glossary> markup for regular expression and regex.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290725 13f79535-47bb-0310-9956-ffa450edef68

Merge win32 htcacheclean addition into the 2.2.x branch.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290721 13f79535-47bb-0310-9956-ffa450edef68

Merge r290659 with the 2.2.x branch; add htcacheclean to the win32 build



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290663 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290547 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290543 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290521 13f79535-47bb-0310-9956-ffa450edef68

  Sync to 2.0.x/CHANGES


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290518 13f79535-47bb-0310-9956-ffa450edef68

  Backport TraceEnable docs to the 2.2-dev branch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290496 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290472 13f79535-47bb-0310-9956-ffa450edef68

Fix Bug#: 25659 (Memory leak in ssl_util_algotypeof())
Reported by David Blake in 2003, including patch.

Reviewed by: martin


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290466 13f79535-47bb-0310-9956-ffa450edef68

Fix Bug#: 25659 (Memory leak in ssl_util_algotypeof())
Reported by David Blake in 2003, including patch.

Reviewed by: martin


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290463 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290461 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290442 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290429 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290428 13f79535-47bb-0310-9956-ffa450edef68

Backport all outstanding docs/manual changes from trunk to the 2.2.x
branch. Only the SetEnvIf documentation was left out.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290427 13f79535-47bb-0310-9956-ffa450edef68

Backporting the caching user guide to the 2.2.x branch. 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290416 13f79535-47bb-0310-9956-ffa450edef68

* update transformation


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290200 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290199 13f79535-47bb-0310-9956-ffa450edef68

* add missing faq/background transformed files
* `build extraclean all`


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290198 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290195 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290193 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290190 13f79535-47bb-0310-9956-ffa450edef68

Backport graceful-stop to the 2.2.x branch.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290189 13f79535-47bb-0310-9956-ffa450edef68

Backport r239710, r239711, r239732, r239740 and r241815 to the 2.2.x branch;
Fix PR 28167, which means we stop listening on ports when we do a
graceful-restart.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290179 13f79535-47bb-0310-9956-ffa450edef68

* modules/ssl/ssl_util_ssl.c (SSL_X509_STORE_create): Catch errors
returned by X509_LOOKUP_add_dir or X509_LOOKUP_load_file to detect
malformed or misconfigured CRLs.  Clear error stack beforehand to
ensure reported errors are relevant.

* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): Fix gcc
4.x different-pointer-signedness warning.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
renegotiation is performed for a transition from "SSLVerifyClient
optional" to "SSLVerifyClient require".  (CVE CAN-2005-2700)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@290159 13f79535-47bb-0310-9956-ffa450edef68