nouser) violates the purpose of that user.  User nobody exists
specifically as a user that no process runs as and that owns no files
on disk.  Same for nogroup.

The user and group daemon are the generic system services user and
group.  Use those instead.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@220032 13f79535-47bb-0310-9956-ffa450edef68

easier for admins to manage the cache.

Still requires modifications to htcacheclean to work.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219945 13f79535-47bb-0310-9956-ffa450edef68

Implement OID checking for mod_ssl. This code allows for checking of arbitrary client
certificate extensions by OID, in a syntax like:
   SSLRequire "BaDCA Generated Certificate" in Oid("2.16.840.1.113730.1.13") \
          || "committers"                   in Oid("1.3.6.1.4.1.18060.1")
Note the following:
* A given OID can occur multiple times in one cert, with different values. Therefore
  the OID function compares the left-hand string against each of the OID values,
  until a complete match is found. If none patches, the result is FALSE
* The left hand side can be another expression, so can be a reference to a variable
  or an file() invocation etc.
* The OID is also just a reference to a string, or function, or whatever.
* My manual description is very short. Someone else please help improve the description



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219940 13f79535-47bb-0310-9956-ffa450edef68

"Require Valid-User" don't work. This makes those comparisons
case-insensitive.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219936 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219913 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219908 13f79535-47bb-0310-9956-ffa450edef68

Check an alternative return value for when a file or directory does not exist.  Previously this would return a forbidden on the documentation website for any URL ending in .html.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219879 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219845 13f79535-47bb-0310-9956-ffa450edef68

`build all`


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219715 13f79535-47bb-0310-9956-ffa450edef68

variable-may-be-used-uninitialized warnings.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219696 13f79535-47bb-0310-9956-ffa450edef68

fix typo.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219689 13f79535-47bb-0310-9956-ffa450edef68

otherwise.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219666 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219656 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219653 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219644 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219638 13f79535-47bb-0310-9956-ffa450edef68

* `build all`


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219636 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219536 13f79535-47bb-0310-9956-ffa450edef68

  Yet another snafu in body handling.  We need to clearly avoid any
  ap_get_brigade or request body processing in every *subrequest* 
  proxy action.  The new code introduced more chaos because we read
  the request body irrespective of any bogus header handling bugs.

  This requires a goto, and yes, that sucks :)  But this is one of those
  oddball cases where jumping away makes more sense than tons of indented
  code, IMHO.  And if you count the number of goto's I've committed to
  httpd, you know I avoid them like the plague.

  I woulda' suggestd to jorton to take a flying carnal act, except that 
  each time he points me back to the 2.0 patch, I catch another entirely 
  bogus choice within the old/new httpd-2.x request body code :)

  I've bumped the 2.0 patch to correspond; see
  http://people.apache.org/~wrowe/httpd-2.0-proxy-request-4.patch

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219533 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219521 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219503 13f79535-47bb-0310-9956-ffa450edef68

Submitted by: Daniel Lopez <daniel@rawbyte.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219484 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219435 13f79535-47bb-0310-9956-ffa450edef68

  Fix broken while () {} loops (lingering code from the old logic),
  closes an infinite loop in the most recent version.  Init the cl_val
  to prevent failure of zero length bodies in the most recent version.

  Use 'request body' instead of 'data' to describe any errors.

  Finally, loop around ap_get_brigade to grab multiple chunks that still
  fall below our MAX_MEM_SPOOL threshold, since the chunk decoding from
  the client will pass up just one small chunk per ap_get_brigade call.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219430 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219429 13f79535-47bb-0310-9956-ffa450edef68

Translated by: Nikola Smolenski <smolensk eunet.yu>
Reviewed by: Danilo Šegan <danilo gnome.org>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219383 13f79535-47bb-0310-9956-ffa450edef68

just before the final return.  This gives modules an opportunity to do
something based on the proxy status.

A couple of examples where this is useful:

-You are using a caching module and would rather return stale content rather
than an error to the client if the origin is down.

-you proxy some subrequests (using SSI - mod_include) and do not want SSI
errors when the backend is down. If you would normally return
HTTP_BAD_GATEWAY, you may have a module that serves some other content.


new hook -- so mmn bump.. i made it a major one, hope thats ok 

Patch From Brian Akins <Brian.Akins turner.com>




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219372 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219318 13f79535-47bb-0310-9956-ffa450edef68

  Backported a few already

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219231 13f79535-47bb-0310-9956-ffa450edef68

  On Roy's suggestion; why wait to try to clear out the input
  stream if it is smaller than MAX_MEM_SPOOL?  Do this upfront
  before dispatching to a body handler.

  This means changing each of the three body pumps to presume
  a preexisting input_brigade was already loaded, so turn around
  their loop conditions.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219224 13f79535-47bb-0310-9956-ffa450edef68

  Fix a style problem; b is ambigous (is it a brigade or bucket?)
  bb is far less ambigous.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219223 13f79535-47bb-0310-9956-ffa450edef68

  leaving force-proxy-request-1.0 for broken clients, revert my
  patch for forcing an HTTP/1.0 proxy request, if the client 
  request is HTTP/1.0, per Roy.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219221 13f79535-47bb-0310-9956-ffa450edef68

  Missed an edge case; once we know the C-L didn't match, it's
  time to shut down the body already.  Finish reading from the
  client but do nothing else, returning an error.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@219057 13f79535-47bb-0310-9956-ffa450edef68

  How can I fix thee?  let me count the ways...

  * pass a chunked body always (no-body requests don't go chunked).

  * validate that the C-L counted body length doesn't change.

  * follow RFC 2616 for C-L / T-E in the request body C-L / T-E
    election logic.

  * do not forward HTTP/1.0 requests as HTTP/1.1, unless the admin
    configures force-proxy-request-1.1

  * conn was illegible, use 2.0's p_conn.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@218978 13f79535-47bb-0310-9956-ffa450edef68

  Fix two fat-fingered typos from commit 216156.  Code matches previous
  behavior now; time to start fixing.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@216159 13f79535-47bb-0310-9956-ffa450edef68

  send_request_body and indentation made it very difficult to follow
  all the mistakes in this code.  Fold send_request_body into reindent
  to make the pattern clear and skip some extra string handling.
  Little functional change, that comes next.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@216156 13f79535-47bb-0310-9956-ffa450edef68

  End abuse of apr_strnat[case]cmp - it isn't str[case]cmp.

  Unsure if apr_strnatcasecmp(conf_ip, uri_ip) was intentional, on the
  off chance that the left or right hand ip string happens to contain
  leading zeros.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@216111 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@209937 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@209936 13f79535-47bb-0310-9956-ffa450edef68

  Added TraceEnable, and note Request Splitting/Response Splitting.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@209903 13f79535-47bb-0310-9956-ffa450edef68