- Mar 04, 2008
-
-
William A. Rowe Jr authored
into a copy runas administrator with permissions (closing the original monitor), in response to any start/stop/restart request who's control permissions failed. This happens to work on Win2000 and later, although it is actually needed in Win2008 or Vista and later, where by default under UAC, the admin user actually has no permissions to control services unless the app is run elevated. We don't want to do this at start time, and assault the user with auth attempts at login before they have even asked to use the features of the Monitor. Once we've made the transition, we'll leave the new monitor running elevated. Some branding with the "security" shield icon is actually recommended by the CUA, but I'm neglecting this for the moment. This patch drops the single instance mutex for a search of existing windows of our window's class & title, which is localized to the current session and just fine for the purpose of restricting multiple invocations. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@633607 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Clean up provider interface, removing use of mod_ssl-specific types: * modules/ssl/ssl_private.h (modssl_sesscache_provider): Replace BOOL with apr_status_t, UCHAR with unsigned char; use 'unsigned int' for idlen; constify id arguments; remove pool argument from ->status. * modules/ssl/ssl_scache_dc.c, modules/ssl/ssl_scache_memcache, modules/ssl/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Update accordingly. * modules/ssl/ssl_scache.c (ssl_scache_retrieve, ssl_scache_store): Adjust for BOOL->apr_status_t change. (ssl_ext_status_hook): Update for dropped pool argument. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@633526 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 03, 2008
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@633174 13f79535-47bb-0310-9956-ffa450edef68
-
Nick Kew authored
(1) Fix Origin checking (PR 36783 - Robert L Mathews) (2) Check ownership if both FollowSymlinks and SymlinksIfOwnerMatch are set git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632947 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 02, 2008
-
-
William A. Rowe Jr authored
replace all relevant ascii strxxx fn's with _tcsxxx macros and encode relevant text with the _T() macro wrapper, permitting /D UNICODE builds in place of /D _MCBS builds in use today. This allows for internationalized unicode service names and textual modification. Since this is win32 only, using APR style utf-8-ization is silly. Because today this module simply isn't loadable on Win95-ME, nobody has actually complained, and we really have no desire to support such a dangerous OS in the wild of the internet, the unicode build should become the default. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632885 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
causing revalidation. PR: 44511 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632749 13f79535-47bb-0310-9956-ffa450edef68
-
Niklas Edmundsson authored
didn't pick up on updated sdbm maps due to this. PR41190 [Niklas Edmundsson] NOTE: Only tested on httpd-2.2.8. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632730 13f79535-47bb-0310-9956-ffa450edef68
-
- Mar 01, 2008
-
-
Erik Abele authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632635 13f79535-47bb-0310-9956-ffa450edef68
-
Erik Abele authored
Submitted privately by: Markus Weber <Weber.Markus akdb.de> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632632 13f79535-47bb-0310-9956-ffa450edef68
-
Vincent Bray authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632566 13f79535-47bb-0310-9956-ffa450edef68
-
Vincent Bray authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632564 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 29, 2008
-
-
Jim Jagielski authored
This forces rotatelogs to create the logfile as soon as started not as soon as it sees it's first line of input. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632355 13f79535-47bb-0310-9956-ffa450edef68
-
Martin Kraemer authored
GET http://[3ffe:1:1001:3000:230:5ff:fe05:3c3c]/server-status HTTP/1.0 through the httpd-2.x mod_proxy.c code, while a directive ProxyDomain .my.dom.ain is in effect, the request is redirected to Location: http://[3ffe:1:1001:3000:230:5ff:fe05:3c3c.my.dom.ain]/server-status The patch fixes this bug, by testing whether the hostname part of the unparsed_uri contains colon characters (which is the case only for IPv6 literals). This patch is also a candidate for httpd-2.0 and httpd-2.2 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@632304 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 27, 2008
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631735 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
cache is configured or the session is thread safe. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631693 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 26, 2008
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631364 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
AP_INIT_ITERATE parameter git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631342 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Move mutex handling up out of the session cache providers: * modules/ssl/ssl_private.h (modssl_sesscache_provider): Add name and flags fields. Define MODSSL_SESSCACHE_FLAG_NOTMPSAFE constant. * modules/ssl/ssl_scache.c (ssl_scache_store, ssl_scache_retrieve, ssl_scache_remove, ssl_ext_status_hook): Lock and release the mutex around provider calls, if necessary. * modules/ssl/ssl_engine_mutex.c (ssl_mutex_init): Do nothing if no session cache is configured, or the session cache does not require a mutex. Otherwise, fail if no mutex is configured and the session cache *does* require a mutex. (ssl_mutex_on, ssl_mutex_off): Remove checks for mutex mode; functions now invoked only if necessary. * modules/ssl/ssl_scache_dc.c, modules/ssl/ssl_scache_memcache: Set name and flags fields in provider structures. * modules/ssl/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Remove mutex handling through; set name and flags fields in provider structures; mark both as unsafe for concurrent access in flags. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631297 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
key id generation by passing the correct length to snprintf (it was NUL terminating at the second byte with len=2); git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631254 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
if no provider is configured. Submitted by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631119 13f79535-47bb-0310-9956-ffa450edef68
-
Martin Kraemer authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631107 13f79535-47bb-0310-9956-ffa450edef68
-
Vincent Bray authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631054 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 25, 2008
-
-
Joe Orton authored
the temporary pool from the context. (missed in r630974) Found by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631006 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Use the ap_provider interface for session cache storage providers. * modules/ssl/mod_ssl.c (modssl_register_scache): New function. (ssl_register_hooks): Call it. * modules/ssl/ssl_private.h: Define MODSSL_SESSCACHE_PROVIDER_GROUP and MODSSL_SESSCACHE_PROVIDER_VERSION constants. Remove ssl_scmode_t type. Change nSessionCacheMode in SSLModConfigRec into a long sesscache_mode, storing the OpenSSL SSL_SESS_CACHE_* flags directly. * modules/ssl/ssl_engine_config.c (ssl_config_global_create): Set sesscache_mode to SSL_SESS_CACHE_OFF by default. (ssl_cmd_SSLSessionCache): Remove ifdef spaghetti; fetch configured session cache by provider name. Set mc->sesscache_mode for configured providers. * modules/ssl/ssl_engine_init.c (ssl_init_ctx_session_cache): Use the configured mode flags directly from mc->sesscache_mode. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@631000 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
r630974; create the subpool. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630990 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Move provider-specific configuration handling down into the provider code. Eliminate all use of SSLModConfigRec within provider code. * modules/ssl/ssl_private.h (modssl_sesscache_provider): Add 'create' function which creates and configures the cache provider, before initialisation. Change 'init' function to take the context pointer as an input parameter, and reorder to be first. * modules/ssl/ssl_scache.c (ssl_scache_init): Adjust accordingly. * modules/ssl/ssl_scache_memcache.c (struct context): Add servers field. (ssl_scache_mc_create): New function. (ssl_scache_mc_init): Use servers from context not SSLModConfigRec. * modules/ssl/ssl_scache_dbm.c (struct context): Define. (ssl_scache_dbm_create): New function. (ssl_scache_dbm_init, ssl_scache_dbm_kill): Adjust to use filename and pool from context. (ssl_scache_dbm_store, ssl_scache_dbm_retrieve, ssl_scache_dbm_status): Use filename from context. Use context pool for temp storage of the DBM object, and clear before use. (ssl_scache_dbm_expire): Remove static tLast; use last_expiry from context. Use context pool for temp storage and clear before use. * modules/ssl/ssl_scache_dc.c (struct context): Add target field. (ssl_scache_dc_init, ssl_scache_dc_status): Use target from context. * modules/ssl/ssl_scache_shmcb.c (struct context): Add data_file, shm_size fields. (ssl_scache_shmcb_create): New function; moved argument parsing logic from ssl_cmd_SSLSessionCache (ssl_scache_shmcb_init, ssl_scache_shmcb_status): Use config from context. * modules/ssl/ssl_engine_config.c (ssl_config_global_create): Remove handling of old provider-specific fields. (ssl_cmd_SSLSessionCache): Call provider ->create function to parse the argument and create provider-specific context structure. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630974 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
value of sk_X509_NAME_set_cmp_func to void, to avoid warnings with recent version of OpenSSL. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630858 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
code and update the comment. No functional change. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630805 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
modssl_sesscache_provider objects. Found by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630795 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
on success. * modules/ssl/ssl_scache_dc.c (ssl_scache_dc_retrieve): Likewise. Found by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630787 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
shmcbc_subcache_remove): Restore check for idx->removed flag. Found by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630786 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 23, 2008
-
-
Guenter Knauf authored
Submitted by Kaspar Brand. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630436 13f79535-47bb-0310-9956-ffa450edef68
-
- Feb 22, 2008
-
-
Ruediger Pluem authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630350 13f79535-47bb-0310-9956-ffa450edef68
-
Ruediger Pluem authored
- Fix the same race condition in event MPM. - Slightly optimize code in worker MPM by removing the need for an additional dereference operation. - Do some word smithing on the CHANGES entry. PR: 44402 Submitted by: Basant Kumar Kukreja <basant.kukreja sun.com> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630348 13f79535-47bb-0310-9956-ffa450edef68
-
Nick Kew authored
PR44402: reported and fixed by Basant Kumar Kukreja git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630335 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
Move provider-private context out of SSLModConfigRec and into an opaque context pointer. Use real error propagation in the ->init functions rather than ssl_die(). * modules/ssl/ssl_private.h (modssl_sesscache_provider): Take a context out-parameter from ->init, and return an apr_status_t. Add context pointer as first arg for the other function types. (SSLModConfigRec): Remove tSessionCacheData* fields; add sesscache_context field. * modules/ssl/ssl_scache.c (ssl_scache_init): Move once-per-process invocation check back into here. (ssl_scache_*): Adjust to use context pointer. * modules/ssl/ssl_scache_shmcb.c, modules/ssl/ssl_scache_dc.c, modules/ssl/ssl_scache_dbm.c: Adjust all implementations to use opaque context pointer. * modules/ssl/ssl_scache_memcache.c: Move memcache context into the context structure rather than using global state. * modules/ssl/ssl_engine_config.c: Remove handling of pSessionCacheData* fields in SSLModConfigRec. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630323 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
storage providers; includes a significant change to the shmcb storage structure: * modules/ssl/ssl_private.h (modssl_sesscache_provider): Change retrieve function to take dest/destlen output buffer, to take a constant id paramater, and to return a BOOL. * modules/ssl/ssl_scache.c (ssl_scache_retrieve): Update accordingly, perform SSL deserialization here. * modules/ssl/ssl_scache_dc.c (ssl_scache_dc_retrieve), modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_retrieve), modules/ssl/ssl_scache_memcache.c (ssl_scache_mc_retrieve): Update accordingly. * modules/ssl/ssl_scache_shmcb.c: Store the whole ID in the cache before the data, so that each index can be compared against the requested ID without deserializing the data. This requires approx 20% extra storage per session in the common case, though should reduce CPU overhead in some retrieval paths. (SHMCBIndex): Replace s_id2 field with id_len. (shmcb_cyclic_memcmp): New function. (ssl_scache_shmcb_init): Change the heuristics to allow for increase in per-session storage requirement. (ssl_scache_shmcb_retrieve): Drop requirement on ID length. (shmcb_subcache_store): Store the ID in the cyclic buffer. (shmcb_subcache_retrieve, shmcb_subcache_remove): Compare against the stored ID rather than deserializing the data. (ssl_scache_shmcb_retrieve, ssl_scache_shmcb_store): Update accordingly. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630307 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630289 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
used by shmcb (hopefully :), before some invasive surgery. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630228 13f79535-47bb-0310-9956-ffa450edef68
-
Joe Orton authored
storage providers: * modules/ssl/ssl_private.h (modssl_sesscache_provider): Change 'store' interface to take a data/length pair rather than an SSL_SESSION pointer. * modules/ssl/ssl_scache.c (ssl_scache_store): Serialize the SSL session here and pass down the raw DER. * modules/ssl/ssl_scache_dc.c, modules/ssl_scache_mc.c, modules/ssl_scache_shmcb.c, modules/ssl_scache_dbm.c: Adjust ->store implementations accordingly, removing the four sets of identical code doing the i2d dance. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@630168 13f79535-47bb-0310-9956-ffa450edef68
-