- Dec 15, 2011
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1214787 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 12, 2011
-
-
Kaspar Brand authored
Streamline TLS session ticket key handling (added in r1200040): - drop the SSLTicketKeyDefault directive, and only support a single ticket key per server/vhost - rename the SSLTicketKeyFile directive to SSLSessionTicketKeyFile, remove the keyname parameter - move ticket key parameters from SSLSrvConfigRec to modssl_ctx_t - configure the tlsext_ticket_key_cb only when in server mode - add documentation for SSLSessionTicketKeyFile git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1213395 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Fritsch authored
Limit length of lines in .htaccess to 8K again, to reduce DoS potential. Make ap_varbuf_cfg_getline() strictly enforce the max_len parameter. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1213344 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 05, 2011
-
-
Stefan Fritsch authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1210288 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 02, 2011
-
-
Stefan Fritsch authored
Fix segfault with Solaris LDAP SDK when enabling ldaps. Enable SSL by passing secure=1 to apr_ldap_init instead of calling apr_ldap_set_option(... APR_LDAP_OPT_TLS ...). This change carefully avoids any change of behavior on non-Solaris LDAP SDKs. PR: 42682 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1209604 13f79535-47bb-0310-9956-ffa450edef68
-
- Dec 01, 2011
-
-
Graham Leggett authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1209070 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
mod_rewrite: Add the AllowNoSlash RewriteOption, which makes it possible for RewriteRules to be placed in .htaccess files that match the directory with no trailing slash. PR 48304. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1209057 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 30, 2011
-
-
Graham Leggett authored
mod_session_crypto: Add a SessionCryptoPassphraseFile directive so that the administrator can hide the keys from the configuration. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1208518 13f79535-47bb-0310-9956-ffa450edef68
-
http://svn.apache.org/viewvc?view=revision&revision=1070179Graham Leggett authored
as per the following thread: http://www.gossamer-threads.com/lists/apache/dev/395830?do=post_view_threaded#395830 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1208384 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
Introduce a per request version of the remote IP address, which can be optionally modified by a module when the effective IP of the client is not the same as the real IP of the client (such as a load balancer). Introduce a per connection "peer_ip" and a per request "client_ip" to distinguish between the raw IP address of the connection and the effective IP address of the request. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1208378 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 24, 2011
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1205850 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 23, 2011
-
-
Stefan Fritsch authored
Pass ap_errorlog_info to error_log hook git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1205573 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 21, 2011
-
-
Graham Leggett authored
mod_cache_disk: Make sure we check return codes on all writes and attempts to close, and clean up after ourselves in these cases. PR43589. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1204602 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1204357 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
PR51471: IndexIgnore doesn't work in DirectoryMatch. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1204342 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1204320 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
PR39923: Allow AddDescription to work with absolute filesystem paths, by not adding "*/" to their prefix (intended for relative paths) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1204309 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 19, 2011
-
-
Graham Leggett authored
mod_cache_disk: Remove the unnecessary intermediate brigade while writing to disk. Fixes a problem where mod_disk_cache was leaving buckets in the intermediate brigade and not passing them to out on exit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1204102 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 18, 2011
-
-
Kaspar Brand authored
Change the SSLCipherSuite default to a shorter, whitelist oriented definition, and add an example for a speed-optimized configuration (commented out by default). In the SSL How-To, streamline the SSLCipherSuite examples where applicable (explicitly banning EXP and NULL is not needed when only HIGH is specified). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1203753 13f79535-47bb-0310-9956-ffa450edef68
-
Kaspar Brand authored
drop SSLv2 support (set SSL_OP_NO_SSLv2 for any new SSL_CTX) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1203495 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 13, 2011
-
-
Eric Covener authored
add per-dir config merging to mod_lua so LuaHook* in multiple per-dir sections behaves as expected instead of discarding previous sections. Reviewed by: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201445 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 12, 2011
-
-
Jeff Trawick authored
Server directive display (-L): Include directives of DSOs. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201358 13f79535-47bb-0310-9956-ffa450edef68
-
Graham Leggett authored
mod_cache: Make sure we merge headers correctly when we handle a non cacheable conditional response. PR52120. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201332 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201216 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
Part 3: Remote MPM simple. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201214 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
Part 2: Remove mod_serf. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201210 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
Part 1: mod_noloris was superseded by mod_reqtimeout. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201164 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Fritsch authored
Set MaxMemFree 2048 by default git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201161 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Fritsch authored
Fix assertion failure during very high load by preventing race condition between appending to the timeout queues and adding to the pollset. We don't add additional locking calls but only extend the present calls to include the apr_pollset_add. Therefore this hopefully should not cause too much performance regression. Add some comments Replace two AP_DEBUG_ASSERTS with better error handling git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201149 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
1) Promoted from "most" to "yes/few" - mod_headers 2) Demoted from "yes/few" to "most" - mod_actions - mod_allowmethods - mod_auth_form - mod_buffer - mod_cgi(d) - mod_include - mod_negotiation - mod_ratelimit - mod_request - mod_userdir Remember: default module set is "most", but only the LoadModule lines of all modules except "yes/few" are commented out by default. The following modules will now be loaded by default: - mod_access_compat - mod_alias - mod_auth_basic - mod_authn_core - mod_authn_file - mod_authz_core - mod_authz_groupfile - mod_authz_host - mod_authz_user - mod_autoindex - mod_dir - mod_env - mod_filter - mod_headers - mod_log_config - mod_mime - mod_mpm_event - mod_reqtimeout - mod_setenvif - mod_status - mod_unixd - mod_version Backport of r1201111 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201118 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 11, 2011
-
-
Rainer Jung authored
Backport of r1201042 from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1201046 13f79535-47bb-0310-9956-ffa450edef68
-
Jim Jagielski authored
Merge r1200475, r1200478, r1200482, r1200491, r1200513, r1200550, r1200580, r1200605, r1200612, r1200614, r1200639, r1200646, r1200656, r1200667, r1200679, r1200699, r1200957, r1200961, r1200963 from trunk: fix issue with incorrect munging of the lua package path -- LuaPackagePath directives were not working Default to not allowing htaccess in /, instead of just the documentroot, which gets a nice 10% performance boost by default for me. * modules/ssl/ssl_private.h, modules/ssl/ssl_engine_kernel.c (ssl_callback_tlsext_tickets): Use unsigned char * to fix gcc -Wpointer-sign warnings. Only load the really imporant modules (i.e. those enabled by the 'few' selection) by default. Don't handle modules enabled with --enable-foo specially. This fixes problems with module dependencies until someone implements a mechanism for resolving module dependencies. remove last traces of the code cache * modules/proxy/mod_proxy_html.c (comp_urlmap): Fix const-ness warning. * modules/lua/mod_lua.c (ap_lua_ssl_is_https): New function. (lua_post_config): Pick up ssl_is_https optional function. * modules/lua/lua_request.c (req_ssl_is_https_field): New function. (ap_lua_load_request): Map is_https field to above. remove some debug logging which snuck in remove ability to set min and max pool sizes for server scope in prep for removing server scope remove lingering reslist references before killing server scope replace server scope with thread scope use a sub-pool for scope_once Fix installation of conf/extra/proxy-html.conf. Otherwise httpd does no longer start, because it is the only extra file required in the main config at the moment. Rebuild xdoc transform Clarify docs for LimitRequestLine, as per bug #51665. Rebuild doc transforms. Submitted by: brianm, pquerna, jorton, sf, brianm, jorton, jorton, sf, pquerna, brianm, brianm, brianm, brianm, brianm, jorton, rjung, rbowen, rbowen, rbowen Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1200981 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 10, 2011
-
-
Jeff Trawick authored
temporary intervals with no active MPM children. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1200449 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 09, 2011
-
-
Paul Querna authored
* SSLTicketKeyFile: To store the private information for the encryption of the ticket. * SSLTicketKeyDefault To set the default, otherwise the first listed token is used. This enables key rotation across servers. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1200040 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Fritsch authored
advantage that we don't leak internal IP addresses in reverse proxy setups. Also, use hex to make the cookie shorter. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1199987 13f79535-47bb-0310-9956-ffa450edef68
-
- Nov 08, 2011
-
-
Jim Jagielski authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1199519 13f79535-47bb-0310-9956-ffa450edef68
-
Rainer Jung authored
when using --enable-load-all-modules with configure. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1199467 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Fritsch authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1199447 13f79535-47bb-0310-9956-ffa450edef68
-
Stefan Fritsch authored
etag generation in mod_dav_fs to the new default. PR 49623. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1199086 13f79535-47bb-0310-9956-ffa450edef68
-
Eric Covener authored
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1199056 13f79535-47bb-0310-9956-ffa450edef68
-