git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1555572 13f79535-47bb-0310-9956-ffa450edef68

    digest auth is only marginally more secure than basic auth.
    Adjust the docs to today's reality.

    mention insecure password storage as pointed out by Graham

    axe one more case of digest auth being described as secure



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1555566 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1555366 13f79535-47bb-0310-9956-ffa450edef68

emphasize that this is mostly just AAA checks and not the status
code of the handler. PR21828 and various dups.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1555120 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1554882 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1553494 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1552105 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1550965 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1550669 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1546755 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1546616 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1546575 13f79535-47bb-0310-9956-ffa450edef68

compat note for AuthLDAPBindPassword exec:



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1546536 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1544375 13f79535-47bb-0310-9956-ffa450edef68

Translated by: Nilgün Belma Bugüner <nilgun belgeler.gen.tr>
Reviewed by:  Orhan Berent <berent belgeler.gen.tr>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1544372 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1542524 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1541607 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1541602 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1541288 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1541244 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1540734 13f79535-47bb-0310-9956-ffa450edef68

Fix PR 55397: dav_resource->uri treated as an unparsed uri.

The change made for PR 54611 caused this field to be treated as
unescaped.  mod_dav_svn however, provided escaped URIs.  Essentially
breaking support for paths with non-URI safe characters in SVN.

Adjust the code so that dav_resource->uri is assumed to be escaped and
adjust mod_dav_fs so that it uses escaped URIs in this field.

* modules/dav/fs/repos.c
  (dav_fs_get_resource): Use the unparsed_uri to contruct the resource uri.

* modules/dav/main/mod_dav.c
  (dav_xml_escape_uri): Do not uri escape, just handle xml escaping.
  (dav_created): Assume that locn if provided is escaped.
  (dav_method_copymove, dav_method_bind): Use the unparsed_uri on the request
    when calling dav_created() to adjust to locn assuming it is escaped.

* modules/dav/main/mod_dav.h
  (dav_resource): Document that uri is escaped.


Followup to r1529559: mod_dav_fs: Fix encoding of hrefs in PROPFIND response.

Previous commit missed encoding the names of the children of the PROPFIND
request when the depth wasn't 0.

* modules/dav/fs/repos.c
  (dav_fs_append_uri): New function
  (dav_fs_walker): Use dav_fs_append_uri() and adjust length calculations to
    use the encoded length.


Submitted by: breser
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1540730 13f79535-47bb-0310-9956-ffa450edef68

mod_dav: Fix PR 55306.

Makes mod_dav no longer require that the lock token be provided when the
source of a COPY is locked.  The prior behavior was in violating of
RFC 4918 which says that the lock token is only required on resources
that may be modified by the method.

* modules/dav/main/mod_dav.h
  (DAV_VALIDATE_NO_MODIFY): New flag to be passed to dav_validate_* functions.

* modules/dav/main/mod_dav.c
  (dav_method_copymove): Use the new flag when calling dav_validate_request()
    on the COPY source.

* modules/dav/main/util.c
  (dav_validate_resource_state): Use the flag to decide to ignore if the lock
    token is not provided.

Submitted by: breser
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1540728 13f79535-47bb-0310-9956-ffa450edef68

Merge r834378, r835046, r1040304, r1040373, r1090645, r1294306, r1509872, r1308862, r1509875 from trunk:

enable support for ECC keys and ECDH ciphers.  Tested against
OpenSSL 1.0.0b3.  [Vipul Gupta vipul.gupta sun.com, Sander Temme]


* Use correct #ifndef's to compile again on openssl 0.9.8 and fix compiler
  warnings.

Noted by: sf


Removed unused var.


Stop warning, init should be an int.


Remove unused variable


Initialize EC temporary key on server startup, as for DH and
RSA. This fixes a race condition that could lead to a crash with threaded
MPMs.


Mention ECC support

Submitted by: sctemme, rpluem, fuankg, drh, sf, sf, sf, jim, sf
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1540727 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1540725 13f79535-47bb-0310-9956-ffa450edef68

  All proposed patch sets look smart, all but one cure regressions,
  and ECC support seems overdue and looks minimalistic/clean.

  Voted and all promoted.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1537245 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1534217 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1533948 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1533770 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1533748 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1532828 13f79535-47bb-0310-9956-ffa450edef68

Interpolation worked within the scheme portion of URLs for
ProxyPass and ProxyPassReverse until a fix to apr_uri_parse()
in APR-Util 1.5.2 closed the hole that had previously allowed
the necessary {} characters within the scheme.

Lack of support for interpolation within the scheme will be a
permanent limitation.

The mod_proxy documentation is updated to provide an alternate
configuration solution.

PR: 55315
Submitted by: Mike Rumph <mike.rumph oracle.com>
Tweaked by: trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1532825 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1531670 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1531607 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1528731 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1519580 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1516282 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1516258 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1515572 13f79535-47bb-0310-9956-ffa450edef68

Fix bug #55304 with the provided patch, slightly reformatted.

In short: do not validate conditions of a COPY source's parent since
it is not modified during the operation.

* modules/dav/main/mod_dav.c:
  (dav_method_copymove): adjust params to dav_validate_request()

PR: 55304
Submitted by: breser
Reviewed by: gstein, wrowe, rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1515569 13f79535-47bb-0310-9956-ffa450edef68