In the aftermath of CVE-2017-7668, decouple the business logic ("is NULL
a T_HTTP_CTRL") from the postcondition ("must not go past the end of the
string"). The NULL-byte classification in the TEST_CHAR table may change
in the future.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799375 13f79535-47bb-0310-9956-ffa450edef68

Now that we've released, add clarifying comments to the now-deprecated
API.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799374 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799341 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799261 13f79535-47bb-0310-9956-ffa450edef68

Variable expansion in RewriteCond causes strings to be duplicated
out of r->pool.  If the variables are long and many conditions
are evaluated, r->pool can get seriously bloated.

Clear the memory used for variable expansion for each set of conditons
once the set of conditions fails to match.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798938 13f79535-47bb-0310-9956-ffa450edef68

used uninitialized in this function").



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798785 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798782 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798781 13f79535-47bb-0310-9956-ffa450edef68

* For the time being keep on caching OCSP_RESPONSE_STATUS_TRYLATER. The effect can be limited by setting SSLStaplingErrorCacheTimeout.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798460 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798457 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798456 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1798455 13f79535-47bb-0310-9956-ffa450edef68

The boilerplate code for config sections conflicts with TAKE1
because of the trailing stuff to terminate the opening tag.

Change from TAKE1 to RAW_ARGS and call ap_getword_conf()
directly.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797844 13f79535-47bb-0310-9956-ffa450edef68

rewrite tests with P flag in htaccess broken since r1792169


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797843 13f79535-47bb-0310-9956-ffa450edef68

update after backport of mod_http2 fix.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797759 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797747 13f79535-47bb-0310-9956-ffa450edef68

mod_http2: Fix for possible CPU busy loop introduced in v1.10.3 where a stream may keep
     the session in continuous check for state changes that never happen. 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797745 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797731 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797662 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797661 13f79535-47bb-0310-9956-ffa450edef68

remove some backported items


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797660 13f79535-47bb-0310-9956-ffa450edef68

Submitted By: ylavic



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1797550 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796864 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796708 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796596 13f79535-47bb-0310-9956-ffa450edef68

HTTP method outside of the HTTPS only handling.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796493 13f79535-47bb-0310-9956-ffa450edef68

Added missing changes for Spanish references to security_tips.html.es in files, missing from commit r1795361

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796460 13f79535-47bb-0310-9956-ffa450edef68

Added new Spanish translation for mod_acccess_compat, as well as the update for files referencing it

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796457 13f79535-47bb-0310-9956-ffa450edef68

these are backported


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796451 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796448 13f79535-47bb-0310-9956-ffa450edef68

URL-decoding doesn't work on EBCDIC.

Submitted By: Hank Ibell <hwibell gmail.com>




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796446 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796391 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796390 13f79535-47bb-0310-9956-ffa450edef68

Check if 'slave' is NULL before using 'slave->keepalives'.

Remove a redundant assignment which is already done in 'h2_slave_destroy'.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796378 13f79535-47bb-0310-9956-ffa450edef68

Both of these checks are problematic without further
work.

status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796352 13f79535-47bb-0310-9956-ffa450edef68

Submitted By: jchampion



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796350 13f79535-47bb-0310-9956-ffa450edef68

  *) core: Deprecate ap_get_basic_auth_pw() and add 
    ap_get_basic_auth_components(). 

Submitted By: Emmanuel Dreyfus <manu netbsd.org>, Jacob Champion, Eric Covener




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796348 13f79535-47bb-0310-9956-ffa450edef68

Consistently pass the expected bio_filter_in_ctx_t
to ssl_io_filter_error(). 

Submitted By: Yann Ylavic




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796343 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796296 13f79535-47bb-0310-9956-ffa450edef68

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796136 13f79535-47bb-0310-9956-ffa450edef68