Skip to content
GitLab
  1. 20 Mar, 2019 2 commits
    • Joe Orton's avatar
      Merge r1855646, r1855748 from trunk: · 0dcd178c
      Joe Orton authored 
      mod_proxy/ssl: cleanup per-request SSL configuration for recycled proxy conns.

The SSL dir config of proxy/backend connections is stored in r->per_dir_config
but those connections have a lifetime independent of the requests they handle.

So we need to allow the external ssl_engine_set() function to reset mod_ssl's
dir config in between proxy requests, or the first sslconn->dc could be used
after free for the next requests.

mod_proxy can then reset/reinit the request config when recycling its backend
connections.

* Solve a chicken and egg problem here:
  We need to have sslconn->dc set correctly when we want to
  init sslconn, but we need to allocate memory for it first.

PR 63256.
Submitted by: ylavic, rpluem
Reviewed by: ylavic, jorton, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855918 13f79535-47bb-0310-9956-ffa450edef68
      0dcd178c
    • Joe Orton's avatar
      Merge r1855849 from trunk: · 84edf5f4
      Joe Orton authored 
      * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access_modern): Correctly
  restore SSL verify state after PHA failure in TLSv1.3.

Submitted by: Michael Kaufmann <mail michael-kaufmann.ch>
Reviewed by: jorton, covener, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855917 13f79535-47bb-0310-9956-ffa450edef68
      84edf5f4
  3. 19 Mar, 2019 2 commits
    • Jim Jagielski's avatar
      Merge r1730129 from trunk: · 8a2f9192
      Jim Jagielski authored 
      Support %{c}h for conn-hostname, %h for useragent_host
Submitted by: wrowe
Reviewed by: jim, ylavic, covener
Merge r1818321 from trunk:

"{c}h" exists and logs the value returned by 'ap_get_useragent_host()'.

I'm not sure of the description to write there, so I just mention it in the doc and hope s.o. will find the words :)

This has been introduced in r1730129.
Submitted by: jailletc36
Reviewed by: jim, ylavic, covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855818 13f79535-47bb-0310-9956-ffa450edef68
      8a2f9192
    • Jim Jagielski's avatar
      Merge r1768070, r1768120, r1768225, r1769712, r1769737, r1774610, r1828624,... · 1450721e
      Jim Jagielski authored 
      Merge r1768070, r1768120, r1768225, r1769712, r1769737, r1774610, r1828624, r1828626, r1855701 from trunk:

And the socache provider interface for Redis


And provide some nice usage stats. Could be prettier, for sure.

Needs LOGNO #s

reorganize mod_socache_redis so it compiles w/o apr-redis

It looks like this was the original intent. The provider
is not registered if apr-redis is missing.

It was previously failing to compile due to the dirconf being
hidden behind the #ifdef guard but not the routine module
code that used it.




Fix some HTML tags
</br> --> <br />

Couls also be <br> or <br/> but some (very) old clients don't like it.
httpd is not really consistent on it. (personnlaly <br> would be just fine for me but <br /> is the most commonly used form)

related to http://svn.apache.org/viewvc?view=revision&revision=1774602


Use apr_pcalloc in the 'create' function. All the fields are initialized in the 'init' function, but it is It is cleaner and more future proof.

Small style correction (remove extra spaces)

Initial doc for the sosache_redis module.

Corrections and improvements welcome.

Update compatibility notes for mod_socache_redis
Submitted by: jim, covener, jailletc36, jim, jailletc36, jailletc36, jailletc36
Reviewed by: jim, minfrin, covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855817 13f79535-47bb-0310-9956-ffa450edef68
      1450721e
  5. 18 Mar, 2019 1 commit
  7. 13 Mar, 2019 7 commits
    • Stefan Eissing's avatar
      Merge of... · 81ad6275
      Stefan Eissing authored 
      Merge of 1849296,1852038,1852101,1852339,1853171,1853967,1854365,1854963,1854964,1855295,1855411 from trunk:

  *) mod_http2: when SSL renegotiation is inhibited and a 403 ErrorDocument is
     in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED.
     Fixed. [Michael Kaufmann] 

  *) mod_http2: new configuration directive: `H2Padding numbits` to control 
     padding of HTTP/2 payload frames. 'numbits' is a number from 0-8,
     controlling the range of padding bytes added to a frame. The actual number
     added is chosen randomly per frame. This applies to HEADERS, DATA and PUSH_PROMISE
     frames equally. The default continues to be 0, e.g. no padding. [Stefan Eissing] 
  
  *) mod_http2: ripping out all the h2_req_engine internal features now that mod_proxy_http2
     has no more need for it. Optional functions are still declared but no longer implemented.
     While previous mod_proxy_http2 will work with this, it is recommeneded to run the matching
     versions of both modules. [Stefan Eissing]
  
  *) mod_proxy_http2: changed mod_proxy_http2 implementation and fixed several bugs which
     resolve PR63170. The proxy module does now a single h2 request on the (reused)
     connection and returns. [Stefan Eissing]
  
  *) mod_http2/mod_proxy_http2: proxy_http2 checks correct master connection aborted status 
     to trigger immediate shutdown of backend connections. This is now always signalled
     by mod_http2 when the the session is being released. 
     proxy_http2 now only sends a PING frame to the backend when there is not already one
     in flight. [Stefan Eissing]

  *) mod_proxy_http2: fixed an issue where a proxy_http2 handler entered an infinite 
     loop when encountering certain errors on the backend connection. 
     See <https://bz.apache.org/bugzilla/show_bug.cgi?id=63170>. [Stefan Eissing]

  *) mod_http2: Configuration directives H2Push and H2Upgrade can now be specified per 
     Location/Directory, e.g. disabling PUSH for a specific set of resources. [Stefan Eissing]

  *) mod_http2: HEAD requests to some module such as mod_cgid caused the stream to
     terminate improperly and cause a HTTP/2 PROTOCOL_ERROR. 
     Fixes <https://github.com/icing/mod_h2/issues/167>. [Michael Kaufmann]




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855431 13f79535-47bb-0310-9956-ffa450edef68
      81ad6275
    • Jim Jagielski's avatar
      Merge r1853901, r1853906, r1853908, r1853929, r1853935, r1853967 from trunk: · e03475e1
      Jim Jagielski authored 
      mod_reqtimeout: factorize structs and code.

With a bit of macro magic, this is to avoid more code duplication when adding
new stages (next commit will add TLS/handshake timeouts handling in addition to
existing header and body ones).

No functional change here.


mod_reqtimeout: Allow to configure (TLS-)handshake timeouts.

The timeouts apply between the process_connection and pre_read_request hooks.
They are disabled by default for compatibily reasons.


mod_reqtimeout: follow up to r1853906: adjust hooks priorities comments.


mod_reqtimeout: follow up to r1853901: fix macro args.


mod_reqtimeout: follow up to r1853901: init stage name outside INIT_STAGE().

It helps both code readability where stages are initilized and potential
logging in the input filter (even if the stage is disabled).


mod_http2: fix for latest mod_reqtimeout change re handshake timeouts

Submitted by: ylavic, icing
Reviewed by: ylavic, icing, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855409 13f79535-47bb-0310-9956-ffa450edef68
      e03475e1
    • Jim Jagielski's avatar
      Merge r1853874, r1853938 from trunk: · 47bbc7eb
      Jim Jagielski authored 
      mod_cache_socache: avoid pool to heap reallocation.

Below some threshold, the previous code tried free (sub-)pooled memory ASAP by
moving small buffers (< capacity / 2) to a heap bucket. But this is not really
an optimization because first it requires at some point to allocate more than
the configured capacity, and second since this happens during response handling
the pool is about to be destroyed soon anymay.

This commit simply keeps the data in the subpool and uses a pool bucket for the
output brigade to take care of the lifetime until it's consumed (or not).


Follow up to r1853874: CHANGES entry.
Submitted by: ylavic
Reviewed by: ylavic, icing, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855407 13f79535-47bb-0310-9956-ffa450edef68
      47bbc7eb
    • Jim Jagielski's avatar
      Merge r1852038, r1852101 from trunk: · 9ceed38d
      Jim Jagielski authored 
      mod_http2: enable re-use of slave connections again.


mod_http2: fixed slave connection keepalives counter.

Submitted by: icing
Reviewed by: icing, ylavic, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855406 13f79535-47bb-0310-9956-ffa450edef68
      9ceed38d
    • Yann Ylavic's avatar
      Not yet :) · 373aea6a
      Yann Ylavic authored 
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855393 13f79535-47bb-0310-9956-ffa450edef68
      373aea6a
    • Stefan Eissing's avatar
      Merge of r1854004 from trunk: · 021eccfd
      Stefan Eissing authored 
        *) http: Fix possible empty response with mod_ratelimit for HEAD requests.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855391 13f79535-47bb-0310-9956-ffa450edef68
      021eccfd
    • Yann Ylavic's avatar
      Merge r1855306 from trunk: · df7edb5d
      Yann Ylavic authored 
      MPMs unix: bind the bucket number of each child to its slot number

We need not remember each child's bucket number in SHM for restarts, for the
lifetime of the httpd main process the bucket number can be bound to the slot
number such that: bucket = slot % num_buckets.

This both simplifies the logic and helps children maintenance per bucket in
threaded MPMs, where previously perform_idle_server_maintenance() could create
or kill children processes for the buckets it was not in charge of.

Submitted by: ylavic
Reviewed by: ylavic, rpluem, jorton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1855378 13f79535-47bb-0310-9956-ffa450edef68
      df7edb5d
  9. 12 Mar, 2019 1 commit
  11. 15 Feb, 2019 1 commit
  13. 08 Feb, 2019 2 commits
  15. 22 Jan, 2019 1 commit
  17. 17 Jan, 2019 5 commits
  19. 16 Jan, 2019 2 commits
  21. 15 Jan, 2019 2 commits
  23. 18 Dec, 2018 1 commit
  25. 15 Dec, 2018 1 commit
  27. 11 Dec, 2018 2 commits
  29. 23 Nov, 2018 7 commits
  31. 09 Nov, 2018 1 commit
  33. 07 Nov, 2018 1 commit
  35. 18 Oct, 2018 1 commit