summaryrefslogtreecommitdiff
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* merge of 1708107,1709587,1709602,1709995,1710231,1710419,1710572,1710583 ↵Stefan Eissing2015-11-043-2/+43
| | | | | | from trunk, addition of master conn_rec*, minor bump of mmn git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.17-protocols-changes@1712567 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1710380, r1710391 from trunk:Jim Jagielski2015-11-031-0/+13
| | | | | | | | | | | | | | | | Make the fix for fully qualifying REDIRECT_URL from PR#57785 opt-in. followup to r1710380 -- refactored name and didn't have 'make depend' Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1712268 13f79535-47bb-0310-9956-ffa450edef68
* And we are 2.4.18-devJim Jagielski2015-10-091-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1707774 13f79535-47bb-0310-9956-ffa450edef68
* Get ready to tag 2.4.17Jim Jagielski2015-10-091-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1707772 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1706942 from trunk:Jim Jagielski2015-10-061-1/+1
| | | | | | | | | | | | fix parameter name in ap_log_rdata C99 macro def. Via PR57045 Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1706984 13f79535-47bb-0310-9956-ffa450edef68
* Follow up to r1705492: fix MMN versions.Yann Ylavic2015-09-281-3/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1705759 13f79535-47bb-0310-9956-ffa450edef68
* oops2Jim Jagielski2015-09-281-1/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1705685 13f79535-47bb-0310-9956-ffa450edef68
* mod_h2Jim Jagielski2015-09-282-2/+9
|\ | | | | | | | | | | | | Via: svn merge -r10:HEAD https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.17-protocols-http2 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1705682 13f79535-47bb-0310-9956-ffa450edef68
| * merged current 2.4.x and ap_mmn.h update by minfrinStefan Eissing2015-09-285-3/+49
| |\ | | | | | | | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.17-protocols-http2@1705628 13f79535-47bb-0310-9956-ffa450edef68
| * | merge of protocols + http2 relevant changesStefan Eissing2015-09-075-1/+179
| | | | | | | | | | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.17-protocols-http2@1701655 13f79535-47bb-0310-9956-ffa450edef68
* | | Merge r1697855, r1697339, r1696428, r1696266, r1696264, r1695874, r1695727, ↵Jim Jagielski2015-09-284-1/+178
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | r1692516, r1692486, r1610674, r1685069, r1693918, r1698116, r1698133, r1694950, r1700968, r1701005, r1701145, r1701178 from trunk: adding ap_get_protocol(c) which safeguards against NULL returns, for use instead of direct calling ap_run_protocol_get changed Protocols to let vhosts override servers, removed old H2Engine example from readme creating ap_array_index in util, forwarding scheme into request processing, enabling SSL vars only when scheme is not http:, delayed connection creation until task worker assignment removed unnecessary lingering_close and sbh update on end of protocol upgrade handling introducing ap_array_index in util, used in protocol and mod_h2 fixes existing protocol missing in selection if not explicitly proposed new directive ProtocolsHonorOrder, added documentation for Protocols feature, changed preference selection and config merging removed accidental code new Protocols directive and core API changes to enable protocol switching on HTTP Upgrade or ALPN, implemented in mod_ssl and mod_h2 SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse proxy configuration, a remote attacker could send a carefully crafted request which could crash a server process, resulting in denial of service. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this issue. * server/util.c (ap_parse_token_list_strict): New function. * modules/proxy/proxy_util.c (find_conn_headers): Use it here. * modules/proxy/mod_proxy_http.c (ap_proxy_http_process_response): Send a 400 for a malformed Connection header. Submitted by: Edward Lu, breser, covener http, mod_ssl: Introduce and return the 421 (Misdirected Request) status code for clients requesting a hostname on a reused connection whose SNI (from the TLS handshake) does not match. PR 5802. This allows HTTP/2 clients to fall back to a new connection as per: https://tools.ietf.org/html/rfc7540#section-9.1.2 Proposed by: Stefan Eissing <stefan eissing.org> Reviewed by: ylavic c89 Allowing protocol_propose hooks to be called with offers=NULL, clarifying semantics as proposed by chaosed0@gmail.com giving ap_array_index a start parameter, adding ap_array_contains ap_process_request needs exportation for use in mod_h2 on Windows final final change to the new ap_array_str_* functions after review changed Protocols default to http/1.1 only, updated documentation, changed ap_select_protocol() to return NULL when no protocol could be agreed upon mod_ssl: fix compiler warning (bad cast). improvements in ap_select_protocol(), supplied by yann ylavic Submitted by: icing, jorton, ylavic, covener, icing, icing, gsmith, icing, icing, ylavic, icing Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1705672 13f79535-47bb-0310-9956-ffa450edef68
* | MPMs: Support SO_REUSEPORT to create multiple duplicated listenerGraham Leggett2015-09-264-1/+42
| | | | | | | | | | | | | | | | | | | | | | | | records for scalability. Submitted by: Yingqi Lu <yingqi.lu@intel.com>, Jeff Trawick, Jim Jagielski, Yann Ylavic Reviewed by: ylavic, jim, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1705492 13f79535-47bb-0310-9956-ffa450edef68
* | Fix typo in commentChristophe Jaillet2015-09-251-1/+1
|/ | | | | | (r1380525 on trunk) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1705340 13f79535-47bb-0310-9956-ffa450edef68
* Backport r1690137.Christophe Jaillet2015-07-111-1/+1
| | | | | | Doc and comment fix only git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1690350 13f79535-47bb-0310-9956-ffa450edef68
* and we are 2.4.17-devJim Jagielski2015-07-101-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1690308 13f79535-47bb-0310-9956-ffa450edef68
* prepare to tag 2.4.16Jim Jagielski2015-07-101-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1690306 13f79535-47bb-0310-9956-ffa450edef68
* And we are 2.4.16-devJim Jagielski2015-06-191-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1686449 13f79535-47bb-0310-9956-ffa450edef68
* ready to tagJim Jagielski2015-06-191-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1686447 13f79535-47bb-0310-9956-ffa450edef68
* And we are 2.4.15-devJim Jagielski2015-06-111-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1684895 13f79535-47bb-0310-9956-ffa450edef68
* Get ready to tag 2.4.14Jim Jagielski2015-06-111-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1684892 13f79535-47bb-0310-9956-ffa450edef68
* SECURITY: CVE-2015-3185 (cve.mitre.org)William A. Rowe Jr2015-06-092-1/+26
| | | | | | | | | | | | Replacement of ap_some_auth_required (unusable in Apache httpd 2.4) with new ap_some_authn_required and ap_force_authn hook. Submitted by: breser Backports: r1684524 Reviewed by: wrowe, ylavic, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1684525 13f79535-47bb-0310-9956-ffa450edef68
* and we are 2.4.14-devJim Jagielski2015-06-041-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1683585 13f79535-47bb-0310-9956-ffa450edef68
* Get ready to tag 2.4.13Jim Jagielski2015-06-041-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1683583 13f79535-47bb-0310-9956-ffa450edef68
* core, modules: Avoid error response/document handling by the core if someWilliam A. Rowe Jr2015-05-292-1/+19
| | | | | | | | | | | | | | | | handler or input filter already did it while reading the request (causing a double response body). Submitted by: ylavic Backports: r1482522 (partial, ap_map_http_request_error() things only!), r1529988, r1529991, r1643537, r1643543, r1657897, r1665625, r1665721, r1674056 Reviewed by: ylavic, minfrin, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1682544 13f79535-47bb-0310-9956-ffa450edef68
* mod_proxy_http: Use the "Connection: close" header for requests toJeff Trawick2015-04-151-1/+2
| | | | | | | | | | | backends not recycling connections (disablereuse), including the default reverse and forward proxies. Submitted by: ylavic (and trawick for an old helper function) Reviewed by: rjung, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1673896 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1642847 and r1673155 from trunk so that yesterday's ApacheCon talk is ↵Jeff Trawick2015-04-152-1/+12
| | | | | | | | | | | | | valid: core: Add CGIPassAuth directive to control whether HTTP authorization headers are passed to scripts as CGI variables. PR: 56855 Reviewed by: rjung, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1673860 13f79535-47bb-0310-9956-ffa450edef68
* Not that hard to explain...William A. Rowe Jr2015-04-021-2/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1670805 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1664071, r1664299 from trunk:Jim Jagielski2015-03-312-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | core: If explicitly configured, use the KeepaliveTimeout value of the virtual host which handled the latest request on the connection, or by default the one of the first virtual host bound to the same IP:port. For non-async MPMs, use either r->server's or c->base_server's value in ap_process_http_sync_connection() depending on a new server_rec's flag called keep_alive_timeout_set and determined at config time. For event MPM, use a queue per timeout value, chaining the queues per type (keepalive wrt KeepAliveTimeout, write completion wrt to Timeout) so that maintenance can be done on all the queues from the head, and such that insertions/maintenance remain in O(1). A server config is created and pointing to the queue of each vhost at post_config time, hence the config can be associated to the connection state (cs) at post_read_request time (keep_alive_timeout_set is used to determine r->server vs c->base_server here), and we can simply insert with TO_QUEUE_INSERT(cs->sc->q, cs). PR56226. While at it, since each queue now embeds it own timeout and hence the expiration_time of the cs has changed to a queue_timestamp (the time it was queued), we can detect clock skews and expire entries immediatly if the system is set (eg. far) in the past during runtime and we want to avoid waiting for (eg.) centuries before the current logic kills them. Any entry which is registered above now + q->timeout is concerned, and is now cleaned from the queue when encountered. PR57374. core: Follow up to r1664071: comments on new keep_alive_timeout_set flag. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1670326 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1661448 from trunk:Jim Jagielski2015-03-312-8/+9
| | | | | | | | | | | core: Add expression support to ErrorDocument. Switch from a fixed sized 664 byte array per merge to a hash table. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1670320 13f79535-47bb-0310-9956-ffa450edef68
* And we are 2.4.13-devJim Jagielski2015-01-221-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1654002 13f79535-47bb-0310-9956-ffa450edef68
* get ready to tagJim Jagielski2015-01-221-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1654000 13f79535-47bb-0310-9956-ffa450edef68
* revert r1642852 for 2.4.x release purposes. It appears to breakEric Covener2015-01-191-1/+0
| | | | | | | | | | | | | | too much DirectoryMatch matching and is not critical to have in. Discussion on dev@ on trunk rev commit msg for r1635428 Also, I don't think the addition in the middle of the core_dir_config given that the core_dir_config is exposed to modules as kind of a special case. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1652902 13f79535-47bb-0310-9956-ffa450edef68
* and we are 2.4.12-devJim Jagielski2015-01-151-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1652260 13f79535-47bb-0310-9956-ffa450edef68
* Get ready to tag as 2.4.11Jim Jagielski2015-01-151-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1652258 13f79535-47bb-0310-9956-ffa450edef68
* Merge the following revisions from trunk:Eric Covener2015-01-141-1/+2
| | | | | | | | | | | | | | | | | trunk patch: http://svn.apache.org/r1588544 (rewrite+UDS) http://svn.apache.org/r1641636 ('using default worker' msg tweak) http://svn.apache.org/r1647005 (tcp reuse) http://svn.apache.org/r1647009 (uds reuse) http://svn.apache.org/r1647334 (uds reuse fix) + 1 additional de_socketfy call in mod_proxy git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1651662 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1512819, r1513461 (part of it), r1565777, r1643538 from trunk:Jim Jagielski2015-01-122-3/+178
| | | | | | | | | | * core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers. Submitted by: Jeff Trawick Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1651084 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1598946, r1602989 from trunk:Jim Jagielski2015-01-121-1/+2
| | | | | | | | | | | | | | | | Fix computation of the size of 'struct sockaddr_un' when passed to 'connect()'. Use the same logic as the one in ' in 'proxy_util.c'. mod_proxy: Don't limit the size of the connectable Unix Domain Socket paths. Since connect() to UDS path is used at several places, introduce ap_proxy_connect_uds() in proxy_util. Submitted by: jailletc36, ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1651081 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1601184, r1601274, r1601185 from trunk:Jim Jagielski2015-01-122-1/+11
| | | | | | | | | | | | | | | | | | | | | | | mod_ssl: Ensure that the SSL close notify alert is flushed to the client. PR54998. Submitted By: Tim Kosse <tim.kosse filezilla-project.org>, ylavic Committed By: ylavic mod_ssl: SSL_smart_shutdown(): follow up to r1601184. Use SSL_get_wbio() to comply with OPENSSL_NO_SSL_INTERN. Stop SSL shutdown loop when flush fails. mpm_event[opt]: Send the SSL close notify alert when the KeepAliveTimeout expires. PR54998. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1651077 13f79535-47bb-0310-9956-ffa450edef68
* Happy New Year 2015Rainer Jung2015-01-011-1/+1
| | | | | | | Backport of r1648840from trunk. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1648845 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1635428 from trunk:Jim Jagielski2014-12-021-0/+1
| | | | | | | | | | | core: Do not match files when using DirectoryMatch. PR41867. Submitted by: jkaluza Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642852 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1611858, r1611908, r1611916 from trunkChristophe Jaillet2014-11-012-17/+42
| | | | | | | | | | doc: improve doxygen output for util_ebcdic.h and util_charset.h. Submitted by: jailletc36 Reviewed by: jailletc36, rjung, ylavic Backported by: jailletc36 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1635905 13f79535-47bb-0310-9956-ffa450edef68
* SECURITY: CVE-2013-5704 (cve.mitre.org)William A. Rowe Jr2014-08-223-1/+11
| | | | | | | | | | | | | | | | core: HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior. Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener Backports: r1610814 Reviewed by: covener, wrowe, ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619884 13f79535-47bb-0310-9956-ffa450edef68
* Fix doxygen comments.Christophe Jaillet2014-07-193-70/+75
| | | | | | In trunk: r1611210 , r1611252, r1611481, r1611919 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611925 13f79535-47bb-0310-9956-ffa450edef68
* Backport r1513461 to fix some Doxygen warnings/comments, except for the ↵Christophe Jaillet2014-07-181-2/+2
| | | | | | | | | | | | following files which rely on other patches which have not been backported yet: - ap_mpm.h: r1493741 - http_log.h: r1512819 - httpd.h: r1426877 - mpm_common.h: which is already in synch with 2.4 So only mpm_var_buf.h remains. This is however needed in order to backport other doxygen clean-up. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611541 13f79535-47bb-0310-9956-ffa450edef68
* Improve doxygen comment.Christophe Jaillet2014-07-161-17/+13
| | | | | | Improve layout, add trailing '.' in function description, remove unneeded @fn. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1611203 13f79535-47bb-0310-9956-ffa450edef68
* And we are at 2.4.11-devJim Jagielski2014-07-151-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610760 13f79535-47bb-0310-9956-ffa450edef68
* Get ready to tag 2.4.10Jim Jagielski2014-07-151-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610757 13f79535-47bb-0310-9956-ffa450edef68
* Merge 1610491 from trunk:Joe Orton2014-07-142-1/+19
| | | | | | | | | | | | | | | | | | | | SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this. * include/scoreboard.h: Add ap_copy_scoreboard_worker. * server/scoreboard.c (ap_copy_scoreboard_worker): New function. * modules/generators/mod_status.c (status_handler): Use it. * modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise. Reviewed by: trawick, jorton, covener, jim Submitted by: jorton, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610499 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1452551, r1607960 from trunk:Jim Jagielski2014-07-142-1/+6
| | | | | | | | | | | | | | | | | | | | | PR54587: LDAP connections used for authn were not respecting LDAPConnectionPoolTimeout due to confusion over what "bound" means. Added some LDAP trace at TRACE5 to track how LDAP connections are reused and rebound. make LDAPConnectionPoolTTL more conservative, use r->request_time rather than end-of-request time, and only update it after a round-trip with the LDAP server rather than every time we check back into the pool. Submitted by: covener Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610396 13f79535-47bb-0310-9956-ffa450edef68
* Merge r1496709,r1601995 from trunk:Jeff Trawick2014-07-122-1/+5
| | | | | | | | | | core: factor out DEFAULT_HANDLER_NAME Submitted by: jailletc36 Reviewed by: ylavic, trawick git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610017 13f79535-47bb-0310-9956-ffa450edef68
View Lorry Controller Status