summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Happy new year.Rainer Jung2013-01-053-3/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1429349 13f79535-47bb-0310-9956-ffa450edef68
* Update.Lucien Gentis2013-01-051-3/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1429329 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl/ab: only use "--static" for pkg-config when explicity requestedKaspar Brand2013-01-051-3/+8
| | | | | | | (by adding an "--enable-ssl-staticlib-deps" option to configure) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1429228 13f79535-47bb-0310-9956-ffa450edef68
* fix typo: || not |Stefan Fritsch2013-01-051-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1429169 13f79535-47bb-0310-9956-ffa450edef68
* Updates.Lucien Gentis2013-01-044-43/+111
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1428976 13f79535-47bb-0310-9956-ffa450edef68
* non-existance of byrequests is not an immediate errorJim Jagielski2013-01-042-8/+14
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1428916 13f79535-47bb-0310-9956-ffa450edef68
* Updates.Lucien Gentis2013-01-033-12/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1428540 13f79535-47bb-0310-9956-ffa450edef68
* * modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): RemoveJoe Orton2013-01-031-1/+1
| | | | | | | unnecessary APLOGNO() for trace logging per dev@ discussion. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1428280 13f79535-47bb-0310-9956-ffa450edef68
* Improve pkg-config usage for mod_ssl/ab:Kaspar Brand2013-01-031-3/+6
| | | | | | | | | | | | | | | | | | also use pkg-config for determining the -l flags (and fall back to a hardcoded default of "-lssl -lcrypto") add --static to pkg-config invocations, so that libraries for static linking are also taken into account (PR 54252 - note that the additional flags will only appear in modules/ssl/modules.mk and ab_LDFLAGS, so potential side effects are limited) separate --libs-only-L and --libs-only-other into two invocations (can't be used concurrently, only the first takes effect) use --silence-errors where applicable git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1428184 13f79535-47bb-0310-9956-ffa450edef68
* Stupid CodeWarrior compiler cant take vars with struct inits.Guenter Knauf2013-01-031-1/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1428145 13f79535-47bb-0310-9956-ffa450edef68
* Add some caching for password hash validation.Stefan Fritsch2013-01-018-8/+69
| | | | | | | | | | | | | | | | | | | | | | | | | Password hash functions must be expensive in order to be secure. But if they have to be re-evaluated for every request, performance suffers. As a minimal remedy, cache the most recent result for every connection. This gives a great performance boost if a web browser does many requests on the same connection with the same user+password. In principle, this may keep the plain text password around longer than before. But in practice, there won't be much difference since user+password can already remain in some unused data bucket for longer than the request duration. A proper solution still needs to be found for connections from proxies which may carry requests for many different users. While it currently only requires the conn_rec, the new ap_password_validate() function takes username and request_rec to allow future extensions, like detection of brute-force attempts. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1427548 13f79535-47bb-0310-9956-ffa450edef68
* remove unneeded include statementsStefan Fritsch2013-01-012-2/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1427546 13f79535-47bb-0310-9956-ffa450edef68
* Remove support for Request-Range header sent by Navigator 2-3 andStefan Fritsch2013-01-012-36/+8
| | | | | | | MSIE 3 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1427465 13f79535-47bb-0310-9956-ffa450edef68
* abort if BIO_new fails due to lack of memoryStefan Fritsch2013-01-011-0/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1427456 13f79535-47bb-0310-9956-ffa450edef68
* Adding security related informationVincent Deffontaines2013-01-012-2/+25
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1427395 13f79535-47bb-0310-9956-ffa450edef68
* say what I meant to sayGregg Lewis Smith2012-12-311-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1427201 13f79535-47bb-0310-9956-ffa450edef68
* change protocol number parsing in strict mode according to HTTPbis draftStefan Fritsch2012-12-301-31/+8
| | | | | | | | - only accept single digit version components - don't accept white-space after protocol specification git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426992 13f79535-47bb-0310-9956-ffa450edef68
* remove comment; empty host headers can happen in proxy requestsStefan Fritsch2012-12-301-4/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426988 13f79535-47bb-0310-9956-ffa450edef68
* Widen strip pattern to also match MOD_XML2ENC_LDADD.Rainer Jung2012-12-301-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426975 13f79535-47bb-0310-9956-ffa450edef68
* What happened to serf in the IDE builds? For consistency sake Gregg Lewis Smith2012-12-301-0/+7
| | | | | | | | with the other optional dependencies, get serf in there too. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426969 13f79535-47bb-0310-9956-ffa450edef68
* add log tags missing in r1426877Stefan Fritsch2012-12-304-18/+18
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426879 13f79535-47bb-0310-9956-ffa450edef68
* Add an option to enforce stricter HTTP conformanceStefan Fritsch2012-12-309-46/+410
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a first stab, the checks will likely have to be revised. For now, we check * if the request line contains control characters * if the request uri has fragment or username/password * that the request method is standard or registered with RegisterHttpMethod * that the request protocol is of the form HTTP/[1-9]+.[0-9]+, or missing for 0.9 * if there is garbage in the request line after the protocol * if any request header contains control characters * if any request header has an empty name * for the host name in the URL or Host header: - if an IPv4 dotted decimal address: Reject octal or hex values, require exactly four parts - if a DNS host name: Reject non-alphanumeric characters besides '.' and '-'. As a side effect, this rejects multiple Host headers. * if any response header contains control characters * if any response header has an empty name * that the Location response header (if present) has a valid scheme and is absolute If we have a host name both from the URL and the Host header, we replace the Host header with the value from the URL to enforce RFC conformance. There is a log-only mode, but the loglevels of the logged messages need some thought/work. Currently, the checks for incoming data log for 'core' and the checks for outgoing data log for 'http'. Maybe we need a way to configure the loglevels separately from the core/http loglevels. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426877 13f79535-47bb-0310-9956-ffa450edef68
* Fix warning about discarding 'const' qualifier from pointerStefan Fritsch2012-12-291-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426850 13f79535-47bb-0310-9956-ffa450edef68
* Correctly parse an IPv6 literal host specification in an absolute URLStefan Fritsch2012-12-292-48/+117
| | | | | | | | | | | | in the request line. - Fix handling of brackets [ ] surrounding the IPv6 address. - Skip parsing r->hostname again if not necessary. - Do some checks that the IPv6 address is sane. This is not done by apr_parse_addr_port(). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426827 13f79535-47bb-0310-9956-ffa450edef68
* extend description of r->hostnameStefan Fritsch2012-12-291-1/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426802 13f79535-47bb-0310-9956-ffa450edef68
* Rebuild various transformations.Rich Bowen2012-12-2822-436/+484
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426602 13f79535-47bb-0310-9956-ffa450edef68
* Add links to programs docs.Rich Bowen2012-12-282-6/+6
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426599 13f79535-47bb-0310-9956-ffa450edef68
* Add links to the relevant docs.Rich Bowen2012-12-282-4/+8
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426597 13f79535-47bb-0310-9956-ffa450edef68
* Add notes about compiling from Unix sourcesGregg Lewis Smith2012-12-261-0/+30
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425975 13f79535-47bb-0310-9956-ffa450edef68
* transformationsKaspar Brand2012-12-263-73/+113
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425876 13f79535-47bb-0310-9956-ffa450edef68
* mod_ssl: add support for subjectAltName-based host name checking in proxy modeKaspar Brand2012-12-2610-70/+172
| | | | | | | | | | | | | | | | (PR 54030) factor out code from ssl_engine_init.c:ssl_check_public_cert() to ssl_util_ssl.c:SSL_X509_match_name() introduce new SSLProxyCheckPeerName directive, which should eventually obsolete SSLProxyCheckPeerCN ssl_engine_io.c:ssl_io_filter_handshake(): avoid code duplication when aborting with HTTP_BAD_GATEWAY git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425874 13f79535-47bb-0310-9956-ffa450edef68
* Check that AsyncRequestWorkerFactor is not negativeStefan Fritsch2012-12-252-0/+6
| | | | | | | | PR :54254 Submitted by: Jackie Zhang <jackie qq zhang gmail com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425777 13f79535-47bb-0310-9956-ffa450edef68
* htdbm, htpasswd: print error message if out of memoryStefan Fritsch2012-12-254-0/+28
| | | | | | | PR: 54345 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425775 13f79535-47bb-0310-9956-ffa450edef68
* Exit with error message if out of memStefan Fritsch2012-12-251-2/+13
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425772 13f79535-47bb-0310-9956-ffa450edef68
* Replace strdup by ap_malloc to ensure a proper error message if out-of-memory.Stefan Fritsch2012-12-251-3/+5
| | | | | | | | | While there, only allocate memory for the string part we actually use. PR: 54345 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425771 13f79535-47bb-0310-9956-ffa450edef68
* Fix example codeDaniel Gruno2012-12-241-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425630 13f79535-47bb-0310-9956-ffa450edef68
* Update.Lucien Gentis2012-12-231-3/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425492 13f79535-47bb-0310-9956-ffa450edef68
* Style tweaks, remove add_version_component and fix up some sloppy code. Many ↵Daniel Gruno2012-12-231-117/+83
| | | | | | | | thanks to sfritsch for the pointers! And a merry christmas everyone :) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425450 13f79535-47bb-0310-9956-ffa450edef68
* GNU make somtimes has problems determining that $(builddir)/test_char.hStefan Fritsch2012-12-231-1/+2
| | | | | | | | and test_char.h are actually the same files. Fix 'make depends' to only generate the latter. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425447 13f79535-47bb-0310-9956-ffa450edef68
* add some nonnull fn attributesStefan Fritsch2012-12-231-3/+6
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425444 13f79535-47bb-0310-9956-ffa450edef68
* Change HttpProtocol to again only allow to enable/disable 0.9Stefan Fritsch2012-12-224-65/+38
| | | | | | | | | | | | | | | This reverts r1407643, but changes the syntax of HttpProtocol to min=0.9|1.0, which is less ambiguous than the previous +0.9|-0.9. Allowing to configure an arbitrary version range was a bad idea, because it only checked the version in the request line, without affecting the semantics of the headers, etc. A tighter restriction off the version in the request line is still possible with <If "%{SERVER_PROTOCOL_NUM} ..."> . git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425366 13f79535-47bb-0310-9956-ffa450edef68
* style fixes, add commentStefan Fritsch2012-12-221-3/+11
| | | | | | | no code change git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425360 13f79535-47bb-0310-9956-ffa450edef68
* caution about merging Location settings on top of directory/files authz configEric Covener2012-12-222-0/+25
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425345 13f79535-47bb-0310-9956-ffa450edef68
* Removed now obsolete function skip from NetWareGuenter Knauf2012-12-221-1/+0
| | | | | | | export list generating script. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425338 13f79535-47bb-0310-9956-ffa450edef68
* Style tweaks, no functional change.Daniel Gruno2012-12-221-342/+400
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425243 13f79535-47bb-0310-9956-ffa450edef68
* xformEric Covener2012-12-211-0/+11
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425030 13f79535-47bb-0310-9956-ffa450edef68
* hint about API and module usage.Eric Covener2012-12-211-0/+11
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1425029 13f79535-47bb-0310-9956-ffa450edef68
* - return NULL if apr_reslist_acquire fails, so we don't end up possibly ↵Daniel Gruno2012-12-211-1/+4
| | | | | | | | referencing a null-object - initialize cache_info as NULL git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1424939 13f79535-47bb-0310-9956-ffa450edef68
* Remove reference to top secret project! You did not see this commit message ;)Daniel Gruno2012-12-211-1/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1424938 13f79535-47bb-0310-9956-ffa450edef68
* mod_lua: Fix multipart post parsing, so it doesn't include random bytes at ↵Daniel Gruno2012-12-201-1/+2
| | | | | | the end. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1424723 13f79535-47bb-0310-9956-ffa450edef68
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 02:56:56 +0100