httpd

Checkout Tools
  • last updated 7 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 105695 is being indexed.

vote

Added the directive "Requires ldap-filter" that allows the module to only authorize a user based on a complex LDAP search filter.

Vote.

backport vote

CHANGES entry for CAN-2004-0942 fix

make sure that generated test-more.php has proper 'do not edit' warnings

backport

Don't display the cache statistics if the node is empty

update transformation

* modules/experimental/mod_disk_cache.c (recall_headers,

create_entity): Remove unused variables.

Add util_ldap_cache_getuserdn() prototype to the util_ldap.h header file

Submitted by:Jari Ahonen [jah progress.com]

Document SSLPassPhraseDialog's piped input mode.

Remove bogus comment: for SSLPassPhraseDialog exec:..., argv is

defined and documented and can't be changed.

remove out-of-date comment... BillS reports that

AP_MPM_DISABLE_NAGLE_ACCEPTED_SOCK provides the

necessary capability to the MPM

Submitted by: stoddard a.k.a. BillS a.k.a. FirstBill

If the entry has a password then don't allow util_ldap_cache_getuserdn() to update the expiration timeout since it has no idea when the password was last validated.

Submitted by: Jari Ahonen [jah progress.com]

Fix for memory consumption DoS, CVE CAN-2004-0942:

* server/protocol.c (ap_rgetline_core): Don't trim trailing whitespace

from the buffer here.

(ap_get_mime_headers_core): Trim trailing whitespace here, after

reading a complete field including continuation lines. Also simplify

code to remove whitespace between field-name and colon.

Reviewed by: Andr�� Malo, Bill Stoddard

PR: 29709,32051

Submitted by: Gabriel Kalkuhl

Add warning notice about basing code on mod_example.

bug fix: core file incremental scan was broken

PR:

Obtained from:

Submitted by:

Reviewed by:

Just a simple switch of mod_usertrack to run earlier in the fixup hook.

PR: 29755

backport

Added the directive "Requires ldap-attribute" that allows the module to only authorize a user if the attribute value specified matches the value of the user object. PR 31913

Submitted by: Ryan Morgan <rmorgan pobox.com>

Reviewd by: Brad Nicholes

reverting to 1.41 - apparently the conditional assignment borks win32

modify for win32 in version 1.03

Return HTTP_SERVICE_UNAVAILABLE instead of HTTP_INTERNAL_SERVER_ERROR

Track the status of an upgradeable socket so that the http_method and default_port hooks will report the correct information. Also add the check for an upgraded https connection when responding to the state of a connection.

* docs/conf/magic: Remove trailing whitespace.

PR: 31472

Submitted by: Jack Repenning

    • ?
    /httpd/branches/APACHE_2_0_BRANCH/docs/conf/magic
* docs/conf/magic: Remove trailing whitespace.

PR: 31472

Submitted by: Jack Repenning

Split LDAP authorization from authentication

Allow mod_authnz_ldap authorization functionality to be used without requiring the user to also be authenticated through mod_authnz_ldap. This allows other authentication modules to take advantage of LDAP authorization only [PR 28253]

Submitted by: Jari Ahonen [jah progress.com]

Reviewed by: Brad Nicholes

Note the mod_rewrite regression since .52.