httpd

Checkout Tools
  • last updated 6 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1650677 is being indexed.

Merge r1640495, r1644031 from trunk

* mod_proxy_fcgi: Ignore body data from backend for 304 responses. PR 57198.

Submitted by: jkaluza

Reviewed by: jkaluza, ylavic, covener

Backported by: jailletc36

Merge r1630947, r1645670 from trunk

* mod_ssl: Check if we are having an SSL connection before looking up SSL

related variables during expression evaluation to avoid a crash.

If not return NULL as ssl_var_lookup_ssl does by default. PR 57070

Submitted by: rpluem

Reviewed by: jailletc36, ylavic, covener

Backported by: jailletc36

Merge r1644503 from trunk

* mod_proxy_ajp: Fix handling of the default port (8009) in the

ProxyPass and <Proxy> configurations. PR 57259.

Submitted by: ylavic

Reviewed by: ylavic, jim, covener

Backported by: jailletc36

Propose
* modules/dav/main/config.m4: Remove long-redundant expat reference.

Add copy and paste typo fix to proposal.

Xforms.

Fix copy and paste error in docs of new feature.

Promote.

Add some easy votes.

Propose.

Xforms.

  1. … 6 more files in changeset.
Add SSLSessionTickets (on|off).

It controls the use of TLS session tickets

(RFC 5077). Default is unchanged (on).

Using session tickets without restarting

the web server with an appropriate frequency

(e.g. daily) compromises perfect forward

secrecy.

As long as we do not have a nice key management

there should be a way to deactivate session

tickets.

save some bytes per Christophe's review.

Update mod_ssl's IO/state dump proposal.
mod_ssl: follow up to r1601919.

Likewise when set from SNI callback.

update mod_ssl.html.en transformation
Add support for extracting subjectAltName entries of type

rfc822Name and dNSName into SSL_{CLIENT,SERVER}_SAN_{Email,DNS}_n

variables.

* docs/manual/mod/mod_ssl.xml: add SSL_*_SAN_*_n entries to the

environment variables table

* modules/ssl/ssl_engine_kernel.c: in ssl_hook_Fixup, add extraction

of subjectAltName entries for the "StdEnvVars" case

* modules/ssl/ssl_engine_vars.c: add support for retrieving the

SSL_{CLIENT,SERVER}_SAN_{Email,DNS}_n variables, either with

individual on-demand lookup (ssl_var_lookup_ssl_cert_san),

or with full-list extraction to the environment ("StdEnvVars")

* modules/ssl/ssl_private.h: add modssl_var_extract_san_entries prototype

* modules/ssl/ssl_util_ssl.c: implement SSL_X509_getSAN and

SSL_ASN1_STRING_to_utf8 helper functions, with factoring out common

code from SSL_X509_getIDs and SSL_X509_NAME_ENTRY_to_string where

suitable. Limit SSL_X509_getSAN to the two most common subjectAltName

entry types appearing in user or server certificates (i.e., rfc822Name

and dNSName), for the time being.

* modules/ssl/ssl_util_ssl.h: add SSL_ASN1_STRING_to_utf8

and SSL_X509_getSAN prototypes

mod_proxy: Don't put non balancer-member workers in error state by

default for connection or 500/503 errors, and honor status=+I for

any error. PR 48388.

Add CHANGE for r1649632
Add PR
Add missing 'filemod' in functions list + minor formatting issue + long line split
Be consistant with the code below which accepts lower or upper case.
* modules/cache/mod_socache_memcache.c (socache_mc_store): Pass

through expiration time.

Submitted by: Faidon Liambotis <paravoid debian.org>, jorton

Rebuild.

XML update.

Rebuild.

XML update.

Rebuild.

XML update.