Checkout Tools
  • last updated 8 hours ago
Constraints: committers
Constraints: files
Constraints: dates

Changeset 1803403 is being indexed.

update for sync with English docs.
Follow up to r1803396: CHANGES entry.
mod_ssl, ab: compatibility with LibreSSL. PR 61184.

LibreSSL defines OPENSSL_VERSION_NUMBER = 2.0, but is not compatible with

all of the latest OpenSSL 1.1 API.

Address this by defining MODSSL_USE_OPENSSL_PRE_1_1_API which is true for

anything but OpenSSL >= 1.1 (for now).

Proposed by: Bernard Spil <brnrd>

Reviewed by: ylavic

mod_ssl: we can't use SSL_COMP_free_compression_methods() if OPENSSL_NO_COMP

is defined. PR 61206.

Submitted by: Michael Schlenker <msc>


Merge r1803313 from trunk:

cross link some balancer directives across proxy mods


cross link some balancer directives across proxy mods

Doc rebuild (reverts r1802703)

Documentation update: part 2
Documentation rebuild
mod_proxy*.xml: improve connection reuse documentation
mod_proxy doc rebuild
mod_proxy.xml: mention DNS caching when reusing backend connection
vulns page: replace obsolete <a> anchor with id

HTML5 browsers now complain about the anchor idiom (both the empty <a/>

tag and the use of the obsolete name attribute). Now that we have a

header element, give that an id instead.

CSS: apply dd paragraph margins to dd tables

This indents the vulnerability page tables appropriately.

several small improvements to security page markup

primarily whitespace fixes

wrap data/affected versions in a table to differentiate

Submitted by: Hank Ibell

Committed by: covener

Clarify some mod_proxy concepts in the docs

I have recently got some basic mod-proxy concepts

and these simple info would have helped me a lot:

- connection pooling == reuse. My brain did not pick

up this simple nomenclature at first read for some

reason, probably because we have parameters called

"*reuse*" and not "*pooling*". I find the term

"reuse" clearer than "pooling", but this is

debatable :)

- the concept of "Worker" needs to be read before

the ProxyPass section (that people probably read

directly after checking a search engine) to fully

understand its power.

- the fact that a worker is related to a single process

(and not shared as a Balancer) is a really important

concept that I tried to highlight when talking

about maxconns (question popped up a lot of times

from users).

Hope that my understanding is correct, feedback is welcome.

copy markup fix from r1803119 to 2.2 entry

Clean up odd nesting effects observed in Chrome

Clean up odd nesting effects observed in Chrome
Touch to force regen of html
Generate A-name tag for CVE entries, follow sp-slash-gt pattern for output html
event: Avoid possible blocking in the listener thread when shutting down

connections. PR 60956.

start_lingering_close_nonblocking() now puts connections in defer_linger_chain

which is emptied by any worker thread (all atomically) after its usual work,

hence any possibly blocking flush and lingering close run outside the listener.

The listener may create a dedicated worker if it fills defer_linger_chain or

while it's not empty, calling push2worker with a NULL cs.

The state machine in process_socket() is slighly modified to be able to enter

with CONN_STATE_LINGER directly w/o clogging_input_filters to interfer.

New abort_socket_nonblocking() allows to reset connections when nonblocking is

required and we can't do much about the connection anymore, nor we want the

system to linger on its own after close().

Many thanks to Stefan Priebe for his heavy testing on many event's changes!

Clarify 2.2.33 that wasn't.
extended warning catch

Make sure updatelbstatus() is NULL


XML updates.