httpd

Checkout Tools
  • last updated 4 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1876303 is being indexed.

s/http/https/g
As per discussion on the ComDev mailing lists, adds a one-stop

/contribute/ page that points to where the source is and how to engage

with it.

    • ?
    /site/trunk/content/contribute/index.mdtext
easy proposals [skip ci]
Add dates in fixed tag for 2.4.41 fixes
fr doc rebuild.

fr doc XML file update.

fr doc rebuild.

fr doc XML file update.

Merge r1874723 from trunk:

* Use a loop instead of recursion to iterate over pool siblings

Submitted by: rpluem

Reviewed by: rpluem (Backports of .gdbinit changes are CTR)

Axe ant-bootstrap.jar as explained in r1876062
ant-bootstrap.jar seems to be useless in our build process.

1.6.0 Changelog states that:

ant.jar's manifest does no longer include a Class-Path entry, so it

is no longer possible to run Ant via "java -jar ant.jar" without

manually altering the CLASSPATH. Instead of that a file

ant-bootstrap.jar is included in the etc directory of the binary

distribution, copy this to the lib directory and use

"java -jar ant-bootstrap.jar" instead if you want to run Ant without

the wrapper script (not recommended).

In our doc building process, we use wrapper script. Moreover, none of our scripts explicitly invoke 'ant-bootstrap.jar'. So I think that it can be axed.

Tested on Ubuntu 19.10, with openjdk version "1.8.0_232-ea"

(ant-bootstrap.jar removed in r1876063)

* modules/ssl/ssl_engine_io.c (ssl_io_filter_coalesce): Further tweaks

to logic, comments and debugging:

- allow buffering up to exactly COALESCE_BYTES rather than COALESCE_BYTES-1.

- put bucket type name in logging output

- do not coalesce a single-bucket prefix of length equal to the

buffer size (which would be a pointless memory copy).

core: add r->flushed flag and set it when the response is sent.

By setting EOR->r->flushed in the core output filter, allow one to determine at

log_transaction hook time whether the request has been fully flushed through

the network, or not (network issue, filter error, n-th pipelined resposne...).

Introduce the ap_bucket_eor_request() helper to get the request bound to an EOR

bucket, and uses it in ap_core_output_filter() to mark the EOR's request just

before destroying it, after all the previous buckets have been sent.

While at it, rename the request_rec* member of struct ap_bucket_eor from "data"

to "r", which makes the code clearer (not to be confused with b->data).

Finally, add CustomLog format %F, showing "F" or "-" depending on r->flushed,

for admins to figure out for each request.

* modules/ssl/ssl_engine_io.c (ssl_io_filter_coalesce): Handle the case

where apr_bucket_read fails with an error and hence our current bucket

remains the morphing bucket and is not replaced with a 'data' bucket.

If the error is not EAGAINi, error out with an AP_FILTER_ERROR,

otherwise just do not consider the morphing bucket that has no data for

coalesce.

Fix version refs, Affects: is correct already.
Strip email address.

Publish vulnerabilities after Mitre notification
Updates for announcement of 2.4.43
Updates for announcement of 2.4.43
ap_core_output_filter: follow up to r1875947: don't swallow bucket read EOF.

Morphing buckets don't return APR_EOF on read when exhausted, ignoring EOF

here could mask real errors (e.g. FILE bucket truncated under us).

Thanks rpluem/jorton!

MMN major bump for r1875947.
* modules/ssl/ssl_engine_io.c (ssl_io_filter_coalesce): Treat zero-length

buckets consistently (ignore them) after a morphing bucket morphs.

The brand policy -

https://www.apache.org/foundation/marks/pmcs#navigation - says that the

link is supposed to be 'Thanks' not 'Sponsors'

core: handle morphing buckets setaside/reinstate and kill request core filter.

The purpose of ap_request_core_filter() is not clear, it seems to prevent

potential morphing buckets to go through AP_FTYPE_CONNECTION filters which

would fail to set them aside (ENOTIMPL), and read them (unbounded) in memory.

This patch allows ap_filter_setaside_brigade() to set morphing buckets aside

by simply moving them, assuming they have the correct lifetime (either until

some further EOR, or the connection lifetime, or whatever). IOW, the module is

responsible for sending morphing buckets whose lifetime needs not be changed

by the connection filters.

Now since morphing buckets consume no memory until (apr_bucket_)read, like FILE

buckets, we don't account for them in flush_max_threshold either. This changes

ap_filter_reinstate_brigade() to only account for in-memory and EOR buckets to

flush_upto.

Also, since the EOR bucket is sent only to c->output_filters once the request

is processed, when all the filters < AP_FTYPE_CONNECTION have done their job

and stopped retaining data (after the EOS bucket, if ever), we prevent misuse

of ap_filter_{setaside,reinstate}_brigade() outside connection filters by

returning ENOTIMPL. This is not the right API for request filters as of now.

Finally, ap_request_core_filter() and co can be removed.

rebuild
Apply fix for bz64167 from trunk.
Adds additional clarification, as requested in bz64167

For future debugging ease, output the Travis tag & branch. [skip ci]

* modules/ssl/ssl_engine_io.c: Update comment, no function change, [skip ci]

* modules/ssl/ssl_engine_io.c: (ssl_io_filter_coalesce): Handle the

case of a bucket which morphs to a bucket short enough to fit within

the buffer without needing to split.