Checkout Tools
  • last updated 2 hours ago
Constraints: committers
Constraints: files
Constraints: dates

Changeset 1877784 is being indexed.

proposing backport of 1877783
*) mod_http2: Fixed regression that caused connections to close when mod_reqtimeout

was configured with a handshake timeout. Fixes gitub issue #196.

Include Angle-bracket form to Quoted form

mod_proxy: binary search for ProxyErrorOverride status codes.

The list can be rather long, speed up runtime by sorting the status codes in

error_override_codes and using binary search from ap_proxy_should_override().

Merge r1877708 from trunk:

mention relative path behavior, offline question

mention relative path behavior, offline question

mod_proxy_http: follow up to r1877696: reindent.

No functional changes.

mod_proxy_http: axe ap_proxy_should_override() duplicate checks.

mod_proxy_http: follow up to r1877646: send Upgrade header with 101 response.

Also, add a comment about why we forward the Upgrade header in non-101

responses provided the protocol matches the upgrade= configuration.

Windows : do not include ap_config_auto.h

Windows bits for mod_log_json.dsp

mod_proxy_http: handle Upgrade requests and upgraded protocol forwarding.

If the request Upgrade header matches the worker upgrade= parameter and

the backend switches the protocol, do the tunneling in mod_proxy_http.

This allows to keep the protocol to HTTP until the backend really

switches the protocol, and apply usual output filters.

When configured to forward Upgrade mechanism, we want the backend to be

able to announce its Upgrade protocol to the client (e.g. with 426

Upgrade Required response) and thus forward back the Upgrade header that

matches the one(s) configured in the worker upgrade= parameter.



ap_proxy_worker_can_upgrade(): added helper to determine whether a

proxy worker is configured to forward an Upgrade protocol.


Bump MMN minor for ap_proxy_worker_can_upgrade().


set_worker_param(): handle worker parameter upgrade=ANY as upgrade=*

(should the "any" protocol scheme be something some day..).


proxy_wstunnel_handler(): use ap_proxy_worker_can_upgrade() to match

the Upgrade header. Axe handling of upgrade=NONE, it makes no sense to

Upgrade a connection if the client did not ask for it, nor to configure

mod_proxy_wstunnel to use a worker with upgrade=NONE by the way.


proxy_http_req_t: add fields force10 (force HTTP/1.0) and upgrade (value

of the Upgrade header sent by the client if it matches the configuration,

NULL otherwise).

proxy_http_handler(): use ap_proxy_worker_can_upgrade() to determine

whether the request is electable for end to end protocol upgrading and set

req->upgrade accordingly.

terminate_headers(): handle Connection and Upgrade headers to send to the

backend, according to req->force10 and req->upgrade set before.

ap_proxy_http_prefetch(): use req->force10 and terminate_headers().

send_continue_body(): added helper to send the body retained for end to

end 100-continue handling.

ap_proxy_http_process_response(): use ap_proxy_worker_can_upgrade() to

match the response Upgrade header and forward it back if it matches the

configured one(s). That is for 101 Switching Protocol obviously but also

any other status code which is not overidden, at the backend wish. If the

protocol is switching, create a proxy tunnel and run it, using the minimal

timeout from the client or backend connection.

Github: closes #125

ap_log_pid(): Windown does not implement apr_file_perms_set(), not a failure.
mod_md: update duplicated APLOGNOs.
listen.c: follow up to r1876865: update APLOGNO.
Add Win build mod_log_json.dsp

    • ?
add include to test_char.h now required

mod_proxy_http: follow up to r1877557.

Yet better, call proxy_run_detach_backend() at the caller.

mod_proxy_http: single point of failure in ap_proxy_http_process_response().

No functional change (intended).

mpm_event: reset listener_is_wakeable on reload.
util_md5: avoid temporary stack result in ap_md5_binary().
util_expr: allow to specify only one of ap_expr_eval_ctx_t's r/c/s.

Depending on where the expression is evaluated, a request_rec might not be

available, so allow to specify only a conn_rec or a server_rec (at least) in

the passed in ap_expr_eval_ctx_t.

mod_ssl: destroy temporary pool on stapling_renew_response() failure.
util_filter: export ap_filter_adopt_brigade() since mod_ssl uses it.
fr doc rebuild.

fr doc XML file update.

fr doc rebuild.

fr doc XML files updates.

mod_ssl: Update the ssl_var_lookup() API:

a) constify return value and variable name passed-in

b) require that pool argument is non-NULL

c) add gcc warning attributes for NULL arguments or ignored result.

This allows removal of inefficient internal duplication of constant

strings which was necessary only to allow non-const char *, and

removal of unsafe casts to/from const in various places.

* modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Assume pool is

non-NULL; return constant and remove apr_pstrdup of constant

result string. Also constify variable name.

(ssl_var_lookup_*): Update to return const char * and avoid

duplication where now possible.

* modules/ssl/mod_ssl.h: Update ssl_var_lookup() optional function

API description and add GCC warning attributes as per private API.

* modules/ssl/ssl_engine_init.c (ssl_add_version_components): Adjust

for const return value.

* modules/ssl/ssl_engine_io.c (ssl_io_filter_handshake): Pass c->pool

to ssl_var_lookup.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Pass r->pool to

ssl_var_lookup, expect const return and dup the string since r->user

is char *.

(log_tracing_state): Pass c->pool to ssl_var_lookup.

* modules/http2/h2_h2.c (h2_is_acceptable_connection): Assume

return value of ssl_var_lookup is const.

Github: closes #120