httpd

Checkout Tools
  • last updated 4 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 834499 is being indexed.

Fix broken config check for *max timeouts

Fix floating point exception for *minrate == 0

fix typo
fix e-mail address format
enable support for ECC keys and ECDH ciphers. Tested against

OpenSSL 1.0.0b3. [Vipul Gupta vipul.gupta sun.com, Sander Temme]

move process class def'n to common location

clarify that links to the same executable file are not

distinguished

mod_dav_fs: Include uri when logging a PUT error due to connection abort.

PR: 38149

Return 409 instead of 500 for a LOCK request if the parent resource does not

exist or is not a collection.

PR: 43465

There is a bug report for r834073, therefore add a CHANGES entry.

Fix litmus warning: According to RFC2518, COPY to non-existant collection

should give 409 CONFLICT.

PR: 39299

Fix compiler warning

Fix litmus warning: According to RFC2518, COPY to non-existant collection

should give 409 CONFLICT.

Don't delete the whole file if a PUT with content-range failed.

PR: 42896

Make PUT with DAV_MODE_WRITE_TRUNC create a temporary file first and, when the

transfer has been completed successfully, move it over the old file.

Since this would break inode keyed locking, switch to filename keyed locking

exclusively.

PR: 39815

Submitted by: Paul Querna, Stefan Fritsch

Instead of checking device ids, try rename first and in case of EXDEV,

fallback to copy.

From rename(2) on Linux: Linux permits a file system to be mounted at multiple

points, but rename() does not work across different mount points, even

if the same file system is mounted on both.

Also remove trailing whitespace in the value

Simplify code by using apr_strtok

Rebuild html from xml typo fixes.

procnode->requests_handled does not increase in some cases
Little typos.

Little typos.

mod_log_config: Make ${cookie}C correctly match whole cookie names

instead of substrings.

PR: 28037

Submitted by: Dan Franklin <dan dan-franklin.com>, Stefan Fritsch

Update.

Typo correction. Thanks Lucien.

rewrote signing section; this also fixes a bug where

a wrong signature was created for the .dep files when

pgp is used for signing.

make checksum output equal regardless of used tools.

Merge r833582, r833593 from trunk:

SECURITY: Partial fix for CVE-2009-3555:

Reject client-initiated renegotiations; this is sufficient to prevent

the attack for any configuration which does not require renegotiation

due to per-directory/per-location access control configuration.

Configuration with per-directory/per-location access control

requirements (such as "SSLVerifyClient require") are still vulnerable

to CVE-2009-3555 with this patch applied (if using OpenSSL <= 0.9.8k).

* modules/ssl/ssl_private.h (SSLConnRec): Add reneg_state field.

(ssl_callback_Info): Renamed from ssl_callback_LogTracingState.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Install

the (renamed) info callback unconditionally.

* modules/ssl/ssl_engine_io.c (ssl_filter_ctx_t): Add config pointer

to SSLConnRec.

(bio_filter_out_write, bio_filter_in_read): Fail with

APR_ECONNABORTED if the reneg state is set to RENEG_ABORT.

* modules/ssl/ssl_engine_kernel.c (log_tracing_state): Factored out

of ssl_callback_LogTracingState.

(ssl_callback_Info): New function.

Submitted by: jorton, rpluem

Reviewed by: jorton, rpluem, dirkx

Some additional new feature goodness to be part of 2.4. Please review
* modules/ssl/ssl_engine_kernel.c (ssl_callback_Info): Add parentheses

around bitwise-and.

update pollset to reflect changed connection state before closing the socket;

otherwise the pollset-remove can crash (at least with select-based poll, since

fd is now -1)

SECURITY: Partial fix for CVE-2009-3555:

Reject client-initiated renegotiations; this is sufficient to prevent

the attack for any configuration which does not require renegotiation

due to per-directory/per-location access control configuration.

Configuration with per-directory/per-location access control

requirements (such as "SSLVerifyClient require") are still vulnerable

to CVE-2009-3555 with this patch applied (if using OpenSSL <= 0.9.8k).

* modules/ssl/ssl_private.h (SSLConnRec): Add reneg_state field.

(ssl_callback_Info): Renamed from ssl_callback_LogTracingState.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Install

the (renamed) info callback unconditionally.

* modules/ssl/ssl_engine_io.c (ssl_filter_ctx_t): Add config pointer

to SSLConnRec.

(bio_filter_out_write, bio_filter_in_read): Fail with

APR_ECONNABORTED if the reneg state is set to RENEG_ABORT.

* modules/ssl/ssl_engine_kernel.c (log_tracing_state): Factored out

of ssl_callback_LogTracingState.

(ssl_callback_Info): New function.

Remove mod_unique_id from the default build.

Reviewed by: sctemme, niq, rpluem