Checkout Tools
  • last updated 3 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1750846 is being indexed.

mod_mem_cache: Fix concurrent removal of stale entries which could lead

to a crash.

PR: 43724

Submitted by: ylavic

Reviewed by: covener, wrowe

  1. … 2 more files in changeset.
mod_proxy: Fix a race condition that caused a failed worker to be retried

before the retry period is over

Backports: r1664709, r1697323

Submitted by: rpluem

Reviewed by: wrowe, ylavic

  1. … 2 more files in changeset.
mime.types: Add common extension "m4a" for MPEG 4 Audio.

As a reference see Wikipedia:

https://en.wikipedia.org/wiki/MPEG-4_Part_14#.MP4_versus_.M4A

Submitted by: Dylan Millikin <dylan.millikin gmail.com>

PR: 57895

Backports: r1723567

Reviewed by: rjung, wrowe, ylavic

  1. … 3 more files in changeset.
mod_proxy: don't recyle backend announced "Connection: close" connections

to avoid reusing it should the close be effective after some new request

is ready to be sent.

Backports: r1678763, r1703807, r1703813, r1678763

Submitted by: ylavic

Reviewed by: rpluem, wrowe

  1. … 2 more files in changeset.
mod_substitute: Allow to configure the patterns merge order with the new

SubstituteInheritBefore on|off directive (with default in 2.2 of 'off)

Backports: r1684900, r1687539, r1687680, r1688331, r1688339, r1688340, r1688343,

r1697013, r1697015

PR: 57641

Submitted by:

[Marc.Stern <Marc.Stern approach.be>, Yann Ylavic, William Rowe]

  1. … 4 more files in changeset.
abs: Include OPENSSL_Applink when compiling on Windows, to resolve

failures under Visual Studio 2015 and other mismatched MSVCRT flavors.

PR: 59630

Submitted by: Jan Ehrhardt <phpdev ehrhardt.nl>

  1. … 2 more files in changeset.
Note that 2.2.1, 2.2.28 were not released.

* Fix a regression with 2.2.31 that caused inherited workers to

use a different scoreboard slot then the original one.

This has no trunk revision since this a 2.2.x issue only and trunk

code is different.

PR: 58267

Reviewed by: rpluem, jkaluza, ylavic

  1. … 5 more files in changeset.
And we are at .32-dev
  1. … 3 more files in changeset.
Approve and commit symbols export, with simplified CHANGES
  1. … 3 more files in changeset.
On to 2.2.31-dev
  1. … 3 more files in changeset.
Add CHANGES entry for r1678698.
Merge r1688274 from trunk.

http: Fix LimitRequestBody checks when there is no more bytes to read.

Submitted by: Michael Kaufmann <mail michael-kaufmann.ch>

Committed by: ylavic

Reviewed by: ylavic, mrumph, wrowe

  1. … 3 more files in changeset.
Merge r1685345, r1685347, r1685349 and r1685350 from trunk.

core: Allow spaces after chunk-size for compatibility with implementations

using a pre-filled buffer.

Submitted by: ylavic, trawick

Reviewed by: ylavic, wrowe, minfrin

  1. … 3 more files in changeset.
SECURITY: CVE-2015-3183 (cve.mitre.org)

core: Fix chunk header parsing defect.

Remove apr_brigade_flatten(), buffering and duplicated code from

the HTTP_IN filter, parse chunks in a single pass with zero copy.

Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext

authorized characters.

Submitted by: minfrin, ylavic

Reviewed by: ylavic, wrowe, minfrin

Reported by: regilero <regis.leroy makina-corpus.com>

Backports: 1484852, 1684513

  1. … 2 more files in changeset.
Add PR to CHANGES entry.
Merge r1585090 from trunk:

Bring SNI behavior into better conformance with RFC 6066:

- no longer send a warning-level unrecognized_name(112) alert

when no matching vhost is found (PR 56241)

<not backported to 2.2.x>

- at startup, only issue warnings about IP/port conflicts and name-based

SSL vhosts when running with an OpenSSL without TLS extension support

(almost 5 years after SNI was added to 2.2.x, the

"[...] only work for clients with TLS server name indication support"

warning feels obsolete)

</not backported to 2.2.x>

Proposed by: kbrand

Reviewed by: ylavic, jorton, wrowe

  1. … 3 more files in changeset.
core, modules: Avoid error response/document handling by the core if some

handler or input filter already did it while reading the request (causing

a double response body).

Submitted by: ylavic

Backports: r1482522 (partial, ap_map_http_request_error() things only!),

r1529988, r1529991, r1643537, r1643543, r1657897, r1665625,

r1665721, r1674056

Reviewed by: ylavic, wrowe, covener

  1. … 20 more files in changeset.
Merge r1551685, r1652929 from trunk.

r1551685 | trawick | 2013-12-17 21:25:54 +0100 (Tue, 17 Dec 2013) | 5 lines

FreeBSD: Disable IPv4-mapped listening sockets by default for versions

5+ instead of just for FreeBSD 5.

PR: 53824

r1652929 | ylavic | 2015-01-19 09:06:56 +0100 (Mon, 19 Jan 2015) | 4 lines

Fix --enable-v4-mapped configuration on *BSD. PR 53824.

Submitted by: olli hauer <ohauer gmx.de>

Committed by: ylavic

Reviewed by: ylavic, trawick, rjung

Backported by: ylavic

  1. … 3 more files in changeset.
Merged r979120 from trunk.

r979120 | rjung | 2010-07-25 23:08:15 +0200 (Sun, 25 Jul 2010) | 26 lines

Adding sub second timestamps and request end time to mod_log_config.

Add special format tokens to %{...}t. The extended syntax allows the

form: "WHICH:WHAT".

WHICH is either:

- "begin": use the time when the request started

- "end": take "now" as the time

You can omit WHICH, default is "begin".

If you omit WHICH, the separating column is not allowed.

WHAT is either:

- "sec": timestamp in Unix seconds

- "msec": timestamp in Unix milliseconds

- "msec_frac": millisecond fraction of the Unix timestamp,

3 digits, 0-padded

- "usec": timestamp in Unix microseconds

- "usec_frac": microsecond fraction of the Unix timestamp

6 digits, 0-padded

- anything different from those tokens: use strftime()

You can omit WHAT, default is the formatted timestamp as

used by the Common Log Format.

The implementation uses a new request_config for mod_log_config

to pass the request end time around between different calls to

log formatters, but the end time is only generated if needed.

Reviewed by: rjung, wrowe, ylavic

Backported by: ylavic

  1. … 4 more files in changeset.
Merge r1665215, r1665218 from trunk.

r1665215 | ylavic | 2015-03-09 13:45:56 +0100 (Mon, 09 Mar 2015) | 8 lines

mod_proxy: use the original (non absolute) form of the request-line's URI

for requests embedded in CONNECT payloads used to connect SSL backends via

a ProxyRemote forward-proxy. PR 55892.

Submitted by: Hendrik Harms <hendrik.harms gmail com>

Reviewed by: wrowe, ylavic

Committed by: ylavic

r1665218 | ylavic | 2015-03-09 13:54:38 +0100 (Mon, 09 Mar 2015) | 1 line

mod_proxy: follow up to r1665215: CHANGES entry.

Reviewed by: ylavic, wrowe, rjung

Backported by: ylavic

  1. … 3 more files in changeset.
mod_log_config: Backport get_request_end_time().

This makes data consistent if a log format uses

multiple %{...}T and/or %D.

The end time of a request is only taken once and

the same time is used for each log field.

Backport of r979120 (partial) plus r1467765 from trunk

resp. r979120 (partial) plus r1467981 from 2.4.x.

Committed By: rjung

Reviewed By: rjung, trawick, wrowe

Backported By: rjung

  1. … 2 more files in changeset.
mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for

internationalization.

Backports: 1611165,1611169

Reviewed by: wrowe, gsmith

  1. … 3 more files in changeset.
like r1681187 in 2.4.x: minor tweak for readability/grammar

Merge r1675533, r1680895, r1680900, r1680942 from trunk.

r1675533 | breser | 2015-04-23 05:12:30 +0200 (Thu, 23 Apr 2015) | 3 lines

mod_log_config: Add %M format to output request duration in milliseconds.

r1680895 | rjung | 2015-05-21 17:07:15 +0200 (Thu, 21 May 2015) | 14 lines

mod_log_config: instead of using the new dedicated

pattern format "%M" for duration milliseconds,

overload the existing "%D" to choose the time precision

("%{s}D" for seconds, "%{ms}D" for milliseconds and

"%{us}D" for microseconds).

The existing %T and %D without precision are kept for

compatibility.

The previously introduced "%M" (r1677187) is removed,

it has not yet been released. Format pattern characters

are rare, so we should only use a new one if an

existing one isn't a good fit.

r1680900 | rjung | 2015-05-21 17:17:50 +0200 (Thu, 21 May 2015) | 2 lines

Fix syntax.

r1680942 | trawick | 2015-05-21 21:20:44 +0200 (Thu, 21 May 2015) | 5 lines

Follow-up to r1680895:

Let %T be the format character which accepts time resolution

arguments.

Reviewed by: ylavic, wrowe, rjung

Backported by: ylavic

  1. … 4 more files in changeset.
Merge r1663647, r1679182 from trunk.

r1663647 | jkaluza | 2015-03-03 12:12:18 +0100 (Tue, 03 Mar 2015) | 3 lines

* mod_authn_dbd: apr_pstrdup dbd_password and dbd_hash to fix use-after-free

bug with postgresql

r1679182 | ylavic | 2015-05-13 13:35:22 +0200 (Wed, 13 May 2015) | 1 line

Follup up to r1679181: CHANGES entry.

Reviewed by: ylavic, rjung, wrowe

Backported by: ylavic

  1. … 3 more files in changeset.
Edit for consistency between 2.4 and 2.2 CHANGES forks

Submitted by: jim

mod_ssl: Propose a more modern Cipher and Protocol list, honor server cipher

priority and add explanations relative to RFC 7525 guidance.

Submitted by: wrowe

Backports: 1679428, 1679432

Reviewed by: wrowe, ylavic, rjung

  1. … 2 more files in changeset.
Merge r1664205 from trunk.

Preventive backport, 2.2.x not concerned by CVE-2015-0253.

r1664205 | covener | 2015-03-05 03:33:16 +0100 (Thu, 05 Mar 2015) | 12 lines

*) SECURITY: CVE-2015-0253 (cve.mitre.org)

core: Fix a crash introduced in with ErrorDocument 400 pointing

to a local URL-path with the INCLUDES filter active, introduced

in 2.4.11. PR 57531. [Yann Ylavic]

Submitted By: ylavic

Committed By: covener

Reviewed by: ylavic, wrowe, rjung

Backported by: ylavic

  1. … 3 more files in changeset.
Merge r1526189, r1658765 from trunk.

r1526189 | trawick | 2013-09-25 16:29:02 +0200 (Wed, 25 Sep 2013) | 8 lines

mod_proxy: Add ap_connection_reusable() for checking if a connection

is reusable as of this point in processing.

mod_proxy_fcgi uses the new API to determine if FCGI_CONN_CLOSE

should be enabled, but that doesn't change existing behavior

since the connection is currently marked for closure elsewhere

in the module.

r1658765 | ylavic | 2015-02-10 18:25:54 +0100 (Tue, 10 Feb 2015) | 4 lines

mod_proxy_http: Use the "Connection: close" header for requests to

backends not recycling connections (disablereuse), including the default

reverse and forward proxies.

Reviewed by: ylavic, wrowe, rjung

Backported by: ylavic

  1. … 6 more files in changeset.