Checkout Tools
  • last updated 48 mins ago
Constraints: committers
Constraints: files
Constraints: dates
Merge of r1864191 from trunk:

*) core, proxy: remove request URL and headers from error docs

[Eric Covener]

  1. … 6 more files in changeset.
Merge r1837056 from trunk:

*) http: Enforce consistently no response body with both 204 and 304

statuses. [Yann Ylavic]

  1. … 8 more files in changeset.
Merge r1799784, r1799786 from trunk:

Since r1753257, "HEAD" method is registered into the registry hash with the M_GET ID.

(r1757672 in 2.4.x)

We iterate over all the values of the registery, so there is no need anymore to have a special case for "HEAD" in 'make_allow()'. It has its own entry now.

With the current code, we have "HEAD" 3 times in the Allow Header field.

This is because we find M_GET 2 times in the registry hash. The first one gives "GET" and "HEAD" (as the special handling), and the second "HEAD" and "HEAD" (as the special handling).

BTW, use APR_ARRAY_PUSH instead of hand coding it, in oder to have the code more readable.

PR 61207

Add CHANGE entry

Submitted by: jailletc36

Reviewed by: jailletc36, rpluem, jim

  1. … 3 more files in changeset.
Merge r1753257 from trunk:

Restore 'HEAD' method as a special case of GET with the common ID

Submitted by: wrowe

Reviewed/backported by: jim

  1. … 2 more files in changeset.
Merge r1730723 from trunk:

Add 451... Needed to adjust RESPONSE_CODES which

was not in the provided patch

BUGZ# 58985

Reviewed/backported by: jim

  1. … 3 more files in changeset.
Merge r1719252, r1719254, r1719255, r1720996 from trunk:

Use 'ap_array_str_contains' to simplify code.

Use 'ap_array_str_contains' to simplify code.

Use 'ap_array_str_contains' to simplify code.

Use 'ap_array_str_contains' to simplify code.

Submitted by: jailletc36

Reviewed/backported by: jim

  1. … 5 more files in changeset.
Merge r1697855, r1697339, r1696428, r1696266, r1696264, r1695874, r1695727, r1692516, r1692486, r1610674, r1685069, r1693918, r1698116, r1698133, r1694950, r1700968, r1701005, r1701145, r1701178 from trunk:

adding ap_get_protocol(c) which safeguards against NULL returns, for use instead of direct calling ap_run_protocol_get

changed Protocols to let vhosts override servers, removed old H2Engine example from readme

creating ap_array_index in util, forwarding scheme into request processing, enabling SSL vars only when scheme is not http:, delayed connection creation until task worker assignment

removed unnecessary lingering_close and sbh update on end of protocol upgrade handling

introducing ap_array_index in util, used in protocol and mod_h2

fixes existing protocol missing in selection if not explicitly proposed

new directive ProtocolsHonorOrder, added documentation for Protocols feature, changed preference selection and config merging

removed accidental code

new Protocols directive and core API changes to enable protocol switching on HTTP Upgrade or ALPN, implemented in mod_ssl and mod_h2

SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse

proxy configuration, a remote attacker could send a carefully crafted

request which could crash a server process, resulting in denial of


Thanks to Marek Kroemeke working with HP's Zero Day Initiative for

reporting this issue.

* server/util.c (ap_parse_token_list_strict): New function.

* modules/proxy/proxy_util.c (find_conn_headers): Use it here.

* modules/proxy/mod_proxy_http.c (ap_proxy_http_process_response):

Send a 400 for a malformed Connection header.

Submitted by: Edward Lu, breser, covener

http, mod_ssl: Introduce and return the 421 (Misdirected Request) status code

for clients requesting a hostname on a reused connection whose SNI (from the

TLS handshake) does not match.

PR 5802.

This allows HTTP/2 clients to fall back to a new connection as per:

Proposed by: Stefan Eissing <stefan>

Reviewed by: ylavic


Allowing protocol_propose hooks to be called with offers=NULL, clarifying semantics as proposed by

giving ap_array_index a start parameter, adding ap_array_contains

ap_process_request needs exportation for use in mod_h2 on Windows

final final change to the new ap_array_str_* functions after review

changed Protocols default to http/1.1 only, updated documentation, changed ap_select_protocol() to return NULL when no protocol could be agreed upon

mod_ssl: fix compiler warning (bad cast).

improvements in ap_select_protocol(), supplied by yann ylavic

Submitted by: icing, jorton, ylavic, covener, icing, icing, gsmith, icing, icing, ylavic, icing

Reviewed/backported by: jim

  1. … 16 more files in changeset.
Merge r1646282 from trunk:

* Fix If-Match handling:

- We need to fail if we do NOT match.

- ETag comparison only makes sense if we have an ETag

PR: 57358

Submitted by: Kunihiko Sakamoto <ksakamoto>

Reviewed by: rpluem

Submitted by: rpluem

Reviewed/backported by: jim

  1. … 3 more files in changeset.
Merge r1610813 from trunk:

http_protocol: fix logic in ap_method_list_(add|remove) in order:

- to correctly reset bits

- not to modify the 'method_mask' bitfield unnecessarily

Submitted by: jailletc36

Reviewed by: jailletc36, ylavic, rjung

Backported by: jailletc36

  1. … 2 more files in changeset.
Merge r1609938 from trunk:

core: Include any error notes set by modules in the canned error

response for 403 errors.

Submitted by: trawick

Reviewed by: minfrin, rjung

  1. … 3 more files in changeset.
core, mod_cache: Ensure RFC2616 compliance in ap_meets_conditions()

with weak validation combined with If-Range and Range headers. Break

out explicit conditional header checks to be useable elsewhere in the

server. Ensure weak validation RFC compliance in the byteranges filter.

Ensure RFC validation compliance when serving cached entities. PR 16142

trunk patch:

2.4.x patch:

Submitted by: minfrin

Reviewed by: jim, wrowe

  1. … 8 more files in changeset.
core: Add the ability to do explicit matching on weak and strong ETags

as per RFC2616 Section 13.3.3.

trunk patch:

Submitted by: minfrin

Reviewed by: jim, wrowe

  1. … 6 more files in changeset.
Merge r1361801 from trunk:

Various code clean up

Submitted by: Christophe JAILLET <christophe jaillet wanadoo fr>

PR: 52893

Submitted by: sf

Reviewed/backported by: jim

  1. … 9 more files in changeset.
Add missing HTTP status codes taken from

The new codes are now known and some canned error

strings are provided. The web server does not yet actually

produce them in responses or reacts on getting them

from an origin server when acting as a proxy or gateway.

Backport of r1361784, r1361791 and 1362020 from trunk.

Submitted by: rjung

Reviewed by: jorton, trawick

  1. … 6 more files in changeset.
Backport r1209766, r1210252, r1210284:

Add lots of unique tags to error log messages

ssl_util.c: Downgrade some dynamic locking messages from level DEBUG

to TRACE1-3

  1. … 164 more files in changeset.