Checkout Tools
  • last updated 2 hours ago
Constraints: committers
Constraints: files
Constraints: dates
followup to r1864734

Add missing APLOGNO

(r1864733 in trunk)

Merge of r1861338,1862475,1862583,1862865,1863221,1863276 from trunk:

*) mod_http2: core setting "LimitRequestFieldSize" is not additionally checked on

merged header fields, just as HTTP/1.1 does. [Stefan Eissing, Michael Kaufmann]

*) mod_http2: fixed a bug that prevented proper stream cleanup when connection

throttling was in place. Stream resets by clients on streams initiated by them

are counted as possible trigger for throttling. [Stefan Eissing]

*) mod_http2/mpm_event: Fixes the behaviour when a HTTP/2 connection has nothing

more to write with streams ongoing (flow control block). The timeout waiting

for the client to send WINODW_UPDATE was incorrectly KeepAliveTimeout and not

Timeout as it should be. Fixes PR 63534. [Yann Ylavic, Stefan Eissing]

  1. … 12 more files in changeset.
Merge of 1849296,1852038,1852101,1852339,1853171,1853967,1854365,1854963,1854964,1855295,1855411 from trunk:

*) mod_http2: when SSL renegotiation is inhibited and a 403 ErrorDocument is

in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED.

Fixed. [Michael Kaufmann]

*) mod_http2: new configuration directive: `H2Padding numbits` to control

padding of HTTP/2 payload frames. 'numbits' is a number from 0-8,

controlling the range of padding bytes added to a frame. The actual number

added is chosen randomly per frame. This applies to HEADERS, DATA and PUSH_PROMISE

frames equally. The default continues to be 0, e.g. no padding. [Stefan Eissing]

*) mod_http2: ripping out all the h2_req_engine internal features now that mod_proxy_http2

has no more need for it. Optional functions are still declared but no longer implemented.

While previous mod_proxy_http2 will work with this, it is recommeneded to run the matching

versions of both modules. [Stefan Eissing]

*) mod_proxy_http2: changed mod_proxy_http2 implementation and fixed several bugs which

resolve PR63170. The proxy module does now a single h2 request on the (reused)

connection and returns. [Stefan Eissing]

*) mod_http2/mod_proxy_http2: proxy_http2 checks correct master connection aborted status

to trigger immediate shutdown of backend connections. This is now always signalled

by mod_http2 when the the session is being released.

proxy_http2 now only sends a PING frame to the backend when there is not already one

in flight. [Stefan Eissing]

*) mod_proxy_http2: fixed an issue where a proxy_http2 handler entered an infinite

loop when encountering certain errors on the backend connection.

See <>. [Stefan Eissing]

*) mod_http2: Configuration directives H2Push and H2Upgrade can now be specified per

Location/Directory, e.g. disabling PUSH for a specific set of resources. [Stefan Eissing]

*) mod_http2: HEAD requests to some module such as mod_cgid caused the stream to

terminate improperly and cause a HTTP/2 PROTOCOL_ERROR.

Fixes <>. [Michael Kaufmann]

  1. … 34 more files in changeset.
Merge r1843426 from trunk:

mod_http2: adding defensive code for stream EOS handling, in case the request handler

missed to signal it the normal way (eos buckets). Addresses github issues,


Submitted by: icing

Reviewed by: icing, ylavic, jim

  1. … 5 more files in changeset.
Merge r1826687, r1827166, r1828210, r1828232, r1828687 from trunk:

Instrument 'bbout'

mod_http2: use proper ARP defined for formatting apr_off_t

On the trunk:

mod_http2: on level trace2, log any unsuccessful HTTP/2 direct connection upgrade

with base64 encoding to unify its appearance in possible bug reports.

On the trunk:

* mod_http2: calculate unencrypted connection sniffing base64 only when log level is at required height. [Ruediger Pluem]

On the trunk:

mod_http2: accurate reporting of h2 data input/output per request via mod_logio. Fixes

an issue where output sizes where counted n-times on reused slave connections. See

gituhub issue:

Submitted by: jailletc36, icing, icing, icing, icing

Reviewed by: icing, jim, ylavic

  1. … 17 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1821371,1822502-1822503,1822624

  1. … 54 more files in changeset.
docco fix... correct license/copyright info

  1. … 24 more files in changeset.
Merge r1803420, r1803454, r1804090 from trunk:

mod_http2: version bump, partial fix for stream response getting stuck, see

mod_http2: signalling produce IO before waiting on beam buffer to drain.

mod_http2: non-dev version for backport

Submitted by: icing

Reviewed/backported by: icing, steffenal, ylavic

  1. … 7 more files in changeset.
SECURITY: CVE-2017-9789: Read after free in mod_http2.

When under stress, closing many connections, the HTTP/2

handling code would sometimes access memory after it has

been freed, resulting in potentially erratic behaviour.

Merge r1800689 from trunk:

Disable and give warning when mpm_prefork is encountered.

The server will continue to work, but HTTP/2 will no longer be negotiated.

Submitted by: icing

Reviewed by: icing, ylavic, jim

  1. … 13 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1790850,1790855,1791377,1791388,1791669,1791773

  1. … 14 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1789740,1790102,1790113,1790284,1790754,1790826-1790827,1790842

  1. … 20 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1786715,1787051,1787141,1787604,1788672,1788981,1789221,1789224,1789276,1789279,1789395,1789520,1789535,1789692

  1. … 31 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1784571,1785672,1785683,1786512,1786575-1786576

mod_http2/mod_proxy_http2 backport

  1. … 17 more files in changeset.
On the 2.4.x branch:

Merged /httpd/httpd/trunk:r1784002,1784366,1784372

  1. … 8 more files in changeset.
On the 2.4.x branch:

merge of r1780598,1781304,1782875,1782944,1782958,1782975 from trunk

  1. … 22 more files in changeset.
On the 2.4.x branch: merge r1778630,1779459,1779525,1779528,1779738 from trunk

*) mod_http2: rework of stream resource cleanup to avoid a crash in a close

of a lingering connection. Prohibit special file bucket beaming for

shared buckets. Files sent in stream output now use the stream pool

as read buffer, reducing memory footprint of connections.

[Yann Ylavic, Stefan Eissing]

  1. … 19 more files in changeset.
On the 2.4.x branch: merge of r1701609-1705681 from trunk.

*) mod_http2: streaming of request output now reacts timely to data

from other streams becoming available. Same for new incoming requests.

  1. … 12 more files in changeset.
Synch with trunk - remove trailing spaces
On the 2.4.x branch: merge of r1776738,1777160,1777324 from trunk

backport of latest mod_http2 related changes.

  1. … 9 more files in changeset.
On the 2.4.x branch, merge of r1775946,1776735 from trunk:

mod_http2: adding support for MergeTrailers directive.

mod_http2: limiting DATA frame sizes by TLS record sizes in use on the

connection. Flushing outgoing frames earlier.

  1. … 10 more files in changeset.
On the 2.4.x branch:

Merge r1775813 from trunk:

Fix mod_h2/github issue #126: correct lifetime of data sent on temp pools

* modules/http2/h2_bucket_beam.c

- ignore send pools that are sub-pools of the existing one

- added h2_beam_send_from() to allow explicit registering of the

correct pool for the sending

* modules/http2/h2_bucket_beam.h

- add prototype for h2_beam_send_from()

* modules/http2/h2_mplx.c

- adding logging of output beam state

* modules/http2/h2_stream.c

- register stream pool for sending data on input beam

* modules/http2/h2_task.c

- register task pool on output beam on creation

- adding trace logging

* modules/http2/h2_proxy_session.c

- fixing a type in a comment while we're at it

  1. … 7 more files in changeset.
Merge of r771160,1772576 from trunk:

SECURITY: CVE-2016-8740

mod_http2: properly crafted, endless HTTP/2 CONTINUATION frames could be used to exhaust all server's memory.

Reported by: Naveen Tiwari <> and CDF/SEFCOM at Arizona State University

mod_http2: wseaking cleanup assertion on streams that have never been scheduled

  1. … 5 more files in changeset.
Merge of r1767803 from trunk.

mod_http2: fix for beam double cleanup crashes introduced in 1.7.7

  1. … 5 more files in changeset.
Merge of r1765328,1766424,1766691,1766851 from trunk:

mod_http2: v1.7.7, connection shutdown revisited, AP_DEBUG_ASSERT transformed to real asserts

  1. … 21 more files in changeset.
Merge of r1766308 from trunk:

mod_http2: fixed potential crash in beam memory handling introduced in 1.7.x changes

  1. … 11 more files in changeset.
Merge r1766129 from trunk:

Fix -Wunused-but-set-variable warnings.

  1. … 2 more files in changeset.
Merge of 1764243,1765318 from trunk:

mod_http2/mod_proxy_http2: 100-continue implementation, PING checks on aged backend connections

  1. … 16 more files in changeset.
Merge of r1764236 from trunk:

mod_proxy_http2: renaming duplicate symbol clash between h2_proxy_util and h2_util externals

  1. … 17 more files in changeset.
Merge of r1764005 from trunk:

mod_http2: reverting int->apr_uint32_t changes from 1.7.x

  1. … 24 more files in changeset.