Checkout Tools
  • last updated 1 hour ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1747009 is being indexed.

reversal of r1747004 bc unwanted changes
  1. … 3 more files in changeset.
vote
  1. … 3 more files in changeset.
Merge r1722177, r1722195, r1722229, r1722320, r1722328, r1722334, r1722350, r1722351, r1722358, r1722377, r1723953, r1724879, r1724992, r1724993, r1724995, r1725018, r1725031, r1725120, r1725328, r1725387, r1725489, r1725498, r1725499, r1725523, r1725545, r1725567, r1725581, r1725602, r1725822, r1725967, r1726038, r1726049, r1726051, r1726052, r1726055, r1725090, r1728326, r1737020 from trunk:

Commit framework impl of health-check module plus

required changes. The actual health checking is

currently in progress, but wanted to add in at

this stage.

Make aware of new status: Failed Health Check.

Store the number of current passes/fails in shm

finish looping logic... place-holder for actual checking

Better check

move to per server conf, useful for adding HealthCheckCondition

Now implement the condition ruleset definition. The

actual checking will be done in the actual health check

routine.

just check watched servers... use 'hc' prefix for sub directives

Check that we have names for both templates and

conditions

command changes

Don't bother w/ methods that return bodies. We don't

handle them now anyway.

Use enums and structs to keep things better organized

1st cut of 'simple' tcp check... We reuse various proxy

function and so this *could* be more streamlined, but

use this to show how the other would work, since we need

brigades, SSL/TLS support, etc.

Since every check needs this, do this in the main

check loop. Allows some optimizations.

move scope

pull this out... large enough for a func

Move to a set of health check workers, mapping to

each worker itself, instead of a single reused generic

worker.

some ordering optimization

Make balancer manager health-check aware

And we now allow for health checks via OPTIONS *

Leverage the OPTIONS code for HEAD as well...

So we now support: TCP, OPTIONS and HEAD.

Right now, anything other than an error (even a 404)

is consider a PASS.

Fill in APLOGNO.

I hope that doesn't result in merge trouble

for Jim.

Open up hook/scar to allow for passes/fails and

method to be changed via bal-man...

OPTIONS/HEAD proxy function should be diff from simple TCP check

For OPTIONS and HEAD, only 2xx and 3xx are considered "passing"

(until I implement the conditions expr testing)... honor

the pass/fail count and LOG_INFO when the health check enables

or disables a backend worker.

Start impl of expr conditions for runtime checks

Adjust log levels

correct error string

Use worker status character defines taken

from mod_proxy.h instead of explicit characters.

Noted by rpluem.

With the updated ap_expr, we can now check for the

returned response body, stored in kept_body

Assign log message tags

Implement expr lookup in mod_proxy_hcheck for

variables whose names start with "HC_" and for

the new function hc().

Currently only HC_BODY and hc(body) are supported.

Both return the saved body of the health check

response to be used in an expr that decides about

success of a check.

Fix copy&paste error in new function.

Try fixing new proxy_hcheck expr extension.

Interestingly mod_ssl using NULL as well,

but some other module I wrote uses parms->name.

Adjust

clash :)

Enabling a worker via health-check also moves them out of

ERROR more (which may have been set via the static

"health" check done via mod_proxy).

Some flow improvements...

Submitted by: jim, rjung, jim, jim, jim, jim, jim, jim, rjung, jim, jim, rjung, rjung, rjung, jim, jim, olegk, jim, jim

Reviewed/backported by: jim

  1. … 350 more files in changeset.
Follow up to r1705672.

Backport changes that somehow missed the backport process.

  1. … 4 more files in changeset.
Merge r1697855, r1697339, r1696428, r1696266, r1696264, r1695874, r1695727, r1692516, r1692486, r1610674, r1685069, r1693918, r1698116, r1698133, r1694950, r1700968, r1701005, r1701145, r1701178 from trunk:

adding ap_get_protocol(c) which safeguards against NULL returns, for use instead of direct calling ap_run_protocol_get

changed Protocols to let vhosts override servers, removed old H2Engine example from readme

creating ap_array_index in util, forwarding scheme into request processing, enabling SSL vars only when scheme is not http:, delayed connection creation until task worker assignment

removed unnecessary lingering_close and sbh update on end of protocol upgrade handling

introducing ap_array_index in util, used in protocol and mod_h2

fixes existing protocol missing in selection if not explicitly proposed

new directive ProtocolsHonorOrder, added documentation for Protocols feature, changed preference selection and config merging

removed accidental code

new Protocols directive and core API changes to enable protocol switching on HTTP Upgrade or ALPN, implemented in mod_ssl and mod_h2

SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse

proxy configuration, a remote attacker could send a carefully crafted

request which could crash a server process, resulting in denial of

service.

Thanks to Marek Kroemeke working with HP's Zero Day Initiative for

reporting this issue.

* server/util.c (ap_parse_token_list_strict): New function.

* modules/proxy/proxy_util.c (find_conn_headers): Use it here.

* modules/proxy/mod_proxy_http.c (ap_proxy_http_process_response):

Send a 400 for a malformed Connection header.

Submitted by: Edward Lu, breser, covener

http, mod_ssl: Introduce and return the 421 (Misdirected Request) status code

for clients requesting a hostname on a reused connection whose SNI (from the

TLS handshake) does not match.

PR 5802.

This allows HTTP/2 clients to fall back to a new connection as per:

https://tools.ietf.org/html/rfc7540#section-9.1.2

Proposed by: Stefan Eissing <stefan eissing.org>

Reviewed by: ylavic

c89

Allowing protocol_propose hooks to be called with offers=NULL, clarifying semantics as proposed by chaosed0@gmail.com

giving ap_array_index a start parameter, adding ap_array_contains

ap_process_request needs exportation for use in mod_h2 on Windows

final final change to the new ap_array_str_* functions after review

changed Protocols default to http/1.1 only, updated documentation, changed ap_select_protocol() to return NULL when no protocol could be agreed upon

mod_ssl: fix compiler warning (bad cast).

improvements in ap_select_protocol(), supplied by yann ylavic

Submitted by: icing, jorton, ylavic, covener, icing, icing, gsmith, icing, icing, ylavic, icing

Reviewed/backported by: jim

  1. … 16 more files in changeset.
core, modules: Avoid error response/document handling by the core if some

handler or input filter already did it while reading the request (causing

a double response body).

Submitted by: ylavic

Backports: r1482522 (partial, ap_map_http_request_error() things only!),

r1529988, r1529991, r1643537, r1643543, r1657897, r1665625,

r1665721, r1674056

Reviewed by: ylavic, minfrin, wrowe

  1. … 26 more files in changeset.
Merge r1648394 from trunk:

Configuration files with long lines and continuation characters

are not read properly. PR 55910.

Submitted By: Manuel Mausz <manuel-as mausz.at>

Committed By: covener

  1. … 1 more file in changeset.
Merge r1597642, r1608999, r1605207, r1610366, r1610353, r1611871 from trunk:

Rename module name in doxygen + partly revert r832442 which skipped doxygen doc generation for 'mod_watchdog.h'

s/apr_pstrndup/apr_pstrmemdup/ to save a few cycles

Use ap_remove_input_filter_byhandle instead of duplicating the code.

Remove some 'register' in variable declaration.

Remove some 'register' in variable declaration.

Save a few cycles by calling 'apr_isalnum' instead of 'apr_isalpha' and 'apr_isdigit'.

Do not use deprecated define.

No change in generated code because MODULE_MAGIC_NUMBER is defined as:

#define MODULE_MAGIC_NUMBER MODULE_MAGIC_NUMBER_MAJOR

Submitted by: jailletc36

Reviewed/backported by: jim

  1. … 12 more files in changeset.
Merge r1487528, r1563379, r1563381, r1565711 from trunk:

* server/protocol.c (r_flush): Use int return type as per declaration

of apr_vformatter(); no functional change.

Use %pm in order to save 8k of stack in 'ap_pcfg_strerror'

s/apr_pstrndup/apr_pstrmemdup/ when applicable

follow-up to r1096569:

remove unnecessary total_modules calculation

Submitted by: jorton, jailletc36, jailletc36, trawick

Reviewed/backported by: jim

  1. … 5 more files in changeset.
core: Add the ability to do explicit matching on weak and strong ETags

as per RFC2616 Section 13.3.3.

trunk patch: http://svn.apache.org/r1479528

Submitted by: minfrin

Reviewed by: jim, wrowe

  1. … 6 more files in changeset.
core: speed up (for common cases) and reduce memory usage of ap_escape_logitem

This should save 70-100 bytes in the request pool for a default config.

trunk patch: http://svn.apache.org/r1485409

Submitted by: jailletc36

Reviewed by: jim, covener

  1. … 3 more files in changeset.
mod_authnz_ldap: Allow using exec: callouts like SSLPassphraseDialog

for AuthLDAPBindPassword.

trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1433478

http://svn.apache.org/viewvc?view=revision&revision=1467523

http://svn.apache.org/viewvc?view=revision&revision=1467792

2.4.x patch: http://people.apache.org/~druggeri/patches/AuthLDAPBindPasswordExec-2.4.patch

(20130119 - updated to include minor mmn bump)

(20130412 - updated to not use static var - thx, wrowe)

Submitted by: druggeri

Reviewed by: jim, minfrin

  1. … 6 more files in changeset.
Merge r1452128 from trunk:

Remove useless tests.

Turn

if (*x && apr_isspace(*x))

into

if (apr_isspace(*x))

Submitted by: jailletc36

Reviewed/backported by: jim

  1. … 11 more files in changeset.
Merge r1442865, r1442759, r1442326, r1442309, r1448171, r1418556, r1448453, r1425771, r1425772, r1425775 from trunk:

Change bzero/bcopy into memset/memcpy

PR 54346

Can't figure out why we allocate len+2 bytes here. Len+1 should be enough.

Fix valgrind warning about uninitialized memory in argument to semctl

PR: 53690

Submitted by: Mikhail T. <mi+apache aldan algebra com>

fix valgrind warnings about uninitialized memory in syscall arguments

This is useful info for mod_status ;)

Add some __attribute__ for automatic format checking.

Correct one catch in sed0.c.

Correct some spelling.

Replace strdup by ap_malloc to ensure a proper error message if out-of-memory.

While there, only allocate memory for the string part we actually use.

PR: 54345

Exit with error message if out of mem

htdbm, htpasswd: print error message if out of memory

PR: 54345

Submitted by: jailletc36, sf, sf, jim, jailletc36, minfrin, sf, sf, sf

Reviewed/backported by: jim

  1. … 19 more files in changeset.
Merge r1422549, r1422712 from trunk:

add new ap_bin2hex() utility function

remove unnecessary cast

Submitted by: sf

Reviewed/backported by: jim

  1. … 4 more files in changeset.
Merge r1359884:

make varbuf functions treat AP_VARBUF_UNKNOWN consistently, improve docs

ap_varbuf_pdup(): copying the whole buffer in case strlen ==

AP_VARBUF_UNKNOWN does not make sense as the caller can not set

the exact buffer size, only a minimum. No API change as previously

the behavior with AP_VARBUF_UNKNOWN was undocumented.

regsub_core(): Checking for vb->buf is useless, it cannot be NULL

unless ap_varbuf_init has not been called.

ap_varbuf_cfg_getline(): Initially, allocate enough memory to hold

an empty line. If strlen == AP_VARBUF_UNKNOWN, use strlen(buf) instead

of undefined behavior.

Reviewed by: jim, sf, minfrin

  1. … 3 more files in changeset.
Merge r1343109:

Make ap_regcomp() return AP_REG_ESPACE if out of memory. Make ap_pregcomp()

abort if out of memory.

This raises the minimum PCRE requirement to version 6.0, released in 2005.

Reviewed by: jim, sf, minfrin

  1. … 5 more files in changeset.
* core: Add in ap_get_sload() and ap_get_loadavg().

  1. … 7 more files in changeset.
  1. … 2 more files in changeset.
Merge r1307067 from trunk:

Fix treatment of regex backreferences.

r904765 only made half of the necessary changes to remove the use

of '&' as an alias for '$0' and allow to escape any character with a

backslash.

Submitted by: sf

Reviewed/backported by: jim

  1. … 1 more file in changeset.
Clean up size_t abuse, part 2. ap_malloc/calloc/realloc are explicitly

excluded from this cleanup as they must be signature identical to the

clib functions, and although the definition of size_t has been flakey,

the definition of those functions appears to be generally clean since

ANSI C.

Backports: r1228323

  1. … 10 more files in changeset.
Merge r1213338:

Limit length of lines in .htaccess to 8K again, to reduce DoS potential.

Make ap_varbuf_cfg_getline() strictly enforce the max_len parameter.

  1. … 6 more files in changeset.
Backport r1209766, r1210252, r1210284:

Add lots of unique tags to error log messages

ssl_util.c: Downgrade some dynamic locking messages from level DEBUG

to TRACE1-3

  1. … 164 more files in changeset.