CHANGES

Checkout Tools
  • last updated 22 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1855433 is being indexed.

update after backport, mod_http2/proxy_http2 now equivalent
MPMs unix: bind the bucket number of each child to its slot number

We need not remember each child's bucket number in SHM for restarts, for the

lifetime of the httpd main process the bucket number can be bound to the slot

number such that: bucket = slot % num_buckets.

This both simplifies the logic and helps children maintenance per bucket in

threaded MPMs, where previously perform_idle_server_maintenance() could create

or kill children processes for the buckets it was not in charge of.

  1. … 5 more files in changeset.
*) mod_http2: when SSL renegotiation is inhibited and a 403 ErrorDocument is

in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED.

Fixed. [Michael Kaufmann]

  1. … 1 more file in changeset.
*) mod_http2: new configuration directive: ```H2Padding numbits``` to control

padding of HTTP/2 payload frames. 'numbits' is a number from 0-8,

controlling the range of padding bytes added to a frame. The actual number

added is chosen randomly per frame. This applies to HEADERS, DATA and PUSH_PROMISE

frames equally. The default continues to be 0, e.g. no padding. [Stefan Eissing]

*) mod_http2: ripping out all the h2_req_engine internal features now that mod_proxy_http2

has no more need for it. Optional functions are still declared but no longer implemented.

While previous mod_proxy_http2 will work with this, it is recommeneded to run the matching

versions of both modules. [Stefan Eissing]

*) mod_proxy_http2: changed mod_proxy_http2 implementation and fixed several bugs which

resolve PR63170. The proxy module does now a single h2 request on the (reused)

connection and returns. [Stefan Eissing]

  1. … 21 more files in changeset.
*) mod_http2/mod_proxy_http2: proxy_http2 checks correct master connection aborted status

to trigger immediate shutdown of backend connections. This is now always signalled

by mod_http2 when the the session is being released.

proxy_http2 now only sends a PING frame to the backend when there is not already one

in flight. [Stefan Eissing]

*) mod_proxy_http2: fixed an issue where a proxy_http2 handler entered an infinite

loop when encountering certain errors on the backend connection.

See <https://bz.apache.org/bugzilla/show_bug.cgi?id=63170>. [Stefan Eissing]

  1. … 4 more files in changeset.
http: Fix possible empty response with mod_ratelimit for HEAD requests.

Don't eat the EOS in ap_http_header_filter() if it comes in single brigade

with a full response to a HEAD request, otherwise mod_ratelimit will never

flush its pending data.

  1. … 1 more file in changeset.
Follow up to r1853874: CHANGES entry.
mod_reqtimeout: Allow to configure (TLS-)handshake timeouts.

The timeouts apply between the process_connection and pre_read_request hooks.

They are disabled by default for compatibily reasons.

  1. … 2 more files in changeset.
Fix a race condition.

Authentication with valid credentials could be refused in case of concurrent accesses from different users.

PR 63124 [Simon Kappel <simon.kappel axis.com>]

  1. … 1 more file in changeset.
Follow up to r1853133: CHANGES entry.
*) mod_http2: Configuration directoves H2Push and H2Upgrade can now be specified per

Location/Directory, e.g. disabling PUSH for a specific set of resources. [Stefan Eissing]

*) mod_http2: HEAD requests to some module such as mod_cgid caused the stream to

terminate improperly and cause a HTTP/2 PROTOCOL_ERROR.

Fixes <https://github.com/icing/mod_h2/issues/167>. [Michael Kaufmann]

  1. … 29 more files in changeset.
mod_ssl: give mod_md the chance to override certificate after ALPN protocol negotiation.

  1. … 1 more file in changeset.
mod_http2: fixed slave connection keepalives counter.

  1. … 3 more files in changeset.
mod_http2: enable re-use of slave connections again.

  1. … 3 more files in changeset.
reverting last change
  1. … 4 more files in changeset.
mod_http2: enable re-use of slave connections again.

  1. … 4 more files in changeset.
Fix websocket proxy over UDS.

configuration example:

<Location "/apis">

ProxyPass unix:/var/run/unix.sock|ws://127.0.0.1/api

</Location>

Currently 'ap_proxy_get_worker()' can't get matched pre-defined worker because

of different uri formatting in 'proxy_wstunnel_canon()' and ap_proxy_define_worker()'

PR 62932 <pavel dcmsys.com>

  1. … 1 more file in changeset.
LanguagePriority should be case-insensitive in order to match AddLanguage behavior. PR 39730

Test case added in r1850983

  1. … 1 more file in changeset.
Always decode session attributes early.
  1. … 1 more file in changeset.
Update after backport of r1849174 r1849174

*) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges

have been fixed. [Michael Kaufmann, Stefan Eissing]

  1. … 4 more files in changeset.
core: Fix incorrect substitution of env vars in directives containing multiple env vars.

In ap_resolve_env(), the string returned from getenv() should be copied since

the returned string may be statically allocated.

This fixes an issue where the value for the last env var is substituted for all

env vars in a directive containing multiple env vars.

  1. … 1 more file in changeset.
core: Split out the ability to parse wildcard files and directories

from the Include/IncludeOptional directives into a generic set of

functions ap_dir_nofnmatch() and ap_dir_fnmatch().

  1. … 5 more files in changeset.
CHANGES related to r1842010.

I have choosen "unlikely" because this bug has been around for ever ([1]) and the pool is only "cleared"; that is to say, the data is still valid, but the memory *could* be re-used.

[1]: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/dav/main/mod_dav.c?revision=85717&view=markup&sortby=date#l1610

*) mod_ssl: Fix mod_authz provider for "require ssl" directive to check correctly

on HTTP/2 connections. Fixes PR 62654. [Stefan Eissing]

  1. … 1 more file in changeset.
*) mod_ssl: clear *SSL errors before loading certificates and checking

afterwards. Otherwise errors are reported when other SSL using modules

are in play. Fixes PR 62880. [Michael Kaufmann]

  1. … 2 more files in changeset.
* Correctly merge configurations that have client certificates set

by SSLProxyMachineCertificate{File|Path}.

The certificates and keys loaded during configuration time got lost during

runtime if e.g. SSLProxyMachineCertificate{File|Path} was set on virtual host

level and there was an SSL directive at directory level, e.g. SSLRequire.

This fixes a regression likely introduced in r1740928.

  1. … 1 more file in changeset.
* Ensure that aborted connections are logged as such.

Set c->aborted before apr_brigade_cleanup to have the correct status

when logging the request as apr_brigade_cleanup triggers the logging

of the request if it contains an EOR bucket.

PR: 62823

Submitted by: Arnaud Grandville <contact@grandville.net>

Reviewed by:rpluem

  1. … 1 more file in changeset.
mpm_event: avoid AH00484 with idle threads

mpm_event: Stop issuing AH00484 "server reached MaxRequestWorkers..." when

there are still idle threads available. When there are less idle threads than

MinSpareThreads, issue new one-time message AH10159. Matches worker MPM.

  1. … 2 more files in changeset.
mod_http2: adding defensive code for stream EOS handling, in case the request handler

missed to signal it the normal way (eos buckets). Addresses github issues

https://github.com/icing/mod_h2/issues/164, https://github.com/icing/mod_h2/issues/167

and https://github.com/icing/mod_h2/issues/170.

  1. … 3 more files in changeset.