Checkout Tools
  • last updated 44 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
update mod_md tags
bump

bump

Bump next-number after r1864695.

Bump next-number after r1864526.
mod_http2: update log tags, log field len errors at INFO level (via mkaufmann)

mod_proxy_http2: udpate log tags

  1. … 4 more files in changeset.
update aplogno in recent hook changes
  1. … 1 more file in changeset.
mod_cgid: Continuation of r1862968, experimental fd passing support.

Split out CGI bucket implementation from mod_cgi and use in both

mod_cgi and mod_cgid, bringing stderr handling in mod_cgid up to par

with mod_cgi. (There is a lot of code which has been copied between

mod_cgi{,d} so there's scope for further reduction of source

duplication between the modules using this header)

* modules/generators/cgi_common.h: Copied from mod_cgi.c, removed

everything but the CGI bucket implementation with only one change:

(struct cgi_bucket_data, cgi_bucket_create, cgi_bucket_read): Take a

timeout on bucket creation, store and use on reads.

* modules/generators/mod_cgi.c [APR_FILES_AS_SOCKETS]: Include

cgi_common.h.

(cgi_handler): Pass configured timeout to CGI bucket.

* modules/generators/mod_cgid.c: Include cgi_common.h.

(log_script_err): Copy from mod_cgi.c.

(log_script): Use log_script_err.

(send_req): Take fd for stderr.

(cgid_child_errfn): Handle fd-passing case by writing error

to stderr for client to pass through ap_log_rerror.

(cgid_handler): Create pipe for stderr, pass write-end to

server via send_req, use read-end to create CGI bucket. Handle

stderr output in failure paths.

PR: 54221

  1. … 3 more files in changeset.
mod_md: adding log tag numbers

  1. … 2 more files in changeset.
Reserve 2 new numbers
Reserve new numbers
mpm_event: avoid AH00484 with idle threads

mpm_event: Stop issuing AH00484 "server reached MaxRequestWorkers..." when

there are still idle threads available. When there are less idle threads than

MinSpareThreads, issue new one-time message AH10159. Matches worker MPM.

  1. … 2 more files in changeset.
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access_modern): Fail with

403 if SSL_verify_client_post_handshake() fails, e.g. when the

TLS/1.3 client didn't send the Post-Handshake Authentication

extension.

  1. … 1 more file in changeset.
add ids

  1. … 1 more file in changeset.
Follow up to r1833368 and r1837435: update APLOGNO.

  1. … 1 more file in changeset.
mod_proxy_http: follow up to r1836588: avoid 100-continue responses from core.

When mod_proxy_http handles end-to-end "100 continue", it can't let

ap_http_filter() send its own interim response whenever the body is read.

So save/restore r->expecting_100 before/after handling the request, and use

req->expecting_100 internally (including to restore r->expecting appropriately).

While at it, add comments and debug logs about 100 continue handling, and

fill in missing APLOGNO()s from r1836588.

  1. … 2 more files in changeset.
* Add missing log numbers
  1. … 3 more files in changeset.
Update docs and bump logno for PKCS#11 support change in r1835615.

  1. … 1 more file in changeset.
* modules/ssl/ssl_engine_pphrase.c: Add logno tags.

  1. … 1 more file in changeset.
If several parameters are used in a AuthzProviderAlias directive, if these parameters are not enclosed in quotation mark, only the first one is handled. The other ones are silently ignored.

Add a message to warn about such a spurious configuration.

PR 62469

  1. … 3 more files in changeset.
If several directories are given in a UserDir directive, only files in the first existing one are checked. If the file is not found there, the other possible directories are not checked. The doc clearly states that they will be checked one by one, until a match is found or an external redirect is performed.

PR 59636.

While at it, add some debug messages to better understand what is performed.

  1. … 2 more files in changeset.
Add next-number bump missed in r1831173.

mod_ssl: Add support for loading TLS certificates through the PKCS#11

engine.

* modules/ssl/ssl_util.c (modssl_is_engine_id): Renamed

from modssl_is_engine_key.

* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLCertificateKeyFile):

Adjust accordingly.

(ssl_cmd_SSLCertificateFile): Also allow ENGINE cert ids.

* modules/ssl/ssl_engine_pphrase.c (modssl_load_engine_keypair):

Rename from modssl_load_engine_key; load certificate if

cert id is passed.

* modules/ssl/ssl_engine_init.c (ssl_init_server_certs): Optionally

load the certificate from the engine as well.

* docs/manual/: Update manual.

  1. … 7 more files in changeset.
mod_ldap: log and abort locking errors.

related to PR60296 investigation

RMM corruption is really nasty, so abort on locking failures.

  1. … 2 more files in changeset.
mod_ssl: Add support for loading private keys from ENGINEs. Support

for PKCS#11 URIs only, and PIN entry is not threaded through

SSLPassPhraseDialog config yet.

* modules/ssl/ssl_util.c (modssl_is_engine_key): New function.

* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLCertificateKeyFile):

Use it, skip check for file existence for engine keys.

* modules/ssl/ssl_engine_pphrase.c (modssl_load_engine_pkey):

New function.

* modules/ssl/ssl_engine_init.c (ssl_init_server_certs):

For engine keys, load via modssl_load_engine_pkey.

Submitted by: Anderson Sasaki <ansasaki redhat.com>, jorton

  1. … 7 more files in changeset.
* modules/ssl: Add some missing logno tags.

  1. … 2 more files in changeset.
Add mod_log_json

  1. … 2 more files in changeset.
add log id for r1828926

  1. … 1 more file in changeset.
mod_proxy_balancer: Add hot spare member type and corresponding flag (R). Hot spare members are

used as drop-in replacements for unusable workers in the same load balancer set. This differs

from hot standbys which are only used when all workers in a set are unusable. PR 61140.

  1. … 10 more files in changeset.
Bump after r1826207.