Checkout Tools
  • last updated 4 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Follow up to r1740928: including NOT_IN_PROXY in NOT_IN_DIR_LOC_FILE is both

incomplete and not backportable, fix it by introducing NOT_IN_DIR_CONTEXT and

restoring NOT_IN_DIR_LOC_FILE to its previous value.

Per ap_check_cmd_context(), NOT_IN_DIR_LOC_FILE actually/really means "not in

any directory context", while the definition itself does not include all the

existing directory contexts (e.g. <Limit>, or <Proxy> before r1740928).

This is a bit of a misnomer, at least, so instead of (ab)using it by adding the

missing contexts (in an incompatible way), let's define NOT_IN_DIR_CONTEXT to

really exclude all directory context (i.e. NOT_IN_DIR_LOC_FILE + NOT_IN_LIMIT +

NOT_IN_PROXY) and use it wherever NOT_IN_DIR_LOC_FILE was used.

This is by itself a major MMN bump (modules not compiled with this commit and

having directives checked against NOT_IN_DIR_LOC_FILE won't be caught the same

way by NOT_IN_DIR_CONTEXT in the new ap_check_cmd_context() code), but with the

below change, 2.4.x should work as before:

- if ((forbidden & NOT_IN_DIR_CONTEXT) == NOT_IN_DIR_CONTEXT) {

+ if ((forbidden & NOT_IN_DIR_LOC_FILE) == NOT_IN_DIR_LOC_FILE) {

if (cmd->path != NULL) {

return apr_pstrcat(cmd->pool, cmd->cmd->name, gt,

- " cannot occur within directory context", NULL);

+ " cannot occur within <Directory/Location/Files/Proxy> "

+ "section", NULL);

}

...

}

  1. … 7 more files in changeset.
Add lots of unique tags to error log messages

  1. … 172 more files in changeset.
suEXEC: Add Suexec directive to disable suEXEC without renaming the

binary (Suexec Off), or force startup failure if suEXEC is required

but not supported (Suexec On). Change SuexecUserGroup to fail

startup instead of just printing a warning if suEXEC is disabled.

Additionally, ap_unixd_config.suexec_disabled_reason has a message,

suitable for logging/messaging, explaining why the feature isn't

available.

  1. … 6 more files in changeset.
Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take

advantage of per-module loglevels

  1. … 169 more files in changeset.
unixd_config->ap_unixd_config renames for mod_suexec

Submitted By: Dan Poirier

Reviewed By: covener

Remove all references to CORE_PRIVATE.

  1. … 67 more files in changeset.
If you study all of the directive implementations, you'll note

that we get less than 20% of the NOT_IN_LIMIT rules correct.

<Limit > works in about 4 directive contexts and yet, we ignore

this fact for 100's of directives. Simply eliminate this

nonsense in anticipation of a 100% solution.

  1. … 3 more files in changeset.
update license header text
  1. … 316 more files in changeset.
Update the copyright year in all .c, .h and .xml files

  1. … 497 more files in changeset.
No functional change: remove "internal" tab spacing/formatting.

  1. … 32 more files in changeset.
Update copyright year to 2005 and standardize on current copyright owner line.

  1. … 522 more files in changeset.
general property cleanup

  1. … 712 more files in changeset.
fix name of The Apache Software Foundation

  1. … 361 more files in changeset.
apply Apache License, 2.0

  1. … 9 more files in changeset.
update license to 2004.

  1. … 281 more files in changeset.
finished that boring job:

update license to 2003.

Happy New Year! ;-))

  1. … 271 more files in changeset.
Fix the rest of the apr_pool_userdata_setn() bogosity w.r.t. DSO modules.

It's totally unsafe to use apr_pool_userdata_setn() in the post_config

phase of a module, since on some platforms when the DSO gets reloaded

between phases, the data segment will be at a different address on the

second phase and the userdata_get() call will fail.

PR: 9413

Submitted by: Tsuyoshi Sasamoto <nazonazo@super.win.ne.jp>

  1. … 2 more files in changeset.
stop using APLOG_NOERRNO in calls to ap_log_[pr]error()

  1. … 33 more files in changeset.
Fix suexec invocations from userdir - the ~ was not being prepended to the

uid per our convention. Therefore, bad things would happen (like we

wouldn't cd to the right directory).

Add a flag to the ap_unix_identity_t structure to indicate if we are in

a userdir - if so, prefix the ~.

(Modified by Justin, but Colm's patch pointed me in the right direction.)

PR: 7810

Submitted by: Colm <colmmacc@redbrick.dcu.ie>

Reviewed by: Justin Erenkrantz

  1. … 4 more files in changeset.
Update our copyright for this year.

  1. … 260 more files in changeset.
Only let the "suEXEC enabled" message be printed once, even when we

have a DSO that goes through the load-unload-load cycle.

Suggested by: Ryan Morgan <rmorgan@covalent.net>, Cliff Woolley

Add back in the "suEXEC mechanism enabled (wrapper: /path/to/suexec)"

message that we had back in apache-1.3 and is still scattered throughout

our docs.

Unfortunately, when mod_suexec is a DSO we're going to get this thing

twice in our logs. I believe as a side effect of the load-unload-load

cycles of our DSOs we're losing the static data segment, which is where

the "didn't we already report this" flag lives.

  1. … 1 more file in changeset.
Update copyright to 2001

  1. … 205 more files in changeset.
Clean up the cgid module now that it supports suexec.

  1. … 2 more files in changeset.
Get mod_suexec compiling on FreeBSD again

The big change. This is part 3 of the apr-util symbols rename, please

see the first commit of srclib/apr-util/include (cvs apr-util/include)

for the quick glance at symbols changed.

  1. … 85 more files in changeset.

Provide apr_pool_t arg to register_hooks, since anything they do in that

step -must- be done with a pool that will not outlive the cmd pool, from

which they may have been dynamically loaded.

  1. … 47 more files in changeset.
Remove a couple more NULL handler specifications.

  1. … 4 more files in changeset.
Make mod_cgi and mod_include work when compiled as DSO's again. This is

accomplished by moving suexec out of it's own file and into unixd.[ch].

The problem was that suexec.c wasn't being linked into the server unless

a module was actually using ap_os_create_process. This is still not clean,

but it works now.

  1. … 4 more files in changeset.
Fix a const problem.