Checkout Tools
  • last updated 4 hours ago
Constraints: committers
Constraints: files
Constraints: dates
* r->parsed_uri.path can be NULL in case of the CONNECT method.
* Revert r1855741 which committed other stuff as well.
  1. … 2 more files in changeset.
* Play safe in case we get no name

Reverted by r1855742.

  1. … 2 more files in changeset.
Merge consecutive slashes in the URL by default

opt-out w/ `MergeSlashes OFF`.

  1. … 7 more files in changeset.
request: forward as much buckets as possible in ap_request_core_filter().

This improves performances while still preventing morphing buckets bound to

r->pool from reaching connection filters.

util_filter: protect ap_filter_t private fields from external (ab)use.

Introduce opaque struct ap_filter_private to move ap_filter_t "pending", "bb"

and "deferred_pool" fields to the "priv" side of things.

This allows to trust values set internally (only!) in util_filter code, and

make useful assertions between the different functions calls, along with the

usual nice extensibility property.

Likewise, the private struct ap_filter_conn_ctx in conn_rec (from r1839997)

allows now to implement the new ap_acquire_brigade() and ap_release_brigade()

functions useful to get a brigade with c->pool's lifetime. They obsolete

ap_reuse_brigade_from_pool() which is replaced where previously used.

Some comments added in ap_request_core_filter() regarding the lifetime of the

data it plays with, up to EOR...

MAJOR bumped (once again).

  1. … 7 more files in changeset.
core: follow up to r1839997: recycle request filters to a delayed ring first.

We want not only ap_filter_output_pending() to be able to access each pending

filter's *f after the EOR is destroyed, but also each request filter to do

the same until it returns.

So request filters are now always cleaned up into a dead_filters ring which is

merged into spare_filters only when ap_filter_recycle() is called explicitely,

that is in ap_process_request_after_handler() and ap_filter_output_pending().

The former takes care of recycling at the end of the request, with any MPM,

while the latter keeps recycling during MPM event's write completion.

  1. … 4 more files in changeset.
ap_request_core_filter() can check whether the next filter should yield.

Itself won't yield at this point (its f->bb is empty).

core: Add ap_reuse_brigade_from_pool().

Current RETRIEVE_BRIGADE_FROM_POOL macro from "http_request.c" is turned into

a helper and used in ap_request_core_filter().

We will need it in a subsequent commit in "util_filter.c" too.

  1. … 4 more files in changeset.
core: follow up to r1822596.

We can't dereference 'f' after EOR is destroyed either.

core: fix ap_request_core_filter()'s brigade lifetime.

The filter should pass everything up to and including EOR, then bail out.

For EOR it can't use a brigade created on r->pool, so retain one created

on c->pool in c->notes (this avoids leaking a brigades for each request

on the same connection).

  1. … 1 more file in changeset.
Revert misguided commit r1799731.

Discussion on-list, but any occurance of a platform-specific behavior in this

code path will alter the behavior of the core code and introduce the very

fingerprintable behavior this patch pretended to obscuficate.

Returning 404 for /CON for example may lead to a module such as mod_speling

revealing the existance of a real file named similar to /.conf, which makes

this an unwise behavior.

Further discussion of returning 404 for all CHR files encountered in the

filepath (not URI path), which currently return 403 on all platforms,

belongs on the dev list.

  1. … 1 more file in changeset.
style: where did the tabs come from?

no code changes

Send a 404 response like other OSs do instead of 403 on Windows when

a path segment or file requested uses a reserved word so Windows

cannot be fingerprinted. PR55887

  1. … 1 more file in changeset.
core: deprecate and replace ap_get_basic_auth_pw

*) core: Deprecate ap_get_basic_auth_pw() and add


Submitted By: Emmanuel Dreyfus <manu>, Jacob Champion, Eric Covener

CVEID: CVE-2017-3167

  1. … 4 more files in changeset.
Evaluate nested If/ElseIf/Else config sections

It has been reported multiple times that nested

If/ElseIf/Else sections are not evaluated but

silently ignored.

This patch adds a simple recursion to the ap_if_walk

logic in order to allow arbitrary nested configs.

The overhead seems negligible compared to the actual

version of the ap_if_walk, but more expert feedback

is surely needed since this code gets called for every

HTTP request.

Tests are going to be added to t/apache/if_sections.t

  1. … 1 more file in changeset.
Revert r1783759: really more things than intended :p
  1. … 7 more files in changeset.
Follow up to r1783755: update APLOGNO.

[Reverted by r1783760]

  1. … 7 more files in changeset.
Fix bug 58528 - Do not read .htaccess if override and overridelist are "None"
Avoid a call to 'prep_walk_cache' if possible, just as in 'ap_if_walk' and 'ap_location_walk'
Added some more log numbers to log statements that

had none.

Those were not detected by the coccinelle script.

Only a few hard cases are remaining now.

  1. … 12 more files in changeset.
There is no need to duplicate some memory here, the 'path' given to ap_parse_htaccess is never modified.
core: follow up to r1708084.

We don't want to process the subrequest either in ap_sub_req_method_uri()

if the quick-handler returned an error (or any final status).

core: follow up to r1708084,1708088: remove tabs.

core: follow up to r1708084: we still need to take care of DONE in any case.

core: we don't want to run the subrequest's handler if the

quick-handler returned an error (or any final status).

Add the AsyncFilter directive that allows the asynchronous filter

functionality to be switched off for certain classes of filters.

  1. … 6 more files in changeset.
core: Extend support for asynchronous write completion from the

network filter to any connection or request filter.

  1. … 15 more files in changeset.
Silence a sparse warning about inconsistent indenting

Avoid adding duplicate subequest filters, as they would not be stripped

properly during an ap_internal_fast_redirect.

  1. … 2 more files in changeset.