Checkout Tools
  • last updated 7 hours ago
Constraints: committers
Constraints: files
Constraints: dates

Changeset 105754 is being indexed.

New Japanese translation.

    • ?
    • ?
    • ?
    • ?
    • ?
* modules/generators/mod_cgid.c (cgid_init): Fix GCC strict-aliasing


* modules/proxy/proxy_http.c (ap_proxy_http_process_response): Don't treat

the 205 status-code like 204 or 304, per recent http-wg discussion:

* modules/proxy/proxy_http.c (ap_proxy_http_process_response): Use the

standard non-blocking-read/flush/blocking-read logic to ensure that

buffered content is flushed to the client if the next read will block.

PR: 19954

* modules/proxy/proxy_ftp.c (proxy_ftp_canon, proxy_ftp_handler,

proxy_send_dir_filter): Drop ap_ prefix, make static, remove


* modules/proxy/proxy_connect.c (proxy_connect_handler,

proxy_connect_canon): Drop ap_ prefix, make static, remove


update transformation

update transformation

sync of changes with backports

Added the directive "Requires ldap-attribute" that allows the module to only authorize a user if the attribute value specified matches the value of the user object. PR 31913

Submitted by: Ryan Morgan <rmorgan>

Reviewd by: bnicholes, wrowe, jim

Implement the util_ldap_cache_getuserdn() API so that the ldap authorization only modules have access to the util_ldap user cache without having to require ldap authentication as well. [PR 31898]

Submitted by: Jari Ahonen [jah]

Reviewed by: bnicholes, wrowe, jim

Update SSLSessionCache section.

- switch default session cache to shmcb

- remove comment on using shmht which has been removed

Add -t -DDUMP_CERTS option to mod_ssl which dumps the filenames of all

configured SSL certificates to stdout, useful for cron-ing through a

"do I need to renew any of my certificates this week" tool:

* modules/ssl/ssl_engine_config.c (ssl_hook_ConfigTest): New function.

* modules/ssl/mod_ssl.c (ssl_register_hooks): ...register it as a

test_config hook.

* modules/ssl/config.m4: Use libtool's -export-symbols-regex flag to

hide all global symbols defined by mod_ssl other than the module

structure (where possible).

* modules/ssl/ssl_engine_io.c, modules/ssl/ssl_engine_kernel.c,

modules/mod_ssl.c: Switch to using ap_log_cerror() in place of

ap_log_error() everywhere that the conn_rec * is available.

Vote on some locally tested backports.


Obtained from:

Submitted by:

Reviewed by:

Synch history with 2.0 branch.

Synch with 2.0 branch.

Consistently format SECURITY entries.

Backports done.

Backport from HEAD:

* modules/ssl/ssl_engine_init.c (ssl_init_proxy_certs): Fail early

(rather than segfault later) if a client cert is configured which is

missing either the certificate or private key.

PR: 24030

Reviewed by: jorton, minfrin, jerenkrantz, wrowe

Backport fix for CAN-2004-0885:

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a

correct cipher suite has been negotiated, else deny access.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL

0.9.7, prevent session resumption during a renegotiation to force the

client to negotiate a new (and acceptable) cipher suite.

PR: 31505

Submitted by: Hartmut Keil <Hartmut.Keil>, Joe Orton

Reviewed by: jorton, pquerna, minfrin, wrowe

Revert r1.135.2.32, fixing regression in QUERY_STRING handling since

for [P] rules since 2.0.52.

Reviewed by: jorton, nd, wrowe

Backport fix for memory consumption DoS, CVE CAN-2004-0942:

* server/protocol.c (ap_rgetline_core): Don't trim trailing whitespace

from the buffer here.

(ap_get_mime_headers_core): Trim trailing whitespace here, after

reading a complete field including continuation lines. Also simplify

code to remove whitespace between field-name and colon.

Reviewed by: stoddard, jorton, nd

Explain why the tests are skipped.

oops :)


This commit was manufactured by cvs2svn to create tag


official 1.16