Checkout Tools
  • last updated 43 mins ago
Constraints: committers
Constraints: files
Constraints: dates

Changeset 1705750 is being indexed.

update transformation

  1. … 56 more files in changeset.
bye bye mod_h2, hello mod_http2

  1. … 47 more files in changeset.
note note to t&r

fix validation error

add an experimental warning to h2 docs

reusing connections for unlimited # of requests
2.4.17 will include/does include mod_h2

Use r->hostname



    • ?
  1. … 14 more files in changeset.

Merge r1697855, r1697339, r1696428, r1696266, r1696264, r1695874, r1695727, r1692516, r1692486, r1610674, r1685069, r1693918, r1698116, r1698133, r1694950, r1700968, r1701005, r1701145, r1701178 from trunk:

adding ap_get_protocol(c) which safeguards against NULL returns, for use instead of direct calling ap_run_protocol_get

changed Protocols to let vhosts override servers, removed old H2Engine example from readme

creating ap_array_index in util, forwarding scheme into request processing, enabling SSL vars only when scheme is not http:, delayed connection creation until task worker assignment

removed unnecessary lingering_close and sbh update on end of protocol upgrade handling

introducing ap_array_index in util, used in protocol and mod_h2

fixes existing protocol missing in selection if not explicitly proposed

new directive ProtocolsHonorOrder, added documentation for Protocols feature, changed preference selection and config merging

removed accidental code

new Protocols directive and core API changes to enable protocol switching on HTTP Upgrade or ALPN, implemented in mod_ssl and mod_h2

SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a reverse

proxy configuration, a remote attacker could send a carefully crafted

request which could crash a server process, resulting in denial of


Thanks to Marek Kroemeke working with HP's Zero Day Initiative for

reporting this issue.

* server/util.c (ap_parse_token_list_strict): New function.

* modules/proxy/proxy_util.c (find_conn_headers): Use it here.

* modules/proxy/mod_proxy_http.c (ap_proxy_http_process_response):

Send a 400 for a malformed Connection header.

Submitted by: Edward Lu, breser, covener

http, mod_ssl: Introduce and return the 421 (Misdirected Request) status code

for clients requesting a hostname on a reused connection whose SNI (from the

TLS handshake) does not match.

PR 5802.

This allows HTTP/2 clients to fall back to a new connection as per:

Proposed by: Stefan Eissing <stefan>

Reviewed by: ylavic


Allowing protocol_propose hooks to be called with offers=NULL, clarifying semantics as proposed by

giving ap_array_index a start parameter, adding ap_array_contains

ap_process_request needs exportation for use in mod_h2 on Windows

final final change to the new ap_array_str_* functions after review

changed Protocols default to http/1.1 only, updated documentation, changed ap_select_protocol() to return NULL when no protocol could be agreed upon

mod_ssl: fix compiler warning (bad cast).

improvements in ap_select_protocol(), supplied by yann ylavic

Submitted by: icing, jorton, ylavic, covener, icing, icing, gsmith, icing, icing, ylavic, icing

Reviewed/backported by: jim

Note mod_h2 is RTC exception

Merge r1705099, r1705134 from trunk:

Don't count initial handshake I/O when determining the first byte.


Submitted By: Konstantin J. Chernov

Committed By: covener

Avoid storing request stuff in r->connection->conn_config to

avoid problems with e.g. write completion.

Submitted by: covener

Reviewed/backported by: jim

Merge r1704099 from trunk:

Fix a spurious test where a condition is always true:

if ((cfg->skipto != NULL) && (ctx->flags | ENC_SKIPTO)) {


This is apparently harmless because, in 'xml2enc_filter_init', the ENC_SKIPTO bit of 'flags' is set to ENC_SKIPTO if 'skipto' is non-NULL.

Submitted by: jailletc36

Reviewed/backported by: jim

Vote/promote mod_h2, what about "experimental" bits?
Vote, promote.
propose update
merged current 2.4.x and ap_mmn.h update by minfrin
  1. … 14 more files in changeset.
updated nghttp2 version
Compatibility issue?
Fix typo in proposal.
Propose follow up to r1705492.
Fix availability version for 'ListenCoresBucketsRatio'.
Fix availability version for 'ListenCoresBucketsRatio'.

deduplicate the code handling the directory traversal for the

SSL[Proxy]CACertificatePath and SSLProxyMachineCertificatePath


add (limited) checks for subjectAltName variables (*_SAN_*_n)