httpd

Checkout Tools
  • last updated 6 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1710391 is being indexed.

followup to r1710380 -- refactored name and didn't have 'make depend'

propose REDIRECT_URL change and vote for DNT

Make the fix for fully qualifying REDIRECT_URL from PR#57785 opt-in.

announce protocol choices on first request
combined patches for alpha testing next release of http2
    • ?
    /httpd/branches/2.4-http2-alpha/CHANGES
    • ?
    /httpd/branches/2.4-http2-alpha/modules/http2/h2_io.c
    • ?
    /httpd/branches/2.4-http2-alpha/modules/http2/h2_io.h
  1. … 4 more files in changeset.
2.4 test suite, earlier worker idle abort
alpha integration of http2 changes for 2.4.x

improvements in http2 connection and worker shutdown, hopefully addressing high load segfaults
changelog update re r1709995
core: follow up to r1710095.

Simplify logic in check_pipeline(), and log unexpected errors.

core: Limit to ten the number of tolerated empty lines between request,

and consume them before the pipelining check to avoid possible response

delay when reading the next request without flushing.

Before this commit, the maximum number of empty lines was the same as

configured LimitRequestFields, defaulting to 100, which was way too much.

We now use a fixed/hard limit of 10 (DEFAULT_LIMIT_BLANK_LINES).

check_pipeline() is changed to check for (up to the limit) and comsume the

trailing [CR]LFs so that they won't be interpreted as pipelined requests,

otherwise we would block on the next read without flushing data, and hence

possibly delay pending response(s) until the next/real request comes in or

the keepalive timeout expires.

Finally, when the maximum number of empty line is reached in

read_request_line(), or that request line does not contains at least a method

and an (valid) URI, we can fail early and avoid some failure detected in

further processing.

testing new 421 handling of vhosts with compatible SSL params, testing correct HTTP/2 RST_STREAM errors when encountering prohibited renegotiation
    • ?
    /test/mod_h2/trunk/conf/ssl/noh2-template.conf
    • ?
    /test/mod_h2/trunk/test/test_renegotiate.sh
mod_http2: no longer messing with mod_ssl config in slave connections, special RST_STREAM failures when 403 responses are due to prohibited TLS renegotiations
mod_ssl: check request-server for TLS settings compatible to handshake server, allow request if equal, renegotiation checks: remember last used cipher_suite for optimizations, deny any regnegotiation in presence of master connection
A pox on those who capitalize comments in 2.4.x without first being anal on trunk
moved ssl handshake trigger from mod_http2 to new process_connection hook in mod_ssl
Add a note about the version number.

Bump version for the expression parser SSL fix.

Add a comment.

Comment on mod_systemd in STATUS
new ap_is_allowed_protocol() for testing configured protocols, added H2Upgrade on/off directive, changed H2Direct default back to on when h2c is in Protocols
setup changes for new H2Upgrade/H2Direct working
moved http2 test setups into own vhosts, serialized http2 test execution for easier debugging
    • ?
    /test/framework/trunk/t/conf/http2.conf.in
Rebuil.

XML update.

mod_session: Introduce SessionExpiryUpdateInterval which allows to

configure the session/cookie expiry's update interval. PR 57300.

Submitted by: Paul Spangler <paul.spangler ni.com>

Reviewed/Committed by: ylavic

core: fix scoreboard alignment issues and crash (SIGBUS) on picky hardware.
changed test directive for H2ModernTLSOnly and added version check
changed H2Compliance to H2ModernTLSOnly, added description in module docs
mod_http2: new directive H2Compliance on/off, checking TLS protocol and cipher against RFC7540