httpd

Checkout Tools
  • last updated 8 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1874148 is being indexed.

Fix spelling errors in docs found by codespell. [skip ci]

  1. … 20 more files in changeset.
* module/dav/main/util.c (dav_check_bufsize): Don't call

memcpy(,NULL,0) if the buffer is uninitialized, to avoid tripping

UBSan. (Unclear if this is valid for this API.)

Cleanup of backported entries in CHANGES.

Merged /httpd/httpd/trunk:r1870020,1874133

*) mod_md:

- Prefer MDContactEmail directive to ServerAdmin for registration. New directive

thanks to Timothe Litt (@tlhackque).

- protocol check for pre-configured "tls-alpn-01" challenge has been improved. It will now

check all matching virtual hosts for protocol support. Thanks to @mkauf.

- Corrected a check when OCSP stapling was configured for hosts

where the responsible MDomain is not clear, by Michal Karm Babacek (@Karm).

- Softening the restrictions where mod_md configuration directives may appear. This should

allow for use in <If> and <Macro> sections. If all possible variations lead to the configuration

you wanted in the first place, is another matter.

[Michael Kaufmann <mail michael-kaufmann.ch>, Timothe Litt (@tlhackque),

Michal Karm Babacek (@Karm), Stefan Eissing (@icing)]

mod_md: adding documentation for new MDContactEmail directive.

*) mod_md:

- Prefer MDContactEmail directive to ServerAdmin for registration. New directive

thanks to Timothe Litt (@tlhackque).

- protocol check for pre-configured "tls-alpn-01" challenge has been improved. It will now

check all matching virtual hosts for protocol support. Thanks to @mkauf.

- Corrected a check when OCSP stapling was configured for hosts

where the responsible MDomain is not clear, by Michal Karm Babacek (@Karm).

- Softening the restrictions where mod_md configuration directives may appear. This should

allow for use in <If> and <Macro> sections. If all possible variations lead to the configuration

you wanted in the first place, is another matter.

[Michael Kaufmann <mail michael-kaufmann.ch>, Timothe Litt (@tlhackque),

Michal Karm Babacek (@Karm), Stefan Eissing (@icing)]

  1. … 3 more files in changeset.
Back off a little when svn export is timing out.

Define ap_method_mask_t (typedef for apr_uint64_t) and use for method

bitmasks rather than apr_int64_t. Fixes UBSan errors shifting to the

top bit of a signed integer.

* include/httpd.h: Add ap_method_mask_t, use it for AP_METHOD_BIT.

(struct ap_method_mask_t): Likewise for method_mask field.

(struct request_rec): Likewise for allowed field.

* include/http_config.h (struct cmd_parms): Likewise for limited field.

* include/ap_mmn.h: Bump MMN major.

* modules/*/*.c: Adjust all method masks to use ap_method_mask_t.

* If dh is not set AnyEvent 7.14 chooses schmorp1539 by default which seems

to conflict with my OpenSSL. So set schmorp2048 explicitly which works.

See also:

https://blog.kutej.net/2019/09/failed-to-set-DH-parameters

* Vote
* modules/http/http_filters.c (parse_chunk_size): Reduce by four the

limit to the number of bits that can be handled in a chunk size, to

avoid undefined behaviour bitshifting a signed integer left. Max

chunk size on 32-bit arch is now 256MiB. Avoids UBSan error in:

http_filters.c:227:46: runtime error: left shift of 768614336404564650 by 4 places cannot be represented in type 'long int'

fix build with LibreSSL 2.0.7+

bz 64047

Update proposal.
Follow up to r1873941: define AP_REG_NO_DEFAULT for raw ap_regcomp() usage.

This avoids having to define AP_REG_NO_* for each APR_REG_* specific option,

thus replacing AP_REG_NO_DOTALL introduced lately.

For ap_rxplus_compile() and mod_substitute where default AP_REG_DOTALL is not

suitable, let's use:

AP_REG_NO_DEFAULT | ap_regcomp_get_default_cflags() & AP_REG_DOLLAR_ENDONLY

to keep the default AP_REG_DOLLAR_ENDONLY unless RegexDefaultOptions unsets it.

Propose to hold on accepted backport.
Follow up to r1874055: fix typo.

Add a note
Vote, promote.
some votes

RHEL and CentOS now use dnf. Call out yum as the outlier, rather than

the other way around.

Avoid UBSan exception calling memcpy(,NULL,0) at startup.

Follow-up to r1874011 which did the same for the event MPM.

* server/mpm/event/event.c (event_open_logs): Avoid UBSan exception

calling memcpy(,NULL,0) at startup. Thanks to rpluem.

* modules/ssl/ssl_util_ocsp.c (serialize_request): Set the Connection header

to close to indicate that we do not want to keep the HTTP connection to the

OCSP responder alive. We don't reuse the connections currently and if the

OCSP responder keeps the connection alive this could cause us to wait for

keepalive timeout of the OCSP responder to timeout until we finish our

reading of the OCSP response.

PR: 64135

* modules/ssl/ssl_engine_init.c (ssl_init_Module): Avoid some bogus

gcc -Wmaybe-uninitialized warnings in (slightly odd) SSLFIPS

handling.

* This actually a blocker as r1873747 introduced a regression
Propose fix for spelling errors found by codespell. [skip ci]

Add CHANGES entry for Travis CI testing. [skip ci]

Fix spelling errors found by codespell. [skip ci]

  1. … 86 more files in changeset.
* Already addressed. Otherwise I was fine. [skip ci]
* Add a comment [skip ci]