Checkout Tools
  • last updated 4 hours ago
Constraints: committers
Constraints: files
Constraints: dates
Rename APACHE_2_0_BRANCH to 2.0.x to follow the 1.3.x convention.

update transformation


update transformation

Added the directive "Requires ldap-attribute" that allows the module to only authorize a user if the attribute value specified matches the value of the user object. PR 31913

Submitted by: Ryan Morgan <rmorgan>

Reviewd by: bnicholes, wrowe, jim

Implement the util_ldap_cache_getuserdn() API so that the ldap authorization only modules have access to the util_ldap user cache without having to require ldap authentication as well. [PR 31898]

Submitted by: Jari Ahonen [jah]

Reviewed by: bnicholes, wrowe, jim

Vote on some locally tested backports.


Obtained from:

Submitted by:

Reviewed by:

Consistently format SECURITY entries.

Backports done.

Backport from HEAD:

* modules/ssl/ssl_engine_init.c (ssl_init_proxy_certs): Fail early

(rather than segfault later) if a client cert is configured which is

missing either the certificate or private key.

PR: 24030

Reviewed by: jorton, minfrin, jerenkrantz, wrowe

Backport fix for CAN-2004-0885:

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a

correct cipher suite has been negotiated, else deny access.

* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL

0.9.7, prevent session resumption during a renegotiation to force the

client to negotiate a new (and acceptable) cipher suite.

PR: 31505

Submitted by: Hartmut Keil <Hartmut.Keil>, Joe Orton

Reviewed by: jorton, pquerna, minfrin, wrowe

Revert r1.135.2.32, fixing regression in QUERY_STRING handling since

for [P] rules since 2.0.52.

Reviewed by: jorton, nd, wrowe

Backport fix for memory consumption DoS, CVE CAN-2004-0942:

* server/protocol.c (ap_rgetline_core): Don't trim trailing whitespace

from the buffer here.

(ap_get_mime_headers_core): Trim trailing whitespace here, after

reading a complete field including continuation lines. Also simplify

code to remove whitespace between field-name and colon.

Reviewed by: stoddard, jorton, nd

Spending a little time in the garage, these mostly look like pretty good

suggestions. A few nak's on proposals with real issues.



backport vote


Don't display the cache statistics if the node is empty


Track the status of an upgradeable socket so that the http_method and default_port hooks will report the correct information. Also add the check for an upgraded https connection when responding to the state of a connection.

* docs/conf/magic: Remove trailing whitespace.

PR: 31472

Submitted by: Jack Repenning

    • ?
Note the mod_rewrite regression since .52.

A new mod_ssl fix, update the ap_save_brigade fix.

changes to log client IP address on a few types of errors

At least CVS doesn't reject me because I vote absentee...

new Korean translations and up-to-date patches

  1. … 6 more files in changeset.
This commit was manufactured by cvs2svn to create branch


Propose goodness for peace and mankind.

apxs: fix handling of -Wc/-Wl and "-o".

PR: 31448

Obtained from:

Submitted by: jorton

Reviewed by: jorton, jerenkrantz, pquerna