Checkout
 

madhum in httpd

Propose a backport for the 'shmcb' segv

Fix SEGV in 'shmcb' session cache:

When a 'read' or 'write' to session cache is done, we need to check the size

of the data being 'read' or 'written' to avoid buffer over-run.

PR: 27751

Submitted by: Geoff Thorpe

Reviewed by: Madhusudan Mathihalli

vote.

Propose a backport in mod_ssl.

Limit the concurrency to MAX_CONCURRENCY.

Otherwise, ab may dump core (calloc fails) when a arbitrarily huge value

is used.

In the newer versions of OpenSSL, the flag SSL_SESS_CACHE_NO_INTERNAL_LOOKUP

just prevents the internal lookup but does not prevent the caching.

OpenSSL 0.9.6h onwards has a new flag 'SSL_SESS_CACHE_NO_INTERNAL' to

prevent OpenSSL from both lookup and caching the sessions internally.

PR: 26562

Reviewed by: Geoff Thorpe, Joe Orton

Include another ab.c rev for the backport

Add Missing parenthesis !

Propose a backport (to prevent segfault in ab.c)

Limit the concurrency to MAX_CONCURRENCY.

Otherwise, ab may dump core (calloc fails) when a arbitrarily huge value

is used.

Remove the proposal to backport mod_rewrite recognizing SSL variables - since

it depends upon the mod_ssl.h re-architecture (done by Joe Orton). I'd rather

let the changes come as part of the entire mod_ssl 2.1 backport.

Propose a backport (for mod_rewrite to recognize SSL variables)

Enable mod_rewrite to recognize SSL variables (using ssl_var_lookup)

Submitted by: Joe Orton

Reviewed by: Madhusudan Mathihalli

Enable mod_rewrite to recognize SSL variables (using ssl_var_lookup)

Submitted by: Joe Orton

Reviewed by: Madhusudan Mathihalli

Including filenames/revisions for the SSL Close Alert patch backport

Propose the fix for sending SSL Close Alert message for backport.

Include the new eoc_bucket.c for compilation.

Send the 'Close Alert' message to the peer upon closing a SSL session. This

required creating a new EOC (End-Of-Connection) bucket type to notify mod_ssl

that the connection is about to be closed.

Reviewed by: Joe Orton, Justin Erenkrantz

New file for defining the End Of Connection (EOC) bucket type.

The new bucket type was introduced for connection level filters (Ex. SSL)

that need to send special data to the peer just before the socket is closed.

Vote..

Did not realize the sorting order earlier.

add myself ..

Add myself (should have done it long time ago - forgot all about it)

OpenSSL should be included as "openssl/ssl.h" and not "ssl.h" (and rely on the

INCLUDE path to be defined properly)

PR: 11310

Submitted by: Geoff Thrope <geoff@geoffthrope.net>

Reviewed by: Madhusudan Mathihalli

Modify the APACHE_CHECK_SSL_TOOLKIT to detect SSL-C (atleast version 2.1).

Submitted by: Madhusudan Mathihalli

Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using

autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc).

Submitted by: Geoff Thorpe <geoff@geoffthorpe.net>

Reviewed by: Madhu, Justin

Oops. I'd forgotten to update the CHANGES file with the shmht fix.

PR: 17864

Submitted by: Andreas Leimbacher <andreasl67@yahoo.de>

Reviewed by: Madhusudan Mathihalli

Fix PR 17864, and also fixes a SEGV problem when SHMHT was used.

The porting of the code from mod_ssl 1.3.x was still incomplete, and depended

upon a complete implentation of apr_shm (hence pieces of code was #if 0'ed out).

Fix a 64-bit porting issue.