From: Graham Leggett Date: Sun, 17 Jan 2021 17:07:42 +0000 (+0000) Subject: Backport to v2.4: X-Git-Tag: 2.4.47~148 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=af0f1c68ae8a97dbfdb60b8ca8aa1a797700015d;p=thirdparty%2Fapache%2Fhttpd.git Backport to v2.4: *) Easy patches: synch 2.4.x and trunk - mod_dav: save a few cycles - mod_{ssl,md}: init_stapling_status hooks should return an int - util_md5: avoid temporary stack result in ap_md5_binary() - mod_proxy_balancer: Add a missing - mod_md: get_stapling_status hooks should return an int - mod_session: Improve a message about SessionExpiryUpdateInterval values trunk patch: http://svn.apache.org/r1837388 http://svn.apache.org/r1876549 http://svn.apache.org/r1877551 http://svn.apache.org/r1882210 http://svn.apache.org/r1882399 http://svn.apache.org/r1883414 2.4.x patch: svn merge -c 1837388,1876549,1877551,1882210,1882399,1883414 ^/httpd/httpd/trunk . +1: jailletc36, ylavic, minfrin git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1885610 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index cd2474fec81..79c5868ac7c 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,15 @@ -*- coding: utf-8 -*- Changes with Apache 2.4.47 + *) Synch 2.4.x and trunk + - mod_dav: save a few cycles + - mod_{ssl,md}: init_stapling_status hooks should return an int + - util_md5: avoid temporary stack result in ap_md5_binary() + - mod_proxy_balancer: Add a missing + - mod_md: get_stapling_status hooks should return an int + - mod_session: Improve a message about SessionExpiryUpdateInterval values + [Christophe Jaillet] + *) mod_proxy_fcgi: Honor "SetEnv proxy-sendcl" to forward a chunked Transfer-Encoding from the client, spooling the request body when needed to provide a Content-Length to the backend. PR 57087. [Yann Ylavic] diff --git a/STATUS b/STATUS index 0cd3d62bc62..5ff61beda81 100644 --- a/STATUS +++ b/STATUS @@ -138,23 +138,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - *) Easy patches: synch 2.4.x and trunk - - mod_dav: save a few cycles - - mod_{ssl,md}: init_stapling_status hooks should return an int - - util_md5: avoid temporary stack result in ap_md5_binary() - - mod_proxy_balancer: Add a missing - - mod_md: get_stapling_status hooks should return an int - - mod_session: Improve a message about SessionExpiryUpdateInterval values - trunk patch: - http://svn.apache.org/r1837388 - http://svn.apache.org/r1876549 - http://svn.apache.org/r1877551 - http://svn.apache.org/r1882210 - http://svn.apache.org/r1882399 - http://svn.apache.org/r1883414 - 2.4.x patch: svn merge -c 1837388,1876549,1877551,1882210,1882399,1883414 ^/httpd/httpd/trunk . - +1: jailletc36, ylavic, minfrin - PATCHES PROPOSED TO BACKPORT FROM TRUNK: diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c index bf049df332c..d0dc1104229 100644 --- a/modules/dav/main/mod_dav.c +++ b/modules/dav/main/mod_dav.c @@ -807,8 +807,8 @@ static int dav_parse_range(request_rec *r, range = apr_pstrdup(r->pool, range_c); if (strncasecmp(range, "bytes ", 6) != 0 - || (dash = ap_strchr(range, '-')) == NULL - || (slash = ap_strchr(range, '/')) == NULL) { + || (dash = ap_strchr(range + 6, '-')) == NULL + || (slash = ap_strchr(range + 6, '/')) == NULL) { /* malformed header */ return -1; } diff --git a/modules/md/mod_md_ocsp.c b/modules/md/mod_md_ocsp.c index fcc0a98160c..2a01d5a8467 100644 --- a/modules/md/mod_md_ocsp.c +++ b/modules/md/mod_md_ocsp.c @@ -52,7 +52,7 @@ static int staple_here(md_srv_conf_t *sc) && md_config_geti(sc, MD_CONFIG_STAPLE_OTHERS)); } -apr_status_t md_ocsp_init_stapling_status(server_rec *s, apr_pool_t *p, +int md_ocsp_init_stapling_status(server_rec *s, apr_pool_t *p, X509 *cert, X509 *issuer) { md_srv_conf_t *sc; @@ -75,7 +75,7 @@ declined: return DECLINED; } -apr_status_t md_ocsp_get_stapling_status(unsigned char **pder, int *pderlen, +int md_ocsp_get_stapling_status(unsigned char **pder, int *pderlen, conn_rec *c, server_rec *s, X509 *cert) { md_srv_conf_t *sc; diff --git a/modules/md/mod_md_ocsp.h b/modules/md/mod_md_ocsp.h index b0894caf115..ee58df678a7 100644 --- a/modules/md/mod_md_ocsp.h +++ b/modules/md/mod_md_ocsp.h @@ -18,11 +18,11 @@ #define mod_md_md_ocsp_h -apr_status_t md_ocsp_init_stapling_status(server_rec *s, apr_pool_t *p, - X509 *cert, X509 *issuer); +int md_ocsp_init_stapling_status(server_rec *s, apr_pool_t *p, + X509 *cert, X509 *issuer); -apr_status_t md_ocsp_get_stapling_status(unsigned char **pder, int *pderlen, - conn_rec *c, server_rec *s, X509 *cert); +int md_ocsp_get_stapling_status(unsigned char **pder, int *pderlen, + conn_rec *c, server_rec *s, X509 *cert); /** * Start watchdog for retrieving/updating ocsp status. diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c index f5b0ce1adb2..39ccf52a94e 100644 --- a/modules/proxy/mod_proxy_balancer.c +++ b/modules/proxy/mod_proxy_balancer.c @@ -1750,7 +1750,7 @@ static int balancer_handler(request_rec *r) ap_rvputs(r, balancer->s->vpath, "\n", NULL); ap_rprintf(r, "%s\n", !balancer->s->inactive ? "Yes" : "No"); - ap_rputs("\n
", r); + ap_rputs("\n\n
", r); ap_rputs("\n\n" "" "" diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c index b72ab140c6e..e5a3a774e02 100644 --- a/modules/session/mod_session.c +++ b/modules/session/mod_session.c @@ -649,7 +649,7 @@ static const char * conf->expiry_update_time = atoi(arg); if (conf->expiry_update_time < 0) { - return "SessionExpiryUpdateInterval must be positive or nul"; + return "SessionExpiryUpdateInterval must be zero (disable) or a positive value"; } conf->expiry_update_time = apr_time_from_sec(conf->expiry_update_time); conf->expiry_update_set = 1; diff --git a/modules/ssl/ssl_util_stapling.c b/modules/ssl/ssl_util_stapling.c index b85a9c94f13..15415934972 100644 --- a/modules/ssl/ssl_util_stapling.c +++ b/modules/ssl/ssl_util_stapling.c @@ -153,7 +153,7 @@ int ssl_stapling_init_cert(server_rec *s, apr_pool_t *p, apr_pool_t *ptemp, return 1; } - if (ssl_run_init_stapling_status(s, p, x, issuer) == APR_SUCCESS) { + if (ssl_run_init_stapling_status(s, p, x, issuer) == OK) { /* Someone's taken over or mod_ssl's own implementation is not enabled */ if (mctx->stapling_enabled != TRUE) { SSL_CTX_set_tlsext_status_cb(mctx->ssl_ctx, stapling_cb); diff --git a/server/util_md5.c b/server/util_md5.c index 148c60ceb43..bba3b88e423 100644 --- a/server/util_md5.c +++ b/server/util_md5.c @@ -54,7 +54,7 @@ AP_DECLARE(char *) ap_md5_binary(apr_pool_t *p, const unsigned char *buf, int le { apr_md5_ctx_t my_md5; unsigned char hash[APR_MD5_DIGESTSIZE]; - char result[2 * APR_MD5_DIGESTSIZE + 1]; + char *result; /* * Take the MD5 hash of the string argument. @@ -67,9 +67,9 @@ AP_DECLARE(char *) ap_md5_binary(apr_pool_t *p, const unsigned char *buf, int le apr_md5_update(&my_md5, buf, (unsigned int)length); apr_md5_final(hash, &my_md5); - ap_bin2hex(hash, APR_MD5_DIGESTSIZE, result); - - return apr_pstrndup(p, result, APR_MD5_DIGESTSIZE*2); + result = apr_palloc(p, 2 * APR_MD5_DIGESTSIZE + 1); + ap_bin2hex(hash, APR_MD5_DIGESTSIZE, result); /* sets final '\0' */ + return result; } AP_DECLARE(char *) ap_md5(apr_pool_t *p, const unsigned char *string)
Worker URLRouteRouteRedir