From: Graham Leggett Date: Sat, 21 Aug 2021 21:30:47 +0000 (+0000) Subject: Backport: X-Git-Tag: candidate-2.4.49~3^2~16 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c795f1c736e738281bd5e90503d5cc0b759d1c12;p=thirdparty%2Fapache%2Fhttpd.git Backport: *) Easy patches: synch 2.4.x and trunk - mod_auth_basic: Use ap_cstr_casecmp instead of strcasecmp. - mod_ldap: log and abort locking errors. - mod_ldap: style fix for r1831165 - mod_ldap: build break fix for r1831165 --> These 3 commits are preparation work for backporting r1856735 - mod_deflate: Avoid hard-coded "%ld" format strings in mod_deflate's logging statements - mod_deflate: Use apr_uint64_t instead of uint64_t (follow up to r1849590) - mod_forensic: Follow up to r1856490: missing one mod_log_forensic test_char_table case. (r1856490 has been backported in r1870261) - mod_rewrite: Save a few cycles. - mod_request: Fix a comment (missing '_' in 'keep_body') and some style issues - core: remove extra whitespace in HTTP_NOT_IMPLEMENTED trunk patch: https://svn.apache.org/r1817063 https://svn.apache.org/r1831165 https://svn.apache.org/r1831171 https://svn.apache.org/r1831172 https://svn.apache.org/r1849590 https://svn.apache.org/r1849630 https://svn.apache.org/r1856491 https://svn.apache.org/r1883421 https://svn.apache.org/r1889327 https://svn.apache.org/r1891200 2.4.x patch: svn merge -c 1817063,1831165,1831171,1831172,1849590,1849630,1856491,1883421,1889327,1891200 ^/httpd/httpd/trunk . +1: jailletc36, covener, jim icing: I have trouble running the svn merge due to conflicts in CHANGES and the infamous log tags. Do you have a patch or a PR to use for checking? covener: on faith git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1892510 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 9676d8fd9f4..f410ed66c7b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,19 @@ -*- coding: utf-8 -*- Changes with Apache 2.4.49 + *) Easy patches: synch 2.4.x and trunk + - mod_auth_basic: Use ap_cstr_casecmp instead of strcasecmp. + - mod_ldap: log and abort locking errors. + - mod_ldap: style fix for r1831165 + - mod_ldap: build break fix for r1831165 + - mod_deflate: Avoid hard-coded "%ld" format strings in mod_deflate's logging statements + - mod_deflate: Use apr_uint64_t instead of uint64_t (follow up to r1849590) + - mod_forensic: Follow up to r1856490: missing one mod_log_forensic test_char_table case. + - mod_rewrite: Save a few cycles. + - mod_request: Fix a comment (missing '_' in 'keep_body') and some style issues + - core: remove extra whitespace in HTTP_NOT_IMPLEMENTED + [Christophe Jaillet] + * core/mpm: add hook 'child_stopping` that gets called when the MPM is stopping a child process. The additional `graceful` parameter allows registered hooks to free resources early during a graceful shutdown. diff --git a/STATUS b/STATUS index f718a551e17..a7b8bae4198 100644 --- a/STATUS +++ b/STATUS @@ -142,36 +142,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - *) Easy patches: synch 2.4.x and trunk - - mod_auth_basic: Use ap_cstr_casecmp instead of strcasecmp. - - mod_ldap: log and abort locking errors. - - mod_ldap: style fix for r1831165 - - mod_ldap: build break fix for r1831165 - --> These 3 commits are preparation work for backporting r1856735 - - mod_deflate: Avoid hard-coded "%ld" format strings in mod_deflate's logging statements - - mod_deflate: Use apr_uint64_t instead of uint64_t (follow up to r1849590) - - mod_forensic: Follow up to r1856490: missing one mod_log_forensic test_char_table case. - (r1856490 has been backported in r1870261) - - mod_rewrite: Save a few cycles. - - mod_request: Fix a comment (missing '_' in 'keep_body') and some style issues - - core: remove extra whitespace in HTTP_NOT_IMPLEMENTED - trunk patch: - https://svn.apache.org/r1817063 - https://svn.apache.org/r1831165 - https://svn.apache.org/r1831171 - https://svn.apache.org/r1831172 - https://svn.apache.org/r1849590 - https://svn.apache.org/r1849630 - https://svn.apache.org/r1856491 - https://svn.apache.org/r1883421 - https://svn.apache.org/r1889327 - https://svn.apache.org/r1891200 - 2.4.x patch: svn merge -c 1817063,1831165,1831171,1831172,1849590,1849630,1856491,1883421,1889327,1891200 ^/httpd/httpd/trunk . - +1: jailletc36, covener, jim - icing: I have trouble running the svn merge due to conflicts in CHANGES and - the infamous log tags. Do you have a patch or a PR to use for checking? - covener: on faith - *) core: fix ap_escape_quotes substitution logic trunk patch: https://svn.apache.org/r1892418 2.4.x patch: svn merge -c 1892418 ^/httpd/httpd/trunk . diff --git a/modules/aaa/mod_auth_basic.c b/modules/aaa/mod_auth_basic.c index c54f7721ff0..4e1d47f214e 100644 --- a/modules/aaa/mod_auth_basic.c +++ b/modules/aaa/mod_auth_basic.c @@ -320,7 +320,7 @@ static int authenticate_basic_user(request_rec *r) } if (conf->use_digest_algorithm - && !strcasecmp(conf->use_digest_algorithm, "MD5")) { + && !ap_cstr_casecmp(conf->use_digest_algorithm, "MD5")) { realm = ap_auth_name(r); digest = ap_md5(r->pool, (unsigned char *)apr_pstrcat(r->pool, sent_user, ":", diff --git a/modules/filters/mod_deflate.c b/modules/filters/mod_deflate.c index 46148cd1ea0..b1cb15453fd 100644 --- a/modules/filters/mod_deflate.c +++ b/modules/filters/mod_deflate.c @@ -862,8 +862,10 @@ static apr_status_t deflate_out_filter(ap_filter_t *f, f->c->bucket_alloc); APR_BRIGADE_INSERT_TAIL(ctx->bb, b); ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01384) - "Zlib: Compressed %ld to %ld : URL %s", - ctx->stream.total_in, ctx->stream.total_out, r->uri); + "Zlib: Compressed %" APR_UINT64_T_FMT + " to %" APR_UINT64_T_FMT " : URL %s", + (apr_uint64_t)ctx->stream.total_in, + (apr_uint64_t)ctx->stream.total_out, r->uri); /* leave notes for logging */ if (c->note_input_name) { @@ -1427,9 +1429,10 @@ static apr_status_t deflate_in_filter(ap_filter_t *f, ctx->validation_buffer_length += valid; ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01393) - "Zlib: Inflated %ld to %ld : URL %s", - ctx->stream.total_in, ctx->stream.total_out, - r->uri); + "Zlib: Inflated %" APR_UINT64_T_FMT + " to %" APR_UINT64_T_FMT " : URL %s", + (apr_uint64_t)ctx->stream.total_in, + (apr_uint64_t)ctx->stream.total_out, r->uri); len = c->bufferSize - ctx->stream.avail_out; @@ -1453,9 +1456,10 @@ static apr_status_t deflate_in_filter(ap_filter_t *f, if ((ctx->stream.total_out & 0xFFFFFFFF) != compLen) { inflateEnd(&ctx->stream); ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01395) - "Zlib: Length %ld of inflated data does " - "not match expected value %ld", - ctx->stream.total_out, compLen); + "Zlib: Length %" APR_UINT64_T_FMT + " of inflated data does not match" + " expected value %ld", + (apr_uint64_t)ctx->stream.total_out, compLen); return APR_EGENERAL; } } @@ -1630,8 +1634,10 @@ static apr_status_t inflate_out_filter(ap_filter_t *f, flush_libz_buffer(ctx, c, f->c->bucket_alloc, inflate, Z_SYNC_FLUSH, UPDATE_CRC); ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01398) - "Zlib: Inflated %ld to %ld : URL %s", - ctx->stream.total_in, ctx->stream.total_out, r->uri); + "Zlib: Inflated %" APR_UINT64_T_FMT + " to %" APR_UINT64_T_FMT " : URL %s", + (apr_uint64_t)ctx->stream.total_in, + (apr_uint64_t)ctx->stream.total_out, r->uri); if (ctx->validation_buffer_length == VALIDATION_SIZE) { unsigned long compCRC, compLen; diff --git a/modules/filters/mod_request.c b/modules/filters/mod_request.c index daa8e5977b9..1768edca1cc 100644 --- a/modules/filters/mod_request.c +++ b/modules/filters/mod_request.c @@ -73,7 +73,6 @@ static apr_status_t keep_body_filter(ap_filter_t *f, apr_bucket_brigade *b, apr_bucket *bucket; apr_off_t len = 0; - if (!ctx) { const char *lenp; request_dir_conf *dconf = ap_get_module_config(f->r->per_dir_config, @@ -119,7 +118,6 @@ static apr_status_t keep_body_filter(ap_filter_t *f, apr_bucket_brigade *b, f->r->kept_body = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc); ctx->remaining = dconf->keep_body; - } /* get the brigade from upstream, and read it in to get its length */ @@ -262,8 +260,8 @@ static apr_status_t kept_body_filter(ap_filter_t *f, apr_bucket_brigade *b, ctx->remaining -= readbytes; ctx->offset += readbytes; - return APR_SUCCESS; + return APR_SUCCESS; } /** @@ -309,18 +307,18 @@ static void ap_request_insert_filter(request_rec * r) NULL, r, r->connection); } } - } -/** - * Remove the kept_body and keep body filters from this specific request. +/* + * Remove the kept_body and keep_body filters from this specific request. */ -static void ap_request_remove_filter(request_rec * r) +static void ap_request_remove_filter(request_rec *r) { - ap_filter_t * f = r->input_filters; + ap_filter_t *f = r->input_filters; + while (f) { if (f->frec->filter_func.in_func == kept_body_filter || - f->frec->filter_func.in_func == keep_body_filter) { + f->frec->filter_func.in_func == keep_body_filter) { ap_remove_input_filter(f); } f = f->next; diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c index 9c73baa7fc6..d031f245188 100644 --- a/modules/http/http_protocol.c +++ b/modules/http/http_protocol.c @@ -1200,7 +1200,7 @@ static const char *get_canned_error_string(int status, case HTTP_NOT_IMPLEMENTED: s1 = apr_pstrcat(p, "

", - ap_escape_html(r->pool, r->method), " ", + ap_escape_html(r->pool, r->method), " not supported for current URL.
\n", NULL); return(add_optional_notes(r, s1, "error-notes", "

\n")); diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c index 120f268f142..4d92ec9a5e1 100644 --- a/modules/ldap/util_ldap.c +++ b/modules/ldap/util_ldap.c @@ -75,15 +75,29 @@ module AP_MODULE_DECLARE_DATA ldap_module; static const char *ldap_cache_mutex_type = "ldap-cache"; static apr_status_t uldap_connection_unbind(void *param); -#define LDAP_CACHE_LOCK() do { \ - if (st->util_ldap_cache_lock) \ - apr_global_mutex_lock(st->util_ldap_cache_lock); \ -} while (0) -#define LDAP_CACHE_UNLOCK() do { \ - if (st->util_ldap_cache_lock) \ - apr_global_mutex_unlock(st->util_ldap_cache_lock); \ -} while (0) +static APR_INLINE apr_status_t ldap_cache_lock(util_ldap_state_t *st, request_rec *r) { + apr_status_t rv = APR_SUCCESS; + if (st->util_ldap_cache_lock) { + apr_status_t rv = apr_global_mutex_lock(st->util_ldap_cache_lock); + if (rv != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_CRIT, rv, r, APLOGNO(10134) "LDAP cache lock failed"); + ap_assert(0); + } + } + return rv; +} +static APR_INLINE apr_status_t ldap_cache_unlock(util_ldap_state_t *st, request_rec *r) { + apr_status_t rv = APR_SUCCESS; + if (st->util_ldap_cache_lock) { + apr_status_t rv = apr_global_mutex_unlock(st->util_ldap_cache_lock); + if (rv != APR_SUCCESS) { + ap_log_rerror(APLOG_MARK, APLOG_CRIT, rv, r, APLOGNO(10135) "LDAP cache lock failed"); + ap_assert(0); + } + } + return rv; +} static void util_ldap_strdup (char **str, const char *newstr) { @@ -912,14 +926,14 @@ static int uldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc, &ldap_module); /* get cache entry (or create one) */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); curnode.url = url; curl = util_ald_cache_fetch(st->util_ldap_cache, &curnode); if (curl == NULL) { curl = util_ald_create_caches(st, url); } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); /* a simple compare? */ if (!compare_dn_on_server) { @@ -936,7 +950,7 @@ static int uldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc, if (curl) { /* no - it's a server side compare */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); /* is it in the compare cache? */ newnode.reqdn = (char *)reqdn; @@ -944,13 +958,13 @@ static int uldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc, if (node != NULL) { /* If it's in the cache, it's good */ /* unlock this read lock */ - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); ldc->reason = "DN Comparison TRUE (cached)"; return LDAP_COMPARE_TRUE; } /* unlock this read lock */ - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } start_over: @@ -1012,7 +1026,7 @@ start_over: else { if (curl) { /* compare successful - add to the compare cache */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); newnode.reqdn = (char *)reqdn; newnode.dn = (char *)dn; @@ -1023,7 +1037,7 @@ start_over: { util_ald_cache_insert(curl->dn_compare_cache, &newnode); } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } ldc->reason = "DN Comparison TRUE (checked on server)"; result = LDAP_COMPARE_TRUE; @@ -1058,17 +1072,17 @@ static int uldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc, &ldap_module); /* get cache entry (or create one) */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); curnode.url = url; curl = util_ald_cache_fetch(st->util_ldap_cache, &curnode); if (curl == NULL) { curl = util_ald_create_caches(st, url); } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); if (curl) { /* make a comparison to the cache */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); curtime = apr_time_now(); the_compare_node.dn = (char *)dn; @@ -1107,7 +1121,7 @@ static int uldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc, /* record the result code to return with the reason... */ result = compare_nodep->result; /* and unlock this read lock */ - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); ap_log_rerror(APLOG_MARK, APLOG_TRACE5, 0, r, "ldap_compare_s(%pp, %s, %s, %s) = %s (cached)", @@ -1116,7 +1130,7 @@ static int uldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc, } } /* unlock this read lock */ - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } start_over: @@ -1164,7 +1178,7 @@ start_over: (LDAP_NO_SUCH_ATTRIBUTE == result)) { if (curl) { /* compare completed; caching result */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); the_compare_node.lastcompare = curtime; the_compare_node.result = result; the_compare_node.sgl_processed = 0; @@ -1193,7 +1207,7 @@ start_over: compare_nodep->lastcompare = curtime; compare_nodep->result = result; } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } if (LDAP_COMPARE_TRUE == result) { @@ -1458,14 +1472,14 @@ static int uldap_cache_check_subgroups(request_rec *r, * 2. Find previously created cache entry and check if there is already a * subgrouplist. */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); curnode.url = url; curl = util_ald_cache_fetch(st->util_ldap_cache, &curnode); - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); if (curl && curl->compare_cache) { /* make a comparison to the cache */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); the_compare_node.dn = (char *)dn; the_compare_node.attrib = (char *)"objectClass"; @@ -1507,7 +1521,7 @@ static int uldap_cache_check_subgroups(request_rec *r, } } } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } if (!tmp_local_sgl && !sgl_cached_empty) { @@ -1526,7 +1540,7 @@ static int uldap_cache_check_subgroups(request_rec *r, /* * Find the generic group cache entry and add the sgl we just retrieved. */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); the_compare_node.dn = (char *)dn; the_compare_node.attrib = (char *)"objectClass"; @@ -1591,7 +1605,7 @@ static int uldap_cache_check_subgroups(request_rec *r, } } } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } } @@ -1669,17 +1683,17 @@ static int uldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc, &ldap_module); /* Get the cache node for this url */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); curnode.url = url; curl = (util_url_node_t *)util_ald_cache_fetch(st->util_ldap_cache, &curnode); if (curl == NULL) { curl = util_ald_create_caches(st, url); } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); if (curl) { - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); the_search_node.username = filter; search_nodep = util_ald_cache_fetch(curl->search_cache, &the_search_node); @@ -1711,13 +1725,13 @@ static int uldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc, (*retvals)[i] = apr_pstrdup(r->pool, search_nodep->vals[i]); } } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); ldc->reason = "Authentication successful (cached)"; return LDAP_SUCCESS; } } /* unlock this read lock */ - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } /* @@ -1876,7 +1890,7 @@ start_over: * Add the new username to the search cache. */ if (curl) { - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); the_search_node.username = filter; the_search_node.dn = *binddn; the_search_node.bindpw = bindpw; @@ -1907,7 +1921,7 @@ start_over: /* Cache entry is valid, update lastbind */ search_nodep->lastbind = the_search_node.lastbind; } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } ldap_msgfree(res); @@ -1945,17 +1959,17 @@ static int uldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc, &ldap_module); /* Get the cache node for this url */ - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); curnode.url = url; curl = (util_url_node_t *)util_ald_cache_fetch(st->util_ldap_cache, &curnode); if (curl == NULL) { curl = util_ald_create_caches(st, url); } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); if (curl) { - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); the_search_node.username = filter; search_nodep = util_ald_cache_fetch(curl->search_cache, &the_search_node); @@ -1981,13 +1995,13 @@ static int uldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc, (*retvals)[i] = apr_pstrdup(r->pool, search_nodep->vals[i]); } } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); ldc->reason = "Search successful (cached)"; return LDAP_SUCCESS; } } /* unlock this read lock */ - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } /* @@ -2085,7 +2099,7 @@ start_over: * Add the new username to the search cache. */ if (curl) { - LDAP_CACHE_LOCK(); + ldap_cache_lock(st, r); the_search_node.username = filter; the_search_node.dn = *binddn; the_search_node.bindpw = NULL; @@ -2114,7 +2128,7 @@ start_over: /* Cache entry is valid, update lastbind */ search_nodep->lastbind = the_search_node.lastbind; } - LDAP_CACHE_UNLOCK(); + ldap_cache_unlock(st, r); } ldap_msgfree(res); diff --git a/modules/loggers/mod_log_forensic.c b/modules/loggers/mod_log_forensic.c index 03c97bbc810..07127b5f215 100644 --- a/modules/loggers/mod_log_forensic.c +++ b/modules/loggers/mod_log_forensic.c @@ -151,7 +151,7 @@ static int count_string(const char *p) int n; for (n = 0 ; *p ; ++p, ++n) - if (test_char_table[*(unsigned char *)p]&T_ESCAPE_FORENSIC) + if (TEST_CHAR(*p, T_ESCAPE_FORENSIC)) n += 2; return n; } diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 102a93c4335..a51e86f8a3c 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -760,23 +760,23 @@ static void splitout_queryargs(request_rec *r, int qsappend, int qsdiscard, int qslast) { char *q; - int split; + int split, skip; /* don't touch, unless it's a scheme for which a query string makes sense. * See RFC 1738 and RFC 2368. */ - if (is_absolute_uri(r->filename, &split) + if ((skip = is_absolute_uri(r->filename, &split)) && !split) { r->args = NULL; /* forget the query that's still flying around */ return; } - if ( qsdiscard ) { + if (qsdiscard) { r->args = NULL; /* Discard query string */ rewritelog((r, 2, NULL, "discarding query string")); } - q = qslast ? ap_strrchr(r->filename, '?') : ap_strchr(r->filename, '?'); + q = qslast ? ap_strrchr(r->filename + skip, '?') : ap_strchr(r->filename + skip, '?'); if (q != NULL) { char *olduri; @@ -807,8 +807,6 @@ static void splitout_queryargs(request_rec *r, int qsappend, int qsdiscard, rewritelog((r, 3, NULL, "split uri=%s -> uri=%s, args=%s", olduri, r->filename, r->args ? r->args : "")); } - - return; } /*