Ruediger Pluem [Fri, 9 Oct 2020 19:32:27 +0000 (19:32 +0000)]
Adjust signal handler before unblocking
* server/mpm/event/event.c: Set the new signal handler before unblocking the
signal as otherwise queued signals get delivered to the old handler
immediately when the signal is unblocked.
* server/mpm/worker/worker.c: Same thing as with event.
Joe Orton [Thu, 17 Sep 2020 11:31:43 +0000 (11:31 +0000)]
mod_proxy: Add support for an optional third argument to ProxyRemote*
to configure the Basic auth credentials to send to the remote proxy.
(Note that credentials are always sent w/o waiting for a challenge as
with proxy-chain-auth, and only Basic is supported - both of which are
not exactly ideal - but better than nothing.)
* modules/proxy/mod_proxy.c (proxy_handler): Pass forward proxy
credentials via r->notes.
(add_proxy): Take credentials and base64-encode into ->creds field if
passed.
(add_proxy_noregex, add_proxy_regex): Take optional creds argument.
* modules/proxy/proxy_util.c (ap_proxy_determine_connection):
Use proxy credentials from r->notes if available.
(ap_proxy_create_hdrbrgd): Set Proxy-Authorization header from
credentials in r->notes if present.
Joe Orton [Tue, 15 Sep 2020 09:14:39 +0000 (09:14 +0000)]
* modules/dav/fs/repos.c (dav_fs_open_stream): Add specific logs for
different modes in dav_fs_open_stream(), indicate failure because of
different file open modes. Also add the filepath in the log messages.
Process early errors via a dummy HTTP/1.1 request as well
Process early errors via a dummy HTTP/1.1 request as well to ensure
that the request gets logged correctly and possible custom error
pages are considered. The previous way of directly sending a HTTP/2
answer with the HTTP status code appropriate for the error is more
efficient, but does not log the request nor sents a possible custom
error page.
* modules/http2/h2.h: Add http_status to h2_request struct and define
H2_HTTP_STATUS_UNSET.
* modules/http2/h2_request.c(h2_request_create_rec): Check if
http_status is set for the request and die with the
status code it contains if set.
* modules/http2/h2_session.c(on_header_cb): Adjust the error condition
now that we mark early errors via http_status: Only return an error
if the status is not success and http_status is not H2_HTTP_STATUS_UNSET.
* modules/http2/h2_stream.c(set_error_response): Set http_status
on the request instead of creating headers for a response and a
respective brigade.
Joe Orton [Tue, 8 Sep 2020 14:08:22 +0000 (14:08 +0000)]
Further re-unification of code duplicated across mod_cgi/mod_cgid into
cgi_common.h. Functional changes:
- brings the PR 61980 fix to mod_cgid as well, and
- some mod_cgid-specific APLOGNOs are dropped in favour of the
code used in the equivalent error path in mod_cgi
... otherwise no user-visible changes (intended).
* modules/generators/cgi_common.h (log_scripterror, log_script_err): Move
here from mod_cgi.
(cgi_handle_exec): Move here, renamed from mod_cgi's handle_exec.
(cgi_optfns_retrieve): New function, split out from mod_cgi's cgi_post_config.
- Embeds the HAVE_PCRE2 define as a compiler flag rather than try to work around
.h file substitutions, because the flag is only relevant to compiling the single
server/util_pcre.c file.
Restore broken win32 build, include apr/std headers before httpd headers
- In httpd we override exit() to trap the true exit code (see os/win32/os.h)
- process.h was redefining exit() which picked up the macro instead of the
original exit() declaration
- Cleaner style pulls in apr, then standard C headers, and finally sets down
the httpd includes on top of these, resolving the windows build regression
Joe Orton [Wed, 19 Aug 2020 07:26:18 +0000 (07:26 +0000)]
Follow up to r1880368 by adjusting en.xml to match lang-targets.xml.
Ran "./build.sh bootstrap" which regenerates style/xsl/util/designations.xml
which in turn will then be used to regenerate the typemap files.
[skip ci]
Remove problematic version check for OpenSSL < 1.0.2
This addresses several concerns;
- There is no valid release of OpenSSL < 1.0.2 to incorporate security fixes,
particularly on Windows, and particularly as vetted by the project.
- File structure of opensslv.h has changed in such as a way as to completely
invalidate the CMake FindOpenSSL macros, so 3.0.0 cannot be determined.
Joe Orton [Wed, 5 Aug 2020 08:26:58 +0000 (08:26 +0000)]
Fail for more abort() errors in error_log.
Fail if a core dump is produced, and dump the backtrace if so.
(e.g. during parent or child process shutdown, core dumps will
not show up as test case failures so would not otherwise be caught)
Instead of using a temp buffer for each byte or char written, and calling
strlen over and over again to find the place where to copy this buffer,
write directly at the correct place in the final buffer, and take advantage
of 'apr_snprintf' returning the number of bytes copied.
This looks like a hot path when running the test framework (because of TRACE7), so it could be slighly useful in this use case :)
Eric Covener [Fri, 31 Jul 2020 01:21:25 +0000 (01:21 +0000)]
don't try to load modules from a NULL path
ap_server_root_relative() can fail if apr_filepath_merge fails,
which can happen with a "bad" drive/volume or who knows what
else on Windows. Regardless, if !fullname we are already
going to retry wih what was actually passed.
mod_proxy: follow up to r1879401: call filters on tunnel POLLERR.
proxy_util.c:
Set POLLERR in reqevents for pollset providers that require it to detect
socket errors (like select() based one).
Call filters to read/write on POLLERR socket event, so that they know about
the error by experiencing the failure. If no POLLIN|POLLOUT is returned
with POLLERR (depending on the system or pollset provider), go with the
requested read or write event handling.
Restore ap_proxy_transfer_between_connections() so that it always tries to
read first (i.e. move yielding conditions afterward).
Add proxy_tunnel_forward() helper that calls transfer_between_connections()
and handles errors pollset updates.
Call proxy_tunnel_forward() when write completion finishes and there are
pending input data.
mod_proxy.h:
Add read_buf_size to proxy_tunnel_rec (trunk only, no MMN minor bump).
Graham Leggett [Wed, 15 Jul 2020 13:56:55 +0000 (13:56 +0000)]
mod_dav: Some DAV extensions, like CalDAV, specify both document
elements and property elements that need to be taken into account
when generating a property. The document element and property element
are made available in the dav_liveprop_elem structure under the
DAV_PROP_ELEMENT key in the resource pool.
Graham Leggett [Wed, 15 Jul 2020 13:16:19 +0000 (13:16 +0000)]
mod_dav: Add utility functions dav_validate_root_ns(),
dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
dav_find_attr() so that other modules get to play too.
Stefan Eissing [Mon, 13 Jul 2020 15:36:53 +0000 (15:36 +0000)]
*) mod_http2:
Fixes <https://github.com/icing/mod_h2/issues/200>:
"LimitRequestFields 0" now disables the limit, as documented.
Fixes <https://github.com/icing/mod_h2/issues/201>:
Do not count repeated headers with same name against the field
count limit. The are merged internally, as if sent in a single HTTP/1 line.
* Makefile.in: Define the update-changes target to merge the change files
from the changes directory to the top of the CHANGES file and remove
them afterwards. If a Subversion binary was found during configure try
to svn rm them otherwise just delete them.
* configure.in: Search for the Subversion binary.
* acinclude.m4: Set the corresponding Makefile variable for the Subversion
binary.
* README.CHANGES: New file to document the new approach.
Joe Orton [Tue, 7 Jul 2020 16:00:55 +0000 (16:00 +0000)]
For TEST_SSL=1 runs, test SSLSessionCache with shmcb, memcached
and redis socache providers. Force TLSv1.2 for these runs since
TLSv1.3 doesn't use the cache.
projects / thirdparty / apache / httpd.git / log
