Merge r1900356 from trunk:

  *) mod_http2: remove unused and insecure code. Fixes PR66037.
     Thanks to Ronald Crane (Zippenhop LLC) for reporting this.

Submitted by: icing
Reviewed by: jailletc36, icing, rpluem

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1901010 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index a8ef8240ef2108b03b4cab932050a7fc0a931185..ff7a27f568d4a5e129bd9117cca96e06e008ad5a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.54
 
+  *) mod_http2: remove unused and insecure code. Fixes PR66037.
+     Thanks to Ronald Crane (Zippenhop LLC) for reporting this.
+
   *) mod_http2: removing unscheduling of ongonig tasks when
      connection shows potential abuse by a client. This proved
      counter-productive and the abuse detection can false flag

diff --git a/STATUS b/STATUS
index 79b6c44bdf90c56fcd3c6e34b8d2e25f3073d132..026bf94312c42422c70be0ee8ac0d41f8df53a1b 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -148,12 +148,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  *) mod_http2: remove obsolete, insecure code. Fixes PR66037.
-     trunk patches: https://svn.apache.org/r1900356
-     2.4.x patches: svn merge -c 1900356 ^/httpd/httpd/trunk .
-     +1: jailletc36, icing, rpluem
-     icing: I just waited to see what you think!
-
   *) core: make ap_escape_quotes() work correctly on strings
      with more than MAX_INT/2 characters, counting quotes double.
      trunk patch: https://svn.apache.org/r1899609

diff --git a/changes-entries/pr66037.txt b/changes-entries/pr66037.txt
new file mode 100644 (file)
index 0000000..7262ff2
--- /dev/null
+++ b/changes-entries/pr66037.txt
@@ -0,0 +1,3 @@
+  *) mod_http2: remove unused and insecure code. Fixes PR66037.
+     Thanks to Ronald Crane (Zippenhop LLC) for reporting this.
+     [Stefan Eissing]
\ No newline at end of file

diff --git a/modules/http2/h2_util.c b/modules/http2/h2_util.c
index 9b2b3de968250f974a35df50a5d5201cbdd341cf..9f924045c9aa11118d9e1bced47a9eb90d4f5019 100644 (file)
--- a/modules/http2/h2_util.c
+++ b/modules/http2/h2_util.c
@@ -75,26 +75,6 @@ size_t h2_util_hex_dump(char *buffer, size_t maxlen,
     return strlen(buffer);
 }
 
-size_t h2_util_header_print(char *buffer, size_t maxlen,
-                            const char *name, size_t namelen,
-                            const char *value, size_t valuelen)
-{
-    size_t offset = 0;
-    size_t i;
-    for (i = 0; i < namelen && offset < maxlen; ++i, ++offset) {
-        buffer[offset] = name[i];
-    }
-    for (i = 0; i < 2 && offset < maxlen; ++i, ++offset) {
-        buffer[offset] = ": "[i];
-    }
-    for (i = 0; i < valuelen && offset < maxlen; ++i, ++offset) {
-        buffer[offset] = value[i];
-    }
-    buffer[offset] = '\0';
-    return offset;
-}
-
-
 void h2_util_camel_case_header(char *s, size_t len)
 {
     size_t start = 1;

diff --git a/modules/http2/h2_util.h b/modules/http2/h2_util.h
index c96570e550b54d06065800fb8f6607c164f73922..5d4b299182c45f97d69c71aa71dadb5fcc68de88 100644 (file)
--- a/modules/http2/h2_util.h
+++ b/modules/http2/h2_util.h
@@ -28,10 +28,6 @@ struct nghttp2_frame;
 size_t h2_util_hex_dump(char *buffer, size_t maxlen,
                         const char *data, size_t datalen);
 
-size_t h2_util_header_print(char *buffer, size_t maxlen,
-                            const char *name, size_t namelen,
-                            const char *value, size_t valuelen);
-
 void h2_util_camel_case_header(char *s, size_t len);
 
 int h2_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen);