From: Ruediger Pluem Date: Fri, 7 Nov 2025 08:23:08 +0000 (+0000) Subject: Merge r1873397 from trunk: X-Git-Tag: 2.4.66-rc1-candidate~23 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5b4ba1e8d504cee21e41b50652302df86ba01b02;p=thirdparty%2Fapache%2Fhttpd.git Merge r1873397 from trunk: PR62989: DOCTYPE tags in server-generated HTML. Submitted By: Andra Farkas , Giovanni Bechis Reviewed by: rpluem, jorton, covener Github: closes #553 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1929571 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 08b31199419..f608213a84b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,27 @@ -*- coding: utf-8 -*- Changes with Apache 2.4.66 + *) mod_ssl: Add SSLVHostSNIPolicy directive to control the virtual + host compatibility policy. PR 69743. [Joe Orton] + + *) mod_md: update to version 2.6.2 + - Fix error retry delay calculation to not already doubling the wait + on the first error. + + *) mod_md: update to version 2.6.1 + - Increasing default `MDRetryDelay` to 30 seconds to generate less bursty + traffic on errored renewals for the ACME CA. This leads to error retries + of 30s, 1 minute, 2, 4, etc. up to daily attempts. + - Checking that configuring `MDRetryDelay` will result in a positive + duration. A delay of 0 is not accepted. + - Fix a bug in checking Content-Type of responses from the ACME server. + - Added ACME ARI support (rfc9773) to the module. Enabled by default. New + directive "MDRenewViaARI on|off" for controlling this. + - Removing tailscale support. It has not been working for a long time + as the company decided to change their APIs. Away with the dead code, + documentation and tests. + - Fixed a compilation issue with pre-industrial versions of libcurl. + Changes with Apache 2.4.65 *) SECURITY: CVE-2025-54090: Apache HTTP Server: 'RewriteCond expr' diff --git a/STATUS b/STATUS index 478fe7ea9e2..b655880142c 100644 --- a/STATUS +++ b/STATUS @@ -175,14 +175,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: 2.4.x patch: svn merge -c 1927792 ^/httpd/httpd/trunk . +1: icing, rpluem, jorton - *) various: Update DOCTYPE tags in server-generated HTML to 4.01 - Trunk version of patch: - https://svn.apache.org/r1873397 - Backport version for 2.4.x of patch: - https://patch-diff.githubusercontent.com/raw/apache/httpd/pull/553.diff - Can be applied via apply_backport_pr.sh 553 - +1: rpluem, jorton, covener - *) mpm_common: Add new ListenTCPDeferAccept directive that allows to specify the value set for the TCP_DEFER_ACCEPT socket option on listen sockets. Trunk version of patch: diff --git a/changes-entries/md_v2.6.1.txt b/changes-entries/md_v2.6.1.txt deleted file mode 100644 index f3d1c30f8e3..00000000000 --- a/changes-entries/md_v2.6.1.txt +++ /dev/null @@ -1,13 +0,0 @@ - *) mod_md: update to version 2.6.1 - - Increasing default `MDRetryDelay` to 30 seconds to generate less bursty - traffic on errored renewals for the ACME CA. This leads to error retries - of 30s, 1 minute, 2, 4, etc. up to daily attempts. - - Checking that configuring `MDRetryDelay` will result in a positive - duration. A delay of 0 is not accepted. - - Fix a bug in checking Content-Type of responses from the ACME server. - - Added ACME ARI support (rfc9773) to the module. Enabled by default. New - directive "MDRenewViaARI on|off" for controlling this. - - Removing tailscale support. It has not been working for a long time - as the company decided to change their APIs. Away with the dead code, - documentation and tests. - - Fixed a compilation issue with pre-industrial versions of libcurl. diff --git a/changes-entries/md_v2.6.2.txt b/changes-entries/md_v2.6.2.txt deleted file mode 100644 index d5194c2ba09..00000000000 --- a/changes-entries/md_v2.6.2.txt +++ /dev/null @@ -1,3 +0,0 @@ - *) mod_md: update to version 2.6.2 - - Fix error retry delay calculation to not already doubling the wait - on the first error. diff --git a/changes-entries/pr69743.txt b/changes-entries/pr69743.txt deleted file mode 100644 index 72dfc8db0cf..00000000000 --- a/changes-entries/pr69743.txt +++ /dev/null @@ -1,3 +0,0 @@ - *) mod_ssl: Add SSLVHostSNIPolicy directive to control the virtual - host compatibility policy. PR 69743. [Joe Orton] - diff --git a/docs/docroot/index.html b/docs/docroot/index.html index f5f1c377b64..a4e4d11f560 100644 --- a/docs/docroot/index.html +++ b/docs/docroot/index.html @@ -1 +1,9 @@ -

It works!

+ + + +It works! Apache httpd + + +

It works!

+ + diff --git a/include/httpd.h b/include/httpd.h index b4305b09f2f..573ef18381d 100644 --- a/include/httpd.h +++ b/include/httpd.h @@ -249,6 +249,10 @@ extern "C" { #define DOCTYPE_HTML_4_0F "\n" +/** HTML 4.01 Doctype */ +#define DOCTYPE_HTML_4_01 "\n" +/** HTML 5 Doctype */ +#define DOCTYPE_HTML_5 "\n" /** XHTML 1.0 Strict Doctype */ #define DOCTYPE_XHTML_1_0S "\n", r); ap_rputs(" \n", r); ap_rputs(" mod_example_hooks Module Content-Handler Output\n", r); diff --git a/modules/generators/mod_autoindex.c b/modules/generators/mod_autoindex.c index 62804309ea6..715b49c7d74 100644 --- a/modules/generators/mod_autoindex.c +++ b/modules/generators/mod_autoindex.c @@ -179,7 +179,7 @@ static void emit_preamble(request_rec *r, int xhtml, const char *title) " <head>\n <title>Index of ", title, "\n", NULL); } else { - ap_rvputs(r, DOCTYPE_HTML_3_2, + ap_rvputs(r, DOCTYPE_HTML_4_01, "\n \n" " Index of ", title, "\n", NULL); diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c index c1c856d41dd..f0cff67ac45 100644 --- a/modules/generators/mod_status.c +++ b/modules/generators/mod_status.c @@ -419,7 +419,7 @@ static int status_handler(request_rec *r) ap_get_loadavg(&t); if (!short_report) { - ap_rputs(DOCTYPE_HTML_3_2 + ap_rputs(DOCTYPE_HTML_4_01 "\n" "Apache Status\n" "\n" diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c index 3bc666e6d90..669a17d0b02 100644 --- a/modules/http/http_protocol.c +++ b/modules/http/http_protocol.c @@ -1520,7 +1520,7 @@ AP_DECLARE(void) ap_send_error_response(request_rec *r, int recursive_error) */ ap_rvputs_proto_in_ascii(r, - DOCTYPE_HTML_2_0 + DOCTYPE_HTML_4_01 "\n", title, "\n\n

", h1, "

\n", NULL); diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c index 3795fd42806..cf57b3d23cc 100644 --- a/modules/ldap/util_ldap.c +++ b/modules/ldap/util_ldap.c @@ -176,7 +176,7 @@ static int util_ldap_handler(request_rec *r) if (r->header_only) return OK; - ap_rputs(DOCTYPE_HTML_3_2 + ap_rputs(DOCTYPE_HTML_4_01 "LDAP Cache Information\n", r); ap_rputs("

LDAP Cache Information" "

\n", r); diff --git a/modules/mappers/mod_imagemap.c b/modules/mappers/mod_imagemap.c index b2dca7e1ee7..66d10bbb8c0 100644 --- a/modules/mappers/mod_imagemap.c +++ b/modules/mappers/mod_imagemap.c @@ -477,7 +477,7 @@ static void menu_header(request_rec *r, char *menu) { ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1); - ap_rvputs(r, DOCTYPE_HTML_3_2, "\nMenu for ", + ap_rvputs(r, DOCTYPE_HTML_4_01, "<html><head>\n<title>Menu for ", ap_escape_html(r->pool, r->uri), "\n\n", NULL); diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c index daec21ad6c3..f5b228f0e32 100644 --- a/modules/proxy/mod_proxy_balancer.c +++ b/modules/proxy/mod_proxy_balancer.c @@ -1620,7 +1620,7 @@ static void balancer_display_page(request_rec *r, proxy_server_conf *conf, } else { ap_set_content_type(r, "text/html; charset=ISO-8859-1"); - ap_rputs(DOCTYPE_HTML_3_2 + ap_rputs(DOCTYPE_HTML_4_01 "Balancer Manager\n", r); ap_rputs("