From: William A. Rowe Jr Date: Tue, 12 Feb 2013 05:40:30 +0000 (+0000) Subject: Accept (and for some, promote) a number of good patches X-Git-Tag: 2.2.24~40 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6def8eca480ffe26c241449544e633d18e66e546;p=thirdparty%2Fapache%2Fhttpd.git Accept (and for some, promote) a number of good patches git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1445036 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index 53a632bdd13..a5146bf8051 100644 --- a/STATUS +++ b/STATUS @@ -100,6 +100,55 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: 2.2.x patch: http://people.apache.org/~covener/patches/2.2.x-byterange-table_clear.diff +1: covener, rjung, trawick + * mod_cache: Allow providers to decide whether to cache responses with code + 206. + Trunk version of patch: + http://svn.apache.org/viewvc?rev=952823&view=rev + Backport version for 2.2.x of patch: + Trunk version of patch works + +1: rpluem, rjung, wrowe + + * mod_proxy_http: Use the same hostname for SNI as for the HTTP request when + forwarding to SSL backends. + PR: 53134 + Based on a patch from: Michael Weiser + trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1333969 + 2.4.x patch: http://svn.apache.org/viewvc?view=revision&revision=1356881 + 2.2.x patch: http://people.apache.org/~rjung/patches/mod_proxy_http-fix-hostname-ssl-2_2.patch + +1: rjung, covener, wrowe + kbrand: only has an effect if r1175416 is backported, too (see note at + https://issues.apache.org/bugzilla/show_bug.cgi?id=53134#c10 + by the patch author) + + * server/mpm_unix.c (dummy_connection): Use a TLS 1.0 close_notify + alert if the chosen listener is configured for https; not perfect + but better than sending an HTTP request. Adjust comments. + Based on a patch from: Michael Weiser + trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1327036 and + http://svn.apache.org/viewvc?view=revision&revision=1327080 + 2.4.x patch: http://svn.apache.org/viewvc?view=revision&revision=1356884 + 2.2.x patch: http://people.apache.org/~rjung/patches/dummy_connection-https-tls-2_2.patch + +1: rjung, covener, wrowe + + * ab: add TLS1.1/TLS1.2 options to -f switch, and adapt output + to more accurately report the negotiated protocol. PR 53916. + trunk patch: https://svn.apache.org/viewvc?view=revision&revision=1395225 + 2.2.x patch: https://people.apache.org/~kbrand/ab-tlsv1_x-2.2.x.patch + +1: kbrand, covener, wrowe + + * modules/ldap/util_ldap.c: Correct erroneous messages + PR: 53402 + trunk and 2.4.x: Erroneous message about LDAPSharedCacheSize + http://svn.apache.org/viewvc?view=revision&sortby=date&revision=1096577 + trunk and 2.4.x: Erroneous order for the parameters + http://svn.apache.org/viewvc?view=revision&sortby=date&revision=627637 + 2.2.x patch: attached in PR 53402 (https://issues.apache.org/bugzilla/attachment.cgi?id=29502) + +1: jailletc36, covener, wrowe + + * mod_ssl: fix UID env var regression introduced in 2.2.15. PR54510. + 2.2.x patch: https://people.apache.org/~kbrand/ssl_vars_uid_PR54510.patch + +1: kbrand, druggeri, wrowe + PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] @@ -134,14 +183,6 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: mod_ssl is not loaded, but right now it would fail. An mmn minor bump would also be required for API addition. - * mod_cache: Allow providers to decide whether to cache responses with code - 206. - Trunk version of patch: - http://svn.apache.org/viewvc?rev=952823&view=rev - Backport version for 2.2.x of patch: - Trunk version of patch works - +1: rpluem, rjung - * mod_ssl: Add RFC 5878 support. This allows support of mechanisms such as Certificate Transparency. Note that new mechanisms are supported without software updates. @@ -175,63 +216,26 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: http://svn.apache.org/viewvc?view=revision&revision=1328326 2.4.x patch: http://svn.apache.org/viewvc?view=revision&revision=1334346 2.2.x patch: http://people.apache.org/~rjung/patches/improve-speaking-http-on-https-message-2_2.patch - +1: rjung - - * mod_proxy_http: Use the same hostname for SNI as for the HTTP request when - forwarding to SSL backends. - PR: 53134 - Based on a patch from: Michael Weiser - trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1333969 - 2.4.x patch: http://svn.apache.org/viewvc?view=revision&revision=1356881 - 2.2.x patch: http://people.apache.org/~rjung/patches/mod_proxy_http-fix-hostname-ssl-2_2.patch - +1: rjung, covener - kbrand: only has an effect if r1175416 is backported, too (see note at - https://issues.apache.org/bugzilla/show_bug.cgi?id=53134#c10 - by the patch author) - - * server/mpm_unix.c (dummy_connection): Use a TLS 1.0 close_notify - alert if the chosen listener is configured for https; not perfect - but better than sending an HTTP request. Adjust comments. - Based on a patch from: Michael Weiser - trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1327036 and - http://svn.apache.org/viewvc?view=revision&revision=1327080 - 2.4.x patch: http://svn.apache.org/viewvc?view=revision&revision=1356884 - 2.2.x patch: http://people.apache.org/~rjung/patches/dummy_connection-https-tls-2_2.patch - +1: rjung, covener - - * ab: add TLS1.1/TLS1.2 options to -f switch, and adapt output - to more accurately report the negotiated protocol. PR 53916. - trunk patch: https://svn.apache.org/viewvc?view=revision&revision=1395225 - 2.2.x patch: https://people.apache.org/~kbrand/ab-tlsv1_x-2.2.x.patch - +1: kbrand, covener + +1: rjung, wrowe * mod_dir: Support for the 'disabled' FallbackResource argument trunk patch : https://svn.apache.org/viewvc?view=revision&revision=1398066 Also suggested for backport to 2.4 2.2.x src patch: trunk patch works 2.2.x documentation patch : http://apache-doc-fr.gryzor.com/fallbackresource_disabled_2.2_doc.patch - +1: gryzor - - * modules/ldap/util_ldap.c: Correct erroneous messages - PR: 53402 - trunk and 2.4.x: Erroneous message about LDAPSharedCacheSize - http://svn.apache.org/viewvc?view=revision&sortby=date&revision=1096577 - trunk and 2.4.x: Erroneous order for the parameters - http://svn.apache.org/viewvc?view=revision&sortby=date&revision=627637 - 2.2.x patch: attached in PR 53402 (https://issues.apache.org/bugzilla/attachment.cgi?id=29502) - +1: jailletc36, covener + +1: gryzor, wrowe * mod_ldap: restore LDAP_UNAVAILABLE for windows SDK (PR 54140) trunk patch: http://svn.apache.org/viewvc?rev=1408402&view=rev 2.4.x patch: http://svn.apache.org/viewvc?rev=1409773&view=rev 2.2.x patch: http://people.apache.org/~covener/patches/httpd-2.2.x-ldap_unavailable.diff (just context conflicts) - +1: covener + +1: covener, wrowe * mod_ssl: PR 52162: log revoked certificates at level INFO instead of DEBUG trunk/2.4.x: Changed as part of http://svn.apache.org/viewvc?rev=1165056&view=rev 2.2.x patch: https://issues.apache.org/bugzilla/attachment.cgi?id=27913 - +1: sf + +1: sf, wrowe * mod_authnz_ldap: Allow using exec: callouts like SSLPassphraseDialog for AuthLDAPBindPassword. @@ -239,6 +243,8 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: 2.2.x patch: http://people.apache.org/~druggeri/patches/AuthLDAPBindPasswordExec-2.2.patch (20130119 - updated to include minor mmn bump) +1: druggeri + -1: wrowe (switch to +1 once ap_get_exec_line is made thread-safe) + kudos for using apr_tokenize_to_argv to allow spaces in args. * mod_proxy_ajp: Support unknown HTTP methods. PR54416. Forward unknown methods as request attributes @@ -253,11 +259,7 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: 2.2.x patch: http://people.apache.org/~rjung/patches/httpd-2_2_x-ajp-unknown_-methods.patch plus CHANGES Difference to 2.4.x only in logging. - +1: rjung - - * mod_ssl: fix UID env var regression introduced in 2.2.15. PR54510. - 2.2.x patch: https://people.apache.org/~kbrand/ssl_vars_uid_PR54510.patch - +1: kbrand, druggeri + +1: rjung, wrowe PATCHES/ISSUES THAT ARE STALLED