Graham Leggett [Sat, 18 Nov 2023 11:34:12 +0000 (11:34 +0000)]
Backport to v2.4.
*) mod_ssl: Improve compatibility with OpenSSL 3, fix build warnings about
deprecated ENGINE_ API, honor OPENSSL_API_COMPAT setting while defaulting
to compatibitily with version 1.1.1 (including ENGINEs / SSLCryptoDevice).
mod_ssl: Disable the OpenSSL ENGINE API when OPENSSL_NO_ENGINE is set.
Allow for "SSLCryptoDevice builtin" if the ENGINE API is not available,
notably with OpenSSL >= 3. PR 68080.
trunk patch: http://svn.apache.org/r1908537
http://svn.apache.org/r1908539
http://svn.apache.org/r1908542
http://svn.apache.org/r1913616
http://svn.apache.org/r1913815
http://svn.apache.org/r1913816
http://svn.apache.org/r1908542
http://svn.apache.org/r1913832
2.4.x patch: https://patch-diff.githubusercontent.com/raw/apache/httpd/pull/381.diff
(https://github.com/apache/httpd/pull/381)
+1: ylavic, jorton, minfrin
Graham Leggett [Sat, 18 Nov 2023 11:08:42 +0000 (11:08 +0000)]
Backport to v2.4:
*) mod_proxy: Allow to set a TTL for how long DNS resolutions to backend
systems are cached.
In order to solve merge conflicts this proposal also backports:
mod_proxy: Add optional third argument for ProxyRemote, which
configures Basic authentication credentials to pass to the remote
proxy. PR 37355. (r1881790)
mod_proxy: Ignore (and warn about) enablereuse=on for ProxyPassMatch when
some dollar substitution (backreference) happens in the hostname or port
part of the URL. (r1904513)
Trunk version of patch:
https://svn.apache.org/r1881790
https://svn.apache.org/r1904513
https://svn.apache.org/r1909400
https://svn.apache.org/r1909401
https://svn.apache.org/r1909402
https://svn.apache.org/r1909451
https://svn.apache.org/r1912459
https://svn.apache.org/r1913432
https://svn.apache.org/r1913534
Backport version for 2.4.x of patch:
https://patch-diff.githubusercontent.com/raw/apache/httpd/pull/390.diff
Can be applied via apply_backport_pr.sh 390
+1: rpluem, ylavic, minfrin
Yann Ylavic [Thu, 16 Nov 2023 12:00:36 +0000 (12:00 +0000)]
ci: Disable ASan's LeakSanitizer.
The tool sometimes/somehow crashes in CI, though I can't reproduce locally.
Possibly an issue with the gcc toolchain used there.. disable for now as it
makes the tests fail.
Stefan Eissing [Tue, 31 Oct 2023 10:28:22 +0000 (10:28 +0000)]
Merge of /httpd/httpd/trunk:r1913466
* mod_md: Fix the reported "until" validity of a certificate in the status
handler. [Rainer Jung]
Fix possible NULL deref when logging the error that an authentication
resource could not be retrieved from the ACME server. [Stefan Eissing]
Stefan Eissing [Mon, 16 Oct 2023 13:21:37 +0000 (13:21 +0000)]
Merge of /httpd/httpd/trunk:r1913023
* modules/http2: Make WebSockets support conditional also
on APR 1.7.x since apr_encode.h is required. Restore
#include "apr_encode.h" removed in previous commit.
Ruediger Pluem [Mon, 16 Oct 2023 11:48:06 +0000 (11:48 +0000)]
Merge r1912015 from trunk:
mod_ssl: Silence info log message "SSL Library Error: error:0A000126:
SSL routines::unexpected eof while reading" when using
OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if
available. [Rainer Jung]
Ruediger Pluem [Mon, 16 Oct 2023 11:45:19 +0000 (11:45 +0000)]
Merge r1912015 from trunk:
mod_ssl: Silence info log message "SSL Library Error: error:0A000126:
SSL routines::unexpected eof while reading" when using
OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if
available. [Rainer Jung]
Ruediger Pluem [Mon, 16 Oct 2023 11:42:54 +0000 (11:42 +0000)]
Merge r1909137, r1911067 from trunk:
mod_alias: When an alias is declared inside a Location, make sure
the balance of the URL is preserved to match the alias declared
outside a location. Fixes an error where all requests are mapped
to the root of the location.
mod_alias: Add AliasPreservePath directive to map the full
path after the alias in a location.
Joe Orton [Mon, 4 Sep 2023 12:00:01 +0000 (12:00 +0000)]
Merge r1911651, r1911906 from trunk:
Add DAVBasePath directive to allow users to configure the real repos
root path, useful where the DAV repos is configured with a regex match.
* modules/dav/main/mod_dav.c
(dav_get_resource): If available, pass the configured base path
as the repos root to repos provider.
On the error path for fetching a resource, detect and warn
specifically when the location is configured via a regex.
(dav_cmd_davbasepath): New function.
URL: http://svn.apache.org/viewvc?rev=1911934&view=rev
Log:
Backport to v2.4:
*) mod_alias: Add RedirectRelative to allow relative redirect targets to be
issued as-is.
Trunk version of patch:
https://svn.apache.org/r1861542
https://svn.apache.org/r1861569
Backport version for 2.4.x of patch:
Trunk version of patch works
svn merge -c 1861542,r1861569 ^/httpd/httpd/trunk .
+1: minfrin, covener, icing
Stefan Eissing [Tue, 29 Aug 2023 07:23:10 +0000 (07:23 +0000)]
Merge from trunk:
*) mod_http2: added support for bootstrapping WebSockets via HTTP/2, as
described in RFC 8441. A new directive 'H2WebSockets on|off' has been
added. The feature is by default not enabled.
As also discussed in the manual, this feature should work for setups
using "ProxyPass backend-url upgrade=websocket" without further changes.
Special server modules for WebSockets will have to be adapted,
most likely, as the handling if IO events is different with HTTP/2.
HTTP/2 WebSockets are supported on platforms with native pipes. This
excludes Windows.
New directive `H2ProxyRequests on|off` to enable handling
of HTTP/2 requests in a forward proxy configuration.
General forward proxying is enabled via `ProxyRequests`. If the
HTTP/2 protocol is also enabled for such a server/host, this new
directive is needed in addition.
Graham Leggett [Sat, 26 Aug 2023 18:19:50 +0000 (18:19 +0000)]
Backport to v2.4:
*) mod_alias: Add RedirectRelative to allow relative redirect targets to be
issued as-is.
Trunk version of patch:
https://svn.apache.org/r1861542
https://svn.apache.org/r1861569
Backport version for 2.4.x of patch:
Trunk version of patch works
svn merge -c 1861542,r1861569 ^/httpd/httpd/trunk .
+1: minfrin, covener, icing
Rainer Jung [Thu, 24 Aug 2023 10:09:45 +0000 (10:09 +0000)]
Merge r1909429 and r1909606 from trunk:
mod_status: Remove duplicate keys "BusyWorkers" and "IdleWorkers".
Resolve inconsistency between the previous two occurrences by
counting workers in state SERVER_GRACEFUL no longer as busy,
but instead in a new counter "GracefulWorkers" (or on HTML
view as "workers gracefully restarting"). Also add the graceful
counter as a new column to the existing HTML per process table
for async MPMs.
* mod_md:
- New directive `MDMatchNames all|servernames` to allow more control over how
MDomains are matched to VirtualHosts.
- New directive `MDChallengeDns01Version`. Setting this to `2` will provide
the command also with the challenge value on `teardown` invocation. In version
1, the default, only the `setup` invocation gets this parameter.
Refs #312. Thanks to @domrim for the idea.
- For Managed Domain in "manual" mode, the checks if all used ServerName and
ServerAlias are part of the MDomain now reports a warning instead of an error
(AH10040) when not all names are present.
- MDChallengeDns01 can now be configured for individual domains.
Using PR from Jérôme Billiras (@bilhackmac) and adding test case and fixing proper working
- Fixed a bug found by Jérôme Billiras (@bilhackmac) that caused the challenge
teardown not being invoked as it should.
* mod_md: fixed passing of the server environment variables to programs
started via MDMessageCmd and MDChallengeDns01 on *nix system.
See <https://github.com/icing/mod_md/issues/319>.
projects / thirdparty / apache / httpd.git / log
