Joe Orton [Wed, 19 Aug 2020 07:26:18 +0000 (07:26 +0000)]
Follow up to r1880368 by adjusting en.xml to match lang-targets.xml.
Ran "./build.sh bootstrap" which regenerates style/xsl/util/designations.xml
which in turn will then be used to regenerate the typemap files.
[skip ci]
Remove problematic version check for OpenSSL < 1.0.2
This addresses several concerns;
- There is no valid release of OpenSSL < 1.0.2 to incorporate security fixes,
particularly on Windows, and particularly as vetted by the project.
- File structure of opensslv.h has changed in such as a way as to completely
invalidate the CMake FindOpenSSL macros, so 3.0.0 cannot be determined.
Joe Orton [Wed, 5 Aug 2020 08:26:58 +0000 (08:26 +0000)]
Fail for more abort() errors in error_log.
Fail if a core dump is produced, and dump the backtrace if so.
(e.g. during parent or child process shutdown, core dumps will
not show up as test case failures so would not otherwise be caught)
Instead of using a temp buffer for each byte or char written, and calling
strlen over and over again to find the place where to copy this buffer,
write directly at the correct place in the final buffer, and take advantage
of 'apr_snprintf' returning the number of bytes copied.
This looks like a hot path when running the test framework (because of TRACE7), so it could be slighly useful in this use case :)
Eric Covener [Fri, 31 Jul 2020 01:21:25 +0000 (01:21 +0000)]
don't try to load modules from a NULL path
ap_server_root_relative() can fail if apr_filepath_merge fails,
which can happen with a "bad" drive/volume or who knows what
else on Windows. Regardless, if !fullname we are already
going to retry wih what was actually passed.
mod_proxy: follow up to r1879401: call filters on tunnel POLLERR.
proxy_util.c:
Set POLLERR in reqevents for pollset providers that require it to detect
socket errors (like select() based one).
Call filters to read/write on POLLERR socket event, so that they know about
the error by experiencing the failure. If no POLLIN|POLLOUT is returned
with POLLERR (depending on the system or pollset provider), go with the
requested read or write event handling.
Restore ap_proxy_transfer_between_connections() so that it always tries to
read first (i.e. move yielding conditions afterward).
Add proxy_tunnel_forward() helper that calls transfer_between_connections()
and handles errors pollset updates.
Call proxy_tunnel_forward() when write completion finishes and there are
pending input data.
mod_proxy.h:
Add read_buf_size to proxy_tunnel_rec (trunk only, no MMN minor bump).
Graham Leggett [Wed, 15 Jul 2020 13:56:55 +0000 (13:56 +0000)]
mod_dav: Some DAV extensions, like CalDAV, specify both document
elements and property elements that need to be taken into account
when generating a property. The document element and property element
are made available in the dav_liveprop_elem structure under the
DAV_PROP_ELEMENT key in the resource pool.
Graham Leggett [Wed, 15 Jul 2020 13:16:19 +0000 (13:16 +0000)]
mod_dav: Add utility functions dav_validate_root_ns(),
dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
dav_find_attr() so that other modules get to play too.
Stefan Eissing [Mon, 13 Jul 2020 15:36:53 +0000 (15:36 +0000)]
*) mod_http2:
Fixes <https://github.com/icing/mod_h2/issues/200>:
"LimitRequestFields 0" now disables the limit, as documented.
Fixes <https://github.com/icing/mod_h2/issues/201>:
Do not count repeated headers with same name against the field
count limit. The are merged internally, as if sent in a single HTTP/1 line.
* Makefile.in: Define the update-changes target to merge the change files
from the changes directory to the top of the CHANGES file and remove
them afterwards. If a Subversion binary was found during configure try
to svn rm them otherwise just delete them.
* configure.in: Search for the Subversion binary.
* acinclude.m4: Set the corresponding Makefile variable for the Subversion
binary.
* README.CHANGES: New file to document the new approach.
Joe Orton [Tue, 7 Jul 2020 16:00:55 +0000 (16:00 +0000)]
For TEST_SSL=1 runs, test SSLSessionCache with shmcb, memcached
and redis socache providers. Force TLSv1.2 for these runs since
TLSv1.3 doesn't use the cache.
Graham Leggett [Fri, 3 Jul 2020 12:44:53 +0000 (12:44 +0000)]
core: Remove support for the Content-MD5 header, removed in RFC7231.
Functions ap_md5digest() and ap_md5contextTo64() removed, and
ContentDigest directive.
Joe Orton [Thu, 2 Jul 2020 13:31:30 +0000 (13:31 +0000)]
Add additional test suite runs for the prefork & event pool-debug builds:
- run with SSLSessionCache defined (after r1879430)
- run with "SSLProtocol TLSv1.2"
mod_proxy_http: handle async tunneling of Upgrade(d) protocols.
When supported by the MPM (i.e. "event"), provide async callbacks and let
them be scheduled by ap_mpm_register_poll_callback_timeout(), while the
handler returns SUSPENDED.
The new ProxyAsyncDelay directive (if positive) enables async handling,
while ProxyAsyncIdleTimeout determines the timeout applied on both ends
while tunneling.
server/mpm_fdqueue.h;
Rename "remove" field to "pfds" in timer_event_t.
server/mpm/event/event.c:
update_reqevents_from_sense():
New helper to update pfd->reqevents according to the given cs->sense
for CONN_STATE_WRITE_COMPLETION, reusable in process_socket() and
event_resume_suspended().
event_resume_suspended():
Process lingering close if given cs->state = CONN_STATE_LINGER.
Call notify_suspend() before entering CONN_STATE_WRITE_COMPLETION.
event_register_poll_callback_ex():
Don't poll pfds with reqevents == 0.
listener_thread():
Run event_cleanup_poll_callback to both remove the registered pfds
and leave pfds->pool in a consistent state.
Process users callabacks after all PT_USER batons have been collected
in the result pfds loop, otherwise we might race with the callbacks
within the loop if multiple events/sockets concern the same baton, and
crash if pfds->pool is cleared.
modules/proxy/mod_proxy.h:
Rename AP_PROXY_TRANSFER_SHOULD_YIELD to AP_PROXY_TRANSFER_YIELD_PENDING
and add AP_PROXY_TRANSFER_YIELD_MAX_READS.
modules/proxy/mod_proxy_http.c:
modules/proxy/mod_proxy_wstunnel.c:
Removing of reqtimeout filter is now handled by ap_proxy_tunnel_create().
modules/proxy/proxy_util.c:
ap_proxy_transfer_between_connections():
Reorganize loop to break out early.
When AP_PROXY_TRANSFER_YIELD_PENDING, if !ap_filter_should_yield() we
still need to run and check ap_filter_output_pending() since it may
release pending data.
When AP_PROXY_TRANSFER_YIELD_MAX_READS, stop the loop after too much
reads (PROXY_TRANSFER_MAX_READS = 10000) to release the thread and
give the caller a chance to schedule the other direction.
Don't return APR_INCOMPLETE when it comes from an incomplete body
detected by ap_http_filter().
ap_proxy_tunnel_create():
Start with POLLOUT on both directions so that any pending output data
is flushed first.
ap_proxy_tunnel_run():
Remove re-init/clear of the pollset for each call so that the function
is reentrant.
Handle POLLOUT before POLLIN so that we can read in the same pass once
all buffered output data are flushed, using ap_filter_input_pending()
to drain buffered input data.
This is preparatory patch for async websocket tunneling is mod_proxy_http.
Yann Ylavic [Tue, 30 Jun 2020 16:05:56 +0000 (16:05 +0000)]
Follow up to r1877955: don't reuse the connection for mixed C-L / T-E requests
Disable keepalive on the connection if we received both Content-Length and
chunked Transfer-Encoding in the request, to avoid confusion with front
intermediaries and potential further request/response splitting.
This is what we do already for mod_proxy backend connections in the same case.
While at it, replace draft httpbis links with final RFC7230's.
Joe Orton [Tue, 30 Jun 2020 14:24:43 +0000 (14:24 +0000)]
Travis changes:
a) add job to check for empty APLOGNO() macros
b) don't install CPAN stuff if SKIP_TESTING is set
c) don't tail the error_log on test suite failure since it's almost
always irrelevant shutdown stuff and obscures the actual failures
d) use coloured grep output when showing segfaults to make them obvious in the
travis error_log output.
e.g. https://travis-ci.org/github/apache/httpd/jobs/703517978#L2537
Graham Leggett [Mon, 29 Jun 2020 16:21:52 +0000 (16:21 +0000)]
mod_dav: Add method_precondition hook. WebDAV extensions define
conditions that must exist before a WebDAV method can be executed.
This hook allows a WebDAV extension to verify these preconditions.
Graham Leggett [Sat, 27 Jun 2020 23:41:00 +0000 (23:41 +0000)]
"[mod_dav_fs etag handling] should really honor the FileETag setting".
- It now does.
- Add "Digest" to FileETag directive, allowing a strong ETag to be
generated using a file digest.
- Add ap_make_etag_ex() and ap_set_etag_fd() to allow full control over
ETag generation.
- Add concept of "binary notes" to request_rec, allowing packed bit flags
to be added to a request.
- First binary note - AP_REQUEST_STRONG_ETAG - allows modules to force
the ETag to a strong ETag to comply with RFC requirements, such as those
mandated by various WebDAV extensions.
Follow up after Joe's feedback in STATUS:
- If APR_DATE_BAD is returned for Last-Modified, log it at INFO level
(as opposed to trace).
- Remove unnecessary guard for APLOGrtrace1(r).
Yann Ylavic [Fri, 26 Jun 2020 12:51:08 +0000 (12:51 +0000)]
Follow up to r1879080 and r1879137: servlet-normalize r->uri if matched.
If a ProxyPass mapping=servlet matches (in pre_trans hook), update r->uri with
the servlet normalization so that later <Location> or any dir context match
does not have to handle potential path parameters.
projects / thirdparty / apache / httpd.git / log
