| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to cache serialized EVP_PKEYs not any char * blobs), and document.
* modules/ssl/ssl_util.c (ssl_asn1_table_set): Take the EVP_PKEY and
serialize internally. Use ap_realloc. Return the ssl_asn1_t *
pointer. Don't call apr_hash_set() for unchanged pointer case.
* modules/ssl/ssl_engine_pphrase.c (ssl_load_encrypted_pkey):
Adjust for the above.
* modules/ssl/ssl_private.h: Adjust as above, add docs.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830927 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
second argument.
* modules/ssl/ssl_engine_pphrase.c (ssl_load_encrypted_pkey): Adjust
accordingly.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830913 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Remove modssl_read_encrypted_pkey() and helpers, added in r1804087
but never used.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830912 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
Simplify code, no functional change.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830836 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for PKCS#11 URIs only, and PIN entry is not threaded through
SSLPassPhraseDialog config yet.
* modules/ssl/ssl_util.c (modssl_is_engine_key): New function.
* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLCertificateKeyFile):
Use it, skip check for file existence for engine keys.
* modules/ssl/ssl_engine_pphrase.c (modssl_load_engine_pkey):
New function.
* modules/ssl/ssl_engine_init.c (ssl_init_server_certs):
For engine keys, load via modssl_load_engine_pkey.
Submitted by: Anderson Sasaki <ansasaki redhat.com>, jorton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830819 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830816 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modifying the number of proxy balancers or balancer members on restart
could have prevented the server to load, notably on Windows. PR 62308.
The generation number integrated in the SHM filename allows to create a
new/resized SHM while the previous is still in use by previous generation
gracefully shutting down (Windows prevents SHM/file to be removed in this
case, but even on Unix(es) an unlinked file might not be re-openable while
an inode exists). The generation number is added/incremented only if the
size requirement changed, such that unrelated restarts continue to share
SHMs between generations.
The cleanup handling is also simplified because both the parent process and
the Windows child process need to cleanup everything on exit. This translates
to cleanup_slotmem() being always registered but in the dry load state
(AP_SQ_MS_CREATE_PRE_CONFIG), for both cases still.
[Reverted by r1831868]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830800 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
for a DSO build.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830747 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
ProxyHTMLURLMap.
Proposed by: Ewald Dieterich <ewald mailbox.org>
Reviewed by: ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830746 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
mod_http2: restoring the v1.10.16 keepalive timeout behavioud of mod_http2 (to be verified).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830562 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
mod_http2: adding an abort function to slave connections' pools, so out-of-memory
events lead to a control process abort, as on HTTP/1.x connections.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830534 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Use below pending_data logic for EOS bucket.
This closes #48
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830523 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830522 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
mod_http2: adding regular memory cleanup when transferring large response bodies. This
reduces memory footprint and avoids memory exhaustion when transferring large files
on 32-bit architectures. Fixes PR 62325.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830419 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1830417 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829898 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
can use it.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829895 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829790 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
If this handler will not handle the request, no need to waste bytes in the request pool.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829676 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
Keep using ap_rgetline() as before r1829573, since ap_rgetline_core() is
EBCDIC agnostic.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829657 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
ResponseFieldSize actually applies to headers (not body), so the comment was
valid but did match the code (addressed by r1829642 still).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829643 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
If f->r->proxyreq is PROXYREQ_PROXY or PROXYREQ_REVERSE in ap_http_filter(),
we are still handling the request, not the response where LimitRequestBody
does not apply.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829642 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes response header thrown away after the previous one was considered too
large and truncated.
PR 62196.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829573 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
for a vhost if SSLEnable is not used and no certs are configured,
even if the Listen protocol is "https". Restores behaviour to that
prior to r1809303 for configs which would now otherwise fail at
startup.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829513 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
to take SSLConnRec * out parameter rather than SSL *.
* modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Use it here.
(ssl_hook_Fixup): Adjust use.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829263 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
consistently.
* modules/ssl/ssl_util.c (modssl_request_is_tls): New function.
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup): Use it.
* modules/ssl/mod_ssl.c (ssl_hook_http_scheme, ssl_hook_default_port):
Use it.
PR: 61519
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829250 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
If any, pass pending meta bucket down the chain before leaving.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829039 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
All meta buckets are now aggregated (besides FLUSH) and forwarded down
the chain, and the output filter bails out on EOS.
Proposed by: Micha Lenk <micha lenk.info>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829038 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828927 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
Submitted By: Hank Ibell
Committed By: covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828926 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) core: Preserve the original HTTP request method in the '%<m' LogFormat
when an path-based ErrorDocument is used. PR 62186.
[Micha Lenk <micha lenk.info>]
Submitted By: Micha Lenk
Committed By: covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828920 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
across a reload so don't backport this to 2.4. Otherwise it's only
user-visible in logging output.
* modules/ssl/ssl_engine_init.c (ssl_init_Module): Derive the vhost_id
*after* potentially setting sc->enabled to default-on, since the
port used may change if not specified explicitly.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828913 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
no functional change.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828912 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
module-private global variables static. No functional change.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828909 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
Hot spare members are
used as drop-in replacements for unusable workers in the same load balancer set. This differs
from hot standbys which are only used when all workers in a set are unusable. PR 61140.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828890 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
mod_http2: always wake up any conditional waits when streams are aborted. Fixes race conditions where timeouts would trigger instead.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828879 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828793 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828792 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828791 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828790 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
to log the time difference between request start
and last request body byte read (finished upload).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828727 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Fix buildbot unused vars errors introduced by last checkin.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828723 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
SSLVerifyClient support for TLSv1.3 protocol now fails similarly to TLSv1.2 in my setups. (Read: I cannot get client certs to work, but I think this change is an improvement)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828720 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
mod_http2: accurate reporting of h2 data input/output per request via mod_logio. Fixes
an issue where output sizes where counted n-times on reused slave connections. See
gituhub issue: https://github.com/icing/mod_h2/issues/158
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828687 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
the 'init' function, but it is It is cleaner and more future proof.
Small style correction (remove extra spaces)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828624 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828485 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Regression introduced in 2.4.30. PR 62232.
The proxy SSL_CTX was not inherited from the vhost (the only available in
2.4.29) in/for any directory context besides <Proxy>...
Mostly debugged and fixed by Rainer, thanks!
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828390 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
* mod_http2: calculate unencrypted connection sniffing base64 only when log level is at required height. [Ruediger Pluem]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828232 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
mod_ssl: proper checks for libressl 2.07/8 and its TLSv1_3 support, see PR 62236.
[Bernard Spil <brnrd@freebsd.org>]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828222 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
mod_ssl: guard use of TLS1_3_VERSION with proper #ifdefs
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1828220 13f79535-47bb-0310-9956-ffa450edef68
|