9 hours agoSpecify make flags globally and work around PR 63942 for regeneration trunk trunk
Joe Orton [Wed, 20 Nov 2019 09:38:14 +0000 (09:38 +0000)]
Specify make flags globally and work around PR 63942 for regeneration
of server/util_expr parser.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1870047 13f79535-47bb-0310-9956-ffa450edef68

30 hours ago *) mod_md: v2.2.4 from github, Fixes a compile time issue with OpenSSL 1.0.2 in
Stefan Eissing [Tue, 19 Nov 2019 12:39:32 +0000 (12:39 +0000)]
  *) mod_md: v2.2.4 from github, Fixes a compile time issue with OpenSSL 1.0.2 in
     the new OCSP code. Skips port checks for domain server_rec selection when "tls-alpn-01"
     is configured explicitly (related to #133). [@mkauf, Stefan Eissing]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1870020 13f79535-47bb-0310-9956-ffa450edef68

2 days ago* Fix another typo
Ruediger Pluem [Mon, 18 Nov 2019 08:22:01 +0000 (08:22 +0000)]
* Fix another typo

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869958 13f79535-47bb-0310-9956-ffa450edef68

3 days agoFix some typo in CHANGES file.
Christophe Jaillet [Sun, 17 Nov 2019 09:44:54 +0000 (09:44 +0000)]
Fix some typo in CHANGES file.

None of these typo seem to be part of 2.4.x.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869922 13f79535-47bb-0310-9956-ffa450edef68

3 days agoFix a <code> block that should be wider.
Christophe Jaillet [Sun, 17 Nov 2019 09:23:46 +0000 (09:23 +0000)]
Fix a <code> block that should be wider.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869921 13f79535-47bb-0310-9956-ffa450edef68

4 days agofr doc rebuild.
Lucien Gentis [Sat, 16 Nov 2019 13:53:04 +0000 (13:53 +0000)]
fr doc rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869894 13f79535-47bb-0310-9956-ffa450edef68

4 days agofr doc XML files updates.
Lucien Gentis [Sat, 16 Nov 2019 13:51:57 +0000 (13:51 +0000)]
fr doc XML files updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869893 13f79535-47bb-0310-9956-ffa450edef68

5 days agoTry mailing dev@ for Travis build results.
Joe Orton [Fri, 15 Nov 2019 10:22:46 +0000 (10:22 +0000)]
Try mailing dev@ for Travis build results.

The defaults are to mail:
- on success (if changed from failure)
- on failure (always)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869846 13f79535-47bb-0310-9956-ffa450edef68

5 days agomod_ssl: Log private key material to file set by $SSLKEYLOGFILE in the
Joe Orton [Fri, 15 Nov 2019 09:46:30 +0000 (09:46 +0000)]
mod_ssl: Log private key material to file set by $SSLKEYLOGFILE in the
environment, using the standard format which can be parsed by (e.g.)
wireshark for decoding SSL/TLS traffic; supported from OpenSSL 1.1.1.

* modules/ssl/ssl_private.h: Add keylog_file to SSLModConfigRec.

* modules/ssl/ssl_engine_init.c (ssl_init_Module): Open log file if
  SSLKEYLOGFILE is set in the environment.
  (ssl_init_ctx_protocol): Register the keylog callback with OpenSSL.

* modules/ssl/ssl_engine_kernel.c (modssl_callback_keylog):
  New function.

PR: 63391
Github: closes #74

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869842 13f79535-47bb-0310-9956-ffa450edef68

5 days agoFix some spelling errors
Christophe Jaillet [Thu, 14 Nov 2019 21:29:15 +0000 (21:29 +0000)]
Fix some spelling errors
(see PR 63923)

in suexec.xml, remove a useless comment and slighly improve layout

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869816 13f79535-47bb-0310-9956-ffa450edef68

6 days agoFix 2 spelling errors
Christophe Jaillet [Thu, 14 Nov 2019 18:25:56 +0000 (18:25 +0000)]
Fix 2 spelling errors
(see PR 63923)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869811 13f79535-47bb-0310-9956-ffa450edef68

6 days agoAdd build job for trunk on Xenial with custom APR/APR-util builds.
Joe Orton [Thu, 14 Nov 2019 14:35:19 +0000 (14:35 +0000)]
Add build job for trunk on Xenial with custom APR/APR-util builds.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869801 13f79535-47bb-0310-9956-ffa450edef68

6 days agoAlso avoid adding the Set-Cookie header in both r->headers_out and
Joe Orton [Thu, 14 Nov 2019 08:39:46 +0000 (08:39 +0000)]
Also avoid adding the Set-Cookie header in both r->headers_out and
r->err_headers_out in ap_cookie_remove and ap_cookie_remove2 functions
to avoid duplication in HTTP response.  (Follow-up to r1843244)

Closes #73
PR: 60910
Submitted by: Lubos Uhliarik <luhliari redhat.com>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869785 13f79535-47bb-0310-9956-ffa450edef68

7 days ago* Rebuild docs
Ruediger Pluem [Wed, 13 Nov 2019 13:46:58 +0000 (13:46 +0000)]
* Rebuild docs

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869742 13f79535-47bb-0310-9956-ffa450edef68

7 days ago* Fix typo
Ruediger Pluem [Wed, 13 Nov 2019 13:35:52 +0000 (13:35 +0000)]
* Fix typo

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869740 13f79535-47bb-0310-9956-ffa450edef68

7 days ago* Rebuild docs
Ruediger Pluem [Wed, 13 Nov 2019 13:23:50 +0000 (13:23 +0000)]
* Rebuild docs

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869738 13f79535-47bb-0310-9956-ffa450edef68

7 days agoTest IRC and e-mail notifications.
Joe Orton [Wed, 13 Nov 2019 08:50:25 +0000 (08:50 +0000)]
Test IRC and e-mail notifications.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869729 13f79535-47bb-0310-9956-ffa450edef68

7 days ago* server/util_expr_parse.[ch]: Regenerate after r1869724.
Joe Orton [Wed, 13 Nov 2019 08:02:43 +0000 (08:02 +0000)]
* server/util_expr_parse.[ch]: Regenerate after r1869724.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869725 13f79535-47bb-0310-9956-ffa450edef68

7 days agoNon terminal cannot have string aliases (only tokens appear in error
Joe Orton [Wed, 13 Nov 2019 08:01:13 +0000 (08:01 +0000)]
Non terminal cannot have string aliases (only tokens appear in error
messages).  %token is used to define tokens, and %nterm non terminals.
The hidden %type (which was only recently documented) is meant for
both tokens and non terminals.  Yet

    %type <foo> expr "expression"

is actually more or less equivalent to

    %nterm <foo> expr
    %token <foo> "expression"

which is clearly not the intention of the author here.

* server/util_expr_parse.y: Remove useless string-literal only tokens.
Prefer %nterm to %type to avoid this error.

PR: #72
Submitted by: Akim Demaille <akim.demaille gmail.com>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869724 13f79535-47bb-0310-9956-ffa450edef68

8 days agoMinor Travis doc updates and a todo list. [skip ci]
Joe Orton [Tue, 12 Nov 2019 17:18:32 +0000 (17:18 +0000)]
Minor Travis doc updates and a todo list. [skip ci]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869708 13f79535-47bb-0310-9956-ffa450edef68

8 days agoInstall PCRE v2 (10.x) by default, add a job testing with PCRE "v1" (8.x).
Joe Orton [Tue, 12 Nov 2019 15:09:03 +0000 (15:09 +0000)]
Install PCRE v2 (10.x) by default, add a job testing with PCRE "v1" (8.x).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869703 13f79535-47bb-0310-9956-ffa450edef68

8 days agoAdd buildconf option to force (rather than suppress) regeneration of
Joe Orton [Tue, 12 Nov 2019 12:45:57 +0000 (12:45 +0000)]
Add buildconf option to force (rather than suppress) regeneration of
the ap_expr parser.  Add a Travis job which uses this, so a patch
which changes the parser sources is tested appropriately (e.g PR#72).

* buildconf: Add --with-regen-expr to force ap_expr regeneration.

* .travis.yml, test/travis_run_linux.sh: Pass BUILDCONF to buildconf
  and add job which uses the new option.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869697 13f79535-47bb-0310-9956-ffa450edef68

8 days agoUpdate APR version requirement to 1.6 or later per rough consensus on
Joe Orton [Tue, 12 Nov 2019 09:02:31 +0000 (09:02 +0000)]
Update APR version requirement to 1.6 or later per rough consensus on
dev@ (see list thread from msgid <20191108094020.GA12979@redhat.com>).

* configure.in: Fail with APR < 1.6.

* .travis.yml: Build on Bionic by default, only build w/APR 1.5.x for
  the 2.4.x branch.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869684 13f79535-47bb-0310-9956-ffa450edef68

11 days agofr doc rebuild.
Lucien Gentis [Sat, 9 Nov 2019 16:40:38 +0000 (16:40 +0000)]
fr doc rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869608 13f79535-47bb-0310-9956-ffa450edef68

11 days agofr doc XML updates.
Lucien Gentis [Sat, 9 Nov 2019 16:34:55 +0000 (16:34 +0000)]
fr doc XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869607 13f79535-47bb-0310-9956-ffa450edef68

11 days agomisplaced </usage> tag.
Lucien Gentis [Sat, 9 Nov 2019 16:31:29 +0000 (16:31 +0000)]
misplaced </usage> tag.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869606 13f79535-47bb-0310-9956-ffa450edef68

12 days agoFix yaml typo.
Joe Orton [Fri, 8 Nov 2019 14:30:34 +0000 (14:30 +0000)]
Fix yaml typo.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869565 13f79535-47bb-0310-9956-ffa450edef68

12 days agoAdd shared-mpms build, add build against APR trunk (httpd trunk only).
Joe Orton [Fri, 8 Nov 2019 14:29:17 +0000 (14:29 +0000)]
Add shared-mpms build, add build against APR trunk (httpd trunk only).
Fix handling and ensure safe caching of APR trunk build.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869564 13f79535-47bb-0310-9956-ffa450edef68

12 days agoStart sketching out some travis docs and check we can -> [skip ci]
Joe Orton [Fri, 8 Nov 2019 12:37:04 +0000 (12:37 +0000)]
Start sketching out some travis docs and check we can -> [skip ci]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869550 13f79535-47bb-0310-9956-ffa450edef68

12 days agoAdd APR 1.4/APR-util 1.4 build, but only for 2.4.x.
Joe Orton [Fri, 8 Nov 2019 12:34:25 +0000 (12:34 +0000)]
Add APR 1.4/APR-util 1.4 build, but only for 2.4.x.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869548 13f79535-47bb-0310-9956-ffa450edef68

12 days agoRevert r1869541 and always run httpd's buildconf against the Debian APR,
Joe Orton [Fri, 8 Nov 2019 11:23:19 +0000 (11:23 +0000)]
Revert r1869541 and always run httpd's buildconf against the Debian APR,
which does include the *.m4 files.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869543 13f79535-47bb-0310-9956-ffa450edef68

12 days agoRun buildconf using the specific APR/APR-util versions if configured.
Joe Orton [Fri, 8 Nov 2019 11:02:16 +0000 (11:02 +0000)]
Run buildconf using the specific APR/APR-util versions if configured.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869541 13f79535-47bb-0310-9956-ffa450edef68

12 days agoBuild APR-util 1.7.x --with-crypto otherwise the "mod_crypto" build fails,
Joe Orton [Fri, 8 Nov 2019 10:49:22 +0000 (10:49 +0000)]
Build APR-util 1.7.x --with-crypto otherwise the "mod_crypto" build fails,
though this is a bug: https://travis-ci.org/apache/httpd/jobs/609166867

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869540 13f79535-47bb-0310-9956-ffa450edef68

12 days agoBuild all modules when testing APR variations.
Joe Orton [Fri, 8 Nov 2019 10:22:48 +0000 (10:22 +0000)]
Build all modules when testing APR variations.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869539 13f79535-47bb-0310-9956-ffa450edef68

12 days agoAdd Travis support for multiple APR/APR-util versions.
Joe Orton [Fri, 8 Nov 2019 09:46:50 +0000 (09:46 +0000)]
Add Travis support for multiple APR/APR-util versions.
Add an APR build with --enable-pool-debug.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869533 13f79535-47bb-0310-9956-ffa450edef68

12 days agoSupport 2.4.x builds, which lacks --with-test-suite support.
Joe Orton [Fri, 8 Nov 2019 07:45:55 +0000 (07:45 +0000)]
Support 2.4.x builds, which lacks --with-test-suite support.
Build with --enable-load-all-modules only when the test suite is run.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869527 13f79535-47bb-0310-9956-ffa450edef68

13 days agomod_authz_core: follow up to r1864759.
Yann Ylavic [Thu, 7 Nov 2019 17:10:21 +0000 (17:10 +0000)]
mod_authz_core: follow up to r1864759.

We should at least log the unexpected provider_name == NULL condition.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869512 13f79535-47bb-0310-9956-ffa450edef68

13 days agoNever checkin generated files applied to build/apr_common.m4.
Yann Ylavic [Thu, 7 Nov 2019 12:09:29 +0000 (12:09 +0000)]
Never checkin generated files applied to build/apr_common.m4.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869500 13f79535-47bb-0310-9956-ffa450edef68

13 days agoUse latest/compatible apr_common.m4.
Yann Ylavic [Thu, 7 Nov 2019 11:01:48 +0000 (11:01 +0000)]
Use latest/compatible apr_common.m4.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869499 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agofr doc rebuild.
Lucien Gentis [Wed, 6 Nov 2019 12:17:06 +0000 (12:17 +0000)]
fr doc rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869462 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoSmall changes.
Lucien Gentis [Wed, 6 Nov 2019 12:15:28 +0000 (12:15 +0000)]
Small changes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869461 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoMove before/run scripts out of .travis.yml.
Joe Orton [Wed, 6 Nov 2019 11:45:21 +0000 (11:45 +0000)]
Move before/run scripts out of .travis.yml.

Reviewed by: elukey

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869459 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoUpdate travis config
Luca Toscano [Wed, 6 Nov 2019 10:21:20 +0000 (10:21 +0000)]
Update travis config

* Add 'if TRAVIS_OS_NAME' to before_install/before_script/script to allow multi-os testing.
* Add separation lines in matrix config (better visual impact).
* Add Linux to all the current job's name.
* Add tests for Worker mpm.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869456 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agofr doc rebuild.
Lucien Gentis [Wed, 6 Nov 2019 10:00:48 +0000 (10:00 +0000)]
fr doc rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869446 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoSmall changes.
Lucien Gentis [Wed, 6 Nov 2019 09:59:23 +0000 (09:59 +0000)]
Small changes.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869445 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoPull in more -dev packages to get more modules building (including mod_md).
Joe Orton [Wed, 6 Nov 2019 09:28:54 +0000 (09:28 +0000)]
Pull in more -dev packages to get more modules building (including mod_md).
Test gcc 7 on bionic, xenial is the Travis default anyway.
Only add the toolchain PPA where really needed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869441 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoAdd comment, no functional change.
Joe Orton [Tue, 5 Nov 2019 16:44:22 +0000 (16:44 +0000)]
Add comment, no functional change.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869421 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agomod_proxy: Improve tunneling loop.
Yann Ylavic [Tue, 5 Nov 2019 16:41:14 +0000 (16:41 +0000)]
mod_proxy: Improve tunneling loop.

Support half closed connections and pending data draining (for protocols like
rsync). PR 61616.

When reading on one side goes faster than writing on the other side, the output
filters chain may start buffering data and finally block, which will break
bidirectional tunneling for some protocols.

To avoid this, proxy_tunnel_run() now stops polling/reading until pending data
are drained, and recovers appropriately.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869420 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agomod_proxy: Add proxy check_trans hook.
Yann Ylavic [Tue, 5 Nov 2019 12:43:29 +0000 (12:43 +0000)]
mod_proxy: Add proxy check_trans hook.

This allows proxy modules to decline request handling at early stage.
Then mod_proxy_wstunnel can implement that hook to verify that an Upgrade
is requested, and otherwise hand over to mod_proxy_http.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869399 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoupdate after backport of mod_md
Stefan Eissing [Tue, 5 Nov 2019 10:23:00 +0000 (10:23 +0000)]
update after backport of mod_md

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869395 13f79535-47bb-0310-9956-ffa450edef68

2 weeks ago *) mod_md v2.2.3:
Stefan Eissing [Tue, 5 Nov 2019 10:06:15 +0000 (10:06 +0000)]
  *) mod_md v2.2.3:
     - Configuring MDCAChallenges replaces any previous existing challenge configuration. It
       had been additive before which was not the intended behaviour. [@mkauf]
     - Fixing order of ACME challenges used when nothing else configured. Code now behaves as
       documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
     - Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
     - Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
       "transfer-encoding" to POST requests. This failed in directy communication with
       Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869392 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoAdd a basic Travis config.
Joe Orton [Tue, 5 Nov 2019 08:55:54 +0000 (08:55 +0000)]
Add a basic Travis config.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869387 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agomod_proxy: factorize mod_proxy_{connect,wstunnel} tunneling code in proxy_util.
Yann Ylavic [Sun, 3 Nov 2019 15:48:53 +0000 (15:48 +0000)]
mod_proxy: factorize mod_proxy_{connect,wstunnel} tunneling code in proxy_util.

This commit adds struct proxy_tunnel_rec that contains the fields needed for a
poll() loop through the filters chains, plus functions ap_proxy_tunnel_create()
and ap_proxy_tunnel_run() to respectively initialize a tunnel and (re)start it.

Proxy connect and wstunnel modules now make use of this new API to avoid
duplicating logic and code.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869338 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agomod_proxy_http: follow up to r1869216.
Yann Ylavic [Thu, 31 Oct 2019 16:16:05 +0000 (16:16 +0000)]
mod_proxy_http: follow up to r1869216.

Let's call stream_reqbody() for all rb_methods, no RB_SPOOL_CL special case.

This both simplifies code and allows to keep EOS into the input_brigade until
it's sent, and thus detect whether we already fetched the whole body if/when
proxy_http_handler() re-enters for different balancer members.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869224 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agoRevert r1869222, wrong files committed.
Yann Ylavic [Thu, 31 Oct 2019 16:10:08 +0000 (16:10 +0000)]
Revert r1869222, wrong files committed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869223 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agomod_proxy_http: follow up to r1869216.
Yann Ylavic [Thu, 31 Oct 2019 16:08:33 +0000 (16:08 +0000)]
mod_proxy_http: follow up to r1869216.

Let's call stream_reqbody() for all rb_methods, no RB_SPOOL_CL special case.

This both simplifies code and allows to keep EOS into the input_brigade until
it's sent, and thus detect whether we already fetched the whole body if/when
proxy_http_handler() re-enters for different balancer members.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869222 13f79535-47bb-0310-9956-ffa450edef68

2 weeks agomod_proxy_http: fix load-balancer fallback for requests with a body.
Yann Ylavic [Thu, 31 Oct 2019 14:15:07 +0000 (14:15 +0000)]
mod_proxy_http: fix load-balancer fallback for requests with a body.

Since r1656259 (or r1656259 in 2.4.41) and the move of prefetch before connect,
the balancer fallback case where proxy_http_handler() is re-entered with the
next balancer member broke.

We need to save the body (partially) prefetched the first time and reuse it on
successive calls, otherwise we might forward partial or empty body.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869216 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agomod_ssl: follow up to r1868645.
Yann Ylavic [Mon, 28 Oct 2019 14:58:19 +0000 (14:58 +0000)]
mod_ssl: follow up to r1868645.

CHANGES entry and docs' note.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869077 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agoUse <module> instead of <directive> for module names.
Christophe Jaillet [Mon, 28 Oct 2019 07:10:35 +0000 (07:10 +0000)]
Use <module> instead of <directive> for module names.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869062 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agoFix alignment in a <highlight> block.
Christophe Jaillet [Sun, 27 Oct 2019 20:48:23 +0000 (20:48 +0000)]
Fix alignment in a <highlight> block.
Add directive name in <default> so that 'quickreference.html' is generated with the corresponding default value.
Avoid some duplicated words (i.e. 'to to').
Fix some incorrect directive name in some description.
Fix the description of 'AuthFormBody' which was a copy&paste of 'AuthFormMethod'.
Remove some useless <var></var> around 'On|Off'.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869053 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agofr doc rebuild.
Lucien Gentis [Sun, 27 Oct 2019 15:36:59 +0000 (15:36 +0000)]
fr doc rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869042 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agofr doc XML updates.
Lucien Gentis [Sun, 27 Oct 2019 15:35:57 +0000 (15:35 +0000)]
fr doc XML updates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869041 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agowhitespace commit for fisheye, ignore
Daniel Gruno [Sat, 26 Oct 2019 21:44:02 +0000 (21:44 +0000)]
whitespace commit for fisheye, ignore

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869021 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agoFix an incorrect NULL checked.
Christophe Jaillet [Sat, 26 Oct 2019 20:39:23 +0000 (20:39 +0000)]
Fix an incorrect NULL checked.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869018 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agoHelp doc writer to spot places where:
Christophe Jaillet [Sat, 26 Oct 2019 19:19:03 +0000 (19:19 +0000)]
Help doc writer to spot places where:

   - a link to a directive from within its own <directivesynoptis> should be avoided
    This link is now silently removed

   - a link to a directive is missing
    Try to give some context where to find this missing link

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869016 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agoFix directive name in <syntax>
Christophe Jaillet [Sat, 26 Oct 2019 13:25:05 +0000 (13:25 +0000)]
Fix directive name in <syntax>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1869000 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agomod_ssl: follow up to r1868645 and r1868929.
Yann Ylavic [Fri, 25 Oct 2019 13:53:34 +0000 (13:53 +0000)]
mod_ssl: follow up to r1868645 and r1868929.

Merge ->protocol_set.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868934 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agoupdate after backport of current mod_md
Stefan Eissing [Fri, 25 Oct 2019 13:28:13 +0000 (13:28 +0000)]
update after backport of current mod_md

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868931 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agomod_ssl: follow up to r1868645.
Yann Ylavic [Fri, 25 Oct 2019 13:26:14 +0000 (13:26 +0000)]
mod_ssl: follow up to r1868645.

Keep the base server's SSLProtocol if none is configured on the vhost
selected by Hello/SNI callback.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868929 13f79535-47bb-0310-9956-ffa450edef68

3 weeks agomod_md: fixes compiler warning about initialization, version bumb.
Stefan Eissing [Fri, 25 Oct 2019 12:40:50 +0000 (12:40 +0000)]
mod_md: fixes compiler warning about initialization, version bumb.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868927 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoFix a broken link and use more standard casing for On|Off
Christophe Jaillet [Wed, 23 Oct 2019 19:10:42 +0000 (19:10 +0000)]
Fix a broken link and use more standard casing for On|Off

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868821 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoChange the position of the 'response_code_exprs' field in the 'core_dir_config' struc...
Christophe Jaillet [Wed, 23 Oct 2019 18:58:16 +0000 (18:58 +0000)]
Change the position of the 'response_code_exprs' field in the 'core_dir_config' structure.

This synch trunk with 2.4.x but it also makes the structure smaller because 2 bietfields are merged.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868819 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoSwap 2 modules in order to synch with 2.4.x.
Christophe Jaillet [Wed, 23 Oct 2019 11:10:14 +0000 (11:10 +0000)]
Swap 2 modules in order to synch with 2.4.x.

Keep alphabetical order.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868794 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agomod_ssl: follow up to r1868645.
Yann Ylavic [Tue, 22 Oct 2019 10:14:53 +0000 (10:14 +0000)]
mod_ssl: follow up to r1868645.

Restore ssl_callback_ServerNameIndication() even with OpenSSL 1.1.1+, which
depends on its return value (OK/NOACK), mainly on session resumption, for
SSL_get_servername() to consider or ignore the SNI (returning NULL thus
making SSLStrictSNIVHostCheck fail for possibly legitimate cases).

This means that init_vhost() should accurately return whether the SNI exists
in the configured vhosts, even when it's called multiple times (e.g. first
from ClientHello callback and then from SNI callback), so save that state in
sslconn->vhost_found and reuse it.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868743 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoAxe some outdated references to httpd 1.2.x and 2.0.x.
Christophe Jaillet [Mon, 21 Oct 2019 18:56:48 +0000 (18:56 +0000)]
Axe some outdated references to httpd 1.2.x and 2.0.x.

AFAIK, in 2.4.x, references to older branches are limited to 2.2.x. and 2.0.44 is 16 years old.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868717 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agofr doc rebuild.
Lucien Gentis [Mon, 21 Oct 2019 11:03:17 +0000 (11:03 +0000)]
fr doc rebuild.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868695 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agofr doc adding a new translated file.
Lucien Gentis [Mon, 21 Oct 2019 11:01:21 +0000 (11:01 +0000)]
fr doc adding a new translated file.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868694 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoUse native EOL for intended-duplicates.
Yann Ylavic [Sun, 20 Oct 2019 16:40:39 +0000 (16:40 +0000)]
Use native EOL for intended-duplicates.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868664 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoPut intended duplicates AHs in their own file (outside the script).
Yann Ylavic [Sun, 20 Oct 2019 16:33:45 +0000 (16:33 +0000)]
Put intended duplicates AHs in their own file (outside the script).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868662 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoAH01241 is intentionally duplicated.
Yann Ylavic [Sun, 20 Oct 2019 15:39:54 +0000 (15:39 +0000)]
AH01241 is intentionally duplicated.

Depending on the configured child error output, messages go to ErrorLog or
stderr, but AH should be the same.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868656 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoupdate-log-msg-tags: allow to reference intended duplicate tags.
Yann Ylavic [Sun, 20 Oct 2019 15:33:19 +0000 (15:33 +0000)]
update-log-msg-tags: allow to reference intended duplicate tags.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868655 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agomod_md: resolve duplicate tag.
Yann Ylavic [Sun, 20 Oct 2019 15:28:15 +0000 (15:28 +0000)]
mod_md: resolve duplicate tag.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868654 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agomod_proxy_http: follow up to r1868576.
Yann Ylavic [Sun, 20 Oct 2019 13:06:29 +0000 (13:06 +0000)]
mod_proxy_http: follow up to r1868576.

Omit sending 100 continue if the body is (partly) prefetched, per
RFC 7231 (section 5.1.1).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868653 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agomod_proxy_http: revert r1868625.
Yann Ylavic [Sun, 20 Oct 2019 12:31:45 +0000 (12:31 +0000)]
mod_proxy_http: revert r1868625.

The HTTP_IN filter handles "100 Continue" the first time it's called only,
and in spool_reqbody_cl() we have already tried to prefetch the body, so
it's too late.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868652 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agomod_ssl: negotiate the TLS protocol version per name based vhost configuration.
Yann Ylavic [Sun, 20 Oct 2019 10:50:33 +0000 (10:50 +0000)]
mod_ssl: negotiate the TLS protocol version per name based vhost configuration.

By using the new ClientHello callback provided by OpenSSL 1.1.1, which runs at
the earliest connection stage, we can switch the SSL_CTX of the SSL connection
early enough for OpenSSL to take into account the protocol configuration of the

In other words:
    SSL_set_SSL_CTX(c->SSL, s->SSL_CTX)
followed by:
works as expected at this stage (while the same from the SNI callback is
ignored by/due to OpenSSL's state machine).

Extracting the SNI (to select the relevant vhost) in the ClientHello callback
is not as easy as calling SSL_get_servername() though, we have to work with
the raw TLS extensions helpers provided by OpenSSL. I stole this code from a
test in the OpenSSL source code (i.e. client_hello_select_server_ctx() in

We can then call init_vhost() as with the SNI callback (in use only for OpenSSL
versions earlier than 1.1.1 now), and pass it the extracted SNI.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868645 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agoSynch 2.4.x and trunk.
Christophe Jaillet [Sun, 20 Oct 2019 06:58:29 +0000 (06:58 +0000)]
Synch 2.4.x and trunk.

There is an extra space on trunk. Axe it.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868642 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agomod_proxy_http: follow up to r1868576.
Yann Ylavic [Sat, 19 Oct 2019 13:58:16 +0000 (13:58 +0000)]
mod_proxy_http: follow up to r1868576.

As suggested by Ruediger, let the HTTP_IN filter handle the 100 continue from

Also, according to rfc7231#section-5.1.1, we don't need the interim response
if we "already received some or all of the message body", which is now also
taken into account.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868625 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agofr doc new built file.
Lucien Gentis [Fri, 18 Oct 2019 11:08:26 +0000 (11:08 +0000)]
fr doc new built file.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868586 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agofr doc adding a new file.
Lucien Gentis [Fri, 18 Oct 2019 11:04:46 +0000 (11:04 +0000)]
fr doc adding a new file.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868585 13f79535-47bb-0310-9956-ffa450edef68

4 weeks agomod_proxy_http: Fix 100-continue deadlock for spooled request bodies. PR 63855.
Yann Ylavic [Fri, 18 Oct 2019 07:50:59 +0000 (07:50 +0000)]
mod_proxy_http: Fix 100-continue deadlock for spooled request bodies. PR 63855.

Send "100 Continue", if needed, before fetching/blocking on the request body in
spool_reqbody_cl(), otherwise mod_proxy and the client can wait for each other,
leading to a request timeout (408).

While at it, make so that ap_send_interim_response() uses the default status
line if none is set in r->status_line.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868576 13f79535-47bb-0310-9956-ffa450edef68

5 weeks ago *) mod_md: Adding the several new features.
Stefan Eissing [Wed, 16 Oct 2019 12:31:43 +0000 (12:31 +0000)]
  *) mod_md: Adding the several new features.
     The module offers an implementation of OCSP Stapling that can replace fully or
     for a limited set of domains the existing one from mod_ssl. OCSP handling
     is part of mod_md's monitoring and message notifications. If can be used
     for sites that do not have ACME certificates.
     The url for a CTLog Monitor can be configured. It is used in the server-status
     to link to the external status page of a certicate.
     The MDMessageCmd is called with argument "installed" when a new certificate
     has been activated on server restart/reload. This allows for processing of
     the new certificate, for example to applications that require it in different
     locations or formats.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868506 13f79535-47bb-0310-9956-ffa450edef68

5 weeks agoupdate mod_md tags
Stefan Eissing [Wed, 16 Oct 2019 10:13:24 +0000 (10:13 +0000)]
update mod_md tags

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868503 13f79535-47bb-0310-9956-ffa450edef68

5 weeks ago* Correctly initialize nomime member
Ruediger Pluem [Mon, 14 Oct 2019 20:14:58 +0000 (20:14 +0000)]
* Correctly initialize nomime member

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868457 13f79535-47bb-0310-9956-ffa450edef68

5 weeks agoHonor "Accept-Encoding: foo;q=0" as per RFC 7231; which means 'foo' is "not acceptabl...
Christophe Jaillet [Fri, 11 Oct 2019 20:21:14 +0000 (20:21 +0000)]
Honor "Accept-Encoding: foo;q=0" as per RFC 7231; which means 'foo' is "not acceptable".  PR 58158

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868313 13f79535-47bb-0310-9956-ffa450edef68

5 weeks agoFix pool concurrency problems
Ruediger Pluem [Fri, 11 Oct 2019 15:11:40 +0000 (15:11 +0000)]
Fix pool concurrency problems

Create a subpool of the connection pool for worker scoped DNS resolutions.
This is needed to avoid race conditions in using the connection pool by multiple
threads during ramp up.

Recheck after obtaining the lock if we still need to do things or if they
were already done by another thread while we were waiting on the lock.

* modules/proxy/proxy_util.c: Create a subpool of the connection pool for worker
  scoped DNS resolutions and use it.

* modules/proxy/mod_proxy.h: Define AP_VOLATILIZE_T and add dns_pool to
  struct proxy_conn_pool.

* modules/proxy/mod_proxy_ftp.c: Use dns_pool and consider that
  worker->cp->addr is volatile in this location of the code.

PR: 63503

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868296 13f79535-47bb-0310-9956-ffa450edef68

5 weeks ago* Add back logging goodness
Ruediger Pluem [Fri, 11 Oct 2019 14:40:10 +0000 (14:40 +0000)]
* Add back logging goodness

Add back logging goodness added by covener in r1865938.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868295 13f79535-47bb-0310-9956-ffa450edef68

5 weeks ago* Revert r1865944 and r1865938
Ruediger Pluem [Fri, 11 Oct 2019 14:36:32 +0000 (14:36 +0000)]
* Revert r1865944 and r1865938

Revert r1865944 and r1865938 in order to provide a better patch with less
locking and thus contention.


PR63503: fix pool concurrency problems in mod_proxy

reslist and resolver related calls could concurrently access the same pool.

Submitted By: Don Poitras <Don.Poitras sas.com>
Committed By: covener

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868294 13f79535-47bb-0310-9956-ffa450edef68

6 weeks agoFix a typo in a message.
Christophe Jaillet [Sat, 5 Oct 2019 13:42:00 +0000 (13:42 +0000)]
Fix a typo in a message.

Reported and fixed by Christian Bartolomäus (bartolin gmx.de)
PR 63806

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1868016 13f79535-47bb-0310-9956-ffa450edef68

6 weeks agoFix build broken w/o --enable-cgid-fdpassing by r1867968:
Joe Orton [Fri, 4 Oct 2019 09:56:42 +0000 (09:56 +0000)]
Fix build broken w/o --enable-cgid-fdpassing by r1867968:

* modules/generators/cgi_common.h: Only define CGI bucket type
  if WANT_CGI_BUCKET is defined.

* modules/generators/mod_cgi.c: Always include cgi_common.h, defining

* modules/generators/mod_cgid.c: Always include cgi_common.h, defining
  WANT_CGI_BUCKET iff HAVE_CGID_FDPASSING (--enable-cgid-fdpassing).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1867971 13f79535-47bb-0310-9956-ffa450edef68

6 weeks ago* modules/generators/cgi_common.h (discard_script_output): Simplify
Joe Orton [Fri, 4 Oct 2019 09:24:07 +0000 (09:24 +0000)]
* modules/generators/cgi_common.h (discard_script_output): Simplify
  slightly and ensure constant rather than unlimited memory
  consumption when discarding CGI script output (for e.g. a redirect

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1867970 13f79535-47bb-0310-9956-ffa450edef68