www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity
34,177 Commits 62 Branches 304 Tags
trunk
Commit Graph

203 Commits

Author SHA1 Message Date
Ruediger Pluem
aa4b05ee05 * Always trust content types that we set literally 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1918814 13f79535-47bb-0310-9956-ffa450edef68
 2024-07-02 06:35:53 +00:00
Graham Leggett
bcd06a1714 mod_ldap: Add a hint to install the apr_ldap module on init failure. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1914038 13f79535-47bb-0310-9956-ffa450edef68
 2023-11-22 12:14:02 +00:00
Joe Orton
df126569e2 Remove unnecessary APLOGNO() use in TRACE-level logging. 
Submitted by: Jackie Chang <jackie.qq.chang gmail.com>
PR: 55627


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1913338 13f79535-47bb-0310-9956-ffa450edef68
 2023-10-26 07:31:16 +00:00
Christophe Jaillet
b2d18fb704 LDAPConnectionPoolTTL should accept negative values in order to allow 
connections of any age to be reused. Up to now, a negative value was handled
as an error when parsing the configuration file.  PR 66421.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907024 13f79535-47bb-0310-9956-ffa450edef68
 2023-01-27 12:58:32 +00:00
Joe Orton
130eac3ae6 mod_ldap: Use the LDAP API directly to implement the rebind callback 
for modern versions of OpenLDAP, avoiding the overhead of the apr-util
implementation.

* modules/ldap/util_ldap.c:
  Define USE_APR_LDAP_REBIND if a modern version of OpenSSL is used.
  (uldap_rebind_proc): New function.
  (uldap_rebind_init, uldap_rebind_add): Define, using either the
  callback or the (bad) APR-util versions.
  (uldap_connection_unbind): Clear the rebind pool to remove rebind
  references prior to destroying the LDAP *.
  Omit for !USE_APR_LDAP_REBIND.
  (uldap_connection_init): Use new wrappers, only create the rebind
  pool if USE_APR_LDAP_REBIND.

* include/util_ldap.h: Don't include apr_ldap_rebind.h here.

PR: 64414
Github: closes #124


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1878890 13f79535-47bb-0310-9956-ffa450edef68
 2020-06-16 14:31:26 +00:00
Yann Ylavic
f461bcf12c Add missing pool tags to help debugging. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1876599 13f79535-47bb-0310-9956-ffa450edef68
 2020-04-16 12:32:33 +00:00
Mike Rumph
85760859ca Fix spelling errors found by codespell. [skip ci] 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1873985 13f79535-47bb-0310-9956-ffa450edef68
 2020-02-13 18:15:57 +00:00
Eric Covener
fbecdc0f1e PR62989: DOCTYPE tags in server-generated HTML. 
Submitted By: Andra Farkas <deepbluemistake gmail.com>, Giovanni Bechis <giovanni paclan.it>




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1873397 13f79535-47bb-0310-9956-ffa450edef68
 2020-01-31 02:38:05 +00:00
Christophe Jaillet
6689b08ae0 Avoid duplicated APLOGNO. 
In this case, the difference is tiny, but it could ease diagniostic (and numbers are cheap anyway)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1861336 13f79535-47bb-0310-9956-ffa450edef68
 2019-06-14 11:58:00 +00:00
Eric Covener
286891c947 PR63305: fix graceful restart crashes in LDAP 
The cache destruction was not protected by the lock used by other
cache callers.

Pull the static cleanup function into util_ldap.c so it's convenient to 
use the existing locking.

Submitted By: Martin Fúsek <mfusek newps.cz>
Commited By: covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1856735 13f79535-47bb-0310-9956-ffa450edef68
 2019-04-01 14:29:14 +00:00
Christophe Jaillet
674cbb4674 Axe some dead code. 
See PR 60086.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1832202 13f79535-47bb-0310-9956-ffa450edef68
 2018-05-24 20:59:44 +00:00
Eric Covener
5aaea4e053 fix bld break in r1831165 
I had to disable -Werror in maintainer mode for this file in darwin :/



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1831172 13f79535-47bb-0310-9956-ffa450edef68
 2018-05-08 12:48:13 +00:00
Eric Covener
b717273a7a style fix for r1831165 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1831171 13f79535-47bb-0310-9956-ffa450edef68
 2018-05-08 12:46:44 +00:00
Eric Covener
6e0a97c995 mod_ldap: log and abort locking errors. 
related to PR60296 investigation

RMM corruption is really nasty, so abort on locking failures.





git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1831165 13f79535-47bb-0310-9956-ffa450edef68
 2018-05-08 12:31:02 +00:00
Eric Covener
54a39cad84 10 years after r567503 , fix this properly. 
The lock is created in post_config, so we can't copy it
around in a merge_server_config() callback.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1824811 13f79535-47bb-0310-9956-ffa450edef68
 2018-02-19 20:54:58 +00:00
Eric Covener
fb9686170c PR61891: looping over mostly full LDAP cache 
*) mod_ldap: Fix a case where a full LDAP cache would continually fail to
     purge old entries and log AH01323. PR61891.



Submitted By: Hendrik Harms <hendrik.harms gmail.com>
Committed By: covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1818040 13f79535-47bb-0310-9956-ffa450edef68
 2017-12-13 16:55:48 +00:00
Christophe Jaillet
351a782394 Silence a sparse warning about inconsistent indenting + some minor style issues 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1700330 13f79535-47bb-0310-9956-ffa450edef68
 2015-08-31 20:21:30 +00:00
Eric Covener
eb1a60e0dc remove old static ldc->reason 
--This line, and those bdelow, will be ignored--

M    util_ldap.c


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1689698 13f79535-47bb-0310-9956-ffa450edef68
 2015-07-07 15:21:20 +00:00
Eric Covener
57acd8e40e stuff unexpected LDAP errors into ldc->reason, not just in trace messages. 
fix some enormously long lines introduced recently.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1689694 13f79535-47bb-0310-9956-ffa450edef68
 2015-07-07 14:43:31 +00:00
Eric Covener
393b02c535 *) mod_ldap: In some case, LDAP_NO_SUCH_ATTRIBUTE could be returned instead of 
an error during a compare operation. [Eric Covener]

+ accompanying trace.

Note: the if/else now matches (don't replace unknown compare errors with 
LDAP_NO_SUCH_ATTRIBUTE) the logic just above when pulling comparisons
out of the cache.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1687980 13f79535-47bb-0310-9956-ffa450edef68
 2015-06-28 00:56:09 +00:00
Christophe Jaillet
52b90ac8e5 Fix directive name in error message + fix some style issue 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1685659 13f79535-47bb-0310-9956-ffa450edef68
 2015-06-15 20:07:03 +00:00
Eric Covener
b7ebba0417 LDAP connection pool did not release/close connections with 
"LDAPConnectionPoolTTL 0".  PR58037.

Submitted by: Ted Phelps <phelps gnusto.com>
committed by: covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1685650 13f79535-47bb-0310-9956-ffa450edef68
 2015-06-15 18:21:27 +00:00
Eric Covener
cca3d2314a Give a better hint. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1676593 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-28 18:56:47 +00:00
Eric Covener
a29cb3fa4d In 2.4.10, AuthLDAPBindDN might not be used for some LDAP searches, causing 
LDAP authz failures if AuthLDAPBindDN was able to search through more of
LDAP than web users.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1613682 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-26 16:59:50 +00:00
Eric Covener
2eaa646655 make LDAPConnectionPoolTTL more conservative, use r->request_time rather than 
end-of-request time, and only update it after a round-trip with the LDAP
server rather than every time we check back into the pool.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1607960 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-05 00:06:15 +00:00
Eric Covener
650526b07a Don't use a hardcoded cn=* in case the subgroup has no CN. 
Submitted By: David Hawes <dhawes vt.edu>
Committed By: Eric Covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1528143 13f79535-47bb-0310-9956-ffa450edef68
 2013-10-01 16:41:37 +00:00
Jean-Frederic Clere
3fbdbdfe9c arrange previous fix. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1526499 13f79535-47bb-0310-9956-ffa450edef68
 2013-09-26 14:03:31 +00:00
Jeff Trawick
c833f4352b Follow-up to r1526436: Fix compilation error 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1526473 13f79535-47bb-0310-9956-ffa450edef68
 2013-09-26 13:11:15 +00:00
Jean-Frederic Clere
29a0aff51e Fix for PR 54626. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1526436 13f79535-47bb-0310-9956-ffa450edef68
 2013-09-26 09:56:41 +00:00
Eric Covener
751b6e7b44 revert comments in r1521973, may be more misleadin then good. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1522021 13f79535-47bb-0310-9956-ffa450edef68
 2013-09-11 20:24:40 +00:00
Eric Covener
7ae58cc772 comments only, before I task switch. 
Subgroup checking is cached, but very inefficient for large groups.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1521973 13f79535-47bb-0310-9956-ffa450edef68
 2013-09-11 18:22:18 +00:00
Eric Covener
ccd82e50ee "LDAPReferrals off" does not disable LDAPReferrals feature. Default OpenLDAP value for LDAP_OPT_REFERRALS is ON and the current code does not set it to OFF even when there is "LDAPReferrals off" directive in the config file. 
Changes LDAPReferrals to tri-state:

- "on" - default. Calls apr_ldap_set_option to set referrals on.
- "off" - Calls apr_ldap_set_option to turn referrals off.
- "default" - Does not call apr_ldap_set_option at all.


The default remains ON.  If "default" and SDK defaults to ON, no rebind callback 
is used.

Submitted By: Jan Kaluza <kaluze AT redhat.com>
Committed By: covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1517388 13f79535-47bb-0310-9956-ffa450edef68
 2013-08-25 22:42:29 +00:00
Eric Covener
db3fd786f6 remove nested retry loop, uldap_connection_open retries. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1510086 13f79535-47bb-0310-9956-ffa450edef68
 2013-08-04 01:24:25 +00:00
Eric Covener
ea3ec244ff add TRACE5 messages around each LDAP retry 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1510085 13f79535-47bb-0310-9956-ffa450edef68
 2013-08-04 01:23:41 +00:00
Eric Covener
c2f72868e5 retry during a timeout in uldap_cache_checkuserid(), like other paths that check 
server down and TIMEOUT together.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1510084 13f79535-47bb-0310-9956-ffa450edef68
 2013-08-04 01:02:57 +00:00
Eric Covener
9d2e831663 don't retry if uldap_connection_open() fails, because it has already 
retried internally


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1510083 13f79535-47bb-0310-9956-ffa450edef68
 2013-08-04 01:00:28 +00:00
Eric Covener
8d7c3860fe re-try LDAP connections in a few authz paths. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1496207 13f79535-47bb-0310-9956-ffa450edef68
 2013-06-24 20:40:05 +00:00
Eric Covener
b62a407779 Drop severity of "LDAP: Setting referrals to ON" from DEBUG to TRACE4 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1496178 13f79535-47bb-0310-9956-ffa450edef68
 2013-06-24 19:44:38 +00:00
Eric Covener
f12c832f5c uldap_simple_bind was subsequently rewritten to use the op_timeout with ldap_result() 
which is portable, which means LDAPTimeout is used for bind & search regardless of
this LDAP options availability.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1496177 13f79535-47bb-0310-9956-ffa450edef68
 2013-06-24 19:42:15 +00:00
Eric Covener
4e9b551354 prevent excessive delays retrying new connections that timed out. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1496176 13f79535-47bb-0310-9956-ffa450edef68
 2013-06-24 19:40:24 +00:00
Eric Covener
70366501e4 PR54587: LDAP connections used for authn were not respecting 
LDAPConnectionPoolTimeout due to confusion over what "bound" means.

Added some LDAP trace at TRACE5 to track how LDAP connections are
reused and rebound.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1452551 13f79535-47bb-0310-9956-ffa450edef68
 2013-03-04 21:54:24 +00:00
Christophe Jaillet
b22505292e No need to clear memory that is fully initialized just the line after. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1419719 13f79535-47bb-0310-9956-ffa450edef68
 2012-12-10 20:19:20 +00:00
Christophe Jaillet
b5eb633605 No need it apr_pcalloc here, the memory is fully initialized the line just after 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1398040 13f79535-47bb-0310-9956-ffa450edef68
 2012-10-14 09:07:02 +00:00
Jeff Trawick
9d937659e3 make LDAPSharedCacheFile relative to DefaultRuntimeDir 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1371684 13f79535-47bb-0310-9956-ffa450edef68
 2012-08-10 12:23:41 +00:00
Jeff Trawick
9361c458e6 bytes is not a unit of filename 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1369568 13f79535-47bb-0310-9956-ffa450edef68
 2012-08-05 12:59:20 +00:00
Stefan Fritsch
92e366007c Add lots of unique tags to error log messages 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1209766 13f79535-47bb-0310-9956-ffa450edef68
 2011-12-02 23:02:04 +00:00
Stefan Fritsch
bc84971437 Fix segfault with Solaris LDAP SDK when enabling ldaps. 
Enable SSL by passing secure=1 to apr_ldap_init instead of calling
apr_ldap_set_option(... APR_LDAP_OPT_TLS ...).

This change carefully avoids any change of behavior on non-Solaris LDAP SDKs.

PR: 42682


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1209601 13f79535-47bb-0310-9956-ffa450edef68
 2011-12-02 17:44:09 +00:00
Jim Jagielski
427c85bd23 Cleanup effort in prep for GA push: 
Trim trailing whitespace... no func change



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1174751 13f79535-47bb-0310-9956-ffa450edef68
 2011-09-23 13:39:32 +00:00
Eric Covener
93e479669b no termination of the loop in 1166823. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1166839 13f79535-47bb-0310-9956-ffa450edef68
 2011-09-08 18:26:54 +00:00
Eric Covener
81097d5190 mod_ldap: Optional function uldap_ssl_supported(r) always returned false 
if called from a virtual host with mod_ldap directives in it.  Did not
affect mod_authnz_ldap's usage of mod_ldap.  [Eric Covener]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1166823 13f79535-47bb-0310-9956-ffa450edef68
 2011-09-08 17:37:46 +00:00