optionally modified by a module when the effective IP of the client
is not the same as the real IP of the client (such as a load balancer).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1204968 13f79535-47bb-0310-9956-ffa450edef68
* remove "proxy:", "FCGI", etc. prefixes and pid which are now
included in the error log format
* propagate frontend request's logconfig to backend request
* use ap_log_rerror where possible
* remove obsolete APLOG_NOERRNO
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1203859 13f79535-47bb-0310-9956-ffa450edef68
of the backend connection, instead of misusing the pool of the frontend
request. Fixes a thread safety issue where buckets set aside in the
backend connection leak into other threads, and then disappear when
the frontend request is cleaned up, in turn causing corrupted buckets
to make other threads spin.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1055250 13f79535-47bb-0310-9956-ffa450edef68
2.2.x: If the SSL handshake to the backend fails we cannot even
sent an HTTP request. So the check needs to happen already when
we sent data not when we receive data.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1053584 13f79535-47bb-0310-9956-ffa450edef68
to the pool we cannot longer rely on it as another thread could have leased
the connection in the meantime and might have modified it.
BUT: We only use this flag once we returned the connection to the pool.
So signal that we returned the connection to the pool by something that is
local to the thread, in this case set backend to NULL if we already have
returende the connection.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1052314 13f79535-47bb-0310-9956-ffa450edef68
failed such that mod_proxy can put the worker in error state.
PR: 50332
Submitted by: Daniel Ruggeri <DRuggeri primary.net>
Reviewed by: rpluem
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1039304 13f79535-47bb-0310-9956-ffa450edef68
any buckets still outstanding to ensure they've been copied out of the
backend connection's pool and it is safe to release the backend connection.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1035605 13f79535-47bb-0310-9956-ffa450edef68
early by forcing a setaside on transient buckets placed in the brigade
by mod_ssl. This has the effect of extending the lifetime of buckets until
the end of the request. This is a variation on the original fix for this
problem, which added transient buckets to be setaside later in the process.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1035504 13f79535-47bb-0310-9956-ffa450edef68
from the origin server
apr_date_checkmask() already verified the expected text and digit
positions; all that is needed is to cheaply find which digits
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@999694 13f79535-47bb-0310-9956-ffa450edef68
canon function and use that for the 100-Continue OK
check.
Should likely also start using this in the various
other places we do this "have body" check thruout
the codebase...
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@986699 13f79535-47bb-0310-9956-ffa450edef68
be more safe on different platforms.
Note: This commit has an additional, platform-independent change to
mark the back-end connection for closing ("backend->close = 1;").
That code is not required to resolve CVE-2010-2068 on any platform.
PR: 49417
Addresses CVE-2010-2068
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@953418 13f79535-47bb-0310-9956-ffa450edef68
from a reverse proxied URL, that the subrequest respects the status
of the original request. This brings the behaviour of proxy_handler
in line with default_handler. PR 47106.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@909899 13f79535-47bb-0310-9956-ffa450edef68
