(parent directive).
Usually, this context is not also EXEC_ON_READ so it's not fully processed, so
e.g cmd->path is not fluffed up yet because the closing tag
of the section is not read yet and ap_check_cmd_context()
doesn't work)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1656058 13f79535-47bb-0310-9956-ffa450edef68
The code reverted attempted to restrict comparisons of the r->filename
to given DirectoryMatch blocks.
r->filename was already a non-directory entity at this point, because we
have already fallen out of the } while (thisinfo.filetype == APR_DIR);
block above.
The addition of r->d_is_directory was redundant. That is what is always
returned by ap_get_core_module_config(r->per_dir_config).
Note modifying dir_config required an MMN major bump as this commit could
have realigned the offset of refs (had it been added to the end, this
would correspond to an mmn minor bump) and other fields packed into the
same bytes (this is undefined). Bump on revert to prevent unexpected crashes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1653666 13f79535-47bb-0310-9956-ffa450edef68
opting in to connection reuse and other proxy options (max=, etc).
adds 'enablereuse' proxyoption and a minor MMN bump to share
proxy_desocketfy outside of mod_proxy.c, which is required to
match workers to URLs.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1647009 13f79535-47bb-0310-9956-ffa450edef68
less intrusive.
Submitted by: Yingqi Lu <yingqi.lu@intel.com>
Modified/Committed by: ylavic
Add ListenCoresBucketsRatio which is a configurable ratio between the number of
CPU cores (online) and the number of listeners buckets to create, defaulting to
zero (so that listeners buckets become an opt-in, ie. ncpus / ratio > 1).
This could also be made an opt-out by using the previous hardcoded value (8) as
default.
Make ap_close_listeners() act on all the listeners (including duplicated ones),
since the function is also called externally (eg. mod_cgid, mod_ssl_ct and
possibly any third party module) to cleanup opened descriptors when a process
is forked (the duplicated listeners are kept in a scoped/static variable).
Add ap_close_listeners_ex() to close a single bucket of listeners, used by the
children to close unused duplicates and internally by ap_close_listeners().
Make ap_duplicate_listeners() compute the number of buckets to be used, instead
of each MPM. This number is now based on the above ratio and will not change
unless asked to (given *num_buckets < 1, that is when the MPM does not run in
one-process mode nor after a graceful restart).
Remove some global variables (mpm_listen, enable_default_listeners) previously
used to communicate between MPMs and ap_listen, since ap_duplicate_listeners()
API can now be used to do so.
Also rename num_buckets as ap_num_listen_buckets, and prefix have_so_reuseport
with ap_ (both printed by ap_log_common(), hence kept global).
Detect ap_have_so_reuseport once only at startup.
Restore dummy_connection() as before r1599531 since sending POD signals should
not depend on the number of listeners buckets (there is still one single socket
receiving the connections).
For each MPM (concerned), move the bucket data (pod, listeners and eventually
accept mutex) into a struct and instanciate an array of them (sized by the
number of buckets), for each child to use its own data according to its bucket
index, and the parent to maintain the whole.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1635521 13f79535-47bb-0310-9956-ffa450edef68
and silently adjust the configured number of processes/threads to
be above the computed number of listener buckets (depending on the
CPU cores).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1629909 13f79535-47bb-0310-9956-ffa450edef68
Fix the comment that states that these vars are NULL on ASCII machine, they seem to be undefined instead.
Rework some comments.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1611916 13f79535-47bb-0310-9956-ffa450edef68
Generate the doc even if build on non-EBCDIC system + fix a comment about non-EBCDIC system. In this case, these vars are undefined, not NULL.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1611908 13f79535-47bb-0310-9956-ffa450edef68
Improve layout, fix typo, generate relevant doc even if build on non-EBCDIC system + add note that these functions are mostly noop on non-EBCDIC system.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1611858 13f79535-47bb-0310-9956-ffa450edef68
Improve layout, add trailing '.' in function description, capitalize first letter of description, fix typo, turn \0 into \\0.
Move the detailed description after @defgroup so that it is taken into account.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1611252 13f79535-47bb-0310-9956-ffa450edef68
core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier. Adds "MergeTrailers" directive to restore
legacy behavior.
Submitted By: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener
Committed By: covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610814 13f79535-47bb-0310-9956-ffa450edef68
proxy configuration, a remote attacker could send a carefully crafted
request which could crash a server process, resulting in denial of
service.
Thanks to Marek Kroemeke working with HP's Zero Day Initiative for
reporting this issue.
* server/util.c (ap_parse_token_list_strict): New function.
* modules/proxy/proxy_util.c (find_conn_headers): Use it here.
* modules/proxy/mod_proxy_http.c (ap_proxy_http_process_response):
Send a 400 for a malformed Connection header.
Submitted by: Edward Lu, breser, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610674 13f79535-47bb-0310-9956-ffa450edef68
which could lead to a heap buffer overflow. Thanks to Marek Kroemeke
working with HP's Zero Day Initiative for reporting this.
* include/scoreboard.h: Add ap_copy_scoreboard_worker.
* server/scoreboard.c (ap_copy_scoreboard_worker): New function.
* modules/generators/mod_status.c (status_handler): Use it.
* modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise.
Reviewed by: trawick, jorton, covener, jim
Submitted by: jorton, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610491 13f79535-47bb-0310-9956-ffa450edef68
end-of-request time, and only update it after a round-trip with the LDAP
server rather than every time we check back into the pool.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1607960 13f79535-47bb-0310-9956-ffa450edef68
When a socket callback has a timeout, an associated timer event is used to
remove the sockets from the pollset and call a timeout function.
* This includes a noteworthy change to the main event loop. Previously,
we would call epoll, then process the timer events, then iterate through the
poll results. After this patch, the timer events are processed before the poll()
a _non-queued_ action can change the pollset conents (a users timed callback
function conversely could easily sit in a queue while the main thread continues
down into epoll)
* timer events can now have sockets associated with them, those sockets are
removed from the pollset when the timer event fires w/o a queue to the worker.
* timer events now have a canceled flag that can be toggled without locking
the timer list.
* Drop the severity of some wstunnel messages from DEBUG to TRACE1
* Lift the restriction on using asynchronous websockets connections but having
an idle timeout
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1593857 13f79535-47bb-0310-9956-ffa450edef68
several stages of initialization and connection handling. See
mod_ssl_openssl.h.
This is enough to allow implementation of Certificate Transparency
outside of mod_ssl.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1587607 13f79535-47bb-0310-9956-ffa450edef68
The immediate use is for a SSL-related module which works
on the backend proxy connection to be able to "leak" information
into the client r for logging.
This could be useful with other proxy scheme handlers.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1586719 13f79535-47bb-0310-9956-ffa450edef68
Allows for several "connections" all resulting in
a single real connection that talks to the network.
Right now, nothing uses this though.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1565657 13f79535-47bb-0310-9956-ffa450edef68
