www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2026-01-26 19:01:35 +03:00
Code Activity
8,172 Commits 62 Branches 306 Tags
94de8923dba848c60553c4f3cd594f45875cc428
Commit Graph

8172 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brian Pane
94de8923db Fix for a bug that I introduced when eliminating the single-byte 
reads in mod_cgi: eof wasn't treated as an error condition when
reading the script headers, so we were delivering a 200 when a
CGI script produced no output.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94342 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 22:48:39 +00:00
Doug MacEachern
140006b5b1 add/use EVP_PKEY_reference_inc and X509_reference_inc compat macros 
to get these changes working with sslc


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94341 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 08:11:44 +00:00
Doug MacEachern
d019ceb174 add sslc compat for sk_X509_INFO_free 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94340 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 07:42:30 +00:00
Doug MacEachern
3fa9f2ba65 add SSLProxyCARevocation{File,Path} directives to support CRLs in the proxy 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94338 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 06:46:24 +00:00
Doug MacEachern
663baf331b pass sc to myCtxConfig macro 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94337 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 06:38:10 +00:00
Doug MacEachern
97b59112b8 make it possible for proxy to use CRL callback 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94336 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 06:36:56 +00:00
Doug MacEachern
51bbfbacd5 enable the verify callback for proxy 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94334 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 06:20:16 +00:00
Doug MacEachern
51ee9a749e ap_proxy_http_request needs to check the return status of ap_pass_brigade 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94333 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 06:19:14 +00:00
Doug MacEachern
0d93dc2686 change sc->server references to myCtxConfig, so proxy can use the 
verify callback.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94332 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 06:03:08 +00:00
Doug MacEachern
a456732c3f add myCtxConfig macro 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94331 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 05:57:59 +00:00
Doug MacEachern
9ee8bc12b5 implement proxy client certificate callback 
(uses SSLProxyMachineCertificate{File,Cert} when downstream server
requires a client certificate)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94329 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 05:40:02 +00:00
Doug MacEachern
ada316e24b input filter should not return failure when ssl runtime wants to read more 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94328 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 05:16:55 +00:00
Doug MacEachern
a12425c133 ssl_io_input_read needs to return something other than APR_SUCCESS 
when bucket read from socket was successful,
but there was an error within the ssl runtime.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94327 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 04:52:48 +00:00
Doug MacEachern
5021db7bd6 load SSLProxyMachineCertificate{File,Path} 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94324 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 01:50:10 +00:00
Doug MacEachern
e430071911 enable/cleanup SSL_X509_INFO_load_{file,path} functions for use in 
proxy context


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94323 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 01:41:35 +00:00
Cliff Woolley
5b5cccc4ae Fix the version string. We want to end up with "mod_ssl/2.0.xx", not 
"mod_ssl/Apache/2.0.xx".


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94320 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-30 00:00:21 +00:00
Joshua Slive
eecf383b0e Cloudy today. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94317 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 19:22:47 +00:00
Dirk-Willem van Gulik
3ffd24a1f1 Removed email address on request - as obviscation was slammed down on the list - and Google is your friend in any case 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94315 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 19:20:40 +00:00
Doug MacEachern
5e1c0e2c15 add SSLProxyEngine directive. this was not required in the 1.x based 
mod_ssl because the SSL_CTX was created and configured for *every*
request.  unlike in 2.0 where we configure the proxy SSL_CTX at
startup time, which is much better for performance.  but we don't want
to configure a proxy context for every vhost if it isn't going to be
used, for the same reasons we don't create a server context for every
vhost unless SSLEngine is on.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94314 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 17:56:33 +00:00
Doug MacEachern
f4d0e50e00 check the return value of ap_proxy_ssl_enable 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94313 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 17:48:28 +00:00
Jim Jagielski
536cfa19ee Syncing makes no sense now 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94309 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 16:21:48 +00:00
Paul J. Reder
78ae2a9eb4 PR: 
Obtained from:
Submitted by:	Paul J. Reder
Reviewed by:

Remove the MPM_SYNC_CHILD_TABLE macro since there is no longer a scoreboard
file that needs to be synched.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94308 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 16:15:33 +00:00
Jim Jagielski
70bb2575ea The old, legacy (and unused) code in which the scoreboard was totally 
and completely contained in a file (SCOREBOARD_FILE) has been
removed. This does not affect scoreboards which are *mapped* to
files using named-shared-memory at all. This implies that scoreboards
must be based, at some level, on native shared memory (mmap, shm_open,
shmget, whatever), but the code has assumed that for quite awhile
now. Having the scoreboard be *based* on a file makes no sense today.

PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94306 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 14:33:50 +00:00
Cliff Woolley
3e2ce19baf BUCKET FREELISTS 
Add an allocator-passing mechanism throughout the bucket brigades API.

From Apache's standpoint, the apr_bucket_alloc_t* used throughout a given
connection is stored in the conn_rec by the create_connection hook.  That
means it's the MPM's job to optimize recycling of apr_bucket_alloc_t's --
the MPM must ensure that no two threads can ever use the same one at the
same time, for instance.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94304 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 08:17:26 +00:00
Doug MacEachern
b699ec0f91 import ssl_proxy_enable in the post config phase, otherwise LoadModule 
order may leave us without the function.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94303 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 08:04:04 +00:00
Doug MacEachern
bd13d51f35 remove ssl_engine_ext.c 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94302 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 07:37:28 +00:00
Doug MacEachern
1d739333a1 removing old proxy extension code 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94301 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 07:36:01 +00:00
Doug MacEachern
c3e2155dca hook into mod_ssl for https support 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94300 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 07:29:11 +00:00
Doug MacEachern
c0797583d1 need to flush output buffer before reading in proxy mode 
need to call ssl_hook_process_connection in the output filter in proxy
mode, since proxy hits the output filter before the input filter


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94299 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 07:23:09 +00:00
Doug MacEachern
5d625d916c in proxy mode we need to SSL_connect rather than SSL_accept in 
ssl_hook_process_connection.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94298 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 07:22:43 +00:00
Cliff Woolley
0129e9c9e2 These two variables were left uninitialized accidentally. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94297 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 07:12:01 +00:00
Brian Pane
769f2f65d3 Document the variable expansion enhancements for mod_include 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94295 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 06:26:03 +00:00
Brian Pane
7d55deceea Allow variable expansion within in the "var" arg to <!--#echo 
and <!--#set, so that people can do things like this:
  <!--#echo var="${foo}_${bar}" -->


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94294 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 05:58:39 +00:00
Doug MacEachern
722125d944 add optional function (ssl_proxy_enable) to turn on ssl proxy 
choose SSL_CTX based on SSLConnRec.is_proxy


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94293 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 04:50:37 +00:00
Doug MacEachern
f8ce625de8 init proxy context 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94292 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 04:48:01 +00:00
Brian Pane
54ae6c947e Replaced my fix for the is_only_below() bug with Cliff's faster 
and simpler version.
Submitted by:	Cliff Woolley


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94291 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 04:47:10 +00:00
Doug MacEachern
409e7fed52 s/id/mode/ in ssl_cmd_SSLProxyVerify 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94290 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 03:19:12 +00:00
Doug MacEachern
f9f62ab460 use ssl_cmd_verify_parse for SSLProxyVerify directive handler 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94289 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 03:05:49 +00:00
Doug MacEachern
a24fd6a181 cleanup the proxy context 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94288 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:59:27 +00:00
Doug MacEachern
987edc67d2 s/ctx/dcfg/g in ssl directive handlers 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94287 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:48:20 +00:00
Doug MacEachern
b31faa5036 enable proxy directives 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94286 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:43:33 +00:00
Doug MacEachern
7b86fe98a0 change existing ssl_init_ctx() to ssl_init_ctx_protocol() 
new ssl_init_ctx() inits the lot: protocol, session_cache, callbacks,
verify, cipher suite, crl, cert_chain

new ssl_init_server_ctx function inits everything for sc->server


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94285 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:20:58 +00:00
Brian Pane
440d5f0751 Fixes for three problems in mod_include: 
* The ctx->tag_length computation in find_end_sequence() was a bit
    broken in cases where there was a "false alarm" match on a partial
    "-->"
  * The ap_ssi_get_tag_and_value() function needs to avoid walking off
    the end of the string.  After debugging this some more, I ended up
    using Cliff's original patch.
  * Infinite loop in is_only_below()


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94284 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:14:45 +00:00
Doug MacEachern
6d42555a01 proxy will have a different verify callback 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94283 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:09:59 +00:00
Doug MacEachern
192828c57c proxy needs to use client ssl method 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94282 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:06:57 +00:00
Doug MacEachern
ea4cfaae7c setup sc->proxy->sc 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94281 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:01:49 +00:00
Doug MacEachern
543660842b add ssl_config_server_new function to fold some duplication in server 
create/merge and to make sure merge config is fully inititialized


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94280 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 02:00:20 +00:00
Doug MacEachern
3539d5de18 inititialize and merge proxy config 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94279 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 01:56:40 +00:00
Doug MacEachern
6b105970df no point in merging things which are not set until after merge happens. 
make a note of those which are set during module init.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94278 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 01:42:04 +00:00
Doug MacEachern
d5116bceb9 'ctx' traditionally refers to an SSL_CTX. change modssl_ctx_t 
instances to 'mctx'


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94277 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-29 01:24:10 +00:00