Allows for several "connections" all resulting in
a single real connection that talks to the network.
Right now, nothing uses this though.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1565657 13f79535-47bb-0310-9956-ffa450edef68
full advantage of the event MPM. Enable the ability for a module
to reverse the sense of a poll event from a read to a write or vice
versa.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1470679 13f79535-47bb-0310-9956-ffa450edef68
Password hash functions must be expensive in order to be secure. But
if they have to be re-evaluated for every request, performance
suffers.
As a minimal remedy, cache the most recent result for every
connection. This gives a great performance boost if a web browser
does many requests on the same connection with the same
user+password. In principle, this may keep the plain text password
around longer than before. But in practice, there won't be much
difference since user+password can already remain in some unused
data bucket for longer than the request duration.
A proper solution still needs to be found for connections from
proxies which may carry requests for many different users.
While it currently only requires the conn_rec, the new
ap_password_validate() function takes username and request_rec to
allow future extensions, like detection of brute-force attempts.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1427548 13f79535-47bb-0310-9956-ffa450edef68
This is a first stab, the checks will likely have to be revised.
For now, we check
* if the request line contains control characters
* if the request uri has fragment or username/password
* that the request method is standard or registered with RegisterHttpMethod
* that the request protocol is of the form HTTP/[1-9]+.[0-9]+,
or missing for 0.9
* if there is garbage in the request line after the protocol
* if any request header contains control characters
* if any request header has an empty name
* for the host name in the URL or Host header:
- if an IPv4 dotted decimal address: Reject octal or hex values, require
exactly four parts
- if a DNS host name: Reject non-alphanumeric characters besides '.' and
'-'. As a side effect, this rejects multiple Host headers.
* if any response header contains control characters
* if any response header has an empty name
* that the Location response header (if present) has a valid scheme and is
absolute
If we have a host name both from the URL and the Host header, we replace the
Host header with the value from the URL to enforce RFC conformance.
There is a log-only mode, but the loglevels of the logged messages need some
thought/work. Currently, the checks for incoming data log for 'core' and the
checks for outgoing data log for 'http'. Maybe we need a way to configure the
loglevels separately from the core/http loglevels.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1426877 13f79535-47bb-0310-9956-ffa450edef68
of server loading for Apache. So create a struct that
holds some useful data. The hope is that for those
platforms that lack getloadavg(), people will write
replacements.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1389481 13f79535-47bb-0310-9956-ffa450edef68
because it may block when flushing data to the client.
From the listener thread, do a lingering close without flushing. This is
OK because we only do this if there has been an error during write
completion or if our send buffers are empty because we are in keep-alive.
PR: 52229
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1294356 13f79535-47bb-0310-9956-ffa450edef68
excluded from this cleanup as they must be signature identical to the
clib functions, and although the definition of size_t has been flakey,
the definition of those functions appears to be generally clean since
ANSI C.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1228323 13f79535-47bb-0310-9956-ffa450edef68
optionally modified by a module when the effective IP of the client
is not the same as the real IP of the client (such as a load balancer).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1204968 13f79535-47bb-0310-9956-ffa450edef68
