www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-11-05 05:30:39 +03:00
Code Activity
22,500 Commits 62 Branches 304 Tags
c7f1896fa72eafc46943b51a07b72634fda93ca3
Commit Graph

233 Commits

Author SHA1 Message Date
Graham Leggett
394e5594d6 Introduce a per connection "peer_ip" and a per request "client_ip" to 
distinguish between the raw IP address of the connection and the effective
IP address of the request.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1206291 13f79535-47bb-0310-9956-ffa450edef68
 2011-11-25 19:42:04 +00:00
Graham Leggett
4ee7eea4cf Introduce a per request version of the remote IP address, which can be 
optionally modified by a module when the effective IP of the client
is not the same as the real IP of the client (such as a load balancer).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1204968 13f79535-47bb-0310-9956-ffa450edef68
 2011-11-22 13:10:39 +00:00
Ruediger Pluem
71fefb6951 * Correctly return a 400 (Bad request) in case of a HTTP/0.9 request like 
GET @example.org/foo


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1188745 13f79535-47bb-0310-9956-ffa450edef68
 2011-10-25 15:56:08 +00:00
Stefan Fritsch
c75f86b0c7 Downgrade some more log messages indicating client errors from level error to 
info. Add log messages for various reasons to return HTTP_BAD_REQUEST.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1185385 13f79535-47bb-0310-9956-ffa450edef68
 2011-10-17 21:30:40 +00:00
Joe Orton
3371c66263 SECURITY (CVE-2011-3368): Prevent unintended pattern expansion in some 
reverse proxy configurations by strictly validating the request-URI:

* server/protocol.c (read_request_line): Send a 400 response if the
  request-URI does not match the grammar from RFC 2616.  This ensures
  the input string for RewriteRule et al really is an absolute path.

Reviewed by: rpluem, wrowe, covener, fielding


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1179239 13f79535-47bb-0310-9956-ffa450edef68
 2011-10-05 14:24:44 +00:00
Stefan Fritsch
a4092c7a7d Enforce LimitRequestFieldSize after multiple headers with the same 
name have been merged.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1178566 13f79535-47bb-0310-9956-ffa450edef68
 2011-10-03 20:37:49 +00:00
Jim Jagielski
427c85bd23 Cleanup effort in prep for GA push: 
Trim trailing whitespace... no func change



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1174751 13f79535-47bb-0310-9956-ffa450edef68
 2011-09-23 13:39:32 +00:00
Stefan Fritsch
a895bc4ee4 Fix handling of offset in ap_send_fd() 
PR: 51592
Submitted by: Torsten Foertsch <torsten foertsch gmx net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1153424 13f79535-47bb-0310-9956-ffa450edef68
 2011-08-03 10:46:04 +00:00
Stefan Fritsch
fba947527f Introduce new function ap_get_conn_socket() to access the socket of 
a connection


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1135153 13f79535-47bb-0310-9956-ffa450edef68
 2011-06-13 16:02:18 +00:00
Stefan Fritsch
c9fd2623da Introduce ap_(get|set)_core_module_config() functions/macros and use them 
everywhere.

We know that the core module has module_index 0. Therefore we can save
some pointer operations in ap_get_module_config(cv, &core_module) and
ap_set_module_config(cv, &core_module, val). As these are called rather often,
this may actually have some (small) measurable effect.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1132781 13f79535-47bb-0310-9956-ffa450edef68
 2011-06-06 21:26:56 +00:00
Stefan Fritsch
cdb37c5e4d Make ap_rputs an inline function, as it is mostly used with string constants 
and this allows the compiler to optimize the strlen() call away.

Submitted by: Christophe Jaillet <christophe jaillet wanadoo fr>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1131465 13f79535-47bb-0310-9956-ffa450edef68
 2011-06-04 18:50:55 +00:00
Stefan Fritsch
61a0413706 Use APR_STATUS_IS_... in some more cases. 
While this is not strictly necessary everywhere, it makes it much easier
to find the problematic cases.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1102124 13f79535-47bb-0310-9956-ffa450edef68
 2011-05-11 22:51:46 +00:00
Eric Covener
089dcf8cec use APR_STATUS_IS_TIMEUP() instead of direct comparison with APR_TIMEUP. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1100511 13f79535-47bb-0310-9956-ffa450edef68
 2011-05-07 11:34:23 +00:00
Jim Jagielski
9175224482 New hook: ap_run_pre_read_request() 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1070616 13f79535-47bb-0310-9956-ffa450edef68
 2011-02-14 19:21:37 +00:00
Jeff Trawick
7dc89fcc4e comment on where multiple headers with same name get merged 
(some strict Cookie parsers can't handle what happens later,
but that is not our fault)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1057372 13f79535-47bb-0310-9956-ffa450edef68
 2011-01-10 21:21:45 +00:00
Stefan Fritsch
eedf130332 Introduce note_auth_failure hook to allow modules to add support 
for additional auth types. This makes ap_note_auth_failure() work with
mod_auth_digest again.

PR: 48807


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@960399 13f79535-47bb-0310-9956-ffa450edef68
 2010-07-04 21:16:53 +00:00
Stefan Fritsch
01b9f2e551 - Be less verbose at levels INFO and DEBUG in mod_proxy* and mod_ssl 
- Add some trace logging to core and http


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@951900 13f79535-47bb-0310-9956-ffa450edef68
 2010-06-06 17:07:12 +00:00
Stefan Fritsch
ebb62867fb Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take 
advantage of per-module loglevels


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@951895 13f79535-47bb-0310-9956-ffa450edef68
 2010-06-06 16:59:50 +00:00
Jeff Trawick
e8643541c5 style nit (fix the one unaligned "=" out of fifteen) 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@921302 13f79535-47bb-0310-9956-ffa450edef68
 2010-03-10 11:02:00 +00:00
Ruediger Pluem
bf715d43fc * Only log a 408 if it is no keepalive timeout. 
PR: 39785
Submitted by: Mark Montague <markmont umich.edu>, rpluem
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@919323 13f79535-47bb-0310-9956-ffa450edef68
 2010-03-05 07:37:15 +00:00
William A. Rowe Jr
9911c19b54 overlooked for 10 years, impressive ;-) 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@917615 13f79535-47bb-0310-9956-ffa450edef68
 2010-03-01 17:58:40 +00:00
William A. Rowe Jr
115c1e496d Correctly align the behavior of headers_in to be consistent with the 
treatment of headers_out, resolving PR 48359 by keeping subrequest
scope changes out of the main request headers.  This ensures that all
requests-without-bodies behave as the requests-with-bodies code has.

Mitre: CVE-2010-0434


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@901578 13f79535-47bb-0310-9956-ffa450edef68
 2010-01-21 07:19:41 +00:00
Stefan Fritsch
2af96f1528 Fix potential segfault when dereferencing NULL request_rec 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@895483 13f79535-47bb-0310-9956-ffa450edef68
 2010-01-03 21:31:57 +00:00
Nick Kew
cc8eabe9ec Fix up r892678 as pointed out by rpluem. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@892808 13f79535-47bb-0310-9956-ffa450edef68
 2009-12-21 13:11:14 +00:00
Nick Kew
c140c941e4 Reject requests containing (invalid) NULL characters in request line 
or request headers.
PR 43039


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@892678 13f79535-47bb-0310-9956-ffa450edef68
 2009-12-21 00:40:07 +00:00
Nick Kew
33b33d1987 Don't keepalive when we send a non-100 response while Client is expecting 100 
and may be feeding us continuation data.
PR 47087


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@888310 13f79535-47bb-0310-9956-ffa450edef68
 2009-12-08 10:22:56 +00:00
Guenter Knauf
c0a0d085b4 no declarations after statements. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@821599 13f79535-47bb-0310-9956-ffa450edef68
 2009-10-04 20:18:51 +00:00
Stefan Fritsch
aa726d199a cleanup brigade before reusing it 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@821481 13f79535-47bb-0310-9956-ffa450edef68
 2009-10-04 09:00:26 +00:00
Stefan Fritsch
fbdde88b36 core, mod_deflate, mod_sed: Reduce memory usage by reusing bucket 
brigades in several places


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@821471 13f79535-47bb-0310-9956-ffa450edef68
 2009-10-04 07:37:28 +00:00
Daniel Earl Poirier
b5532dce62 core: Treat timeout reading request as 408 error, not 400. 
Log 408 errors in access log as was done in Apache 1.3.x.

PR: 39785
Submitted by: Nobutaka Mantani, Stefan Fritsch
Reviewed and added to by: Dan Poirier


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@820760 13f79535-47bb-0310-9956-ffa450edef68
 2009-10-01 19:28:36 +00:00
Brian Havard
60fbe11de1 Bring back OS/2 support. 
Reverses r758929 with a little bit of conflict resolution.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@807930 13f79535-47bb-0310-9956-ffa450edef68
 2009-08-26 08:56:13 +00:00
Jeff Trawick
ee32468a33 remove OS/2 platform support 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@758929 13f79535-47bb-0310-9956-ffa450edef68
 2009-03-26 23:47:52 +00:00
Greg Ames
a348f7b78b the CRLF following 100 Continue needs to be sent as ASCII on EBCDIC 
boxes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@752546 13f79535-47bb-0310-9956-ffa450edef68
 2009-03-11 18:05:20 +00:00
Roy T. Fielding
421ee8b008 Disabled DefaultType directive and removed ap_default_type() 
from core.  We now exclude Content-Type from responses for which
a media type has not been configured via mime.types, AddType,
ForceType, or some other mechanism.  MMN major bump to NZ time.

PR: 13986



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@739382 13f79535-47bb-0310-9956-ffa450edef68
 2009-01-30 19:12:51 +00:00
Eric Covener
1fbdabf8f4 simplifications per niq's review comments 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@733218 13f79535-47bb-0310-9956-ffa450edef68
 2009-01-10 01:30:29 +00:00
Eric Covener
57cbab5315 EBCDIC fix for ap_send_interim_response() 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@733134 13f79535-47bb-0310-9956-ffa450edef68
 2009-01-09 19:48:43 +00:00
Paul Querna
f47b6f394e Import the core parts of the DTrace patch. This is a modified and updated 
version of what was submited by Theo before:
 <http://mail-archives.apache.org/mod_mbox/httpd-dev/200805.mbox/%3C6AFBCFE8-4CCA-4A02-8A43-F9170689695D@omniti.com%3E>

Note, this does not hook it up into the build system at this time, because
the original patch was a little too creative there.

Submitted By: Theo Schlossnagle <jesus omniti.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@723565 13f79535-47bb-0310-9956-ffa450edef68
 2008-12-05 03:34:52 +00:00
Ruediger Pluem
d9c0b7e070 * Don't send 100-Continue when there was no Expect: 100-continue in the 
request headers.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@664150 13f79535-47bb-0310-9956-ffa450edef68
 2008-06-06 21:56:13 +00:00
Graham Leggett
1d1c483317 core, mod_proxy: If a kept_body is present, it becomes safe for 
subrequests to support message bodies. Make sure that safety
checks within the core and within the proxy are not triggered
when kept_body is present. This makes it possible to embed
proxied POST requests within mod_include.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@654968 13f79535-47bb-0310-9956-ffa450edef68
 2008-05-09 22:40:01 +00:00
Paul Querna
a324a1d72f Remove all references to CORE_PRIVATE. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645455 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-07 10:45:43 +00:00
Ruediger Pluem
754135d1f2 * Do not set filter context brigade to NULL (and thus need to recreate it each 
time) but empty it (via APR_BRIGADE_PREPEND) and reuse it. 

Submitted by: Stefan Fritsch <sf sfritsch.de>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@603227 13f79535-47bb-0310-9956-ffa450edef68
 2007-12-11 12:48:39 +00:00
Jim Jagielski
d5530bc6f5 Alternate fix... profiling indicates that the string 
termination is completely unneeded and superflous. In
which case, the original allocation size is sufficient
since nothing external worries about a NULL nor
looks for it.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@602491 13f79535-47bb-0310-9956-ffa450edef68
 2007-12-08 16:10:40 +00:00
Jim Jagielski
6c0689eeae Prevent 1-byte overflow on 8192 boundary (see PR 43310) 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@589461 13f79535-47bb-0310-9956-ffa450edef68
 2007-10-29 01:25:16 +00:00
Nick Kew
c94140fb01 Add option not to send&clear response headers in ap_send_interim_response. 
We'll need this option to fix PR#43711, and ap_send_interim_response
is fortunately too new an API to have made it into anything stable.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@588806 13f79535-47bb-0310-9956-ffa450edef68
 2007-10-26 23:56:06 +00:00
Nick Kew
3d1465d445 Introduce ap_send_interim_response function and API, for interim 
(HTTP 1xx) responses sent by an application or backend.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@582630 13f79535-47bb-0310-9956-ffa450edef68
 2007-10-07 13:41:50 +00:00
Roy T. Fielding
de659cbed0 update license header text 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@420983 13f79535-47bb-0310-9956-ffa450edef68
 2006-07-11 20:33:53 +00:00
Joe Orton
c13f8dd6eb * server/core.c (default_handler): Use apr_brigade_insert_file() to 
append the file to the brigade.

* server/protocol.c (ap_send_fd),
modules/proxy/mod_proxy_http.c (spool_reqbody_cl), 
modules/cache/mod_mem_cache.c (recall_body),
modules/cache/mod_disk_cache.c (recall_body),
modules/mappers/mod_negotiation.c (handle_map_file),
modules/generators/mod_asis.c (asis_handler),
modules/dav/fs/repos.c [DEBUG_GET_HANDLER] (dav_fs_deliver),
modules/arch/win32/mod_isapi.c (ServerSupportFunction): Likewise.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@414238 13f79535-47bb-0310-9956-ffa450edef68
 2006-06-14 13:16:29 +00:00
Ruediger Pluem
8cca196973 * Adjust comment as per niq's proposal in r395166 and as already adjusted by 
colm in the backport to 2.0.x (r395197).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@395381 13f79535-47bb-0310-9956-ffa450edef68
 2006-04-19 20:07:22 +00:00
Colm MacCarthaigh
dd95d7c37c Update the copyright year in all .c, .h and .xml files 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@395228 13f79535-47bb-0310-9956-ffa450edef68
 2006-04-19 12:11:27 +00:00
Ruediger Pluem
4d1b38642d * Initialize last_char as otherwise a random value will be compared 
against APR_ASCII_LF at the end of the loop if bb only contains an
  EOS bucket.

PR: 39282
Submitted by: Davi Arnaut <davi haxent.com.br>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@394070 13f79535-47bb-0310-9956-ffa450edef68
 2006-04-14 12:17:54 +00:00