More patches required to;
1. use apr_filepath_merge rather than apr_pstrcat for creating proper
and canonical paths.
2. untangle the proxy: fooness that no longer works in directory_walk.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91622 13f79535-47bb-0310-9956-ffa450edef68
It sorts out the problem when a password protected reverse proxy URL
sends a Proxy-Authenticate to a browser instead of a WWW-Authenticate.
This patch covers the changes to the httpd-2.0 tree.
Submitted by: Graham Leggett
Reviewed by: Chuck Murcko
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88527 13f79535-47bb-0310-9956-ffa450edef68
1) we're using an apr_time_t file mtime, but trying to fit it in
a time_t entry in the cache and in parameters to the cache
access routines; use apr_time_t everywhere
2) we need to use apr_fileperms_t instead of mode_t for APR
file permissions
PR: 6980
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88443 13f79535-47bb-0310-9956-ffa450edef68
some type safety. (unfortunately, our old "void*" is type-safe with the
new one, but over time we should be better)
*) Propagate the new type to all appropriate functions.
*) Random cleaning, whitespace, stylistic nits.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88225 13f79535-47bb-0310-9956-ffa450edef68
- explicitly include apr_lib.h since ap_config.h doesn't
- use apr_want.h where possible
- use APR_HAVE_ where possible
- remove some unneeded includes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88060 13f79535-47bb-0310-9956-ffa450edef68
'extra' stat's for user/group since they should never occur, and now
resolves the SCRIPT_USER and SCRIPT_GROUP, including on WinNT NTFS
volumes.
No-one commented on loosing the 'stat' calls, can anyone invent a scenario
where they could be required? Also, I don't like the casts either, so if
you have a better solution, don't whine, just fix it :)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87904 13f79535-47bb-0310-9956-ffa450edef68
apr_stat/lstat/getfileinfo. These are -NOT- optimal, they
are simply the required changes to get the server working.
The size of the patch is a warning about how we need to
really look at what we are trying to accomplish with all
of these stat/lstat calls.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87760 13f79535-47bb-0310-9956-ffa450edef68
I broke mod_rewrite by modifying strings in place when expanding them,
because variable lookups can cause subrequests which cause mod_rewrite
to do its stuff again including an expansion on the same string, which
is then syntactically invalid. So copy the lookup keys somewhere else
before using them in such a way that may cause recursion.
In addition to this, my parser could also be confused by complicated
nested rewrite map expansions like ${map1:${map2:key|dflt}|dflt} so
fix that too by keeping track of {} when looking for |.
PR: 7087
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87723 13f79535-47bb-0310-9956-ffa450edef68
keeps track of whether or not its post config hook has
been called before. Instead of a static variable (which
is replaced when the DSO is loaded a second time), use
userdata in the process pool.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87328 13f79535-47bb-0310-9956-ffa450edef68
only one defined and it is used in other Apache code;
this gets mod_rewrite to compile on RedHat 6.0 (and perhaps some
other systems)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87088 13f79535-47bb-0310-9956-ffa450edef68
the recent apr_ssize_t->apr_size_t changes. The problem in mod_cgid
was an int function which didn't have a return statement.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86934 13f79535-47bb-0310-9956-ffa450edef68
(No, it wasn't a simple issue to get the suexec patch working.)
The suexec support doesn't apply to the external mapping process,
which is not related to any particular request. Instead, [IMHO]
the external mapping process should switch to the configured user/group
that the daemon processes switch to.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86729 13f79535-47bb-0310-9956-ffa450edef68
rewrite map lookup keys and default values are now expanded
so that the lookup can depend on the requested URI etc.
Because the new code is recursive you can now write configurations
like the following (with nested map lookups) which wasn't directly
possible before -- you had to use a RewriteCond and a %N backref
instead, as in http://www.apache.org/docs/vhosts/mass.html#xtra-conf
RewriteMap tolower int:tolower
RewriteMap host2user txt:/home/www/conf/virtusertbl
RewriteRule /(.*) /home/${host2user:${tolower:%{HTTP_HOST}}|www}/public_html
PR: 6671
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86638 13f79535-47bb-0310-9956-ffa450edef68
for CORE_EXPORT to AP_CORE_DECLARE (namespace protecting the wrapper)
and retitled API_EXPORT as AP_DECLARE and APR_EXPORT as APR_DECLARE.
All _VAR_ flavors changes to _DATA to be absolutely clear.
Thank you Greg, for the most obvious suggestion.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86609 13f79535-47bb-0310-9956-ffa450edef68
If the result of a RewriteRule is a filename that contains expansion
specifiers, especially regexp backreferences $0..$9 and %0..%9, then it
may be possible for an attacker to access any file on the web server.
The fix replaces a multi-pass string expander with a one-pass expander,
and includes the code quality improvements that were committed separately
to 1.3.
Message-Id: <E13OQB5-0004Xs-00@hand.dotat.at>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86302 13f79535-47bb-0310-9956-ffa450edef68
log it if it fails).
Don't segfault if RewriteLock wasn't coded in the config (i.e., if
rewrite_log_lock isn't set).
Fix a missing error code in a call to ap_log_error().
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86058 13f79535-47bb-0310-9956-ffa450edef68
see src/lib/apr/apr_compat.h for most details.
Also a few minor nits to get Win32 to build.
PR:
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@86008 13f79535-47bb-0310-9956-ffa450edef68
