www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-11-15 12:41:11 +03:00
Code Activity
25,252 Commits 62 Branches 304 Tags
d79b9a03c5d228dfc13d4069f37d8889c62cba16
Commit Graph

243 Commits

Author SHA1 Message Date
André Malo
a7db87b9ad SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the 
errorlog.

Reviewed by: Mark J Cox


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101873 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-24 21:34:38 +00:00
Jeff Trawick
aa21671e13 switch to APR 1.0 API (which is still in flux) 
because of the changes to the argument lists of apr_mmap_dup and apr_socket_create,
2.1-dev won't build with apr and apr-util's 0.9 branch anymore


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101154 13f79535-47bb-0310-9956-ffa450edef68
 2003-09-03 19:27:12 +00:00
Jeff Trawick
cdddc76c84 axe a special check for EOF+data from apr_file_gets()... apr_file_gets() 
doesn't return that combination of conditions any more


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100826 13f79535-47bb-0310-9956-ffa450edef68
 2003-07-28 20:10:42 +00:00
Greg Stein
e8292fc3f3 Following the previous commit, adjust the actual parameters of 
ap_strcmp_match() and ap_strcasecmp_match() to use 'expected' rather
than 'exp' to avoid shadowing the global exp() function.

Submitted by: Justin Erenkrantz <justin@erenkrantz.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100286 13f79535-47bb-0310-9956-ffa450edef68
 2003-06-17 17:38:16 +00:00
Brian Pane
4da6182a9f Don't run regex cleanups before exec 
Submitted by:	Jeff Trawick
Reviewed by:	Brian Pane


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99133 13f79535-47bb-0310-9956-ffa450edef68
 2003-03-31 04:45:57 +00:00
André Malo
c8185c253b Minor MMN bump: 
Forward port: Escape special characters (especially control
characters) in mod_log_config to make a clear distinction between
client-supplied strings (with special characters) and server-side
strings. This was already introduced in version 1.3.25.

Obtained from: Patch in 1.3.25-dev by Martin


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98912 13f79535-47bb-0310-9956-ffa450edef68
 2003-03-06 23:53:52 +00:00
Bradley Nicholes
721890ad66 Avoid passing too many characters to getenv. Make sure that only the 
environment variable string is passed.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98625 13f79535-47bb-0310-9956-ffa450edef68
 2003-02-12 17:17:09 +00:00
André Malo
742af25096 finished that boring job: 
update license to 2003.

Happy New Year! ;-))


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98573 13f79535-47bb-0310-9956-ffa450edef68
 2003-02-03 17:53:28 +00:00
Ken Coar
12b11896a7 here we go. add a directive that will keep %2f from being 
decoded into '/', allowing the *_walk to do their magic and
	return 404 if it's in the path, and allowing it in the path-info.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98479 13f79535-47bb-0310-9956-ffa450edef68
 2003-01-23 21:34:13 +00:00
Wilfredo Sanchez
6c3569b193 2.0 -> 2.1 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97800 13f79535-47bb-0310-9956-ffa450edef68
 2002-12-08 21:05:57 +00:00
Justin Erenkrantz
bfd10d14bb Use APR_STATUS_IS_EOF rather than a check against APR_EOF 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97378 13f79535-47bb-0310-9956-ffa450edef68
 2002-11-01 18:01:27 +00:00
Justin Erenkrantz
7310a8c6b5 Style police were called back from their vacation 
*No functional changes*


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97377 13f79535-47bb-0310-9956-ffa450edef68
 2002-11-01 17:57:47 +00:00
William A. Rowe Jr
5a3e3f0e54 A couple of observations 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97199 13f79535-47bb-0310-9956-ffa450edef68
 2002-10-14 00:12:02 +00:00
William A. Rowe Jr
e85db78eaa Security rollup for 2.0.40 release. Tag and roll baby. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96327 13f79535-47bb-0310-9956-ffa450edef68
 2002-08-09 17:00:44 +00:00
Brian Pane
b2fe8e6f27 Removed "tolower(++s)" idiom from ap_strcasestr(), to avoid side-effects 
on any platform with a macro-based tolower() that references its argument
multiple times.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95867 13f79535-47bb-0310-9956-ffa450edef68
 2002-06-23 09:01:22 +00:00
Jeff Trawick
c871b41d3c stop using APLOG_NOERRNO in calls to ap_log_?error() 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95149 13f79535-47bb-0310-9956-ffa450edef68
 2002-05-17 11:11:39 +00:00
Brian Pane
879f6fef32 Updated ap_getword_white() to use the same coding style 
(and optimizations) as ap_getword()


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94854 13f79535-47bb-0310-9956-ffa450edef68
 2002-04-29 07:20:46 +00:00
Bradley Nicholes
ca3c6503d6 Added a check to make sure that h_aliases is not NULL before we try to 
dereference it in the for(...) loop.  Attempting to dereference a NULL pointer
was causing a fault if there were no aliases found.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94819 13f79535-47bb-0310-9956-ffa450edef68
 2002-04-26 21:55:41 +00:00
Sander Striker
6e8efec657 Adapt to the rename of apr_explode_localtime to apr_time_exp_lt in APR. 
Submitted by: Thom May <thom@planetarytramp.net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94631 13f79535-47bb-0310-9956-ffa450edef68
 2002-04-13 12:02:38 +00:00
William A. Rowe Jr
95270aa043 One for 2.0.34 - to fix the problem of utf-8 configuration files saved 
from MeSsed up editors that believe zero byte joiner lead bytes signify
  a utf-8 file.  Someone point me at an RFC ... gheesh.

  FWIW; fixes bugs report 10125


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94446 13f79535-47bb-0310-9956-ffa450edef68
 2002-04-05 04:22:45 +00:00
Sander Striker
b2bb3f6764 Update callers of apr_explode_gmt to apr_time_exp_gmt. The 
function was renamed in apr.

Submitted by: Thom May <thom@planetarytramp.net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94081 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-21 10:10:41 +00:00
William A. Rowe Jr
029da7dc7b Correct our list of escape characters to include percent and the 
carriage return on Win32/OS2, and modify the \r \n escaping to account
  for the fact that Win32/OS2 don't pass these characters through a true
  argv[] mechansim; replace them with a whitespace since they effectively
  are for most applications.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94070 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-21 05:28:14 +00:00
Roy T. Fielding
845cbfd508 Update our copyright for this year. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93918 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-13 20:48:07 +00:00
Ian Holsman
da35725071 apr-utils rename apr_ansi_time_to_apr_time and 
apr_exploded_time_t.

PR:
Obtained from:
Submitted by:	Thom May <thom@planetarytramp.net>
Reviewed by:	Ian Holsman


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93733 13f79535-47bb-0310-9956-ffa450edef68
 2002-03-06 17:55:38 +00:00
William A. Rowe Jr
c05415a413 Whoops - this patch is required by the last request.c change. 
Fulfills Brian Pane's suggestion that we always overallocate by one
  to make /foo/bar quickly convertable to /foo/bar/


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93047 13f79535-47bb-0310-9956-ffa450edef68
 2002-01-27 07:49:05 +00:00
Brian Pane
d1c705051f Optimization for ap_getparents: skip past all the leading 
characters of the path that aren't '.' rather than copying
those bytes onto themselves


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92292 13f79535-47bb-0310-9956-ffa450edef68
 2001-12-03 00:49:28 +00:00
Brian Pane
aab420fe58 Optimization: replace apr_pstrndup() with apr_pstrmemdup() in 
ap_escape_html() to eliminate a redundant scan through the string.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92288 13f79535-47bb-0310-9956-ffa450edef68
 2001-12-02 20:38:33 +00:00
Brian Pane
33396a8f4c Reduced the number of strlen operations in ap_getword() 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92281 13f79535-47bb-0310-9956-ffa450edef68
 2001-12-02 05:46:36 +00:00
Brian Pane
aea03cbc59 Modified ap_make_full_path to minimize the number of strlen operations 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92280 13f79535-47bb-0310-9956-ffa450edef68
 2001-12-02 05:09:51 +00:00
Bradley Nicholes
422739d923 Added NetWare to the Win32 ifdef list 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91028 13f79535-47bb-0310-9956-ffa450edef68
 2001-09-14 23:26:27 +00:00
Ryan Bloom
1e90a12ab2 Fix a seg fault in mod_include. When we are generating an 
internal redirect, we must set r->uri to "", not a bogus
string, and not NULL.  [Ryan Bloom]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90929 13f79535-47bb-0310-9956-ffa450edef68
 2001-09-06 17:58:28 +00:00
William A. Rowe Jr
572a020ea9 Revert this patch. It indicates some fundamental brokenness with the 
apr_filepath_root() fn, which should simply return '/' for an absolute
  path on (most) unix, and advance the path pointer to the first non-'/'
  character  [if only Win32 and others were so simple ;-]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90605 13f79535-47bb-0310-9956-ffa450edef68
 2001-08-24 01:41:56 +00:00
Cliff Woolley
f8b29fb281 I don't know if this is the Right Way, but it certainly does make things 
work better right now.  httpd-test is much much happier with this patch
(ie, we can serve pages again :)  I'm still seeing issues with mod_include,
but that's probably a different problem... will investigate.

Submitted by:	Doug MacEachern


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90603 13f79535-47bb-0310-9956-ffa450edef68
 2001-08-24 01:26:31 +00:00
William A. Rowe Jr
4f3d0d2dfe I'm still not 100% certain on this test. Regardless, it doesn't impact 
Unix, and this was the bug that Jeff's (none the less correct) fix masked.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90601 13f79535-47bb-0310-9956-ffa450edef68
 2001-08-24 00:59:08 +00:00
William A. Rowe Jr
3ba6289b68 Eliminated ap_os_[systemcase|[case_]canonical]_filename() and 
move ap_os_is_path_absolute() into util.c (now relies on apr.)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90567 13f79535-47bb-0310-9956-ffa450edef68
 2001-08-23 19:08:20 +00:00
William A. Rowe Jr
c327284b2f It doesn't get any simpler than this 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90547 13f79535-47bb-0310-9956-ffa450edef68
 2001-08-23 13:08:48 +00:00
William A. Rowe Jr
ea2a3f582e The original answer was evil, return NULL if the file name has no path! 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@89666 13f79535-47bb-0310-9956-ffa450edef68
 2001-07-23 19:52:41 +00:00
William A. Rowe Jr
c96cc340bb Reconsidered the wisdom of this change... back to the drawing board. 
The ap_ prefix is still good, IMHO


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88313 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-25 01:12:50 +00:00
William A. Rowe Jr
5cccb4a478 Clean up namespace badness with s/configfile_t/ap_configfile_t/ 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88312 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-25 00:51:32 +00:00
Greg Stein
ee3fe477e3 *) fix inline handling. we had: apr_inline, APR_INLINE, USE_GNU_INLINE, and 
INLINE. Now, we just have APR_INLINE and APR_HAS_INLINE.
   - convert all usage
   - note that apr_general messed up the defn (compared to apr.h)
   - simplify the inline decision logic in os/*/os.h
   - simplify the code in os/*/os-inline.c

*) toss ap_checkconv() [no longer used]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88298 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-24 11:23:31 +00:00
Roy T. Fielding
381f88d56a Update copyright to 2001 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88184 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-16 04:26:53 +00:00
Greg Stein
de083a7ba1 write these in terms of strchr and strrchr so the compiler can possibly use 
builtin, optimized functions.
[ they're stupid functions, but what the hell ]


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88101 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-12 02:39:24 +00:00
Ryan Bloom
f9a1287c61 Fix a potential segfault on all platforms. David Reid fixed this for 
BEOS, but this could actually happen on any platform, so we should
be safe and protect ourselves.
Submitted by:	Cliff Woolley <cliffwoolley@yahoo.com>
Reviewed by:	Ryan Bloom


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88080 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-11 00:51:38 +00:00
Greg Stein
bb282b75f7 Clean up some of the includes: 
- explicitly include apr_lib.h since ap_config.h doesn't
- use apr_want.h where possible
- use APR_HAVE_ where possible
- remove some unneeded includes


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88060 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-10 13:05:29 +00:00
David Reid
3abf3b4384 Fix more breakage on BeOS... 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88044 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-10 01:16:11 +00:00
Doug MacEachern
88d3406f9a renaming various functions for consistency sake 
see: http://apr.apache.org/~dougm/apr_rename.pl
PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@88019 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-08 07:45:33 +00:00
Tony Finch
34274563f1 Get the correct IP address if ServerName isn't set and we can't 
find a fully-qualified domain name at startup.
PR:             7170
Submitted by:   Danek Duvall <dduvall@eng.sun.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87938 13f79535-47bb-0310-9956-ffa450edef68
 2001-02-01 09:59:25 +00:00
William A. Rowe Jr
7f4a5fe7f5 Use the appropriate APR_FINFO_flags for the apr_stat/lstat/getfileinfo 
calls to avoid ownership and permissions on Win32 when they are not
  required, and until they are implemented.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87873 13f79535-47bb-0310-9956-ffa450edef68
 2001-01-27 21:28:28 +00:00
David Reid
fce4fb7fb3 BeOS BONE shouldn't be using this BeOS R5 check, so alter the check to make it 
work correctly.  Shouldn't this be APR'ized?


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87872 13f79535-47bb-0310-9956-ffa450edef68
 2001-01-27 20:03:23 +00:00
William A. Rowe Jr
cd1ef027c2 The changes required for the APR_FINFO_wanted argument to 
apr_stat/lstat/getfileinfo.  These are -NOT- optimal, they
  are simply the required changes to get the server working.
  The size of the patch is a warning about how we need to
  really look at what we are trying to accomplish with all
  of these stat/lstat calls.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@87760 13f79535-47bb-0310-9956-ffa450edef68
 2001-01-20 21:42:23 +00:00