| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- New directive 'H2EarlyHint name value' to add headers to a response,
picked up already when a "103 Early Hints" response is sent. 'name' and
'value' must comply to the HTTP field restrictions.
This directive can be repeated several times and header fields of the
same names add. Sending a 'Link' header with 'preload' relation will
also cause a HTTP/2 PUSH if enabled and supported by the client.
- Fixed an issue where requests were not logged and accounted in a timely
fashion when the connection returns to "keepalive" handling, e.g. when
the request served was the last outstanding one.
This led to late appearance in access logs with wrong duration times
reported.
- Accurately report the bytes sent for a request in the '%O' Log format.
This addresses #203, a long outstanding issue where mod_h2 has reported
numbers over-eagerly from internal buffering and not what has actually
been placed on the connection.
The numbers are now the same with and without H2CopyFiles enabled.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1909769 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
Checking in configure for proper version installed. Code
fixes for changed clienthello member name.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1909558 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
we can have decoded '%''s in the URI that got sent to us in the original URL
as %25. Don't error out in this case but just fall through and have them
encoded to %25 when forwarding to the backend.
PR: 66580
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1909464 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
PR: 66571
Submitted by: Valeria Petrov <valeria.petrov@spinetix.com>
Reviewed by: rpluem
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1909241 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908867 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908838 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908813 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908691 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908629 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908407 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
%{z} prints the timezone offset (i.e. "[+-]nnnn") and %{strftime-format} allows
any %-format handled by [apr_]strftime().
* include/util_time.h():
Define new AP_CTIME_OPTION_GMTOFF option for ap_recent_ctime_ex().
* server/util_time.c(ap_recent_ctime_ex):
Handle AP_CTIME_OPTION_GMTOFF to print "[+-]nnnn" timezone.
* server/log.c(log_ctime):
If the format contains a '%' it's for strftime(), otherwise it's builtin
with new 'z' as AP_CTIME_OPTION_GMTOFF.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908380 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case that AllowEncodedSlashes is set to NoDecode do not double encode
encoded slashes in the URL sent by the reverse proxy to the backend.
* include/ap_mmn.h: Document the addition of ap_proxy_canonenc_ex to the API.
* modules/proxy/mod_proxy.h: Declare ap_proxy_canonenc_ex and define flag
values.
* modules/proxy/proxy_util.c: Implement ap_proxy_canonenc_ex by modifying
ap_proxy_canonenc accordingly and reimplement ap_proxy_canonenc to
use ap_proxy_canonenc_ex with the appropriate flag.
* modules/http2/mod_proxy_http2.c, modules/proxy/mod_proxy_*.c: Set the
correct flag based on the AllowEncodedSlashes configuration and use
ap_proxy_canonenc_ex instead of ap_proxy_canonenc.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908341 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908301 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908296 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908186 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Enabling ED25519 support and certificate transparency information when
building with libressl v3.5.0 and newer. Thanks to Giovanni Bechis.
- MDChallengeDns01 can now be configured for individual domains.
Thanks to Jérôme Billiras (@bilhackmac) for the initial PR.
- Fixed a bug found by Jérôme Billiras (@bilhackmac) that caused the challenge
teardown not being invoked as it should.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908080 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907983 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907980 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907977 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
amount of response body bytes put into a single HTTP/2 DATA frame.
Setting this to 0 places no limit (but the max size allowed by the
protocol is observed).
The module, by default, tries to use the maximum size possible, which is
somewhat around 16KB. This sets the maximum. When less response data is
available, smaller frames will be sent.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907697 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
connections of any age to be reused. Up to now, a negative value was handled
as an error when parsing the configuration file. PR 66421.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1907024 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1906940 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
reported in access logs and error documents. The processing of the
reset was correct, only unneccesary reporting was caused.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1906775 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
for strftime formats that will loop back on themselves, like
day of month or weekday name.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1906433 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1906387 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1906382 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
to responses from the backend, as other proxy modules do. Fixes PR 66391.
Thanks to Jérôme Billiras for providing the patch.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1906051 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1905404 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
leading/trailing whitespace (space +htab) before being processed
or send in a response. This is compatible behaviour to HTTP/1.1
parsers that strip incoming headers of such characters.
[Stefan Eissing]
- removed intermittent "H2HeaderStrictness" directive again.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1904777 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mod_dav-fs scales badly when a few clients run PROPFIND requests to discover
directory content. Each PROPFIND involves lockdiscovery, which in turn waits
for a locked access to the file containing the lock database. Performances
quickly drop because of lock contention on this file.
Add a DAVLockDiscovery configuration directive that allows lockdiscovery to be
disabled. Its argument is an Apache expression so that flexible configuration
are possible (per-request).
When lock discovery is disabled, an empty lockdiscovery property is returned on
POPRFIND methods, just like if no lock was set on the object. That should cause
no regression, since a client cannot rely on lockdiscovery to decide when a
file should be accessed, the LOCK methood must be used.
If DAVLockDiscovery is not specified, the behavior is unchanged.
PR 66313.
Submitted by: Emmanuel Dreyfus <manu netbsd.org>
Reviewed by: ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1904638 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
some dollar substitution (backreference) happens in the hostname
or port part of the URL.
Address or connection reuse can't work when the autority part of the URL is
dynamic (single origin server[:port] handled/assumed in the reslist). Detect
such cases and unset worker->s->is_address_reusable to disable reuse regardless
of enablereuse/disablereuse.
* modules/proxy/proxy_util.c(ap_proxy_define_worker_ex):
Lookup for $n substitution in the hostname[:port] when parsing the URL and
if present, set worker->->is_address_reusable=0 / worker->s->disablereuse=1.
* modules/proxy/proxy_util.c(ap_proxy_initialize_worker):
Don't overwrite worker->s->is_address_reusable from enablereuse/disablereuse
parameters, and set both consistently.
* docs/manual/mod/mod_proxy.xml:
Add ProxyPassMatch compatibility note about key=value parameters handled with
$n substitutions since 2.4.47.
Document the specificities of enablereuse/disablereuse w.r.t. $n subsitutions
in the different part of the URL.
Axe the note about unparsable URLs when the $n substitution happens in the
port, this has been addressed in 2.4.47 too (and works now).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1904513 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
level of header checks as defined in the HTTP/2 RFCs. Default is 7540.
9113 activates the checks for forbidden leading/trailing whitespace in
field values (available from nghttp2 v1.50.0 on).
- source sync with github version
- fix for keepalive idle wait in mpm_worker setup
- ensuring EOS when secondary connection has been handled
- fixed race in late input EOS arrival when stream was
already scheduled for execution.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1904269 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
information to a backend. Deduce ':authority' from what the client
sent when 'ProxyPreserveHost' is on.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1904164 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) mod_md: a new directive `MDStoreLocks` can be used on cluster
setups with a shared file system for `MDStoreDir` to order
activation of renewed certificates when several cluster nodes are
restarted at the same time. Store locks are not enabled by default.
Restored curl_easy cleanup behaviour from v2.4.14 and refactored
the use of curl_multi for OCSP requests to work with that.
Fixes <https://github.com/icing/mod_md/issues/293>.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1903677 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
error was logged when "SSLProxyEngine" was only configured in the
location/proxy section and not the overall server. The connection
continued to work, the error log was in error. Fixed PR66190.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1903167 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
prevented trailers from being sent to a client. See
<https://github.com/icing/mod_h2/issues/233> for how
this affected gRPC use.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1902409 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901551 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901546 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* modules/ssl/ssl_private.h():
#define modssl_fips_is_enabled() and modssl_fips_enable() to wrap the
native OpenSSL FIPS functions available on OPENSSL_VERSION_NUMBER.
* modules/ssl/ssl_engine_init.c(ssl_init_Module, modssl_fips_cleanup):
Use the new wrappers instead of the OPENSSL_VERSION_NUMBER < 3.0 functions.
Submitted by: Petr Sumbera <petr.sumbera oracle.com>, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901470 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stop returning 417 when mod_proxy has to forward an HTTP/1.1 request with both
"Expect: 100-continue" and "force-proxy-request-1.0" set, mod_proxy can instead
handle the 100-continue by itself before forwarding the request, like in the
"Proxy100Continue Off" case.
Note that this does not change the behaviour of httpd receiving an HTTP/1.0
request with an Expect header, ap_check_request_header() will still correctly
return 417 in this case.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901420 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
*) core: the conf/mime.types has been updated in conformance with RFC 9239:
- .js moved from 'application/javascript' to 'text/javascript'
- .mjs was added as 'text/javascript'
[Mathias Bynens <@mathiasbynens> via PR 318]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901273 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
This did not happen in normal use as request sizes for OSCP queries
never exceed that length.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901230 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901034 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900991 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
URL/name of
an ACME CA. This gives a failover for renewals when several consecutive attempts
to get a certificate failed.
A new directive was added: `MDRetryDelay` sets the delay of retries.
A new directive was added: `MDRetryFailover` sets the number of errored
attempts before an alternate CA is selected for certificate renewals.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900852 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
stapling information when more than 6 certificates needed
updates in the same run.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900628 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows for multiple CPUs to handle the load, the number of requests and
concurrency level asked are distributed over the configured number of workers,
allowing for as much parallelism.
On unixes (only for now), -W0 will use all the CPUs available on the system.
To avoid synchronization during runtime, the stats and requests times are
gathered per worker and consolidated at the end of the run before being
printed.
Connection closes, keepalives and errors are now handled in a single place,
namely cleanup_connection(), which takes care of the good/bad state of each
request based on the response fully received or not.
When multiple workers are running, SIGINT is handled by the main thread only
and masked in workers, workers are asked to stop and woken up if waiting in
poll().
A single worker is started first to determine the connectivity with the peer,
if that fails (10 tries) ab will stop early still without starting the other
workers, otherwise the first worker will signal the main thread to start the
others.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900362 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Thanks to Ronald Crane (Zippenhop LLC) for reporting this.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900356 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
[skip ci]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900315 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
Especially not only status summary counts for certificates and
OCSP stapling but also lists. Auto status format is similar to
what was used for mod_proxy_balancer.
added change desription for code added in r1900313.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1900314 13f79535-47bb-0310-9956-ffa450edef68
|