Hello community, here is the log from the commit of package apache2 for openSUSE:Factory checked in at 2015-03-03 11:10:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apache2 (Old) and /work/SRC/openSUSE:Factory/.apache2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache2" Changes: -------- --- /work/SRC/openSUSE:Factory/apache2/apache2.changes 2015-02-20 12:43:08.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-03-03 11:10:39.000000000 +0100 @@ -1,0 +2,55 @@ +Thu Feb 26 08:17:42 UTC 2015 - jseg...@novell.com + +- Patched get_module_list to ensure proper SELinux context for + sysconfig.d/loadmodule.conf + +------------------------------------------------------------------- +Wed Feb 25 21:02:59 UTC 2015 - tchva...@suse.com + +- Pname -> name variable reduction +- Try to fix sle11 build + +------------------------------------------------------------------- +Wed Feb 25 19:59:36 UTC 2015 - tchva...@suse.com + +- Version bumpt o 2.4.12: + *) mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for + internationalization. [William Rowe] + *) mpm_winnt: Normalize the error and status messages emitted by service.c, + the service control interface for Windows. [William Rowe] + *) configure: Fix --enable-v4-mapped configuration on *BSD. PR 53824. + [ olli hauer <ohauer gmx.de>, Yann Ylavic ] + +------------------------------------------------------------------- +Wed Feb 25 18:03:20 UTC 2015 - tchva...@suse.com + +- Exit cleanly on end of the post and cleanup the update detection +- Remove Apache.xpm as it ain't used + +------------------------------------------------------------------- +Wed Feb 25 15:59:26 UTC 2015 - tchva...@suse.com + +- Cleanup init/unit decision making and provide just systemd service + on systemd systems + +------------------------------------------------------------------- +Wed Feb 25 13:53:16 UTC 2015 - tchva...@suse.com + +- Deprecate realver define as it is equal to version. +- Explicitely state MPM mods to ensure we don't lose some bnc#444878 + +------------------------------------------------------------------- +Wed Feb 25 13:23:40 UTC 2015 - tchva...@suse.com + +- Pass over spec-cleaner, there should be no actual technical + change in this just reduction of lines in the spec + +------------------------------------------------------------------- +Mon Feb 23 16:58:11 UTC 2015 - kstreit...@suse.com + +- add httpd-2.4.x-mod_lua_websocket_DoS.patch to fix mod_lua bug + where a maliciously crafted websockets PING after a script calls + r:wsupgrade() can cause a child process crash + [CVE-2015-0228], [bnc#918352]. + +------------------------------------------------------------------- Old: ---- Apache.xpm httpd-2.4.11.tar.bz2 New: ---- httpd-2.4.12.tar.bz2 httpd-2.4.x-mod_lua_websocket_DoS.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache2.spec ++++++ ++++ 1514 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/apache2/apache2.spec ++++ and /work/SRC/openSUSE:Factory/.apache2.new/apache2.spec ++++++ get_module_list ++++++ --- /var/tmp/diff_new_pack.VmzxrA/_old 2015-03-03 11:10:42.000000000 +0100 +++ /var/tmp/diff_new_pack.VmzxrA/_new 2015-03-03 11:10:42.000000000 +0100 @@ -105,7 +105,12 @@ echo >&3 -e "#\n" exec 3<&- chmod 644 $TMPFILE -mv $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf +if ! mv -Z $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf 2>/dev/null; then + mv $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf + if selinuxenabled; then + restorecon $sysconfdir/sysconfig.d/loadmodule.conf + fi +fi #echo -n ". " ++++++ httpd-2.4.11.tar.bz2 -> httpd-2.4.12.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/CHANGES new/httpd-2.4.12/CHANGES --- old/httpd-2.4.11/CHANGES 2015-01-15 13:20:33.000000000 +0100 +++ new/httpd-2.4.12/CHANGES 2015-01-22 18:32:27.000000000 +0100 @@ -1,5 +1,16 @@ -*- coding: utf-8 -*- +Changes with Apache 2.4.12 + + *) mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for + internationalization. [William Rowe] + + *) mpm_winnt: Normalize the error and status messages emitted by service.c, + the service control interface for Windows. [William Rowe] + + *) configure: Fix --enable-v4-mapped configuration on *BSD. PR 53824. + [ olli hauer <ohauer gmx.de>, Yann Ylavic ] + Changes with Apache 2.4.11 *) SECURITY: CVE-2014-3583 (cve.mitre.org) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/configure new/httpd-2.4.12/configure --- old/httpd-2.4.11/configure 2015-01-15 20:59:14.000000000 +0100 +++ new/httpd-2.4.12/configure 2015-01-22 19:50:04.000000000 +0100 @@ -6395,7 +6395,7 @@ *-solaris2*) ap_platform_runtime_link_flag="-R" case `uname -r` in - 5.567*) + 5.[567]*) ;; * ) @@ -32531,7 +32531,7 @@ else case $host in - *freebsd1234.*) + *freebsd[1234].*) v4mapped=yes ;; *freebsd*|*netbsd*|*openbsd*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/configure.in new/httpd-2.4.12/configure.in --- old/httpd-2.4.11/configure.in 2014-02-20 20:36:12.000000000 +0100 +++ new/httpd-2.4.12/configure.in 2015-01-22 18:33:07.000000000 +0100 @@ -332,7 +332,7 @@ dnl solaris 8 and above don't have a thundering herd dnl not sure about rev's before this one. case `uname -r` in - 5.[567]*) + 5.[[567]]*) ;; * ) APR_SETVAR(SINGLE_LISTEN_UNSERIALIZED_ACCEPT, [1]) @@ -774,7 +774,7 @@ ], [ case $host in - *freebsd[1234].*) + *freebsd[[1234]].*) v4mapped=yes ;; *freebsd*|*netbsd*|*openbsd*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/man/tr/rotatelogs.8 new/httpd-2.4.12/docs/man/tr/rotatelogs.8 --- old/httpd-2.4.11/docs/man/tr/rotatelogs.8 2014-10-09 12:50:01.000000000 +0200 +++ new/httpd-2.4.12/docs/man/tr/rotatelogs.8 2015-01-18 05:25:46.000000000 +0100 @@ -19,7 +19,7 @@ .el .ne 3 .IP "\\$1" \\$2 .. -.TH "ROTATELOGS" 8 "2014-10-06" "Apache HTTP Sunucusu" "rotatelogs" +.TH "ROTATELOGS" 8 "2015-01-18" "Apache HTTP Sunucusu" "rotatelogs" .nh .SH İSİM rotatelogs \- Apache günlüklerini döndürmek için borulu günlük kayıt programı @@ -27,7 +27,7 @@ .SH "KULLANIM" .PP -\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIisim\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fIdosya_sayısı\fR ] \fIdosyaismi\fR \fIsüre\fR|\fIboyut\fR(B|K|M|G) [ \fIsaat_farkı\fR ] +\fBrotatelogs\fR [ -\fBl\fR ] [ -\fBL\fR \fIisim\fR ] [ -\fBp\fR \fIprogram\fR ] [ -\fBf\fR ] [ -\fBt\fR ] [ -\fBv\fR ] [ -\fBe\fR ] [ -\fBc\fR ] [ -\fBn\fR \fIdosya_sayısı\fR ] \fIdosyaismi\fR \fIsüre\fR|\fIboyut\fR(B|K|M|G) [ \fIsaat_farkı\fR ] .SH "ÖZET" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/convenience.map new/httpd-2.4.12/docs/manual/convenience.map --- old/httpd-2.4.11/docs/manual/convenience.map 2014-12-05 23:28:02.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/convenience.map 2015-01-17 18:21:01.000000000 +0100 @@ -554,6 +554,7 @@ sslsessioncache mod/mod_ssl.html#sslsessioncache sslsessioncachetimeout mod/mod_ssl.html#sslsessioncachetimeout sslsessionticketkeyfile mod/mod_ssl.html#sslsessionticketkeyfile +sslsessiontickets mod/mod_ssl.html#sslsessiontickets sslsrpunknownuserseed mod/mod_ssl.html#sslsrpunknownuserseed sslsrpverifierfile mod/mod_ssl.html#sslsrpverifierfile sslstaplingcache mod/mod_ssl.html#sslstaplingcache diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/howto/htaccess.html.fr new/httpd-2.4.12/docs/manual/howto/htaccess.html.fr --- old/httpd-2.4.11/docs/manual/howto/htaccess.html.fr 2015-01-13 22:41:52.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/howto/htaccess.html.fr 2015-01-17 16:57:31.000000000 +0100 @@ -27,8 +27,6 @@ <a href="../ko/howto/htaccess.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | <a href="../pt-br/howto/htaccess.html" hreflang="pt-br" rel="alternate" title="Portugu�s (Brasil)"> pt-br </a></p> </div> -<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version - anglaise pour les changements r�cents.</div> <p>Les fichiers <code>.htaccess</code> fournissent une m�thode pour modifier la configuration du serveur au niveau de chaque r�pertoire.</p> @@ -41,6 +39,7 @@ <li><img alt="" src="../images/down.gif" /> <a href="#auth">Exemple d'authentification</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#ssi">Exemple d'Inclusion C�t� Serveur (Server Side Includes - SSI)</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#rewrite">Les r�gles de r��criture dans les fichiers .htaccess</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#cgi">Exemple de CGI</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#troubleshoot">R�solution des probl�mes</a></li> </ul><ul class="seealso"><li><a href="#comments_section">Commentaires</a></li></ul></div> @@ -371,6 +370,38 @@ pour une description plus d�taill�e des SSI.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> +<h2><a name="rewrite" id="rewrite">Les r�gles de r��criture dans les fichiers .htaccess</a></h2> +<p>Sivous utilisez des directives <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> dans un fichier +<code>.htaccess</code>, gardez � l'esprit que les choses sont l�g�rement +diff�rentes dans un contexte de r�pertoire. En particulier, les r�gles +sont relatives au r�pertoire courant, et non � l'URI original. Consid�rez +les exemples suivants :</p> + +<pre class="prettyprint lang-config"># Dans httpd.conf +RewriteRule ^/images/(.+)\.jpg /images/$1.png + +# Dans un fichier .htaccess situ� dans le r�pertoire racine de vos +# documents +RewriteRule ^images/(.+)\.jpg images/$1.png + +# Dans un fichier .htaccess situ� dans le r�pertoire images/ +RewriteRule ^(.+)\.jpg $1.png</pre> + + +<p>On voit que si le fichier <code>.htaccess</code> se situe � la racine +de vos documents, le slash de t�te est supprim� de la valeur de +remplacement sp�cifi�e pour la r�gle <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code>, et que si le fichier +<code>.htaccess</code> se situe dans le r�pertoire <code>images</code>, +la cha�ne <code>/images/</code> dispara�t de cette m�me valeur de +remplacement. Il doit donc en �tre de m�me dans votre expression +rationnelle.</p> + +<p>Veuillez vous r�f�rer � cette <a href="../rewrite/">documentation</a> +pour une �tude d�taill�e de l'utilisation du module +<code>mod_rewrite</code>.</p> + +</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> <h2><a name="cgi" id="cgi">Exemple de CGI</a></h2> <p>En fin de compte, vous avez d�cid� d'utiliser un fichier diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/howto/public_html.html.tr.utf8 new/httpd-2.4.12/docs/manual/howto/public_html.html.tr.utf8 --- old/httpd-2.4.11/docs/manual/howto/public_html.html.tr.utf8 2015-01-13 19:13:43.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/howto/public_html.html.tr.utf8 2015-01-18 05:25:46.000000000 +0100 @@ -27,7 +27,6 @@ <a href="../ko/howto/public_html.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | <a href="../tr/howto/public_html.html" title="Türkçe"> tr </a></p> </div> -<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div> <p>Çok kullanıcılı sistemlerde, <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> yönergesi ile her kullanıcının kendi ev dizininde bir sitesi olması sağlanabilir. @@ -37,7 +36,8 @@ <p>Öntanımlı olarak bu dizinlere erişimin etkin olmadığını unutmayınız. <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> yönergesini - kullanırken öntanımlı yapılandırma dosyasındaki</p> + kullanırken <code>conf/httpd.conf</code> öntanımlı yapılandırma + dosyasındaki</p> <div class="example"><p><code> #Include conf/extra/httpd-userdir.conf diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/install.html.tr.utf8 new/httpd-2.4.12/docs/manual/install.html.tr.utf8 --- old/httpd-2.4.11/docs/manual/install.html.tr.utf8 2015-01-01 16:30:56.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/install.html.tr.utf8 2015-01-18 05:25:46.000000000 +0100 @@ -29,7 +29,6 @@ <a href="./ko/install.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | <a href="./tr/install.html" title="Türkçe"> tr </a></p> </div> -<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div> <p>Bu belge Apache HTTP Sunucusunun sadece Unix ve Unix benzeri @@ -44,7 +43,7 @@ Kaynak Kodlu projenin yaptığı gibi <code>libtool</code> ve <code>autoconf</code> kullanır.</p> - <p>Eğer sadece sürüm yükseltiyorsanız (2.2.50’den 2.2.51’e yükseltmek + <p>Eğer sadece sürüm yükseltiyorsanız (2.4.9’dan 2.4.10’a yükseltmek gibi) lütfen doğrudan <a href="#upgrading">Yükseltme</a> bölümüne atlayınız.</p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/mod/core.html.tr.utf8 new/httpd-2.4.12/docs/manual/mod/core.html.tr.utf8 --- old/httpd-2.4.11/docs/manual/mod/core.html.tr.utf8 2015-01-01 16:30:56.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/mod/core.html.tr.utf8 2015-01-19 21:49:22.000000000 +0100 @@ -31,7 +31,6 @@ <a href="../ja/mod/core.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> | <a href="../tr/mod/core.html" title="Türkçe"> tr </a></p> </div> -<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div> <table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Apache HTTP Sunucusunda daima mevcut olan çekirdek özellikler</td></tr> <tr><th><a href="module-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr></table> @@ -2528,9 +2527,7 @@ <pre class="prettyprint lang-config">LimitRequestLine 4094</pre> - <div class="note">Normal şartlar altında öntanımlı değer değiştirilmemelidir. Ayrıca, - kaynak kodu değiştirip yeniden derlemeden bu değeri 8190'dan büyük - yapamazsınız.</div> + <div class="note">Normal şartlar altında öntanımlı değer değiştirilmemelidir.</div> <div class="warning"><h3>Uyarı</h3> <p>İsme dayalı sanal konaklar kullanıldığında, bu yönergenin değeri, @@ -3800,9 +3797,11 @@ herhangi bir yerde görünebilirse de her göründüğü yerde bir öncekini iptal eder.</p> - <p>Bir <code class="directive">ServerName</code> ataması yapılmamışsa sunucu IP - adresine atanmış sunucu ismi için bir ters DNS sorgusu yapacaktır. - <code class="directive">ServerName</code> yönergesinde bir port belirtilmediği + <p>Bir <code class="directive">ServerName</code> ataması yapılmamışsa sunucu + istemciye görünen sunucu ismi için IP adresine bir ters DNS sorgusu + yapacaktır.</p> + + <p><code class="directive">ServerName</code> yönergesinde bir port belirtilmediği takdirde sunucu, isteğin geldiği portu kullanacaktır. Öngörülebilirlik ve güvenilirlik açısından en iyisi <code class="directive">ServerName</code> yönergesini kullanarak açıkça bir konak ismi ve port belirtmektir.</p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/mod/mod_proxy.html.fr new/httpd-2.4.12/docs/manual/mod/mod_proxy.html.fr --- old/httpd-2.4.11/docs/manual/mod/mod_proxy.html.fr 2015-01-15 14:08:16.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/mod/mod_proxy.html.fr 2015-01-17 16:57:31.000000000 +0100 @@ -28,8 +28,6 @@ <a href="../fr/mod/mod_proxy.html" title="Fran�ais"> fr </a> | <a href="../ja/mod/mod_proxy.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a></p> </div> -<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version - anglaise pour les changements r�cents.</div> <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Serveur mandataire/passerelle multi-protocole</td></tr> <tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr> <tr><th><a href="module-dict.html#ModuleIdentifier">Identificateur�de�Module:</a></th><td>proxy_module</td></tr> @@ -1262,6 +1260,14 @@ (round-robin DNS). Pour d�sactiver la r�utilisation du jeu de connexions, d�finissez cette cl� � <code>On</code>. </td></tr> + <tr><td>enablereuse</td> + <td>On</td> + <td>Ce param�tre est utilis� par les gestionnaires de protocole pour + lesquels la r�utilisation des connexions est optionnelle (comme + <code class="module"><a href="../mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code>). C'est le contraire du + param�tre 'disablereuse' ci-dessus, et il est support� par les + versions 2.4.11 et sup�rieures du serveur HTTP Apache. + </td></tr> <tr><td>flushpackets</td> <td>off</td> <td>Permet de d�finir si le module mandataire doit vider diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/mod/mod_proxy_fcgi.html.fr new/httpd-2.4.12/docs/manual/mod/mod_proxy_fcgi.html.fr --- old/httpd-2.4.11/docs/manual/mod/mod_proxy_fcgi.html.fr 2015-01-15 14:08:16.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/mod/mod_proxy_fcgi.html.fr 2015-01-17 16:57:31.000000000 +0100 @@ -27,8 +27,6 @@ <p><span>Langues Disponibles: </span><a href="../en/mod/mod_proxy_fcgi.html" hreflang="en" rel="alternate" title="English"> en </a> | <a href="../fr/mod/mod_proxy_fcgi.html" title="Fran�ais"> fr </a></p> </div> -<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version - anglaise pour les changements r�cents.</div> <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Module fournissant le support de FastCGI � <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></td></tr> <tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr> @@ -78,29 +76,24 @@ <div class="example"><h3>Instance d'application unique</h3><pre class="prettyprint lang-config">ProxyPass /mon_appli/ fcgi://localhost:4000/</pre> </div> - <p>Cette application doit �tre en mesure de g�rer plusieurs - connexions simultan�es. Par d�faut, <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> - permet la r�utilisation des connexions, si bien que lorsque le - traitement d'une requ�te est termin�, le processus enfant httpd - garde la connexion ouverte, et cette derni�re ne sera pas r�utilis�e - avant que le m�me processus httpd ne redirige une autre requ�te vers - l'application. Si l'application FastCGI n'est pas en mesure de g�rer - un nombre suffisant de connexions simultan�es avec httpd, les - requ�tes peuvent �tre bloqu�es jusqu'� ce que l'application ferme - une connexion existante. Pour rem�dier � ce probl�me, on peut - d�sactiver la r�utilisation des connexions � l'aide de la directive - <code class="directive">ProxyPass</code>, comme indiqu� dans l'exemple - suivant :</p> + + <p><code class="module"><a href="../mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code> interdisant par d�faut la + r�utilisation des connexions, lorsqu'une requ�te a �t� trait�e, la + connexion ne sera pas maintenue ouverte par le processus enfant + httpd, et ne sera donc pas r�utilis�e. Cependant, si l'application + FastCGI supporte les connexions httpd simultan�es, vous pouvez opter + pour la r�utilisation des connexions comme dans l'exemple suivant :</p> - <div class="example"><h3>Instance d'application unique, pas de r�utilisation - des connexions</h3><pre class="prettyprint lang-config">ProxyPass /mon_appli/ fcgi://localhost:4000/ disablereuse=on</pre> + <div class="example"><h3>Instance d'application unique, r�utilisation + des connexions (versions 2.4.11 et sup�rieures)</h3><pre class="prettyprint lang-config">ProxyPass /myapp/ fcgi://localhost:4000/ enablereuse=on</pre> </div> <p>Dans l'exemple suivant, l'URI de la requ�te est transmis en tant que chemin du syst�me de fichiers pour l'ex�cution du d�mon PHP-FPM. L'URL de la requ�te est implicitement ajout�e au second param�tre. - PHP-FPM est � l'�coute de l'h�te et du port qui suivent fcgi://.</p> - <div class="example"><h3>PHP-FPM</h3><pre class="prettyprint lang-config">ProxyPassMatch ^/myapp/.*\.php(/.*)?$ fcgi://localhost:9000/var/www/</pre> + PHP-FPM est � l'�coute de l'h�te et du port qui + suivent fcgi://. La conservation des connexions est activ�e.</p> + <div class="example"><h3>PHP-FPM</h3><pre class="prettyprint lang-config">ProxyPassMatch ^/myapp/.*\.php(/.*)?$ fcgi://localhost:9000/var/www/ enablereuse=on</pre> </div> <p>Dans l'exemple suivant, l'URI de la requ�te est transmis en tant @@ -109,7 +102,8 @@ unix (UDS). Cette fonctionnalit� est disponible � partir de la version 2.4.9. Avec cette syntaxe, si un nom d'h�te et un port sont ajout�s apr�s fcgi://, ils seront ignor�s.</p> - <div class="example"><h3>PHP-FPM with UDS</h3><pre class="prettyprint lang-config">ProxyPassMatch ^/(.*\.php(/.*)?)$ "unix:/var/run/php5-fpm.sock|fcgi://localhost/var/www/"</pre> + <div class="example"><h3>PHP-FPM with UDS</h3><pre class="prettyprint lang-config"> # A ce jour, UDS ne supporte pas la r�utilisation des connexions + ProxyPassMatch ^/(.*\.php(/.*)?)$ "unix:/var/run/php5-fpm.sock|fcgi://localhost/var/www/"</pre> </div> <p>La passerelle � r�partition de charge n�cessite le chargement du @@ -141,8 +135,24 @@ d'arri�re-plan. Lorsque FastCGI est configur� ainsi, le serveur est en mesure de calculer le PATH_INFO le plus appropri�. </p> - <div class="example"><h3>Proxy via Handler</h3><pre class="prettyprint lang-config"><FilesMatch \.php$> + <div class="example"><h3>Mandataire via un gestionnaire</h3><pre class="prettyprint lang-config"><FilesMatch \.php$> + # Note : la seule partie variable est /path/to/app.sock SetHandler "proxy:unix:/path/to/app.sock|fcgi://localhost/" +</FilesMatch> + # D�finition d'une configuration de mandataire qui convient. + # La partie qui est mise en correspondance avec la valeur de + # SetHandler est la partie qui suit le "pipe". Si vous devez faire + # une distinction, "localhost" peut �tre chang� en un nom de serveur + # unique. + <Proxy fcgi://localhost/ enablereuse=on max=10> + </Proxy> + +<FilesMatch ...> + SetHandler "proxy:fcgi://localhost:9000" +</FilesMatch> + +<FilesMatch ...> + SetHandler "proxy:balancer://myappcluster/" </FilesMatch></pre> </div> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> @@ -164,7 +174,27 @@ d�finissez la variable d'environnement <var>proxy-fcgi-pathinfo</var>. Ceci peut servir de contournement pour une bogue pr�sente dans certaines - impl�mentations de FCGI.</dd> + impl�mentations de FCGI. Cette variable peut �tre + multivalu�e afin de pouvoir choisir la valeur la plus appropri�e + (versions 2.4.11 et sup�rieures) : + <dl> + <dt>first-dot</dt> + <dd>PATH_INFO est extrait � partir du slash qui suit le + <em>premier</em> "." de l'URL.</dd> + <dt>last-dot</dt> + <dd>PATH_INFO est extrait � partir du slash qui suit le + <em>dernier</em> "." de l'URL.</dd> + <dt>full</dt> + <dd>PATH_INFO est calcul� en supposant que l'URL correspond au + chemin du syst�me de fichiers.</dd> + <dt>unescape</dt> + <dd>PATH_INFO correspond � la partie chemin de l'URL avec ses + s�quences d'�chappement d�cod�es.</dd> + <dt>toute autre valeur</dt> + <dd>PATH_INFO correspond � la partie chemin de l'URL. + Auparavant, c'�tait la seule option pour proxy-fcgi-pathinfo.</dd> + </dl> + </dd> </dl> </div> </div> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/mod/mod_proxy_http.html.en new/httpd-2.4.12/docs/manual/mod/mod_proxy_http.html.en --- old/httpd-2.4.11/docs/manual/mod/mod_proxy_http.html.en 2015-01-01 16:30:56.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/mod/mod_proxy_http.html.en 2015-01-17 18:21:01.000000000 +0100 @@ -116,8 +116,8 @@ compliant, or <code>proxy-interim-response Suppress</code> to suppress interim responses.</dd> <dt>proxy-initial-not-pooled</dt> - <dd>If this variable is set no pooled connection will be reused - if the client connection is an initial connection. This avoids + <dd>If this variable is set, no pooled connection will be reused + if the client request is the initial request on the frontend connection. This avoids the "proxy: error reading status line from remote server" error message caused by the race condition that the backend server closed the pooled connection after the connection check by the proxy and diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/mod/mod_proxy_http.html.fr new/httpd-2.4.12/docs/manual/mod/mod_proxy_http.html.fr --- old/httpd-2.4.11/docs/manual/mod/mod_proxy_http.html.fr 2015-01-01 16:30:56.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/mod/mod_proxy_http.html.fr 2015-01-17 16:57:31.000000000 +0100 @@ -132,8 +132,9 @@ Suppress</code> pour supprimer les r�ponses interm�diaires.</dd> <dt>proxy-initial-not-pooled</dt> <dd>Si cette variable est d�finie, aucune connexion faisant - partie d'un jeu ne sera r�utilis�e si la connexion client est - une connexion initiale. Ceci permet d'�viter le message d'erreur + partie d'un jeu ne sera r�utilis�e si la requ�te + du client est la requ�te initiale pour une connexion. + Ceci permet d'�viter le message d'erreur "proxy: error reading status line from remote server" caus� par la situation de comp�tition au cours de laquelle le serveur cible ferme la connexion du jeu apr�s la v�rification de la diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/mod/mod_ssl.html.fr new/httpd-2.4.12/docs/manual/mod/mod_ssl.html.fr --- old/httpd-2.4.11/docs/manual/mod/mod_ssl.html.fr 2015-01-15 14:08:16.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/mod/mod_ssl.html.fr 2015-01-17 16:57:31.000000000 +0100 @@ -27,8 +27,6 @@ <p><span>Langues Disponibles: </span><a href="../en/mod/mod_ssl.html" hreflang="en" rel="alternate" title="English"> en </a> | <a href="../fr/mod/mod_ssl.html" title="Fran�ais"> fr </a></p> </div> -<div class="outofdate">Cette traduction peut �tre p�rim�e. V�rifiez la version - anglaise pour les changements r�cents.</div> <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Chiffrement de haut niveau bas� sur les protocoles Secure Sockets Layer (SSL) et Transport Layer Security (TLS)</td></tr> <tr><th><a href="module-dict.html#Status">Statut:</a></th><td>Extension</td></tr> @@ -2422,17 +2420,25 @@ <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="SSLSessionTickets" id="SSLSessionTickets">SSLSessionTickets</a> <a name="sslsessiontickets" id="sslsessiontickets">Directive</a></h2> <table class="directive"> -<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable or disable use of TLS session tickets</td></tr> +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Active ou d�sactive les tickets de session TLS</td></tr> <tr><th><a href="directive-dict.html#Syntax">Syntaxe:</a></th><td><code>SSLSessionTickets on|off</code></td></tr> <tr><th><a href="directive-dict.html#Default">D�faut:</a></th><td><code>SSLSessionTickets on</code></td></tr> <tr><th><a href="directive-dict.html#Context">Contexte:</a></th><td>configuration du serveur, serveur virtuel</td></tr> <tr><th><a href="directive-dict.html#Status">Statut:</a></th><td>Extension</td></tr> <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr> -<tr><th><a href="directive-dict.html#Compatibility">Compatibilit�:</a></th><td>Available in httpd 2.4.11 and later, if using OpenSSL 0.9.8f -or later.</td></tr> -</table><p>La documentation de cette directive - n'a pas encore t traduite. Veuillez vous reporter la version - en langue anglaise.</p></div> +<tr><th><a href="directive-dict.html#Compatibility">Compatibilit�:</a></th><td>Disponible � partir de la version 2.4.11 du serveur HTTP +Apache, sous r�serve d'utiliser OpenSSL version 0.9.8f ou sup�rieure. +</td></tr> +</table> +<p>Cette directive permet d'activer ou de d�sactiver l'utilisation des +tickets de session TLS (RFC 5077).</p> +<div class="warning"> +<p>Les tickets de session TLS sont activ�s par d�faut. Les utiliser sans +red�marrer le serveur selon une p�riodicit� appropri�e (par exemple +quotidiennement) compromet cependant le niveau de confidentialit�.</p> +</div> + +</div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="SSLSRPUnknownUserSeed" id="SSLSRPUnknownUserSeed">SSLSRPUnknownUserSeed</a> <a name="sslsrpunknownuserseed" id="sslsrpunknownuserseed">Directive</a></h2> <table class="directive"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/mod/quickreference.html.fr new/httpd-2.4.12/docs/manual/mod/quickreference.html.fr --- old/httpd-2.4.11/docs/manual/mod/quickreference.html.fr 2015-01-15 14:08:16.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/mod/quickreference.html.fr 2015-01-17 16:57:31.000000000 +0100 @@ -1258,7 +1258,7 @@ dans le cache de sessions</td></tr> <tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>chemin-fichier</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cl� de chiffrement/d�chiffrement permanente pour les tickets de session TLS</td></tr> -<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr> +<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Active ou d�sactive les tickets de session TLS</td></tr> <tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Source d'al�a pour utilisateur SRP inconnu</td></tr> <tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Chemin du fichier de v�rification SRP</td></tr> <tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configuration du cache pour l'agrafage OCSP</td></tr> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/programs/rotatelogs.html.tr.utf8 new/httpd-2.4.12/docs/manual/programs/rotatelogs.html.tr.utf8 --- old/httpd-2.4.11/docs/manual/programs/rotatelogs.html.tr.utf8 2015-01-01 16:30:56.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/programs/rotatelogs.html.tr.utf8 2015-01-18 05:25:46.000000000 +0100 @@ -28,7 +28,6 @@ <a href="../ko/programs/rotatelogs.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | <a href="../tr/programs/rotatelogs.html" title="Türkçe"> tr </a></p> </div> -<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div> <p><code><strong>rotatelogs</strong></code>, Apache'nin borulu günlük dosyaları özelliği ile birlikte kullanmak için tasarlanmış basit bir @@ -49,6 +48,7 @@ [ -<strong>L</strong> <var>isim</var> ] [ -<strong>p</strong> <var>program</var> ] [ -<strong>f</strong> ] + [ -<strong>t</strong> ] [ -<strong>v</strong> ] [ -<strong>e</strong> ] [ -<strong>c</strong> ] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/sections.html.tr.utf8 new/httpd-2.4.12/docs/manual/sections.html.tr.utf8 --- old/httpd-2.4.11/docs/manual/sections.html.tr.utf8 2015-01-01 16:30:56.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/sections.html.tr.utf8 2015-01-18 05:25:46.000000000 +0100 @@ -27,7 +27,6 @@ <a href="./ko/sections.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | <a href="./tr/sections.html" title="Türkçe"> tr </a></p> </div> -<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div> <p><a href="configuring.html">Yapılandırma dosyaları</a>ndaki yönergeler sunucunun tamamına uygulanacağı gibi sadece belli dizinler, @@ -282,7 +281,7 @@ mümkün olur.</p> <pre class="prettyprint lang-config"><DirectoryMatch ^/var/www/combined/(?<SITENAME>[^/]+)> - require ldap-group cn=%{env:SITENAME},ou=combined,o=Example + require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example </DirectoryMatch></pre> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/style/version.ent new/httpd-2.4.12/docs/manual/style/version.ent --- old/httpd-2.4.11/docs/manual/style/version.ent 2014-07-15 19:14:08.000000000 +0200 +++ new/httpd-2.4.12/docs/manual/style/version.ent 2015-01-15 20:57:52.000000000 +0100 @@ -19,6 +19,6 @@ <!ENTITY httpd.major "2"> <!ENTITY httpd.minor "4"> -<!ENTITY httpd.patch "11"> +<!ENTITY httpd.patch "12"> <!ENTITY httpd.docs "2.4"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/docs/manual/vhosts/name-based.html.tr.utf8 new/httpd-2.4.12/docs/manual/vhosts/name-based.html.tr.utf8 --- old/httpd-2.4.11/docs/manual/vhosts/name-based.html.tr.utf8 2015-01-01 16:30:56.000000000 +0100 +++ new/httpd-2.4.12/docs/manual/vhosts/name-based.html.tr.utf8 2015-01-18 05:25:46.000000000 +0100 @@ -28,7 +28,6 @@ <a href="../ko/vhosts/name-based.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | <a href="../tr/vhosts/name-based.html" title="Türkçe"> tr </a></p> </div> -<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div> <p>Bu belgede isme dayalı sanal konakların ne zaman, nasıl kullanılacakları açıklanmıştır.</p> @@ -86,6 +85,12 @@ <code class="directive"><a href="../mod/core.html#serveralias">ServerAlias</a></code> yönergelerindeki isimlerle karşılaştırır.</p> + <p>Herhangi bir isme dayalı sanal konakta <code class="directive"><a href="../mod/core.html#servername">ServerName</a></code> yönergesini kullanmazsanız, sunucu + bu yönergeye sistem konak adından türetilmiş tam nitelenmiş alan adının + (FQDN) tanımlandığını varsayacaktır. Bu örtük atama sezgiselliğin + istenmediği bir sanal konak eşleşmesi ile sonuçlanabilir ve bu + önerilmez.</p> + <h3><a name="defaultvhost" id="defaultvhost">Bir IP adresi ve port çifti için öntanımlı isme dayalı sankon</a></h3> <p><code class="directive"><a href="../mod/core.html#servername">ServerName</a></code> ve diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/httpd.spec new/httpd-2.4.12/httpd.spec --- old/httpd-2.4.11/httpd.spec 2015-01-15 20:59:14.000000000 +0100 +++ new/httpd-2.4.12/httpd.spec 2015-01-22 19:50:04.000000000 +0100 @@ -4,7 +4,7 @@ Summary: Apache HTTP Server Name: httpd -Version: 2.4.11 +Version: 2.4.12 Release: 1 URL: http://httpd.apache.org/ Vendor: Apache Software Foundation diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/include/ap_release.h new/httpd-2.4.12/include/ap_release.h --- old/httpd-2.4.11/include/ap_release.h 2015-01-15 20:55:57.000000000 +0100 +++ new/httpd-2.4.12/include/ap_release.h 2015-01-22 19:45:47.000000000 +0100 @@ -43,7 +43,7 @@ #define AP_SERVER_MAJORVERSION_NUMBER 2 #define AP_SERVER_MINORVERSION_NUMBER 4 -#define AP_SERVER_PATCHLEVEL_NUMBER 11 +#define AP_SERVER_PATCHLEVEL_NUMBER 12 #define AP_SERVER_DEVBUILD_BOOLEAN 0 /* Synchronize the above with docs/manual/style/version.ent */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/include/http_core.h new/httpd-2.4.12/include/http_core.h --- old/httpd-2.4.11/include/http_core.h 2014-12-02 13:43:23.000000000 +0100 +++ new/httpd-2.4.12/include/http_core.h 2015-01-19 05:16:28.000000000 +0100 @@ -597,7 +597,6 @@ #define AP_CONDITION_ELSE 2 #define AP_CONDITION_ELSEIF (AP_CONDITION_ELSE|AP_CONDITION_IF) unsigned int condition_ifelse : 2; /* is this an <If>, <ElseIf>, or <Else> */ - unsigned int d_is_directory : 1; /* Whether core_dir_config is Directory* */ ap_expr_info_t *condition; /* Conditionally merge <If> sections */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/server/core.c new/httpd-2.4.12/server/core.c --- old/httpd-2.4.11/server/core.c 2015-01-12 14:38:02.000000000 +0100 +++ new/httpd-2.4.12/server/core.c 2015-01-19 05:16:28.000000000 +0100 @@ -2164,7 +2164,6 @@ conf->r = r; conf->d = cmd->path; conf->d_is_fnmatch = (apr_fnmatch_test(conf->d) != 0); - conf->d_is_directory = 1; if (r) { conf->refs = apr_array_make(cmd->pool, 8, sizeof(char *)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/server/mpm/winnt/service.c new/httpd-2.4.12/server/mpm/winnt/service.c --- old/httpd-2.4.11/server/mpm/winnt/service.c 2012-12-12 15:19:54.000000000 +0100 +++ new/httpd-2.4.12/server/mpm/winnt/service.c 2015-01-15 21:45:57.000000000 +0100 @@ -21,11 +21,18 @@ #define _WINUSER_ +#include "apr.h" +#include "apr_strings.h" +#include "apr_lib.h" +#if APR_HAS_UNICODE_FS +#include "arch/win32/apr_arch_utf8.h" +#include "arch/win32/apr_arch_misc.h" +#include <wchar.h> +#endif + #include "httpd.h" #include "http_log.h" #include "mpm_winnt.h" -#include "apr_strings.h" -#include "apr_lib.h" #include "ap_regkey.h" #ifdef NOUSER @@ -41,6 +48,10 @@ static char *mpm_service_name = NULL; static char *mpm_display_name = NULL; +#if APR_HAS_UNICODE_FS +static apr_wchar_t *mpm_service_name_w; +#endif + typedef struct nt_service_ctx_t { HANDLE mpm_thread; /* primary thread handle of the apache server */ @@ -57,6 +68,32 @@ static int ReportStatusToSCMgr(int currentState, int waitHint, nt_service_ctx_t *ctx); +/* Rather than repeat this logic throughout, create an either-or wide or narrow + * implementation because we don't actually pass strings to OpenSCManager. + * This election is based on build time defines and runtime os version test. + */ +#undef OpenSCManager +typedef SC_HANDLE (WINAPI *fpt_OpenSCManager)(const void *lpMachine, + const void *lpDatabase, + DWORD dwAccess); +static fpt_OpenSCManager pfn_OpenSCManager = NULL; +static APR_INLINE SC_HANDLE OpenSCManager(const void *lpMachine, + const void *lpDatabase, + DWORD dwAccess) +{ + if (!pfn_OpenSCManager) { +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + pfn_OpenSCManager = (fpt_OpenSCManager)OpenSCManagerW; +#endif +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + pfn_OpenSCManager = (fpt_OpenSCManager)OpenSCManagerA; +#endif + } + return (*(pfn_OpenSCManager))(lpMachine, lpDatabase, dwAccess); +} + /* exit() for Win32 is macro mapped (horrible, we agree) that allows us * to catch the non-zero conditions and inform the console process that * the application died, and hang on to the console a bit longer. @@ -90,7 +127,8 @@ hConErr = GetStdHandle(STD_ERROR_HANDLE); if ((hConIn == INVALID_HANDLE_VALUE) || (hConErr == INVALID_HANDLE_VALUE)) return; - if (!WriteConsole(hConErr, msg, (DWORD)strlen(msg), &result, NULL) || !result) + if (!WriteConsole(hConErr, msg, (DWORD)strlen(msg), &result, NULL) + || !result) return; if (!GetConsoleScreenBufferInfo(hConErr, &coninfo)) return; @@ -244,16 +282,54 @@ if ((ChangeServiceConfig2) && (schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CONNECT))) { - SC_HANDLE schService = OpenService(schSCManager, mpm_service_name, - SERVICE_CHANGE_CONFIG); + SC_HANDLE schService; + +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + schService = OpenServiceW(schSCManager, + (LPCWSTR)mpm_service_name_w, + SERVICE_CHANGE_CONFIG); + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + schService = OpenService(schSCManager, mpm_service_name, + SERVICE_CHANGE_CONFIG); + } +#endif if (schService) { /* Cast is necessary, ChangeServiceConfig2 handles multiple * object types, some volatile, some not. */ - /* ###: utf-ize */ - ChangeServiceConfig2(schService, - 1 /* SERVICE_CONFIG_DESCRIPTION */, - (LPVOID) &full_description); +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + apr_size_t slen = strlen(full_description) + 1; + apr_size_t wslen = slen; + apr_wchar_t *full_description_w = + (apr_wchar_t*)apr_palloc(pconf, + wslen * sizeof(apr_wchar_t)); + apr_status_t rv = apr_conv_utf8_to_ucs2(full_description, &slen, + full_description_w, + &wslen); + if ((rv != APR_SUCCESS) || slen + || ChangeServiceConfig2W(schService, 1 + /*SERVICE_CONFIG_DESCRIPTION*/, + (LPVOID) &full_description_w)) + full_description = NULL; + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + if (ChangeServiceConfig2(schService, + 1 /* SERVICE_CONFIG_DESCRIPTION */, + (LPVOID) &full_description)) + full_description = NULL; + } +#endif CloseServiceHandle(schService); } CloseServiceHandle(schSCManager); @@ -263,7 +339,7 @@ /* handle the SCM's ControlService() callbacks to our service */ static DWORD WINAPI service_nt_ctrl(DWORD dwCtrlCode, DWORD dwEventType, - LPVOID lpEventData, LPVOID lpContext) + LPVOID lpEventData, LPVOID lpContext) { nt_service_ctx_t *ctx = lpContext; @@ -296,25 +372,31 @@ */ extern apr_array_header_t *mpm_new_argv; -/* ###: utf-ize */ -static void __stdcall service_nt_main_fn(DWORD argc, LPTSTR *argv) +#if APR_HAS_UNICODE_FS +static void __stdcall service_nt_main_fn_w(DWORD argc, LPWSTR *argv) { const char *ignored; nt_service_ctx_t *ctx = &globdat; + char *service_name; + apr_size_t wslen = wcslen(argv[0]) + 1; + apr_size_t slen = wslen * 3 - 2; + + service_name = malloc(slen); + (void)apr_conv_ucs2_to_utf8(argv[0], &wslen, service_name, &slen); /* args and service names live in the same pool */ - mpm_service_set_name(mpm_new_argv->pool, &ignored, argv[0]); + mpm_service_set_name(mpm_new_argv->pool, &ignored, service_name); memset(&ctx->ssStatus, 0, sizeof(ctx->ssStatus)); ctx->ssStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS; ctx->ssStatus.dwCurrentState = SERVICE_START_PENDING; ctx->ssStatus.dwCheckPoint = 1; - - /* ###: utf-ize */ - if (!(ctx->hServiceStatus = RegisterServiceCtrlHandlerEx(argv[0], service_nt_ctrl, ctx))) + if (!(ctx->hServiceStatus = + RegisterServiceCtrlHandlerExW(argv[0], service_nt_ctrl, ctx))) { - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, apr_get_os_error(), - NULL, APLOGNO(00365) "Failure registering service handler"); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, + apr_get_os_error(), NULL, + APLOGNO(00365) "Failure registering service handler"); return; } @@ -323,11 +405,12 @@ /* We need to append all the command arguments passed via StartService() * to our running service... which just got here via the SCM... - * but we hvae no interest in argv[0] for the mpm_new_argv list. + * but we have no interest in argv[0] for the mpm_new_argv list. */ if (argc > 1) { - char **cmb_data; + char **cmb_data, **cmb; + DWORD i; mpm_new_argv->nalloc = mpm_new_argv->nelts + argc - 1; cmb_data = malloc(mpm_new_argv->nalloc * sizeof(const char *)); @@ -340,6 +423,16 @@ memcpy (cmb_data + mpm_new_argv->nelts, argv + 1, mpm_new_argv->elt_size * (argc - 1)); + cmb = cmb_data + mpm_new_argv->nelts; + + for (i = 1; i < argc; ++i) + { + wslen = wcslen(argv[i]) + 1; + slen = wslen * 3 - 2; + service_name = malloc(slen); + (void)apr_conv_ucs2_to_utf8(argv[i], &wslen, *(cmb++), &slen); + } + /* The replacement arg list is complete */ mpm_new_argv->elts = (char *)cmb_data; mpm_new_argv->nelts = mpm_new_argv->nalloc; @@ -352,27 +445,105 @@ WaitForSingleObject(ctx->service_term, INFINITE); } +#endif /* APR_HAS_UNICODE_FS */ -static DWORD WINAPI service_nt_dispatch_thread(LPVOID nada) +#if APR_HAS_ANSI_FS +static void __stdcall service_nt_main_fn(DWORD argc, LPSTR *argv) { - apr_status_t rv = APR_SUCCESS; + const char *ignored; + nt_service_ctx_t *ctx = &globdat; + + /* args and service names live in the same pool */ + mpm_service_set_name(mpm_new_argv->pool, &ignored, argv[0]); + + memset(&ctx->ssStatus, 0, sizeof(ctx->ssStatus)); + ctx->ssStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS; + ctx->ssStatus.dwCurrentState = SERVICE_START_PENDING; + ctx->ssStatus.dwCheckPoint = 1; - SERVICE_TABLE_ENTRY dispatchTable[] = + if (!(ctx->hServiceStatus = + RegisterServiceCtrlHandlerExA(argv[0], service_nt_ctrl, ctx))) + { + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, + apr_get_os_error(), NULL, + APLOGNO(00365) "Failure registering service handler"); + return; + } + + /* Report status, no errors, and buy 3 more seconds */ + ReportStatusToSCMgr(SERVICE_START_PENDING, 30000, ctx); + + /* We need to append all the command arguments passed via StartService() + * to our running service... which just got here via the SCM... + * but we have no interest in argv[0] for the mpm_new_argv list. + */ + if (argc > 1) { - { "", service_nt_main_fn }, + char **cmb_data; + + mpm_new_argv->nalloc = mpm_new_argv->nelts + argc - 1; + cmb_data = malloc(mpm_new_argv->nalloc * sizeof(const char *)); + + /* mpm_new_argv remains first (of lower significance) */ + memcpy (cmb_data, mpm_new_argv->elts, + mpm_new_argv->elt_size * mpm_new_argv->nelts); + + /* Service args follow from StartService() invocation */ + memcpy (cmb_data + mpm_new_argv->nelts, argv + 1, + mpm_new_argv->elt_size * (argc - 1)); + + /* The replacement arg list is complete */ + mpm_new_argv->elts = (char *)cmb_data; + mpm_new_argv->nelts = mpm_new_argv->nalloc; + } + + /* Let the main thread continue now... but hang on to the + * signal_monitor event so we can take further action + */ + SetEvent(ctx->service_init); + + WaitForSingleObject(ctx->service_term, INFINITE); +} +#endif + + + static DWORD WINAPI service_nt_dispatch_thread(LPVOID nada) + { +#if APR_HAS_UNICODE_FS + SERVICE_TABLE_ENTRYW dispatchTable_w[] = + { + { L"", service_nt_main_fn_w }, { NULL, NULL } }; - - /* ###: utf-ize */ - if (!StartServiceCtrlDispatcher(dispatchTable)) +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + SERVICE_TABLE_ENTRYA dispatchTable[] = { + { "", service_nt_main_fn }, + { NULL, NULL } + }; +#endif + apr_status_t rv; + +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + rv = StartServiceCtrlDispatcherW(dispatchTable_w); +#endif +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + rv = StartServiceCtrlDispatcherA(dispatchTable); +#endif + if (rv) { + rv = APR_SUCCESS; + } + else { /* This is a genuine failure of the SCM. */ rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00366) - "Error starting service control dispatcher"); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00366) "Error starting Windows service control " + "dispatcher"); } - return (rv); } @@ -400,8 +571,24 @@ */ mpm_service_name = apr_palloc(p, strlen(set_name) + 1); apr_collapse_spaces((char*) mpm_service_name, set_name); +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + apr_size_t slen = strlen(mpm_service_name) + 1; + apr_size_t wslen = slen; + mpm_service_name_w = apr_palloc(p, wslen * sizeof(apr_wchar_t)); + rv = apr_conv_utf8_to_ucs2(mpm_service_name, &slen, + mpm_service_name_w, &wslen); + if (rv != APR_SUCCESS) + return rv; + else if (slen) + return APR_ENAMETOOLONG; + } +#endif /* APR_HAS_UNICODE_FS */ + apr_snprintf(key_name, sizeof(key_name), SERVICECONFIG, mpm_service_name); - rv = ap_regkey_open(&key, AP_REGKEY_LOCAL_MACHINE, key_name, APR_READ, pconf); + rv = ap_regkey_open(&key, AP_REGKEY_LOCAL_MACHINE, key_name, + APR_READ, pconf); if (rv == APR_SUCCESS) { rv = ap_regkey_value_get(&mpm_display_name, key, "DisplayName", pconf); ap_regkey_close(key); @@ -411,6 +598,7 @@ mpm_display_name = apr_pstrdup(p, set_name); } *display_name = mpm_display_name; + return rv; } @@ -434,8 +622,8 @@ if (rv != APR_SUCCESS) { if (rv == ERROR_FILE_NOT_FOUND) { ap_log_error(APLOG_MARK, APLOG_INFO, 0, NULL, APLOGNO(00367) - "No ConfigArgs registered for %s, perhaps " - "this service is not installed?", + "No ConfigArgs registered for the '%s' service, " + "perhaps this service is not installed?", mpm_service_name); return APR_SUCCESS; } @@ -557,22 +745,53 @@ const char * const * argv, int reconfig) { char key_name[MAX_PATH]; - char exe_path[MAX_PATH]; char *launch_cmd; ap_regkey_t *key; apr_status_t rv; SC_HANDLE schService; SC_HANDLE schSCManager; + DWORD rc; +#if APR_HAS_UNICODE_FS + apr_wchar_t *display_name_w; + apr_wchar_t *launch_cmd_w; +#endif - fprintf(stderr,reconfig ? "Reconfiguring the %s service\n" - : "Installing the %s service\n", mpm_display_name); + fprintf(stderr, reconfig ? "Reconfiguring the '%s' service\n" + : "Installing the '%s' service\n", + mpm_display_name); - /* ###: utf-ize */ - if (GetModuleFileName(NULL, exe_path, sizeof(exe_path)) == 0) +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + apr_size_t slen = strlen(mpm_display_name) + 1; + apr_size_t wslen = slen; + display_name_w = apr_palloc(ptemp, wslen * sizeof(apr_wchar_t)); + rv = apr_conv_utf8_to_ucs2(mpm_display_name, &slen, + display_name_w, &wslen); + if (rv != APR_SUCCESS) + return rv; + else if (slen) + return APR_ENAMETOOLONG; + + launch_cmd_w = apr_palloc(ptemp, (MAX_PATH + 17) * sizeof(apr_wchar_t)); + launch_cmd_w[0] = L'"'; + rc = GetModuleFileNameW(NULL, launch_cmd_w + 1, MAX_PATH); + wcscpy(launch_cmd_w + rc + 1, L"\" -k runservice"); + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI { - apr_status_t rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00368) - "GetModuleFileName failed"); + launch_cmd = apr_palloc(ptemp, MAX_PATH + 17); + launch_cmd[0] = '"'; + rc = GetModuleFileName(NULL, launch_cmd + 1, MAX_PATH); + strcpy(launch_cmd + rc + 1, "\" -k runservice"); + } +#endif + if (rc == 0) { + rv = apr_get_os_error(); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00368) "GetModuleFileName failed"); return rv; } @@ -580,40 +799,70 @@ SC_MANAGER_CREATE_SERVICE); if (!schSCManager) { rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00369) - "Failed to open the WinNT service manager, perhaps " - "you forgot to log in as Adminstrator?"); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00369) "Failed to open the Windows service " + "manager, perhaps you forgot to log in as Adminstrator?"); return (rv); } - launch_cmd = apr_psprintf(ptemp, "\"%s\" -k runservice", exe_path); - if (reconfig) { - /* ###: utf-ize */ - schService = OpenService(schSCManager, mpm_service_name, - SERVICE_CHANGE_CONFIG); +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + schService = OpenServiceW(schSCManager, mpm_service_name_w, + SERVICE_CHANGE_CONFIG); + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + schService = OpenService(schSCManager, mpm_service_name, + SERVICE_CHANGE_CONFIG); + } +#endif if (!schService) { - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, - apr_get_os_error(), NULL, - "OpenService failed"); + rv = apr_get_os_error(); + CloseServiceHandle(schSCManager); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00373) "Failed to open the '%s' service", + mpm_display_name); + return (rv); } - /* ###: utf-ize */ - else if (!ChangeServiceConfig(schService, + +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + rc = ChangeServiceConfigW(schService, SERVICE_WIN32_OWN_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL, - launch_cmd, NULL, NULL, - "Tcpip\0Afd\0", NULL, NULL, - mpm_display_name)) { + launch_cmd_w, NULL, NULL, + L"Tcpip\0Afd\0", NULL, NULL, + display_name_w); + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + rc = ChangeServiceConfig(schService, + SERVICE_WIN32_OWN_PROCESS, + SERVICE_AUTO_START, + SERVICE_ERROR_NORMAL, + launch_cmd, NULL, NULL, + "Tcpip\0Afd\0", NULL, NULL, + mpm_display_name); + } +#endif + if (!rc) { ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, apr_get_os_error(), NULL, - "ChangeServiceConfig failed"); + APLOGNO(02652) "ChangeServiceConfig failed"); /* !schService aborts configuration below */ CloseServiceHandle(schService); schService = NULL; - } } + } else { /* RPCSS is the Remote Procedure Call (RPC) Locator required * for DCOM communication pipes. I am far from convinced we @@ -621,26 +870,48 @@ * be warned that future apache modules or ISAPI dll's may * depend on it. */ - /* ###: utf-ize */ - schService = CreateService(schSCManager, /* SCManager database */ - mpm_service_name, /* name of service */ - mpm_display_name, /* name to display */ - SERVICE_ALL_ACCESS, /* access required */ - SERVICE_WIN32_OWN_PROCESS, /* service type */ - SERVICE_AUTO_START, /* start type */ - SERVICE_ERROR_NORMAL, /* error control type */ - launch_cmd, /* service's binary */ - NULL, /* no load svc group */ - NULL, /* no tag identifier */ - "Tcpip\0Afd\0", /* dependencies */ - NULL, /* use SYSTEM account */ - NULL); /* no password */ - +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + schService = CreateServiceW(schSCManager, // SCManager database + mpm_service_name_w, // name of service + display_name_w, // name to display + SERVICE_ALL_ACCESS, // access required + SERVICE_WIN32_OWN_PROCESS, // service type + SERVICE_AUTO_START, // start type + SERVICE_ERROR_NORMAL, // error control type + launch_cmd_w, // service's binary + NULL, // no load svc group + NULL, // no tag identifier + L"Tcpip\0Afd\0", // dependencies + NULL, // use SYSTEM account + NULL); // no password + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + schService = CreateService(schSCManager, // SCManager database + mpm_service_name, // name of service + mpm_display_name, // name to display + SERVICE_ALL_ACCESS, // access required + SERVICE_WIN32_OWN_PROCESS, // service type + SERVICE_AUTO_START, // start type + SERVICE_ERROR_NORMAL, // error control type + launch_cmd, // service's binary + NULL, // no load svc group + NULL, // no tag identifier + "Tcpip\0Afd\0", // dependencies + NULL, // use SYSTEM account + NULL); // no password + } +#endif if (!schService) { rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00370) - "Failed to create WinNT Service Profile"); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00370) "Failed to create the '%s' service", + mpm_display_name); CloseServiceHandle(schSCManager); return (rv); } @@ -661,12 +932,13 @@ ap_regkey_close(key); } if (rv != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00371) - "%s: Failed to store the ConfigArgs in the registry.", - mpm_display_name); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00371) "Failed to store ConfigArgs for the " + "'%s' service in the registry.", mpm_display_name); return (rv); } - fprintf(stderr,"The %s service is successfully installed.\n", mpm_display_name); + fprintf(stderr, "The '%s' service is successfully installed.\n", + mpm_display_name); return APR_SUCCESS; } @@ -677,24 +949,35 @@ SC_HANDLE schService; SC_HANDLE schSCManager; - fprintf(stderr,"Removing the %s service\n", mpm_display_name); + fprintf(stderr, "Removing the '%s' service\n", mpm_display_name); schSCManager = OpenSCManager(NULL, NULL, /* local, default database */ SC_MANAGER_CONNECT); if (!schSCManager) { rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00372) - "Failed to open the WinNT service manager."); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00369) "Failed to open the Windows service " + "manager, perhaps you forgot to log in as Adminstrator?"); return (rv); } - /* ###: utf-ize */ - schService = OpenService(schSCManager, mpm_service_name, DELETE); - +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + schService = OpenServiceW(schSCManager, mpm_service_name_w, DELETE); + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + schService = OpenService(schSCManager, mpm_service_name, DELETE); + } +#endif if (!schService) { rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00373) - "%s: OpenService failed", mpm_display_name); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00373) "Failed to open the '%s' service", + mpm_display_name); return (rv); } @@ -711,15 +994,17 @@ if (DeleteService(schService) == 0) { rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00374) - "%s: Failed to delete the service.", mpm_display_name); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00374) "Failed to delete the '%s' service", + mpm_display_name); return (rv); } CloseServiceHandle(schService); CloseServiceHandle(schSCManager); - fprintf(stderr,"The %s service has been removed successfully.\n", mpm_display_name); + fprintf(stderr, "The '%s' service has been removed successfully.\n", + mpm_display_name); return APR_SUCCESS; } @@ -731,7 +1016,8 @@ * ControlService signal is sent. */ -static int signal_service_transition(SC_HANDLE schService, DWORD signal, DWORD pending, DWORD complete) +static int signal_service_transition(SC_HANDLE schService, DWORD signal, + DWORD pending, DWORD complete) { if (signal && !ControlService(schService, signal, &globdat.ssStatus)) return FALSE; @@ -750,52 +1036,95 @@ const char * const * argv) { apr_status_t rv; - CHAR **start_argv; SC_HANDLE schService; SC_HANDLE schSCManager; - fprintf(stderr,"Starting the %s service\n", mpm_display_name); + fprintf(stderr, "Starting the '%s' service\n", mpm_display_name); schSCManager = OpenSCManager(NULL, NULL, /* local, default database */ SC_MANAGER_CONNECT); if (!schSCManager) { rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00375) - "Failed to open the WinNT service manager"); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00369) "Failed to open the Windows service " + "manager, perhaps you forgot to log in as Adminstrator?"); return (rv); } - /* ###: utf-ize */ - schService = OpenService(schSCManager, mpm_service_name, - SERVICE_START | SERVICE_QUERY_STATUS); +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + schService = OpenServiceW(schSCManager, mpm_service_name_w, + SERVICE_START | SERVICE_QUERY_STATUS); + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + schService = OpenService(schSCManager, mpm_service_name, + SERVICE_START | SERVICE_QUERY_STATUS); + } +#endif if (!schService) { rv = apr_get_os_error(); - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, APLOGNO(00376) - "%s: Failed to open the service.", mpm_display_name); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, + APLOGNO(00373) "Failed to open the '%s' service", + mpm_display_name); CloseServiceHandle(schSCManager); return (rv); } if (QueryServiceStatus(schService, &globdat.ssStatus) && (globdat.ssStatus.dwCurrentState == SERVICE_RUNNING)) { - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, 0, NULL, APLOGNO(00377) - "Service %s is already started!", mpm_display_name); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, 0, NULL, + APLOGNO(00377) "The '%s' service is already started!", + mpm_display_name); CloseServiceHandle(schService); CloseServiceHandle(schSCManager); return 0; } - start_argv = malloc((argc + 1) * sizeof(const char **)); - memcpy(start_argv, argv, argc * sizeof(const char **)); - start_argv[argc] = NULL; - rv = APR_EINIT; - /* ###: utf-ize */ - if (StartService(schService, argc, start_argv) - && signal_service_transition(schService, 0, /* test only */ - SERVICE_START_PENDING, - SERVICE_RUNNING)) - rv = APR_SUCCESS; +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + LPWSTR *start_argv_w = malloc((argc + 1) * sizeof(LPCWSTR)); + int i; + + for (i = 0; i < argc; ++i) + { + apr_size_t slen = strlen(argv[i]) + 1; + apr_size_t wslen = slen; + start_argv_w[i] = malloc(wslen * sizeof(WCHAR)); + rv = apr_conv_utf8_to_ucs2(argv[i], &slen, start_argv_w[i], &wslen); + if (rv != APR_SUCCESS) + return rv; + else if (slen) + return APR_ENAMETOOLONG; + } + start_argv_w[argc] = NULL; + + if (StartServiceW(schService, argc, start_argv_w) + && signal_service_transition(schService, 0, /* test only */ + SERVICE_START_PENDING, + SERVICE_RUNNING)) + rv = APR_SUCCESS; + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + char **start_argv = malloc((argc + 1) * sizeof(const char *)); + memcpy(start_argv, argv, argc * sizeof(const char *)); + start_argv[argc] = NULL; + + if (StartService(schService, argc, start_argv) + && signal_service_transition(schService, 0, /* test only */ + SERVICE_START_PENDING, + SERVICE_RUNNING)) + rv = APR_SUCCESS; + } +#endif if (rv != APR_SUCCESS) rv = apr_get_os_error(); @@ -803,10 +1132,10 @@ CloseServiceHandle(schSCManager); if (rv == APR_SUCCESS) - fprintf(stderr,"The %s service is running.\n", mpm_display_name); + fprintf(stderr, "The '%s' service is running.\n", mpm_display_name); else ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL, APLOGNO(00378) - "%s: Failed to start the service process.", + "Failed to start the '%s' service", mpm_display_name); return rv; @@ -825,42 +1154,61 @@ SC_MANAGER_CONNECT); if (!schSCManager) { - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, apr_get_os_error(), NULL, APLOGNO(00379) - "Failed to open the NT Service Manager"); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, + apr_get_os_error(), NULL, + APLOGNO(00369) "Failed to open the Windows service " + "manager, perhaps you forgot to log in as Adminstrator?"); return; } - /* ###: utf-ize */ - schService = OpenService(schSCManager, mpm_service_name, - SERVICE_INTERROGATE | SERVICE_QUERY_STATUS | - SERVICE_USER_DEFINED_CONTROL | - SERVICE_START | SERVICE_STOP); - +#if APR_HAS_UNICODE_FS + IF_WIN_OS_IS_UNICODE + { + schService = OpenServiceW(schSCManager, mpm_service_name_w, + SERVICE_INTERROGATE | SERVICE_QUERY_STATUS | + SERVICE_USER_DEFINED_CONTROL | + SERVICE_START | SERVICE_STOP); + } +#endif /* APR_HAS_UNICODE_FS */ +#if APR_HAS_ANSI_FS + ELSE_WIN_OS_IS_ANSI + { + schService = OpenService(schSCManager, mpm_service_name, + SERVICE_INTERROGATE | SERVICE_QUERY_STATUS | + SERVICE_USER_DEFINED_CONTROL | + SERVICE_START | SERVICE_STOP); + } +#endif if (schService == NULL) { /* Could not open the service */ - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, apr_get_os_error(), NULL, APLOGNO(00380) - "Failed to open the %s Service", mpm_display_name); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, + apr_get_os_error(), NULL, + APLOGNO(00373) "Failed to open the '%s' service", + mpm_display_name); CloseServiceHandle(schSCManager); return; } if (!QueryServiceStatus(schService, &globdat.ssStatus)) { - ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, apr_get_os_error(), NULL, APLOGNO(00381) - "Query of Service %s failed", mpm_display_name); + ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, + apr_get_os_error(), NULL, + APLOGNO(00381) "Query of the '%s' service failed", + mpm_display_name); CloseServiceHandle(schService); CloseServiceHandle(schSCManager); return; } if (!signal && (globdat.ssStatus.dwCurrentState == SERVICE_STOPPED)) { - fprintf(stderr,"The %s service is not started.\n", mpm_display_name); + fprintf(stderr, "The '%s' service is not started.\n", mpm_display_name); CloseServiceHandle(schService); CloseServiceHandle(schSCManager); return; } - fprintf(stderr,"The %s service is %s.\n", mpm_display_name, - signal ? "restarting" : "stopping"); + fprintf(stderr, signal ? "The '%s' service is restarting.\n" + : "The '%s' service is stopping.\n", + mpm_display_name); if (!signal) success = signal_service_transition(schService, @@ -883,9 +1231,11 @@ CloseServiceHandle(schSCManager); if (success) - fprintf(stderr,"The %s service has %s.\n", mpm_display_name, - signal ? "restarted" : "stopped"); + fprintf(stderr, signal ? "The '%s' service has restarted.\n" + : "The '%s' service has stopped.\n", + mpm_display_name); else - fprintf(stderr,"Failed to %s the %s service.\n", - signal ? "restart" : "stop", mpm_display_name); + fprintf(stderr, signal ? "Failed to restart the '%s' service.\n" + : "Failed to stop the '%s' service.\n", + mpm_display_name); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/httpd-2.4.11/server/request.c new/httpd-2.4.12/server/request.c --- old/httpd-2.4.11/server/request.c 2014-12-02 13:43:23.000000000 +0100 +++ new/httpd-2.4.12/server/request.c 2015-01-19 05:16:28.000000000 +0100 @@ -1212,13 +1212,6 @@ pmatch = apr_palloc(rxpool, nmatch*sizeof(ap_regmatch_t)); } - /* core_dir_config is Directory*, but the requested file is - * not a directory, so although the regexp could match, - * we skip it. */ - if (entry_core->d_is_directory && r->finfo.filetype != APR_DIR) { - continue; - } - if (ap_regexec(entry_core->r, r->filename, nmatch, pmatch, 0)) { continue; } ++++++ httpd-2.4.x-mod_lua_websocket_DoS.patch ++++++ >From 643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef Mon Sep 17 00:00:00 2001 From: Eric Covener <cove...@apache.org> Date: Wed, 4 Feb 2015 14:44:23 +0000 Subject: [PATCH] *) SECURITY: CVE-2015-0228 (cve.mitre.org) mod_lua: A maliciously crafted websockets PING after a script calls r:wsupgrade() can cause a child process crash. [Edward Lu <Chaosed0 gmail.com>] Discovered by Guido Vranken <guidovranken gmail.com> Submitted by: Edward Lu Committed by: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1657261 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/lua/lua_request.c b/modules/lua/lua_request.c index dded599..1200c55 100644 --- a/modules/lua/lua_request.c +++ b/modules/lua/lua_request.c @@ -2227,6 +2227,7 @@ static int lua_websocket_read(lua_State *L) { apr_socket_t *sock; apr_status_t rv; + int do_read = 1; int n = 0; apr_size_t len = 1; apr_size_t plen = 0; @@ -2244,6 +2245,8 @@ static int lua_websocket_read(lua_State *L) mask_bytes = apr_pcalloc(r->pool, 4); sock = ap_get_conn_socket(r->connection); + while (do_read) { + do_read = 0; /* Get opcode and FIN bit */ if (plaintext) { rv = apr_socket_recv(sock, &byte, &len); @@ -2377,10 +2380,11 @@ static int lua_websocket_read(lua_State *L) frame[0] = 0x8A; frame[1] = 0; apr_socket_send(sock, frame, &plen); /* Pong! */ - lua_websocket_read(L); /* read the next frame instead */ + do_read = 1; } } } + } return 0; } -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org