cvs commit: apache-1.3/htdocs/manual new_features_1_3.html
brian 98/07/19 17:18:19 Modified:htdocs/manual new_features_1_3.html Log: Small typo. Revision ChangesPath 1.67 +1 -1 apache-1.3/htdocs/manual/new_features_1_3.html Index: new_features_1_3.html === RCS file: /export/home/cvs/apache-1.3/htdocs/manual/new_features_1_3.html,v retrieving revision 1.66 retrieving revision 1.67 diff -u -r1.66 -r1.67 --- new_features_1_3.html 1998/05/29 12:07:05 1.66 +++ new_features_1_3.html 1998/07/20 00:18:18 1.67 @@ -21,7 +21,7 @@ the A HREF=upgrading_to_1_3.htmlupgrade notes/A. PEnhancements: A HREF=#coreCore/A | -A HREF=#perfPerformance/A | +A HREF=#performancePerformance/A | A HREF=#configConfiguration/A | A HREF=#modModules/A | A HREF=#apiAPI/A |
cvs commit: apache-1.3 STATUS
brian 98/07/19 18:43:43 Modified:.STATUS Log: Remove the bug report about Win95 and access files, add Manoj's security fix. Revision ChangesPath 1.442 +6 -5 apache-1.3/STATUS Index: STATUS === RCS file: /export/home/cvs/apache-1.3/STATUS,v retrieving revision 1.441 retrieving revision 1.442 diff -u -r1.441 -r1.442 --- STATUS1998/07/18 07:28:25 1.441 +++ STATUS1998/07/20 01:43:42 1.442 @@ -14,11 +14,6 @@ WIN32 1.3.1 RELEASE SHOWSTOPPERS: -* Win95: when authentication is required for directory /foobar/, direct - access to /foobar/bletch is permitted. PR #2145 - - UPDATE: may be false alarm, probably shouldn't hold 1.3.1. - * can not build tarball until someone verifies the final code will build on win32. Want to avoid changes-after-tag that happened with 1.3.0. @@ -29,6 +24,12 @@ virtualhosting. (If it exists already I can't find it easily.) Available Patches: + +* [PATCH] PR #2355 and very minor security hole fix + Message-ID: [EMAIL PROTECTED] + With this patch, Apache uses ap_sub_req_lookup_file to get the + filename specified in a file= parameter (for example, in an + flastmod or fsize call). * [PATCH] Link DSO modules against possible libraries from $(LIBS) Message-ID: [EMAIL PROTECTED]
cvs commit: apache-1.3 STATUS
brian 98/07/19 18:56:45 Modified:.STATUS Log: Add another patch from IBM. These patches need votes, gang! C'mon! Revision ChangesPath 1.443 +6 -0 apache-1.3/STATUS Index: STATUS === RCS file: /export/home/cvs/apache-1.3/STATUS,v retrieving revision 1.442 retrieving revision 1.443 diff -u -r1.442 -r1.443 --- STATUS1998/07/20 01:43:42 1.442 +++ STATUS1998/07/20 01:56:43 1.443 @@ -25,6 +25,12 @@ Available Patches: +* [PATCH] PR2356 - SSI exec + Message-ID: [EMAIL PROTECTED] + This is an update of a patch I sent in earlier. There are 13 new + lines of code to detect and handle shellcmd. COMMAND.COM is used + to exec the script on Win95, CMD.EXE on NT. + * [PATCH] PR #2355 and very minor security hole fix Message-ID: [EMAIL PROTECTED] With this patch, Apache uses ap_sub_req_lookup_file to get the
cvs commit: apache-1.3 WARNING-NT.TXT
pcs 98/07/20 02:52:26 Added: .WARNING-NT.TXT Log: Add a more visible warning about Apache for Window's current instability. (Marc Slemko's wording). This is used by the IS2 configuration. It should perhaps go into os/win32 but then it wouldn't be as obvious to people who obtain the source tree. Named to be consistent with README-NT.TXT (README.NT in CVS), although both might be more correct as as *-WIN32.TXT. Revision ChangesPath 1.1 apache-1.3/WARNING-NT.TXT Index: WARNING-NT.TXT === WARNING: The Win32 release of Apache should still be considered beta quality code. It does not meet the normal standards of stability and security that Unix releases do. There are numerous known bugs and inconsistencies. There is also a much greater chance of security holes being present in the Win32 version of Apache.
cvs commit: apache-1.3/src/os/win32/installer apache.iwz
pcs 98/07/20 02:56:25 Modified:src/os/win32/installer apache.iwz Log: Add a warning dialog (from WARNING-NT.TXT). Also remove the initial welcome dialog box, since it warns of severe penalties for copying the distribution or program. Revision ChangesPath 1.12 +3 -2 apache-1.3/src/os/win32/installer/apache.iwz Index: apache.iwz === RCS file: /export/home/cvs/apache-1.3/src/os/win32/installer/apache.iwz,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- apache.iwz1998/07/19 12:10:45 1.11 +++ apache.iwz1998/07/20 09:56:24 1.12 @@ -36,6 +36,7 @@ Version=2.02 DevTool=Generic Windows Platform=Win32 +DisksBuilt=1 DisksDir=apache\650MB\ TabsVisit=0011100011 LangNum=451 @@ -743,10 +744,10 @@ [Sequence] DestinationLocationDir=ProgramFilesDir\Apache Group\Apache SelectProgramFolderName=Apache Web Server -WelcomeMessage=1 -WelcomeMessageFile= LicenseAgreement=1 LicenseAgreementFile=C:\Apache\LICENSE +ReadMeFileBrowser=1 +ReadMeFileBrowserFile=C:\apache\WARNING-NT.TXT DestinationLocation=1 SetupType=1 CustomSetup=1
cvs commit: apache-1.3/src/modules/test Makefile.tmpl
dgaudet 98/07/20 09:20:24 Modified:src/modules/test Makefile.tmpl Log: dependency update, this won't compile in 1.3.1 Revision ChangesPath 1.11 +10 -10apache-1.3/src/modules/test/Makefile.tmpl Index: Makefile.tmpl === RCS file: /export/home/cvs/apache-1.3/src/modules/test/Makefile.tmpl,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- Makefile.tmpl 1998/07/09 00:08:46 1.10 +++ Makefile.tmpl 1998/07/20 16:20:23 1.11 @@ -5,14 +5,14 @@ # DO NOT REMOVE mod_rndchunk.o: mod_rndchunk.c $(INCDIR)/httpd.h \ - $(INCDIR)/conf.h $(OSDIR)/os.h $(INCDIR)/apctype.h \ - $(INCDIR)/hsregex.h $(INCDIR)/alloc.h $(INCDIR)/buff.h \ - $(INCDIR)/ap.h $(INCDIR)/util_uri.h \ - $(INCDIR)/http_protocol.h $(INCDIR)/http_config.h \ - $(INCDIR)/http_main.h + $(INCDIR)/ap_config.h $(INCDIR)/ap_config_auto.h \ + $(OSDIR)/os.h $(INCDIR)/ap_ctype.h $(INCDIR)/hsregex.h \ + $(INCDIR)/alloc.h $(INCDIR)/buff.h $(INCDIR)/ap.h \ + $(INCDIR)/util_uri.h $(INCDIR)/http_protocol.h \ + $(INCDIR)/http_config.h $(INCDIR)/http_main.h mod_test_util_uri.o: mod_test_util_uri.c $(INCDIR)/httpd.h \ - $(INCDIR)/conf.h $(OSDIR)/os.h $(INCDIR)/apctype.h \ - $(INCDIR)/hsregex.h $(INCDIR)/alloc.h $(INCDIR)/buff.h \ - $(INCDIR)/ap.h $(INCDIR)/util_uri.h \ - $(INCDIR)/http_protocol.h $(INCDIR)/http_config.h \ - $(INCDIR)/http_main.h + $(INCDIR)/ap_config.h $(INCDIR)/ap_config_auto.h \ + $(OSDIR)/os.h $(INCDIR)/ap_ctype.h $(INCDIR)/hsregex.h \ + $(INCDIR)/alloc.h $(INCDIR)/buff.h $(INCDIR)/ap.h \ + $(INCDIR)/util_uri.h $(INCDIR)/http_protocol.h \ + $(INCDIR)/http_config.h $(INCDIR)/http_main.h
cvs commit: apache-1.3/src Makefile.tmpl
dgaudet 98/07/20 09:27:59 Modified:src Makefile.tmpl Log: fix parallel make, must recurse first Revision ChangesPath 1.102 +1 -1 apache-1.3/src/Makefile.tmpl Index: Makefile.tmpl === RCS file: /export/home/cvs/apache-1.3/src/Makefile.tmpl,v retrieving revision 1.101 retrieving revision 1.102 diff -u -r1.101 -r1.102 --- Makefile.tmpl 1998/07/13 11:32:29 1.101 +++ Makefile.tmpl 1998/07/20 16:27:58 1.102 @@ -108,7 +108,7 @@ #Dependencies -$(OBJS): Makefile +$(OBJS): Makefile subdirs # DO NOT REMOVE buildmark.o: buildmark.c include/ap_config.h include/ap_config_auto.h \
cvs commit: apache-1.3/src/modules/standard mod_include.c
dgaudet 98/07/20 09:33:58
Modified:src CHANGES
src/modules/standard mod_include.c
Log:
use sub_req_lookup_file for fsize and flastmod.
PR: 2355
Submitted by: Manoj Kasichainula [EMAIL PROTECTED]
Reviewed by: Brian, Dean
Revision ChangesPath
1.971 +9 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.970
retrieving revision 1.971
diff -u -r1.970 -r1.971
--- CHANGES 1998/07/18 22:50:15 1.970
+++ CHANGES 1998/07/20 16:33:56 1.971
@@ -1,3 +1,12 @@
+Changes with Apache 1.3.2
+
+ *) mod_include had problems with the fsize and flastmod directives
+ under WIN32. Fix also avoids the minor security hole of using
+ .. paths for fsize and flastmod.
+ [Manoj Kasichainula [EMAIL PROTECTED]] PR#2355
+
+ *) Fixed some Makefile dependency problems. [Dean Gaudet]
+
Changes with Apache 1.3.1
*) Disable the incorrect entry for application/msword in the
1.99 +24 -7 apache-1.3/src/modules/standard/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_include.c,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- mod_include.c 1998/07/08 17:47:16 1.98
+++ mod_include.c 1998/07/20 16:33:57 1.99
@@ -1004,22 +1004,39 @@
char *tag_val, struct stat *finfo, const char *error)
{
char *to_send;
+request_rec *rr;
+int ret=0;
if (!strcmp(tag, file)) {
ap_getparents(tag_val);/* get rid of any nasties */
-to_send = ap_make_full_path(r-pool, ./, tag_val);
-if (stat(to_send, finfo) == -1) {
+
+rr = ap_sub_req_lookup_file(tag_val, r);
+
+if (rr-status == HTTP_OK rr-finfo.st_mode != 0) {
+to_send = rr-filename;
+if ((ret = stat(to_send, finfo)) == -1) {
+ap_log_error(APLOG_MARK, APLOG_ERR, r-server,
+unable to get information about \%s\
+in parsed file %s,
+to_send, r-filename);
+ap_rputs(error, r);
+}
+}
+else {
+ret = -1;
ap_log_error(APLOG_MARK, APLOG_ERR, r-server,
-unable to get information about \%s\
+unable to lookup information about \%s\
in parsed file %s,
-to_send, r-filename);
+tag_val, r-filename);
ap_rputs(error, r);
-return -1;
}
-return 0;
+
+ap_destroy_sub_req(rr);
+
+return ret;
}
else if (!strcmp(tag, virtual)) {
-request_rec *rr = ap_sub_req_lookup_uri(tag_val, r);
+rr = ap_sub_req_lookup_uri(tag_val, r);
if (rr-status == HTTP_OK rr-finfo.st_mode != 0) {
memcpy((char *) finfo, (const char *) rr-finfo,
cvs commit: apache-1.3/src/main http_main.c
dgaudet 98/07/20 09:37:15
Modified:src CHANGES
src/include ap_config.h
src/main http_main.c
Log:
serialized accepts for OS/2
Submitted by: Brian Havard
Revision ChangesPath
1.972 +2 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.971
retrieving revision 1.972
diff -u -r1.971 -r1.972
--- CHANGES 1998/07/20 16:33:56 1.971
+++ CHANGES 1998/07/20 16:37:05 1.972
@@ -1,4 +1,6 @@
Changes with Apache 1.3.2
+
+ *) PORT: implement serialized accepts for OS/2. [Brian Havard]
*) mod_include had problems with the fsize and flastmod directives
under WIN32. Fix also avoids the minor security hole of using
1.228 +1 -0 apache-1.3/src/include/ap_config.h
Index: ap_config.h
===
RCS file: /export/home/cvs/apache-1.3/src/include/ap_config.h,v
retrieving revision 1.227
retrieving revision 1.228
diff -u -r1.227 -r1.228
--- ap_config.h 1998/07/18 15:30:43 1.227
+++ ap_config.h 1998/07/20 16:37:09 1.228
@@ -671,6 +671,7 @@
#define MAXSOCKETS 4096
#define USE_OS2_SCOREBOARD
#define NO_RELIABLE_PIPED_LOGS
+#define USE_OS2SEM_SERIALIZED_ACCEPT
#elif defined(__MACHTEN__)
typedef int rlim_t;
1.375 +64 -0 apache-1.3/src/main/http_main.c
Index: http_main.c
===
RCS file: /export/home/cvs/apache-1.3/src/main/http_main.c,v
retrieving revision 1.374
retrieving revision 1.375
diff -u -r1.374 -r1.375
--- http_main.c 1998/07/14 09:57:56 1.374
+++ http_main.c 1998/07/20 16:37:11 1.375
@@ -190,6 +190,7 @@
/* Add MMAP style functionality to OS/2 */
#define INCL_DOSMEMMGR
#define INCL_DOSEXCEPTIONS
+#define INCL_DOSSEMAPHORES
#include os2.h
#include umalloc.h
#include stdio.h
@@ -834,6 +835,69 @@
if (flock(lock_fd, LOCK_UN) 0) {
ap_log_error(APLOG_MARK, APLOG_EMERG, server_conf,
flock: LOCK_UN: Error freeing accept lock. Exiting!);
+ clean_child_exit(APEXIT_CHILDFATAL);
+}
+}
+
+#elif defined(USE_OS2SEM_SERIALIZED_ACCEPT)
+
+static HMTX lock_sem = -1;
+
+static void accept_mutex_cleanup(void *foo)
+{
+DosCloseMutexSem(lock_sem);
+}
+
+/*
+ * Initialize mutex lock.
+ * Done by each child at it's birth
+ */
+static void accept_mutex_child_init(pool *p)
+{
+int rc = DosOpenMutexSem(NULL, lock_sem);
+
+if (rc != 0) {
+ ap_log_error(APLOG_MARK, APLOG_EMERG, server_conf,
+ Child cannot open lock semaphore);
+ clean_child_exit(APEXIT_CHILDINIT);
+}
+}
+
+/*
+ * Initialize mutex lock.
+ * Must be safe to call this on a restart.
+ */
+static void accept_mutex_init(pool *p)
+{
+int rc = DosCreateMutexSem(NULL, lock_sem, DC_SEM_SHARED, FALSE);
+
+if (rc != 0) {
+ ap_log_error(APLOG_MARK, APLOG_EMERG, server_conf,
+ Parent cannot create lock semaphore);
+ exit(APEXIT_INIT);
+}
+
+ap_register_cleanup(p, NULL, accept_mutex_cleanup, ap_null_cleanup);
+}
+
+static void accept_mutex_on(void)
+{
+int rc = DosRequestMutexSem(lock_sem, SEM_INDEFINITE_WAIT);
+
+if (rc != 0) {
+ ap_log_error(APLOG_MARK, APLOG_EMERG, server_conf,
+ OS2SEM: Error %d getting accept lock. Exiting!, rc);
+ clean_child_exit(APEXIT_CHILDFATAL);
+}
+}
+
+static void accept_mutex_off(void)
+{
+int rc = DosReleaseMutexSem(lock_sem);
+
+if (rc != 0) {
+ ap_log_error(APLOG_MARK, APLOG_EMERG, server_conf,
+ OS2SEM: Error %d freeing accept lock. Exiting!, rc);
clean_child_exit(APEXIT_CHILDFATAL);
}
}
cvs commit: apache-site/mirrors mirrors.list index.html
brian 98/07/20 09:40:17 Modified:mirrors mirrors.list index.html Log: apache.de back in line. Revision ChangesPath 1.55 +2 -2 apache-site/mirrors/mirrors.list Index: mirrors.list === RCS file: /export/home/cvs/apache-site/mirrors/mirrors.list,v retrieving revision 1.54 retrieving revision 1.55 diff -u -r1.54 -r1.55 --- mirrors.list 1998/07/19 20:01:16 1.54 +++ mirrors.list 1998/07/20 16:40:14 1.55 @@ -14,7 +14,7 @@ http cn http://proxy.iinchina.net:8000/ [EMAIL PROTECTED] http cr http://apache.ucr.ac.cr/[EMAIL PROTECTED] http cz http://sunsite.mff.cuni.cz/web/apache/ [EMAIL PROTECTED] -#httpde http://www.apache.de/ [EMAIL PROTECTED] +http de http://www.apache.de/ [EMAIL PROTECTED] http de http://www.cs.tu-berlin.de/home/ftp/pub/net/www/apache/ [EMAIL PROTECTED] http de http://www.fokus.gmd.de/apache/ [EMAIL PROTECTED] http dk http://sunsite.auc.dk/apache/ [EMAIL PROTECTED] @@ -116,7 +116,7 @@ ftp cz ftp://sunsite.mff.cuni.cz/Net/Infosystems/WWW/Servers/Apache/dist/ ftp de ftp://ftp.uni-regensburg.de/pub/comp/infosystems/www/servers/apache/ ftp de ftp://ftp.cs.tu-berlin.de/pub/net/www/apache/dist/ -#ftp de ftp://ftp.apache.de/ +ftp de ftp://ftp.apache.de/ ftp de ftp://ftp.mpi-sb.mpg.de/pub/www/mirror/ftp.apache.org/dist/ ftp de ftp://ftp.fokus.gmd.de/pub/Web/apache/dist/ ftp dk ftp://sunsite.auc.dk/pub/infosystems/www/apache/dist/ 1.43 +4 -0 apache-site/mirrors/index.html Index: index.html === RCS file: /export/home/cvs/apache-site/mirrors/index.html,v retrieving revision 1.42 retrieving revision 1.43 diff -u -r1.42 -r1.43 --- index.html1998/07/19 20:01:17 1.42 +++ index.html1998/07/20 16:40:15 1.43 @@ -55,6 +55,8 @@ !-- [EMAIL PROTECTED] -- A HREF=http://sunsite.mff.cuni.cz/web/apache/;cz/A - !-- [EMAIL PROTECTED] -- +A HREF=http://www.apache.de/;de/A - +!-- [EMAIL PROTECTED] -- A HREF=http://www.cs.tu-berlin.de/home/ftp/pub/net/www/apache/;de/A - !-- [EMAIL PROTECTED] -- A HREF=http://www.fokus.gmd.de/apache/;de/A - @@ -261,6 +263,8 @@ A HREF=ftp://ftp.uni-regensburg.de/pub/comp/infosystems/www/servers/apache/;de/A - !-- -- A HREF=ftp://ftp.cs.tu-berlin.de/pub/net/www/apache/dist/;de/A - +!-- -- +A HREF=ftp://ftp.apache.de/;de/A - !-- -- A HREF=ftp://ftp.mpi-sb.mpg.de/pub/www/mirror/ftp.apache.org/dist/;de/A - !-- --
cvs commit: apache-1.3/src/os/emx util_os2.c Makefile.tmpl os.h
dgaudet 98/07/20 09:40:41
Modified:src CHANGES
src/os/emx Makefile.tmpl os.h
Added: src/os/emx util_os2.c
Log:
plug ... and other canonicalization holes under OS/2.
Submitted by: Brian Havard
Revision ChangesPath
1.973 +3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.972
retrieving revision 1.973
diff -u -r1.972 -r1.973
--- CHANGES 1998/07/20 16:37:05 1.972
+++ CHANGES 1998/07/20 16:40:37 1.973
@@ -1,4 +1,7 @@
Changes with Apache 1.3.2
+
+ *) SECURITY: Plug ... and other canonicalization holes under OS/2.
+ [Brian Havard]
*) PORT: implement serialized accepts for OS/2. [Brian Havard]
1.9 +1 -1 apache-1.3/src/os/emx/Makefile.tmpl
Index: Makefile.tmpl
===
RCS file: /export/home/cvs/apache-1.3/src/os/emx/Makefile.tmpl,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- Makefile.tmpl 1998/05/10 13:04:37 1.8
+++ Makefile.tmpl 1998/07/20 16:40:39 1.9
@@ -3,7 +3,7 @@
INCLUDES=$(INCLUDES1) $(INCLUDES0) $(EXTRA_INCLUDES)
LDFLAGS=$(LDFLAGS1) $(EXTRA_LDFLAGS)
-OBJS=os.o os-inline.o
+OBJS=os.o os-inline.o util_os2.o
COPY=os.h os-inline.c
LIB= libos.a
1.8 +1 -0 apache-1.3/src/os/emx/os.h
Index: os.h
===
RCS file: /export/home/cvs/apache-1.3/src/os/emx/os.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- os.h 1998/07/13 09:57:24 1.7
+++ os.h 1998/07/20 16:40:39 1.8
@@ -2,6 +2,7 @@
#define APACHE_OS_H
#define PLATFORM OS/2
+#define HAVE_CANONICAL_FILENAME
/*
* This file in included in all Apache source code. It contains definitions
1.1 apache-1.3/src/os/emx/util_os2.c
Index: util_os2.c
===
#define INCL_DOSFILEMGR
#include os2.h
#include httpd.h
#include http_log.h
API_EXPORT(char *)ap_os_canonical_filename(pool *pPool, const char *szFile)
{
char buf[HUGE_STRING_LEN];
char buf2[HUGE_STRING_LEN];
int rc, len;
char *pos;
/* Remove trailing slash unless it's a root directory */
strcpy(buf, szFile);
len = strlen(buf);
if (len 3 buf[len-1] == '/')
buf[--len] = 0;
rc = DosQueryPathInfo(buf, FIL_QUERYFULLNAME, buf2, HUGE_STRING_LEN);
ap_assert(rc == 0);
strlwr(buf2);
/* Switch backslashes to forward */
for (pos=buf2; *pos; pos++)
if (*pos == '\\')
*pos = '/';
return ap_pstrdup(pPool, buf2);
}
cvs commit: apache-1.3 STATUS
brian 98/07/20 10:16:41 Modified:.STATUS Log: Dean committed this to the source tree. Revision ChangesPath 1.444 +0 -6 apache-1.3/STATUS Index: STATUS === RCS file: /export/home/cvs/apache-1.3/STATUS,v retrieving revision 1.443 retrieving revision 1.444 diff -u -r1.443 -r1.444 --- STATUS1998/07/20 01:56:43 1.443 +++ STATUS1998/07/20 17:16:40 1.444 @@ -31,12 +31,6 @@ lines of code to detect and handle shellcmd. COMMAND.COM is used to exec the script on Win95, CMD.EXE on NT. -* [PATCH] PR #2355 and very minor security hole fix - Message-ID: [EMAIL PROTECTED] - With this patch, Apache uses ap_sub_req_lookup_file to get the - filename specified in a file= parameter (for example, in an - flastmod or fsize call). - * [PATCH] Link DSO modules against possible libraries from $(LIBS) Message-ID: [EMAIL PROTECTED] In the configuration process we already determine the variable LDFLAGS
