cvs commit: apache/src CHANGES http_protocol.c
dgaudet 98/01/19 16:09:29
Modified:.Tag: APACHE_1_2_X STATUS
src Tag: APACHE_1_2_X CHANGES http_protocol.c
Log:
test basic token with strcasecmp
Submitted by: [EMAIL PROTECTED]
Reviewed by: Dean Gaudet, Martin Kraemer, Ken Coar
Revision ChangesPath
No revision
No revision
1.1.2.15 +1 -0 apache/Attic/STATUS
Index: STATUS
===
RCS file: /export/home/cvs/apache/Attic/STATUS,v
retrieving revision 1.1.2.14
retrieving revision 1.1.2.15
diff -u -r1.1.2.14 -r1.1.2.15
--- STATUS1998/01/14 00:09:30 1.1.2.14
+++ STATUS1998/01/20 00:09:22 1.1.2.15
@@ -12,6 +12,7 @@
* Dean's backport of the bputc()/chunking bugfix.
* Ralf's mod_rewrite bugfix for %3f
* backport of the netscape header padding fix
+* general/1666: basic auth token should be tested case-insensitive
Available:
No revision
No revision
1.286.2.67 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.66
retrieving revision 1.286.2.67
diff -u -r1.286.2.66 -r1.286.2.67
--- CHANGES 1998/01/14 00:09:32 1.286.2.66
+++ CHANGES 1998/01/20 00:09:23 1.286.2.67
@@ -1,5 +1,8 @@
Changes with Apache 1.2.6
+ *) basic auth token should be tested case-insensitive.
+ [EMAIL PROTECTED] PR#1666
+
*) It appears the 257th byte bug (see
htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
at the 256th byte as well. Fixed. [Dean Gaudet]
1.126.2.8 +1 -1 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.126.2.7
retrieving revision 1.126.2.8
diff -u -r1.126.2.7 -r1.126.2.8
--- http_protocol.c 1998/01/14 00:09:33 1.126.2.7
+++ http_protocol.c 1998/01/20 00:09:25 1.126.2.8
@@ -927,7 +927,7 @@
return AUTH_REQUIRED;
}
-if (strcmp(getword (r-pool, auth_line, ' '), Basic)) {
+if (strcasecmp(getword (r-pool, auth_line, ' '), Basic)) {
/* Client tried to authenticate using wrong auth scheme */
log_reason (client used wrong authentication scheme, r-uri, r);
note_basic_auth_failure (r);
cvs commit: apache/src CHANGES http_protocol.c
dgaudet 98/01/19 16:52:17 Modified:.Tag: APACHE_1_2_X STATUS src Tag: APACHE_1_2_X CHANGES http_protocol.c Log: r-connect-user allocated in wrong pool PR: 1500 Revision ChangesPath No revision No revision 1.1.2.18 +1 -0 apache/Attic/STATUS Index: STATUS === RCS file: /export/home/cvs/apache/Attic/STATUS,v retrieving revision 1.1.2.17 retrieving revision 1.1.2.18 diff -u -r1.1.2.17 -r1.1.2.18 --- STATUS1998/01/20 00:49:34 1.1.2.17 +++ STATUS1998/01/20 00:52:12 1.1.2.18 @@ -15,6 +15,7 @@ * general/1666: basic auth token should be tested case-insensitive * protocol/1683: The Connection header may contain multiple close tokens * proxy was sending HTTP/1.1 responses in error +* PR#1500: allocate r-connection-user in correct pool Available: No revision No revision 1.286.2.70 +3 -0 apache/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache/src/CHANGES,v retrieving revision 1.286.2.69 retrieving revision 1.286.2.70 diff -u -r1.286.2.69 -r1.286.2.70 --- CHANGES 1998/01/20 00:49:36 1.286.2.69 +++ CHANGES 1998/01/20 00:52:14 1.286.2.70 @@ -1,5 +1,8 @@ Changes with Apache 1.2.6 + *) r-connection-user was allocated in the wrong pool causing corruption + in some cases when used with mod_cern_meta. [Dean Gaudet] PR#1500 + *) mod_proxy was sending HTTP/1.1 responses to ftp requests by mistake. Also removed the auto-generated link to www.apache.org that was the source of so many misdirected bug reports. [Roy Fielding, Marc Slemko] 1.126.2.10 +1 -1 apache/src/http_protocol.c Index: http_protocol.c === RCS file: /export/home/cvs/apache/src/http_protocol.c,v retrieving revision 1.126.2.9 retrieving revision 1.126.2.10 diff -u -r1.126.2.9 -r1.126.2.10 --- http_protocol.c 1998/01/20 00:35:18 1.126.2.9 +++ http_protocol.c 1998/01/20 00:52:15 1.126.2.10 @@ -936,7 +936,7 @@ } t = uudecode (r-pool, auth_line); -r-connection-user = getword_nulls_nc (r-pool, t, ':'); +r-connection-user = getword_nulls_nc (r-connection-pool, t, ':'); r-connection-auth_type = Basic; *pw = t;
cvs commit: apache/src CHANGES http_protocol.c
rse 97/07/30 08:25:32
Modified:src Tag: APACHE_1_2_X CHANGES http_protocol.c
Log:
get_client_block() returns wrong length if policy is REQUEST_CHUNKED_DECHUNK
PR: 815
Submitted by: Kenichi Hori [EMAIL PROTECTED]
Reviewed by: Dean Gaudet, Ralf S. Engelschall, Jim Jagielski
Revision ChangesPath
No revision
No revision
1.286.2.33 +4 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.32
retrieving revision 1.286.2.33
diff -u -r1.286.2.32 -r1.286.2.33
--- CHANGES 1997/07/30 15:16:49 1.286.2.32
+++ CHANGES 1997/07/30 15:25:27 1.286.2.33
@@ -1,5 +1,9 @@
Changes with Apache 1.2.2
+ *) get_client_block() returns wrong length if policy is
+ REQUEST_CHUNKED_DECHUNK.
+ [Kenichi Hori [EMAIL PROTECTED]] PR#815
+
*) Properly treat files container like other containers in mod_info.
[Marc Slemko] PR#848
1.126.2.4 +5 -1 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.126.2.3
retrieving revision 1.126.2.4
diff -u -r1.126.2.3 -r1.126.2.4
--- http_protocol.c 1997/07/19 20:17:40 1.126.2.3
+++ http_protocol.c 1997/07/30 15:25:29 1.126.2.4
@@ -1444,7 +1444,11 @@
buffer[chunk_start++] = LF;
buffer += chunk_start; /* and pass line on to caller */
bufsiz -= chunk_start;
-}
+} else {
+ /* REQUEST_CHUNKED_DECHUNK -- do not include the length of
+ * the header in the return value */
+ chunk_start = 0;
+ }
}
/* When REQUEST_CHUNKED_PASS, we are */
if (r-remaining == -1) {/* reading footers until empty line */
cvs commit: apache/src CHANGES http_protocol.c
fielding97/07/14 01:50:28
Modified:src CHANGES http_protocol.c
Log:
A very large one-line change. If finalize_request_protocol were to
be mistakenly called twice, it would send two chunked terminators.
To prevent that, we just needed to clear r-chunked at the same time
we clear the B_CHUNK flag. Also added comments to explain the function.
Revision ChangesPath
1.334 +10 -7 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.333
retrieving revision 1.334
diff -C3 -r1.333 -r1.334
*** CHANGES 1997/07/13 19:01:06 1.333
--- CHANGES 1997/07/14 08:50:25 1.334
***
*** 1,11
Changes with Apache 1.3
! *) Make modules DLLs, dynamically loaded, using LoadModule/LoadFile
! on Win32.
! Note that module DLLs must be compiled with the multithreaded DLL
! version of the runtime library. [Alexei Kosut and Ben Laurie]
!
! *) Sequent port re-added and SONY NEWS-OS port included.
*) Automatic indexing removed from mod_dir and placed into mod_autoindex.
This allows the admin to completely remove automatic indexing
--- 1,9
Changes with Apache 1.3
! *) On Win32, modules can now be dynamically loaded DLLs using the
! LoadModule/LoadFile directives. Note that module DLLs must be
! compiled with the multithreaded DLL version of the runtime library.
! [Alexei Kosut and Ben Laurie]
*) Automatic indexing removed from mod_dir and placed into mod_autoindex.
This allows the admin to completely remove automatic indexing
***
*** 97,102
--- 95,103
*) API: A new handler response DONE which informs apache that the
request has been handled and it can finish off quickly, similar to
how it handles errors. [Rob Hartill]
+
+ *) Turn off chunked encoding after sending terminating chunk/footer
+ so that we can't do it twice by accident. [Roy Fielding]
*) mod_expire also issues Cache-Control: max-age headers.
[Rob Hartill]
***
*** 111,117
When used together, these cause mod_dir to emit HEIGHT and WIDTH
attributes in the FancyIndexing IMG tags. [Ken Coar]
! *) PORT: Added NT support
[Ben Laurie and Ambarish Malpani [EMAIL PROTECTED]]
Changes with Apache 1.2.1
--- 112,120
When used together, these cause mod_dir to emit HEIGHT and WIDTH
attributes in the FancyIndexing IMG tags. [Ken Coar]
! *) PORT: Sequent and SONY NEWS-OS support added.
!
! *) PORT: Added Windows NT support
[Ben Laurie and Ambarish Malpani [EMAIL PROTECTED]]
Changes with Apache 1.2.1
1.135 +14 -6 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.134
retrieving revision 1.135
diff -C3 -r1.134 -r1.135
*** http_protocol.c 1997/07/13 19:01:12 1.134
--- http_protocol.c 1997/07/14 08:50:26 1.135
***
*** 1250,1265
if (r-chunked) bsetflag(r-connection-client, B_CHUNK, 1);
}
void finalize_request_protocol (request_rec *r)
{
- /* Turn off chunked encoding */
-
if (r-chunked !r-connection-aborted) {
! soft_timeout(send ending chunk, r);
bsetflag(r-connection-client, B_CHUNK, 0);
! bputs(0\015\012, r-connection-client);
! /* If we had footer headers, we'd send them now */
! bputs(\015\012, r-connection-client);
kill_timeout(r);
}
}
--- 1250,1273
if (r-chunked) bsetflag(r-connection-client, B_CHUNK, 1);
}
+ /* finalize_request_protocol must be called by a module after it sends
+ * a response body. It's sole purpose is to send the terminating
+ * protocol information for any wrappers around the response message body
+ * (i.e., transfer encodings). It should have been named finalize_response.
+ */
void finalize_request_protocol (request_rec *r)
{
if (r-chunked !r-connection-aborted) {
! /*
! * Turn off chunked encoding --- we can only do this once.
! */
! r-chunked = 0;
bsetflag(r-connection-client, B_CHUNK, 0);
!
! soft_timeout(send ending chunk, r);
! bputs(0\015\012, r-connection-client);
! /* If we had footer headers, we'd send them now */
! bputs(\015\012, r-connection-client);
kill_timeout(r);
}
}
cvs commit: apache/src CHANGES http_protocol.c http_request.c httpd.h
dgaudet 97/06/30 18:13:45
Modified:src CHANGES http_protocol.c http_request.c httpd.h
Log:
Added begun_read_body to request_rec so that subreqs and internal redirects
won't try to read the request body twice.
Submitted by: Roy Fielding
Reviewed by: Alexei Kosut, Dean Gaudet
Revision ChangesPath
1.317 +5 -1 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.316
retrieving revision 1.317
diff -C3 -r1.316 -r1.317
*** CHANGES 1997/06/30 22:50:38 1.316
--- CHANGES 1997/07/01 01:13:40 1.317
***
*** 92,98
lockfile in any location. It previously defaulted to /usr/tmp/htlock.
[Somehow it took four of us: Randy Terbush, Jim Jagielski, Dean Gaudet,
Marc Slemko]
!
*) Add a placeholder in modules/Makefile to avoid errors with certain
makes. [Marc Slemko]
--- 92,102
lockfile in any location. It previously defaulted to /usr/tmp/htlock.
[Somehow it took four of us: Randy Terbush, Jim Jagielski, Dean Gaudet,
Marc Slemko]
!
! *) Request processing now retains state of whether or not the request
! body has been read, so that internal redirects and subrequests will
! not try to read it twice (and block). [Roy Fielding]
!
*) Add a placeholder in modules/Makefile to avoid errors with certain
makes. [Marc Slemko]
1.130 +4 -1 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.129
retrieving revision 1.130
diff -C3 -r1.129 -r1.130
*** http_protocol.c 1997/06/29 17:56:47 1.129
--- http_protocol.c 1997/07/01 01:13:41 1.130
***
*** 871,876
--- 871,877
rnew-read_length = r-read_length;
rnew-read_body = REQUEST_NO_BODY;
+ rnew-begun_read_body = r-begun_read_body;
rnew-main = (request_rec *)r;
}
***
*** 1348,1354
int should_client_block (request_rec *r)
{
! if (is_HTTP_ERROR(r-status))
return 0;
if (!r-read_chunked (r-remaining = 0))
--- 1349,1355
int should_client_block (request_rec *r)
{
! if (r-begun_read_body || is_HTTP_ERROR(r-status))
return 0;
if (!r-read_chunked (r-remaining = 0))
***
*** 1399,1404
--- 1400,1407
int c;
long len_read, len_to_read;
long chunk_start = 0;
+
+ r-begun_read_body = 1;
if (!r-read_chunked) { /* Content-length read */
len_to_read = (r-remaining bufsiz) ? bufsiz : r-remaining;
1.55 +2 -0 apache/src/http_request.c
Index: http_request.c
===
RCS file: /export/home/cvs/apache/src/http_request.c,v
retrieving revision 1.54
retrieving revision 1.55
diff -C3 -r1.54 -r1.55
*** http_request.c1997/06/30 22:50:39 1.54
--- http_request.c1997/07/01 01:13:42 1.55
***
*** 1112,1117
--- 1112,1119
*/
new-no_local_copy = r-no_local_copy;
+ new-begun_read_body = r-begun_read_body; /* We can only read it once
*/
+
ap_snprintf (t, sizeof(t), %d, r-status);
table_set (new-subprocess_env, REDIRECT_STATUS, pstrdup (r-pool,
t));
1.122 +1 -0 apache/src/httpd.h
Index: httpd.h
===
RCS file: /export/home/cvs/apache/src/httpd.h,v
retrieving revision 1.121
retrieving revision 1.122
diff -C3 -r1.121 -r1.122
*** httpd.h 1997/06/30 22:50:40 1.121
--- httpd.h 1997/07/01 01:13:42 1.122
***
*** 502,507
--- 502,508
long read_length; /* bytes that have been read */
int read_body;/* how the request body should be read */
int read_chunked; /* reading chunked transfer-coding */
+ int begun_read_body; /* false (0) until first get_client_block */
/* MIME header environments, in and out. Also, an array containing
* environment variables to be passed to subprocesses, so people can
cvs commit: apache/src CHANGES http_protocol.c http_request.c httpd.h
dgaudet 97/06/30 18:37:12
Modified:src Tag: APACHE_1_2_X CHANGES http_protocol.c
http_request.c httpd.h
Log:
Added begun_read_body to request_rec so that subreqs and internal redirects
won't try to read the request body twice.
Submitted by: Roy Fielding
Reviewed by: Alexei Kosut, Dean Gaudet
Revision ChangesPath
No revision
No revision
1.286.2.23 +5 -1 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.22
retrieving revision 1.286.2.23
diff -C3 -r1.286.2.22 -r1.286.2.23
*** CHANGES 1997/06/30 00:02:00 1.286.2.22
--- CHANGES 1997/07/01 01:37:07 1.286.2.23
***
*** 29,35
lockfile in any location. It previously defaulted to /usr/tmp/htlock.
[Somehow it took four of us: Randy Terbush, Jim Jagielski, Dean Gaudet,
Marc Slemko]
!
*) Add a placeholder in modules/Makefile to avoid errors with certain
makes. [Marc Slemko]
--- 29,39
lockfile in any location. It previously defaulted to /usr/tmp/htlock.
[Somehow it took four of us: Randy Terbush, Jim Jagielski, Dean Gaudet,
Marc Slemko]
!
! *) Request processing now retains state of whether or not the request
! body has been read, so that internal redirects and subrequests will
! not try to read it twice (and block). [Roy Fielding]
!
*) Add a placeholder in modules/Makefile to avoid errors with certain
makes. [Marc Slemko]
1.126.2.1 +4 -1 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.126
retrieving revision 1.126.2.1
diff -C3 -r1.126 -r1.126.2.1
*** http_protocol.c 1997/05/29 03:44:31 1.126
--- http_protocol.c 1997/07/01 01:37:08 1.126.2.1
***
*** 868,873
--- 868,874
rnew-read_length = r-read_length;
rnew-read_body = REQUEST_NO_BODY;
+ rnew-begun_read_body = r-begun_read_body;
rnew-main = (request_rec *)r;
}
***
*** 1345,1351
int should_client_block (request_rec *r)
{
! if (is_HTTP_ERROR(r-status))
return 0;
if (!r-read_chunked (r-remaining = 0))
--- 1346,1352
int should_client_block (request_rec *r)
{
! if (r-begun_read_body || is_HTTP_ERROR(r-status))
return 0;
if (!r-read_chunked (r-remaining = 0))
***
*** 1396,1401
--- 1397,1404
int c;
long len_read, len_to_read;
long chunk_start = 0;
+
+ r-begun_read_body = 1;
if (!r-read_chunked) { /* Content-length read */
len_to_read = (r-remaining bufsiz) ? bufsiz : r-remaining;
1.50.2.2 +2 -0 apache/src/http_request.c
Index: http_request.c
===
RCS file: /export/home/cvs/apache/src/http_request.c,v
retrieving revision 1.50.2.1
retrieving revision 1.50.2.2
diff -C3 -r1.50.2.1 -r1.50.2.2
*** http_request.c1997/06/27 02:21:21 1.50.2.1
--- http_request.c1997/07/01 01:37:09 1.50.2.2
***
*** 1095,1100
--- 1095,1102
*/
new-no_local_copy = r-no_local_copy;
+ new-begun_read_body = r-begun_read_body; /* We can only read it once
*/
+
ap_snprintf (t, sizeof(t), %d, r-status);
table_set (new-subprocess_env, REDIRECT_STATUS, pstrdup (r-pool,
t));
1.111.2.4 +1 -0 apache/src/httpd.h
Index: httpd.h
===
RCS file: /export/home/cvs/apache/src/httpd.h,v
retrieving revision 1.111.2.3
retrieving revision 1.111.2.4
diff -C3 -r1.111.2.3 -r1.111.2.4
*** httpd.h 1997/06/29 18:51:23 1.111.2.3
--- httpd.h 1997/07/01 01:37:09 1.111.2.4
***
*** 472,477
--- 472,478
long read_length; /* bytes that have been read */
int read_body;/* how the request body should be read */
int read_chunked; /* reading chunked transfer-coding */
+ int begun_read_body; /* false (0) until first get_client_block */
/* MIME header environments, in and out. Also, an array containing
* environment variables to be passed to subprocesses, so people can
cvs commit: apache/src CHANGES http_protocol.c
fielding97/05/28 20:44:33
Modified:src CHANGES http_protocol.c
Log:
Initialize r-status as request-timed-out until after we successfully
read the request-line and header fields.
Submitted by: Roy Fielding and Ed Korthof, PR#601
Revision ChangesPath
1.281 +7 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.280
retrieving revision 1.281
diff -C3 -r1.280 -r1.281
*** CHANGES 1997/05/27 08:01:10 1.280
--- CHANGES 1997/05/29 03:44:30 1.281
***
*** 1,5
--- 1,12
Changes with Apache 1.2
+ *) Log correct status code if we timeout before receiving a request (408)
+ or if we received a request-line that was too long to process (414).
+ [Ed Korthof and Roy Fielding] PR#601
+
+ *) Virtual hosts with the same ServerName, but on different ports, were
+ not being selected properly. [Ed Korthof]
+
*) Added code to return the requested IP address from proxy_host2addr()
if gethostbyaddr() fails due to reverse DNS lookup problems. Original
change submitted by Jozsef Hollosi [EMAIL PROTECTED].
1.126 +6 -6 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.125
retrieving revision 1.126
diff -C3 -r1.125 -r1.126
*** http_protocol.c 1997/05/29 03:10:53 1.125
--- http_protocol.c 1997/05/29 03:44:31 1.126
***
*** 630,638
signal (SIGUSR1, SIG_IGN);
bsetflag( conn-client, B_SAFEREAD, 0 );
if (len == (HUGE_STRING_LEN - 1)) {
! log_printf(r-server, request failed for %s, reason: header too
long,
get_remote_host(r-connection, r-per_dir_config, REMOTE_NAME));
! return 0; /* Should be a 414 error status instead */
}
r-request_time = time(NULL);
--- 630,639
signal (SIGUSR1, SIG_IGN);
bsetflag( conn-client, B_SAFEREAD, 0 );
if (len == (HUGE_STRING_LEN - 1)) {
! log_printf(r-server, request failed for %s, reason: URI too long,
get_remote_host(r-connection, r-per_dir_config, REMOTE_NAME));
! r-status = HTTP_REQUEST_URI_TOO_LARGE;
! return 0;
}
r-request_time = time(NULL);
***
*** 786,795
r-read_length = 0;
r-read_body= REQUEST_NO_BODY;
! r-status = HTTP_OK;/* Until further notice.
! * Only changed by die(), or (bletch!)
! * scan_script_header...
! */
/* Get the request... */
--- 787,793
r-read_length = 0;
r-read_body= REQUEST_NO_BODY;
! r-status = HTTP_REQUEST_TIME_OUT; /* Until we get a request */
/* Get the request... */
***
*** 803,808
--- 801,808
get_mime_headers (r);
}
kill_timeout(r);
+
+ r-status = HTTP_OK;/* Until further notice. */
/* handle Host header here, to get virtual server */
cvs commit: apache/src CHANGES http_protocol.c http_request.c
fielding97/05/11 15:30:40
Modified:src CHANGES http_protocol.c http_request.c
Log:
Subrequests and internal redirects now inherit the_request from the
original request-line.
Reviewed by: Chuck Murcko, Ben Laurie, Randy Terbush
Revision ChangesPath
1.271 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.270
retrieving revision 1.271
diff -C3 -r1.270 -r1.271
*** CHANGES 1997/05/08 13:09:23 1.270
--- CHANGES 1997/05/11 22:30:36 1.271
***
*** 1,5
--- 1,8
Changes with Apache 1.2
+ *) Subrequests and internal redirect now inherit the_request from the
+ original request-line. [Roy Fielding]
+
*) Test for error conditions before creating output header fields, since
we don't want the error message to include those fields. Likewise,
reset the content_language(s) and content_encoding of the response
1.120 +2 -0 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.119
retrieving revision 1.120
diff -C3 -r1.119 -r1.120
*** http_protocol.c 1997/05/08 11:27:28 1.119
--- http_protocol.c 1997/05/11 22:30:37 1.120
***
*** 847,852
--- 847,854
void set_sub_req_protocol (request_rec *rnew, const request_rec *r)
{
+ rnew-the_request = r-the_request; /* Keep original request-line */
+
rnew-assbackwards = 1; /* Don't send headers from this. */
rnew-no_local_copy = 1;/* Don't try to send USE_LOCAL_COPY for
a
* fragment.
1.49 +2 -0 apache/src/http_request.c
Index: http_request.c
===
RCS file: /export/home/cvs/apache/src/http_request.c,v
retrieving revision 1.48
retrieving revision 1.49
diff -C3 -r1.48 -r1.49
*** http_request.c1997/05/08 13:09:24 1.48
--- http_request.c1997/05/11 22:30:37 1.49
***
*** 1040,1045
--- 1040,1047
/* Inherit the rest of the protocol info... */
+ new-the_request = r-the_request;
+
new-method = r-method;
new-method_number = r-method_number;
new-allowed = r-allowed;
cvs commit: apache/src CHANGES http_protocol.c httpd.h mod_actions.c
fielding97/05/08 04:27:31
Modified:src CHANGES http_protocol.c httpd.h mod_actions.c
Log:
Fixed a couple places where a check for the default Content-Type was
not properly checking both the value configured by the DefaultType
directive and the DEFAULT_TYPE symbol in httpd.h. Changed the value
of DEFAULT_TYPE to match the documented default (text/plain).
Submitted by: Dean Gaudet
Reviewed by: Roy Fielding, Jim Jagielski
Revision ChangesPath
1.269 +6 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.268
retrieving revision 1.269
diff -C3 -r1.268 -r1.269
*** CHANGES 1997/05/08 08:23:30 1.268
--- CHANGES 1997/05/08 11:27:27 1.269
***
*** 1,5
--- 1,11
Changes with Apache 1.2
+ *) Fixed a couple places where a check for the default Content-Type was
+ not properly checking both the value configured by the DefaultType
+ directive and the DEFAULT_TYPE symbol in httpd.h. Changed the value
+ of DEFAULT_TYPE to match the documented default (text/plain).
+ [Dean Gaudet]
+
*) Escape the HTML-sensitive characters in the Request-URI that is
output for each child by mod_status. [Dean Gaudet and Ken Coar] PR#501
1.119 +2 -5 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.118
retrieving revision 1.119
diff -C3 -r1.118 -r1.119
*** http_protocol.c 1997/04/30 23:01:57 1.118
--- http_protocol.c 1997/05/08 11:27:28 1.119
***
*** 1172,1180
{
int i;
const long int zero = 0L;
- core_dir_config *dir_conf =
- (core_dir_config *)get_module_config(r-per_dir_config, core_module);
- char *default_type = dir_conf-default_type;
if (r-assbackwards) {
if(!r-main)
--- 1172,1177
***
*** 1206,1213
byteranges; boundary=, r-boundary, NULL));
else if (r-content_type)
table_set(r-headers_out, Content-Type, r-content_type);
! else if (default_type)
! table_set(r-headers_out, Content-Type, default_type);
if (r-content_encoding)
table_set(r-headers_out, Content-Encoding, r-content_encoding);
--- 1203,1210
byteranges; boundary=, r-boundary, NULL));
else if (r-content_type)
table_set(r-headers_out, Content-Type, r-content_type);
! else
! table_set(r-headers_out, Content-Type, default_type(r));
if (r-content_encoding)
table_set(r-headers_out, Content-Encoding, r-content_encoding);
1.103 +1 -1 apache/src/httpd.h
Index: httpd.h
===
RCS file: /export/home/cvs/apache/src/httpd.h,v
retrieving revision 1.102
retrieving revision 1.103
diff -C3 -r1.102 -r1.103
*** httpd.h 1997/04/29 05:18:53 1.102
--- httpd.h 1997/05/08 11:27:28 1.103
***
*** 135,141
/* Define this to be what type you'd like returned for files with unknown */
/* suffixes */
! #define DEFAULT_TYPE text/html
/* Define this to be what your per-directory security files are called */
#ifdef __EMX__
--- 135,141
/* Define this to be what type you'd like returned for files with unknown */
/* suffixes */
! #define DEFAULT_TYPE text/plain
/* Define this to be what your per-directory security files are called */
#ifdef __EMX__
1.12 +1 -1 apache/src/mod_actions.c
Index: mod_actions.c
===
RCS file: /export/home/cvs/apache/src/mod_actions.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -C3 -r1.11 -r1.12
*** mod_actions.c 1997/03/07 14:15:37 1.11
--- mod_actions.c 1997/05/08 11:27:29 1.12
***
*** 177,183
return DECLINED;
/* Second, check for actions (which override the method scripts) */
! if ((action || default_type(r)) (t = table_get(conf-action_types,
action ? action : default_type(r {
script = t;
if (r-finfo.st_mode == 0) {
--- 177,183
return DECLINED;
/* Second, check for actions (which override the method scripts) */
! if ((t = table_get(conf-action_types,
action ? action : default_type(r {
script = t;
if (r-finfo.st_mode == 0) {
cvs commit: apache/src CHANGES http_protocol.c
fielding97/04/30 16:01:59
Modified:src CHANGES http_protocol.c
Log:
If an ErrorDocument CGI script is used to respond to an error
generated by another CGI script which has already read the message
body of the request, the server would block trying to read the
message body again.
I thought this problem was fixed by removing the Content-Length header
field in mod_cgi, but that only fixed it for internal redirects.
So, I have restored the previously tested and verified fix which is
specific to ErrorDocument.
Submitted by: Rob Hartill
Reviewed by: Roy Fielding
Revision ChangesPath
1.262 +7 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.261
retrieving revision 1.262
diff -C3 -r1.261 -r1.262
*** CHANGES 1997/04/29 03:41:12 1.261
--- CHANGES 1997/04/30 23:01:56 1.262
***
*** 1,3
--- 1,10
+ Changes with Apache 1.2
+
+ *) If an ErrorDocument CGI script is used to respond to an error
+ generated by another CGI script which has already read the message
+ body of the request, the server would block trying to read the
+ message body again. [Rob Hartill]
+
Changes with Apache 1.2b10
*) Allow HTTPD_ROOT, SERVER_CONFIG_FILE, DEFAULT_PATH, and SHELL_PATH
1.118 +3 -0 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.117
retrieving revision 1.118
diff -C3 -r1.117 -r1.118
*** http_protocol.c 1997/04/27 06:23:21 1.117
--- http_protocol.c 1997/04/30 23:01:57 1.118
***
*** 1348,1353
--- 1348,1356
int should_client_block (request_rec *r)
{
+ if (is_HTTP_ERROR(r-status))
+ return 0;
+
if (!r-read_chunked (r-remaining = 0))
return 0;
cvs commit: apache/src CHANGES http_protocol.c buff.c
fielding97/04/26 23:23:23
Modified:src CHANGES http_protocol.c buff.c
Log:
Fix problem with scripts not receiving a SIGPIPE when client drops
the connection (e.g., when user presses Stop). We now stop
trying to send a message body immediately after an error from write.
Submitted by: Roy Fielding (with help from Nathan Kurz, PR#335)
Reviewed by: Dean Gaudet, Randy Terbush, Chuck Murcko
Revision ChangesPath
1.250 +5 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.249
retrieving revision 1.250
diff -C3 -r1.249 -r1.250
*** CHANGES 1997/04/25 00:19:37 1.249
--- CHANGES 1997/04/27 06:23:20 1.250
***
*** 1,5
--- 1,10
Changes with Apache 1.2
+ *) Fix problem with scripts not receiving a SIGPIPE when client drops
+ the connection (e.g., when user presses Stop). Apache will now stop
+ trying to send a message body immediately after an error from write.
+ [Roy Fielding and Nathan Kurz] PR#335
+
*) Fix graceful restart on architectures not using scoreboard files
(it is still broken on scoreboard-file architectures).
Eliminate many signal-related race conditions in both forms of
1.117 +23 -8 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.116
retrieving revision 1.117
diff -C3 -r1.116 -r1.117
*** http_protocol.c 1997/04/24 23:35:20 1.116
--- http_protocol.c 1997/04/27 06:23:21 1.117
***
*** 1540,1553
}
o=0;
total_bytes_sent += n;
!
! while(n !r-connection-aborted) {
! w=bwrite(r-connection-client, buf[o], n);
! if(w = 0)
! break;
! reset_timeout(r); /* reset timeout after successful write */
! n-=w;
! o+=w;
}
}
--- 1540,1568
}
o=0;
total_bytes_sent += n;
!
! while (n !r-connection-aborted) {
! w = bwrite(r-connection-client, buf[o], n);
! if (w 0) {
! reset_timeout(r); /* reset timeout after successful write */
! n-=w;
! o+=w;
! }
! else if (w 0) {
! if (r-connection-aborted)
! break;
! else if (errno == EAGAIN)
! continue;
! else {
! log_unixerr(send body lost connection to,
! get_remote_host(r-connection,
! r-per_dir_config, REMOTE_NAME),
! NULL, r-server);
! bsetflag(r-connection-client, B_EOUT, 1);
! r-connection-aborted = 1;
! break;
! }
! }
}
}
1.25 +4 -0 apache/src/buff.c
Index: buff.c
===
RCS file: /export/home/cvs/apache/src/buff.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -C3 -r1.24 -r1.25
*** buff.c1997/04/21 20:29:07 1.24
--- buff.c1997/04/27 06:23:21 1.25
***
*** 99,109
--- 99,113
static void
doerror(BUFF *fb, int err)
{
+ int errsave = errno; /* Save errno to prevent overwriting it below */
+
if (err == B_RD)
fb-flags |= B_RDERR;
else
fb-flags |= B_WRERR;
if (fb-error != NULL) (*fb-error)(fb, err, fb-error_data);
+
+ errno = errsave;
}
/* Buffering routines */
cvs commit: apache/src CHANGES http_protocol.c
fielding97/04/19 21:02:09
Modified:src CHANGES http_protocol.c
Log:
Work around a bug in Netscape Navigator versions 2.x, 3.x and 4.0b2's
parsing of headers. If the terminating empty-line CRLF occurs starting
at the 256th or 257th byte of output, then Navigator will think a normal
image is invalid. We are guessing that this is because their initial
read of a new request uses a 256 byte buffer. We check the bytes written
so far and, if we are about to tickle the bug, we instead insert a
padding header of eminent bogosity.
Submitted by: Roy Fielding and Dean Gaudet, PR#232
Reviewed by: Ken Coar
Revision ChangesPath
1.238 +8 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.237
retrieving revision 1.238
diff -C3 -r1.237 -r1.238
*** CHANGES 1997/04/18 02:56:13 1.237
--- CHANGES 1997/04/20 04:02:07 1.238
***
*** 1,5
--- 1,13
Changes with Apache 1.2
+ *) Work around a bug in Netscape Navigator versions 2.x, 3.x and 4.0b2's
+ parsing of headers. If the terminating empty-line CRLF occurs starting
+ at the 256th or 257th byte of output, then Navigator will think a
normal
+ image is invalid. We are guessing that this is because their initial
+ read of a new request uses a 256 byte buffer. We check the bytes
written
+ so far and, if we are about to tickle the bug, we instead insert a
+ padding header of eminent bogosity. [Roy Fielding and Dean Gaudet]
PR#232
+
*) Fixed SIGSEGV problem when a DirectoryIndex file is also the source
of an external redirection. [Roy Fielding and Paul Sutton]
1.114 +34 -3 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.113
retrieving revision 1.114
diff -C3 -r1.113 -r1.114
*** http_protocol.c 1997/04/12 04:24:57 1.113
--- http_protocol.c 1997/04/20 04:02:08 1.114
***
*** 1053,1058
--- 1053,1086
table_unset(r-headers_out, Server);
}
+ /* Navigator versions 2.x, 3.x and 4.0 betas up to and including 4.0b2
+ * have a header parsing bug. If the terminating \r\n occur starting
+ * at the 256th or 257th byte of output then it will not properly parse
+ * the headers. Curiously it doesn't exhibit this problem at 512, 513.
+ * We are guessing that this is because their initial read of a new request
+ * uses a 256 byte buffer, and subsequent reads use a larger buffer.
+ * So the problem might exist at different offsets as well.
+ *
+ * This should also work on keepalive connections assuming they use the
+ * same small buffer for the first read of each new request.
+ *
+ * At any rate, we check the bytes written so far and, if we are about to
+ * tickle the bug, we instead insert a bogus padding header. Since the bug
+ * manifests as a broken image in Navigator, users blame the server. :(
+ * It is more expensive to check the User-Agent than it is to just add the
+ * bytes, so we haven't used the BrowserMatch feature here.
+ */
+ static void terminate_header (BUFF *client)
+ {
+ long int bs;
+
+ bgetopt(client, BO_BYTECT, bs);
+ if (bs == 256 || bs == 257)
+ bputs(X-Pad: avoid browser bug\015\012, client);
+
+ bputs(\015\012, client);/* Send the terminating empty line */
+ }
+
static char *make_allow(request_rec *r)
{
int allowed = r-allowed;
***
*** 1114,1120
table_do((int (*)(void *, const char *, const char *))send_header_field,
(void *)r, r-headers_out, NULL);
! bputs(\015\012, r-connection-client);
kill_timeout(r);
bsetopt(r-connection-client, BO_BYTECT, zero);
--- 1142,1149
table_do((int (*)(void *, const char *, const char *))send_header_field,
(void *)r, r-headers_out, NULL);
!
! terminate_header(r-connection-client);
kill_timeout(r);
bsetopt(r-connection-client, BO_BYTECT, zero);
***
*** 1207,1213
table_do((int (*)(void *, const char *, const char *))send_header_field,
(void *)r, r-headers_out, NULL);
! bputs(\015\012, r-connection-client);
kill_timeout(r);
--- 1236,1243
table_do((int (*)(void *, const char *, const char *))send_header_field,
(void *)r, r-headers_out, NULL);
!
! terminate_header(r-connection-client);
kill_timeout(r);
***
*** 1630,1636
Warning,
cvs commit: apache/src CHANGES http_protocol.c
dgaudet 97/03/18 19:09:26 Modified:src CHANGES http_protocol.c Log: per_dir_defaults weren't set correctly until directory_walk for name-based vhosts. This fixes an obscure bug with the wrong config info being used for vhosts that share the same ip as the server. Reviewed by: Roy, Ralf, Randy Revision ChangesPath 1.203 +5 -0 apache/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache/src/CHANGES,v retrieving revision 1.202 retrieving revision 1.203 diff -C3 -r1.202 -r1.203 *** CHANGES 1997/03/18 10:23:52 1.202 --- CHANGES 1997/03/19 03:09:24 1.203 *** *** 1,5 --- 1,10 Changes with Apache 1.2b8 + *) per_dir_defaults weren't set correctly until directory_walk for + name-based vhosts. This fixes an obscure bug with the wrong config + info being used for vhosts that share the same ip as the server. + [Dean Gaudet] + *) Improved generation of modules/Makefile to be more generic for new module directories. [Ken Coar and Chuck Murcko] 1.108 +3 -0 apache/src/http_protocol.c Index: http_protocol.c === RCS file: /export/home/cvs/apache/src/http_protocol.c,v retrieving revision 1.107 retrieving revision 1.108 diff -C3 -r1.107 -r1.108 *** http_protocol.c 1997/03/07 14:43:52 1.107 --- http_protocol.c 1997/03/19 03:09:24 1.108 *** *** 756,761 --- 756,764 check_hostalias(r); else check_serverpath(r); + + /* we may have switched to another server */ + r-per_dir_config = r-server-lookup_defaults; kill_timeout (r); conn-keptalive = 0; /* We now have a request - so no more short timeouts */
cvs commit: apache/src CHANGES http_protocol.c
fielding97/03/07 06:43:54
Modified:src CHANGES http_protocol.c
Log:
Log an error message if we get a request header that is too long,
since it may indicate a buffer overflow attack.
Submitted by: Marc Slemko
Reviewed by: Roy Fielding, Chuck Murcko, Dean Gaudet, Jim Jagielski
Revision ChangesPath
1.189 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.188
retrieving revision 1.189
diff -C3 -r1.188 -r1.189
*** CHANGES 1997/03/07 14:35:46 1.188
--- CHANGES 1997/03/07 14:43:52 1.189
***
*** 1,5
--- 1,8
Changes with Apache 1.2b8
+ *) Log an error message if we get a request header that is too long,
+ since it may indicate a buffer overflow attack. [Marc Slemko]
+
*) Made is_url() allow [-.+a-zA-Z0-9]+: as a valid scheme and
not reject URLs without a double-slash, as per RFC2068 section 3.2.
[Ken Coar] PR #146, #187
1.107 +4 -1 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.106
retrieving revision 1.107
diff -C3 -r1.106 -r1.107
*** http_protocol.c 1997/03/07 12:00:31 1.106
--- http_protocol.c 1997/03/07 14:43:52 1.107
***
*** 590,597
}
}
bsetflag( conn-client, B_SAFEREAD, 0 );
! if (len == (HUGE_STRING_LEN - 1))
return 0; /* Should be a 414 error status instead */
r-request_time = time(NULL);
r-the_request = pstrdup (r-pool, l);
--- 590,600
}
}
bsetflag( conn-client, B_SAFEREAD, 0 );
! if (len == (HUGE_STRING_LEN - 1)) {
! log_printf(r-server, request failed for %s, reason: header too
long,
! get_remote_host(r-connection, r-per_dir_config, REMOTE_NAME));
return 0; /* Should be a 414 error status instead */
+ }
r-request_time = time(NULL);
r-the_request = pstrdup (r-pool, l);
cvs commit: apache/src CHANGES http_protocol.c
fielding97/02/16 22:05:02
Modified:src CHANGES http_protocol.c
Log:
Retain persistence on a 204 (No Content) response.
Correct send_http_trace() to use r-the_request instead of constructing
the request-line from its parsed components.
Submitted by: Dean Gaudet
Reviewed by: Roy Fielding
Revision ChangesPath
1.167 +1 -1 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.166
retrieving revision 1.167
diff -C3 -r1.166 -r1.167
*** CHANGES 1997/02/17 05:22:56 1.166
--- CHANGES 1997/02/17 06:05:00 1.167
***
*** 84,90
*) Fixed bug which caused a segmentation fault if only one argument
given to RLimit* directives. [Ed Korthof]
! *) Continue persistent connection after 304 response. [Dean Gaudet]
*) Improved buffered output to the client by delaying the flush decision
until the BUFF code is actually about to read the next request.
--- 84,90
*) Fixed bug which caused a segmentation fault if only one argument
given to RLimit* directives. [Ed Korthof]
! *) Continue persistent connection after 204 or 304 response. [Dean Gaudet]
*) Improved buffered output to the client by delaying the flush decision
until the BUFF code is actually about to read the next request.
1.101 +3 -2 apache/src/http_protocol.c
Index: http_protocol.c
===
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.100
retrieving revision 1.101
diff -C3 -r1.100 -r1.101
*** http_protocol.c 1997/02/11 17:02:04 1.100
--- http_protocol.c 1997/02/17 06:05:01 1.101
***
*** 265,271
else if (r-server-keep_alive (!r-server-keep_alive_max ||
(r-server-keep_alive_max r-connection-keepalives))
(r-server-keep_alive_timeout 0)
! (r-status == USE_LOCAL_COPY || r-header_only || length || tenc ||
((r-proto_num = 1001) (r-chunked = 1)))
(!find_token(r-pool, conn, close))
((ka_sent = find_token(r-pool, conn, keep-alive)) ||
--- 265,272
else if (r-server-keep_alive (!r-server-keep_alive_max ||
(r-server-keep_alive_max r-connection-keepalives))
(r-server-keep_alive_timeout 0)
! (r-status == HTTP_NOT_MODIFIED || r-status == HTTP_NO_CONTENT
! || r-header_only || length || tenc ||
((r-proto_num = 1001) (r-chunked = 1)))
(!find_token(r-pool, conn, close))
((ka_sent = find_token(r-pool, conn, keep-alive)) ||
***
*** 1021,1027
/* Now we recreate the request, and echo it back */
! rvputs(r, r-method, , r-uri, , r-protocol, \015\012, NULL);
for (i = 0; i hdrs_arr-nelts; ++i) {
if (!hdrs[i].key) continue;
--- 1022,1028
/* Now we recreate the request, and echo it back */
! rvputs( r, r-the_request, \015\012, NULL );
for (i = 0; i hdrs_arr-nelts; ++i) {
if (!hdrs[i].key) continue;
cvs commit: apache/src CHANGES http_protocol.c
fielding97/01/29 18:27:09 Modified:src CHANGES http_protocol.c Log: Allow keep_alive to continue if the response is 304 Not Modified even though there is no body. Submitted by: Dean Gaudet Reviewed by: Alexei Kosut, Randy Terbush, Jim Jagielski, Roy Fielding Revision ChangesPath 1.139 +4 -0 apache/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache/src/CHANGES,v retrieving revision 1.138 retrieving revision 1.139 diff -C3 -r1.138 -r1.139 *** CHANGES 1997/01/27 01:28:11 1.138 --- CHANGES 1997/01/30 02:27:06 1.139 *** *** 1,5 --- 1,9 Changes with Apache 1.2b6 + *) Continue persistent connection after 304 response. [Dean Gaudet] + + Changes with Apache 1.2b6 + *) Allow whitespace in imagemap mapfile coordinates. [Marc Slemko] *) Fix typo introduced in fix for potential infinite loop around 1.94 +1 -1 apache/src/http_protocol.c Index: http_protocol.c === RCS file: /export/home/cvs/apache/src/http_protocol.c,v retrieving revision 1.93 retrieving revision 1.94 diff -C3 -r1.93 -r1.94 *** http_protocol.c 1997/01/26 01:15:13 1.93 --- http_protocol.c 1997/01/30 02:27:07 1.94 *** *** 216,222 else if (r-server-keep_alive (!r-server-keep_alive_max || (r-server-keep_alive_max r-connection-keepalives)) (r-server-keep_alive_timeout 0) ! (r-header_only || length || tenc || ((r-proto_num = 1001) (r-byterange 1 || (r-chunked = 1 (!find_token(r-pool, conn, close)) ((ka_sent = find_token(r-pool, conn, keep-alive)) || --- 216,222 else if (r-server-keep_alive (!r-server-keep_alive_max || (r-server-keep_alive_max r-connection-keepalives)) (r-server-keep_alive_timeout 0) ! (r-status == USE_LOCAL_COPY || r-header_only || length || tenc || ((r-proto_num = 1001) (r-byterange 1 || (r-chunked = 1 (!find_token(r-pool, conn, close)) ((ka_sent = find_token(r-pool, conn, keep-alive)) ||
