Be consistant with the code below which accepts lower or upper case.

Add missing APLOGNO. Refactor some lines to keep APLOGNO on the same line as ap_log_error, when applicable. Split lines longer than 80. Improve alignment.

Note that the function will be available in APR.

bug 54548 - use new expr parser with 'elif', like 'if'

mod_include: When an include file or virtual path fails, include the result code that tells us why.

mod_include: When +Includes is not set and we disable mod_include, tell the administrator where this happened.

Various code cleanup to avoid compiler, cppcheck, or clang warnings: modules/debugging/mod_firehose.c: Make some internal functions static (to do: logs_cleanup() is unused) modules/filters/mod_charset_lite.c: Remove dead assignments modules/filters/mod_include.c: likewise modules/metadata/mod_usertrack.c: likewise modules/proxy/mod_proxy_ftp.c: likewise modules/ssl/ssl_engine_pphrase.c: likewise modules/proxy/mod_proxy_balancer.c: likewise; Remove NULL check that can never happen modules/proxy/proxy_util.c: Axe NULL-check that can never happen and if it would, it would just mask another bug os/unix/unixd.c: likewise modules/http/http_filters.c: Remove sub-condition that is always true modules/lua/mod_lua.c: Add default cases to switch statements modules/generators/mod_autoindex.c: Unsigned value can never be < 0 server/util_expr_eval.c: Fix compiler warnings with VC and on OS2

Add lots of unique tags to error log messages

mod_include: The SSIAccessEnable directive existed to ensure the addition of the "-A" syntax would not break existing configurations in v2.2. Remove the directive for v2.4, defaulting the behaviour to enabled.

mod_include: Add support for application/x-www-form-urlencoded encoding and decoding.

regex related cleanups: - use AP_MAX_REG_MATCH where appropriate - in mod_proxy_ftp, compile the "ls -s1" regex only once instead of once per request - add some coments

Cleanup effort in prep for GA push: Trim trailing whitespace... no func change

Simplify some overly complicated code using apr_brigade_putstrs and apr_pstrcat Submitted by: Christophe Jaillet <christophe jaillet wanadoo fr>, Stefan Fritsch

Add string valued expressions to ap_expr, do some API cleanup - add possibility to have expressions that evaluate to a string and not to a boolean value - modify ap_expr_parse_cmd() interface to support this and make it more convenient to use in general - rename AP_EXPR_FLAGS_* to AP_EXPR_FLAG_* for consistency

Simplify code with ap_str_tolower() Submitted by: Christophe JAILLET <christophe jaillet wanadoo fr>

Fix cut'n'paste error

Use the new "ap_expr" expression parser. The old parser can still be used by setting the new directive SSILegacyExprParser

Fix config setting after r1128430 has changed some elements from int to char

properly merge directory configs in mod_include

Fix various "variable 'x' set but not used" warnings.

mod_include: Add the onerror attribute to the include element, allowing an URL to be specified to include on error.

Put the expression parser back into mod_include This reverts r642559 and r642978

mod_include: Move the request_rec within mod_include to be exposed within include_ctx_t.

mod_include: Reinstate support for UTF-8 character sets by allowing a variable being echoed or set to be decoded and then encoded as separate steps. PR47686

Intel's compiler warns about assigning the non-enum value 0 to the enumeration apr_finfo_t.filetype, which is done when forgetting the previously-derived file type use the appropriate enum value APR_NOFILE instead Also change comparisons of the field with 0 to use APR_NOFILE instead, as is the practice of some existing code.

- Remove a load of unused variables (or variables that are set but never read). - Move some declarations into the correct #ifdef scope. I couldn't compile/test netware, but the changes look obvious enough.

mod_include: recognise "text/html; parameters" as text/html PR 49616 diagnosed by Andrey Chernov

Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take advantage of per-module loglevels

Allow fine control over the removal of Last-Modified and ETag headers within the INCLUDES filter, making it possible to cache responses if desired. Fix the default value of the SSIAccessEnable directive.

* modules/filters/mod_include.c (handle_printenv): Fix handling of lazy variables, courtesy of LLVM scan-build.

Bring back OS/2 support. Reverses r758929 with a little bit of conflict resolution.

Update r795445 patch in the light of rpluem's comments on-list

Typo fix

Fix mod_include potential segfault checking backref from unmatched regexp http://markmail.org/message/jlc7t5edsjujbe37 Patch by rpluem, lars, niq

Security fix for CVE-2009-1195: fix Options handling such that 'AllowOverride Options=IncludesNoExec' does not permit Includes with exec= enabled to be configured in an .htaccess file: * include/http_core.h: Change semantics of Includes/IncludeNoExec options bits to be additive; OPT_INCLUDES now means SSI is enabled without exec=. OPT_INCLUDES|OPT_INC_WITH_EXEC means SSI is enabled with exec=. * server/core.c (create_core_dir_config): Remove defunct OPT_INCNOEXEC from default override_opts; no functional change. (merge_core_dir_configs): Update logic to ensure that exec= is disabled in a context where IncludesNoexec is configured, even if Includes-with-exec is permitted in the inherited options set. (set_allow_opts, set_options): Update to reflect new semantics of OPT_INCLUDES, OPT_INC_WITH_EXEC. * server/config.c: Update to remove OPT_INCNOEXEC from default override_opts; no functional change. * modules/filters/mod_include.c (includes_filter): Update to reflect new options semantics - disable exec= support if the OPT_INC_WITH_EXEC bit is not set. Submitted by: Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, jorton Thanks to: Vincent Danon <vdanon redhat.com>

remove OS/2 platform support

Prevent a case of SSI timefmt-smashing with filter chains including multiple INCLUDES filters: * modules/filters/mod_include.c (add_include_vars): Drop unused timefmt argument. (add_include_vars_lazy): Take timefmt argument. (get_include_var, handle_printenv): Pass time format from context. PR: 39369

Add support for escaping all non-ascii chars to ap_escape_html, and use it to fix PR#25202: encoding="entity" doesn't work as advertised in mod_include. For backport, this'll need an ABI-preserving version that'll be a minor MMN bump. But if we do that in /trunk/, it'll never change.

Update mod_include for ap_expr update

Update mod_include to use ap_expr API

* Set aside buckets that remain unprocessed in the filter context for the next filter pass. PR: 44447 Submitted by: Harald Niesche <harald brokenerror.de> Reviewed by: rpluem

core: Add the option to keep aside a request body up to a certain size that would otherwise be discarded, to be consumed by filters such as mod_include. When enabled for a directory, POST requests to shtml files can be passed through to embedded scripts as POST requests, rather being downgraded to GET requests.

Move the accessenable variable into the private ssi_internal_ctx structure instead of the public include_ctx_t structure.

mod_include: Add an "if" directive syntax to test whether an URL is accessible, and if so, conditionally display content. This allows a webmaster to hide a link to a private page when the user has no access to that page.

Multiple trivial fixes from Christophe JAILLET PR 38699, 39518, 42005, 42006, 42007, 42008, 42009 The patches are all his, and are sufficiently trivial to review at a glance.

update license header text

Update the copyright year in all .c, .h and .xml files

APR_FILEPATH_NOTABOVEROOT was undefined with a left-hand NULL or empty path. The SECUREROOTPATH and NOTABSOLUTE tests were sufficient for this application. Adjusts for a bug in earlier versions of APR with this undefined value.

No functional Change: Removing trailing whitespace. This also means that "blank" lines consisting of just spaces or tabs are now really blank lines

gcc -Wall cleanup

* modules/filters/mod_include.c (handle_include): Fix possible variable corruption with nested includes. PR: 12655

Move the POSIX reg* implementations into the ap_* namespace; internalise the ap_reg*<->PCRE wrapper: * configure.in: Add srclib/pcre to the include path. * include/ap_regex.h: Renamed from include/pcreposix.h. Prefix all constants with AP_; prefix all functions and types with ap_. Define AP_DECLARE to nothing if necessary. Remove regcomp error codes. * include/httpd.h: Include ap_regex.h not pcreposix.h. (ap_pregcomp, ap_regexec, ap_regfree): s/regex_t/ap_regex_t/. (ap_regexec, ap_regerror): Prototypes moved to ap_regex.h. * server/util.c (regex_cleanup, ap_pregcomp, ap_pregsub, ap_pregfree): Adjust for ap_ prefixed types. (ap_regexec, ap_regerror): Removed. * server/Makefile.in: Build util_pcre.c. * server/util_pcre.c: Copied from srclib/pcre/pcreposix.c; remove use of PCRE-internals to do error mapping; rename types to add AP_/ap_ prefixes as above. Use APR includes. (ap_regerror): Use apr_snprintf. * srclib/pcre/Makefile.in: Don't build pcreposix.c into libpcre.la. * modules/*: Update to use new type and constant names. PR: 27750 (part one) Submitted by: Andres Salomon <dilinger voxel.net>, Joe Orton

Update copyright year to 2005 and standardize on current copyright owner line.

Remove deprecated APR_STATUS_IS_SUCCESS() macro in favor of direct test against APR_SUCCESS.

* modules/filters/mod_include.c (send_parsed_content): Only destroy the temporary brigade if it wasn't passed on to the next filter.

fix name of The Apache Software Foundation

fix copyright dates according to the first checkin

apply Apache License, Version 2.0

bust the "recursive include" test. It's no longer necessary and prevents users from careful use of the feature.

fix a rewrite mistake: restore the ability to expand variables within <!--include file...-->.

remove superfluous assignment

update license to 2004.

update the misconfigured INCLUDES skipping code to remove itself, so it'd complain only once PR: Obtained from: Submitted by: Reviewed by: Jeff Trawick, Bill Rowe

complain via error_log when mod_include's INCLUDES filter is enabled, but the relevant Options flag allowing the filter to run for the specific resource wasn't set, so that the filter won't silently get skipped. PR: Obtained from: Submitted by: Reviewed by: nd

no longer allow an ETag header in 304 responses. PR: 19355 Submitted by: Geoffrey Young <geoff@apache.org>

Fold in the CAN-2003-0542 regex patch.

fix segfault which occured if the filename was not set, for example, when processing some error conditions. PR: 23836

fix snprintf format type warnings

void * can't be used as a function pointer without casting

switch to APR 1.0 API (which is still in flux) because of the changes to the argument lists of apr_mmap_dup and apr_socket_create, 2.1-dev won't build with apr and apr-util's 0.9 branch anymore

allow the undefined echo string to be configured via <!--#config echomsg="..." -->

allow SSIUndefinedEcho per directory

be nice and accept == as well as token_eq.

cleanup the TOKEN_AND/OR tree generation code. - check more exactly whether the previous token is correct - flip the tree from left-weighted to right-weighted, which is more natural and more efficient, since we don't need to loop up to the root, but just until the next and/or token. - that way, flip the short circuit evaluation again to cut the right side now if possible...

the extra buffer variable is no longer needed.

simplifications. Don't repeat the same code again and again.

hrm. reverting my last commit. TOKEN_GROUP is a protection against many invalid expressions. Checking these all manually would take a lot more cycles than it'd save. Sorry.

TOKEN_GROUP is nothing but an identity operator, it gateways the result of the enclosed expression. Since this expression will never touched again during the tree-building stage, we can safely strip TOKEN_GROUP from the tree and later evaluate the child directly. The only side effect of this change is, that grouped strings on the left side of EQ/NE/etc are now allowed (was invalid before), which is acceptable IMHO (e.g. (foo bar baz) = zzzip)

cleanup TOKEN_EQ, NE, LT & co tree generator: - the left side of such an operator can *only* be a string - get a rid of the while-loop and re-organize the code to better reflect what we're actually doing there

minor optimization.

forgot to add these debugging outputs

improve debugging output

since our parse tree is left-weighted, the short circuit evaluation is way more useful if we short circuit the left side. So evaluate the right side first. This, however, reverses my statement about regex optimization (you have to put them onto the right side of an && or || operator to get a chance that the left side will be cutted).

TOKEN_RE is only valid on the right side of EQ or NE. (previously this error was caught during the evaluation stage)

TOKEN_NOT and TOKEN_LBRACE duplicate exactly the same tree generation code. Get a rid of this duplication.

readability improvement. Handle the case of the current token being the first parsed explicitly. There's probably also a minor performance improvement on invalid expressions ... ;-)

shorten the code by reversing the case conditions

fix compiler warning on win32

short circuit && and || evaluation. For backwards compat this is only possible if there's no regex on the short circuited side (since it fills in the backref data). The user may optimize this by putting the regex onto the left side of the operator.

simplify the dumper code

if the tokenizer hits a string which begins with a backslash, this backslash will be skipped and not recognized as an escape character. That way, <!--#if expr="\)"--> or the like won't work correctly. Fix it now.

same cleanup applies to TOKEN_LBRACE

cleanup TOKEN_NOT tree generation code: - remove useless stuff - shorten the code by inverting the switch/case conditions

keep the parse tree consistent if a binary operator occurs within parentheses.

Ha! Wrote this combined tree dumper and consistency checker just for fun. ...and saw that the expression parser generates inconsistent trees under some circumstances. So I've decided that the dumper code may be of public interest :). The actual bugfixes will follow later.

typo

replace is_only_below stuff with apr_filepath_merge. I hope the flags are correct :)

remove the rest of the artifical string limitations

cleanup the conditional expression parser for - improved efficiency and memory footprint - improved readability - style This includes an overhaul of the debugging macros, mostly that they are not always in the way if one tries to understand the code ;-)

style

cleanup regex stuff. regexps are now handled more graceful (give warnings on out of range or undefined captures).

don't waste memory, if someone configures another error message or timeformat during runtime. The common case doesn't need max_string_len at all and won't be configured more than one or two times.

overhaul of ap_ssi_parse_string - improve efficiency and memory footprint (don't use the power-of-two allocator) - allow the combination of out = NULL && length = 0, which means that the resulting expansion is unlimited in length

drop superfluous argument from ap_ssi_parse_string. The new API should now be stable.

cleanup handle_printenv function

cleanup handle_set function

cleanup handle_else and handle_endif functions

cleanup handle_elif function. It now allow only one argument as well.

cleanup handle_if function. It now allow only one expr="..." argument.

cleanup handle_flastmod function

cleanup handle_fsize function

cleanup handle_config function

cleanup handle_echo function

cleanup handle_include function. - use new ctx->argc member - simplify code nesting and improve readability

- clean up configuration routines - give bndm a neater interface - naming style improvements

before working further, bring some kind of system into the stuff and (re-)order the code. That should finally improve readability...

further cleanup. No *real* code change. (mostly macro cleanup)

bump mod_include's external API. The API is now more simple and expected to be better extensible without breaking binary compatibility, since an opaque pointer to internal structures is part of the public context. (We can easily add APi functions that operate on this internal struct). I've tried to keep this change as small as possible - sorry for the big diff though, but the commit should be atomic. mod_cgi and mod_cgid won't compile until the next commit, anyway.

now drop the old code

major overhaul of mod_include's filter parser. Note that the new code contains a thin wrapper to ensure binary compatibility. (needed for 2.0 backport). This is a two-tiered commit for better diffs. This one inserts the new code (old code #if'd out).

Fixed a trio of mod include bugs. The first two were reported and investigated by Ron Park on dev@httpd in msgid <161E04AB9955D54E826FD86360578554D27087@169.32.17.10.nat.cnet.com>; the third was reported by Kevin Varley in PR 21095. Bug 1: An incorrect parameter to bndm() was causing start sequences that spanned buckets to drop characters. Bug 2: Failed conditional text spanning brigades would cause portions of the text that should have been removed to be present anyway. Bug 3: Dropped characters when the end sequence spanned an 8000-byte boundary with MMAP off. PR: 21095 Submitted by: Ron Park <ronald.park@cnet.com>, Andr� Malo, Cliff Woolley

finished that boring job: update license to 2003. Happy New Year! ;-))

Remove warnings seen with Sun's Forte compiler.

Continue the Bill Rowe apr_size_t crusade.

Add a filter_init function to the filters so that a filter can execute arbitrary code before the handlers are invoked. This resolves an issue with incorrect 304s on If-Modified-Since mod_include requests since ap_meets_conditions() is not aware that this is a dynamic request and it is not possible to satisfy 304 for these requests (unless xbithack full is on, of course). When mod_include runs as a filter, it is too late to set any flag since the handler is responsible for calling ap_meets_conditions(), which it should do before generating any data. If a module doesn't need to run such arbitrary code, it can just pass NULL as the argument and all is well. PR: 9673 Reviewed by: Ryan Bloom and others

Remove the old EOS logic that I neglected to delete on the last commit, and add a check for ap_pass_brigade() failure

Cleaner handling of unterminated SSI directives

Fixed the EOS handling for partial SSI directives at the end of brigades. (This was causing us to produce no output, not even an HTTP response header, for a document containing an unterminated "<!--#" directive

Fixed a bug in the handling of nested if-statements in shtml files PR: 9866

I have no earthly idea what this comment is referring to. Nuke it.

Fix for suexec execution of CGI scripts from mod_include (including security patch to ensure that <!--#include file="name.cgi"--> is run as the suexec user rather than the httpd user) PR: 7791, 8291 Submitted by: Colm MacCarthaigh <colmmacc@redbrick.dcu.ie> Reviewed by: Brian Pane

Fix for mod_include's parsing of "/regexp/" expressions in <!--#if directives Submitted by: Julius Gawlas <julius_gawlas@hp.com> Reviewed by: Brian Pane

stop using APLOG_NOERRNO in calls to ap_log_[pr]error()

Fix for PR 8462: When tokenizing an unquoted string literal, don't consume a ')' that immediately follows it.

don't call strchr(); we have a safer version -- ap_strchr_c() Submitted by: Stas Bekman Reviewed by: Jeff Trawick

Fix for the boundary case in which each character of an SSI directive is in a separate bucket...the code in send_parsed_content() doesn't expect a case where ctx->state==PARSE_DIRECTIVE but ctx->tag_start_buffer is NULL. So in found_start_sequence(), we set ctx->tag_start_buffer to point to the next bucket if the end of the <!--# is at the very end of the current bucket.

Get rid of overlay bogosity by copying the static string to the stack. This keeps DEBUG_INCLUDE from segfaulting.

Remove an invalid comment. (The only way that the bucket will contain only a single byte is if slen==1, meaning that we've replaced <!--# with a single-character token, and that character is the first character in the bucket. If that happens, then pos+slen (aka 1) is the right amount by which to increase bytes_parsed.

Mix 'n match signedness? Make some emits go away.

This patch fixes a core dump that occurs in mod_include during tag parsing if the starting sequence (<!--#) finishes at the end of a bucket and the directive starts at the beginning of the next bucket. There is still a bug in the handling of conditional directives that span buckets, but the core dump is now fixed and the conditional bug should be even rarer than the core dump was. I'm fixing the conditional bug seperately.

pointer subtraction yeilds a ssize_t, fix emit by notating the expression in terms of addition

BUCKET FREELISTS Add an allocator-passing mechanism throughout the bucket brigades API. From Apache's standpoint, the apr_bucket_alloc_t* used throughout a given connection is stored in the conn_rec by the create_connection hook. That means it's the MPM's job to optimize recycling of apr_bucket_alloc_t's -- the MPM must ensure that no two threads can ever use the same one at the same time, for instance.

Allow variable expansion within in the "var" arg to <!--#echo and <!--#set, so that people can do things like this: <!--#echo var="${foo}_${bar}" -->

Replaced my fix for the is_only_below() bug with Cliff's faster and simpler version. Submitted by: Cliff Woolley

Fixes for three problems in mod_include: * The ctx->tag_length computation in find_end_sequence() was a bit broken in cases where there was a "false alarm" match on a partial "-->" * The ap_ssi_get_tag_and_value() function needs to avoid walking off the end of the string. After debugging this some more, I ended up using Cliff's original patch. * Infinite loop in is_only_below()

Stop the while loop from incrementing twice per iteration before checking for the NULL terminator. This was causing the while loop to walk off the end of any string with an odd number of characters.

Revert my last fix, which broke more things than it fixed

Don't walk past the end of the tag in ap_ssi_get_tag_and_value() Discovered by: Cliff Woolley

ap_run_sub_req does not return apr_status, so we shouldn't be checking APR_STATUS_IS_EPIPE(). Also, remove the code that assumed the sub_req_lookup_uri actually served up the content in the quick handler. We now call the quick_handler in ap_run_sub_req()

Small performance optimization for find_end_sequence(): when we find the start of a directive, scan through the rest of it in a minimal loop before popping back out to the main char-at-a-time parser loop

Commit 1 of 2 to: 1. rename ap_rset_content_type to ap_set_content_type 2. reverse the arguments on the call to aligh with ap_set_content_length

First commit to introduce accessor function to set r->content_type..

Performance fix for ap_ssi_get_tag_and_value: do a lightweight scan through the tag value until/unless we reach a backslash that necessitates the more complicated scanner loop. In cases where there isn't a backslash in the tag value, this reduces the overhead of the scan from 5 comparisons per character to 3.

Another optimization for find_end_sequence: once we're in the middle of parsing a tag, consume the entire tag in a quick loop, rather than jumping back to the outer state-machine loop for each character

Small performance improvement for find_end_sequence()

Update our copyright for this year.

fix the remaining sizeof(token.value) bogosity

Fix some mod_include bugs which broke the evaluation of some expressions. There are a few instances of the same basic problem which are not yet fixed and which I have marked with /* XXX.*FUBAR*/. PR: 10108

new directive SSIUndefinedEcho. this allows webadmins to change the default '(none)' to something a bit more presentable (eg <!-- undef -->) PR: Obtained from: Rex (the hack he had to fix this was so ugly I was forced to do this) Submitted by: Reviewed by:

As hinted on dev@httpd, change filter naming schemes to match our expectations of their usage. The reason that we should make this change now is that we have changed the implied meaning of AP_FTYPE_HTTP_HEADER - some users of this should be PROTOCOL while others should be CONTENT_SET. In order to clarify it, toss all of the bogus names and force the filter writers to make sure they understand what they are doing. CONTENT_SET is new (horrible name - change if you have better idea), but it indicates that it should run between RESOURCE and PROTOCOL. mod_deflate is the ideal CONTENT_SET filter. The changed type names are: CONTENT is now RESOURCE. HTTP_HEADER is now PROTOCOL. However, most filters that used HTTP_HEADER may want CONTENT_SET. (Only things like POP and HTTP belong as PROTOCOL.) MMN bump since all filters need to be recompiled due to filter reordering.

Use the new APR_BRIGADE_PREPEND() macro

Fix for the code that handles SSI tokens that span multiple buckets: if a brigade containing an incomplete "<!--#" token has been set aside in ctx->ssi_tag_brigade, we need to retrieve and output the contents of that brigade if the next bucket (in the next brigade) doesn't actually complete the "<!--#". As part of this commit, I've commented out the recent changes to detect flush buckets in the brigade, due to segfaults. (I think the fix may be to add some checks for sentinels and EOS when advancing to the next bucket after the flush bucket.)

notes need to be 'set' at the main requests pool not the 'sub-request' as notes live in the parent's request lifetime. PR: Obtained from: Submitted by: Reviewed by:

baby steps this fixes the case where we have a SSI start tag split up over multiple buckets. BTW HTTPD-test is failing. but it was failing on 2.0.32 version of mod-include as well PR: Obtained from: Submitted by: Brian Pane Reviewed by: Ian Holsman

make it work with flushes make the false alarm not as generic PR: Obtained from: Submitted by: Reviewed by: Ian, Brian, Justin

fix problem where a unmatched tag was not sent if it was at the end of a bucket Obtained from: Alla Teper noticed it Submitted by: Reviewed by: Cliff/Justin

These changes are to allow caching of subrequests via a quick_handler. * Change SUBREQ_CORE so that it is a HTTP_HEADER (20) filter instead of a content filter (10) this allows subrequests to add content filters properly * Change subreq handling of 'handle-include' so that it splits/passes the brigade before the subreq is created. (This allows quick_handler to push content back from this phase)

Fix a segfault in mod_include which was found by Sander Striker using an APR_POOL_DEBUG/ElectricFence build.

Removed the creation of a temporary pool in the expression parsing code. Now that the code no longer allocs huge buffers (based on the last commit), there's no need to incur the overhead of creating a temporary pool just to clean up the storage quickly. This saves a lot of space (because the temp pool used 8KB) and a small amount of processing time. As a side-effect of this change, we don't need the gotos any longer.

Allocate only as much data as we need to hold token values in the "<!--#if" processing code, rather always allocating an 8KB structure

Cleaned up a couple of ap_ssi_parse_string calls that I missed in the last commit

Eliminated various large (8KB) string buffers from the stack in mod_include by adding support for a power-of-two pool-based allocator in ap_ssi_parse_string(). (The default operation of this function is backward-compatible, to support the other modules that call it.) This change should help reduce memory usage for servers delivering shtml pages.

Saw this bug several hours ago, but it slipped my mind. We no longer skip over the leading '/' character, since the token_re already strips the / delimiters.

Return the correct $n result (assign the val, not the var!)

To provide more flexibility in handling quotes, allow the backtick quote for SSI tag arguments (e.g. <!--#echo val=`foo` -->). This helps with arguments containing both single and double quotes.

We never test for success in memory allocation

Ever tried to extract some value of QUERY_STRING from within SSI? Now you can :) Provides $0..$9 results for any regex evaluation, and strengthens the expr parser for regex expressions.

allow mod_include to handle different start/end tags instead of the default <!-- --> ones. PR: Obtained from: Submitted by: Reviewed by:

Use r->content_type instead of r->handler to screen out non-html requests when doing the xbithack check (thanks to wrowe for the suggestion)

Fix to make xbithack work again

Improvements suggested by Brian Pane, first assure all OS's get to deal with handler 'server-parsed', do the xbithack bit tests before testing it's string values (protected against a null point). And make it [perhaps] more legible.

Context mustn't be transformed in the insert_filters hook, it merely provides a point to insert filters already determined. We can't wait for the insert_filters phase to 'redetermine' such things. Everything we are doing here can reliably occur in the fixup phase, after the types phase has completed.

Another example, wherein our example in code/conf doesn't match our recommended practices

Rearranged the code in mod_include's BNDM string-search function for faster execution. This new code short-circuits out of the inner scanning loop after a single comparison when it hits a character not in the "<!--#" pattern. Compared to the previous code, this version does more work for characters in the pattern and less work for characters not in the pattern. In practice, the net result seems to be a speedup for typical shtml files, where characters in the pattern are less common than characters not in the pattern.

cleaned up bucket types and removed the extraneous clearing of a buffer

Removed the comment suggesting the use of apr_table_overlap() in add_include_vars() (because I just tried it, and it made the function slower)

Fixed the logic for detecting sentinel or EOS in send_parsed_content

Fix for segfault that happened upon reaching EOS in an intermediate SSI parsing state Submitted by: Justin Erenkrantz

Switched from heap bucket to pool bucket for SSI echo directive

updated some comments to accurately reflect the current code

When checking for "file" or "virtual" as an argument to "<!--#", check for "virtual" first. That's the more likely case (assuming that people follow the recommendation in the mod_include documentation that "virtual" be used in preference to "file"), so by checking for "virtual" first we can short-circuit out of the conditional after one strcmp instead of two.

Added code to ap_ssi_get_tag_and_value() to avoid converting SSI tags to lowercase when they're already lowercase (in my experience, this special case happens often enough to be worth optimizing)

Added faster logic for decodehtml to handle the special case where the string being decoded doesn't have any ampersands in it (e.g., because it's the value for an 'include virtual=...')

Exclude the terminating null byte from the length of strings passed to apr_hash_get/apr_hash_set (this matches the convention used throughout the rest of the httpd, and it saves a small amount of processing)

Fix the handling of SSI directives in which the ">" of the terminating "-->" is the last byte in a file (previously, the output of the directive was lost in this case).

short-circuit out of xbithack_handler immediately if xbithack isn't enabled, and use strcmp instead of ap_strcmp_match for comparing against a non-wildcard pattern

Modify post_config hook so that it can return a error, causing the server not to start. previous method was to call exit(1) which would not fail gracefully PR: Obtained from: Submitted by: Reviewed by: (Idea only Jeff Trawick)

fix for a segfault that occurred when mod_include was used to deliver files shorter than 5 bytes

optimized away some pointer arithmetic in the inner loop of the BNDM string-search function

Fixed the behavior of the XBitHack directive. PR: 8804 Submitted by: Taketo Kabe <kabe@sra-tohoku.co.jp>, Cliff Woolley

Fix a file descriptor leak in mod_include. When we include a file, we use a sub-request, but we didn't destroy the sub-request immediately, instead we waited until the original request was done. This patch closes the sub-request as soon as the data is done being generated. This passes all tests in the test suite. Submitted by: Brian Pane <bpane@pacbell.net> Reviewed by: Ryan Bloom and Cliff Woolley

Remove the returned-length "w" parameter from apr_bucket_heap_create() and apr_bucket_heap_make(). It was useless, since the length is invariant from the length passed in and from the resulting bucket's b->length. This takes care of a long-standing issue first brought up in February and discussed on the dev@apr list. (Issue #2 from the "Bucket API Cleanup Issues" thread.) See http://marc.theaimsgroup.com/?l=apr-dev&m=98324983126666&w=2 Reviewed by: Ryan Bloom (concept)

This patch changes the apr_table_elts macro so that it provides access to the internals of an apr_table_t via a const pointer instead of the current non-const pointer. Submitted by: Brian Pane <BPane@pacbell.net> Reviewed by: Ian Holsman

This patch zero-fills just the integer and pointer fields in the structure, plus the first byte of each of the string buffers. This updated version of the patch doesn't allocate space for the error_str and time_str buffers in the mod_include filter context until/unless they're actually needed. --Brian Submitted by: Brian Pane <bpane@pacbell.net> Reviewed by: Ian Holsman

Oftentimes, I make no sense whatsoever. (Clean up comment, really...)

Fix case where an included file may change but the shtml file has not - since we returned Last-Modified/ETag headers, we said that it was possibly cacheable. Wrong. See RFC 2616 13.3.4 for more details (these are SHOULD/MAY clauses, so I think we can discard them when we are dealing with dynamic data). (Justin cleaned up the comment to cite RFC 2616.) Submitted by: Ian Holsman <ianh@cnet.com> Reviewed by: Justin Erenkrantz, Aaron Bannert, Brian Pane

Change the type to be consistent with wrowe's changes.

Nothing complains when I change these ints for consistency to apr_size_t.

apr_filepath_merge includes APR_FILEPATH_SECURE_ROOT tests that can easily (and cross-platform, safely) assure a path is within a given root.

Fix error in Netware-specific code. (This really should be an APR function - if it isn't already...) Now I know why my editor was thinking this file was completed wacked w.r.t. braces.

Make find_start_sequence use the BNDM search algorithm. We handle edge cases via the old slow mechanism. Previously, find_start_sequence would be responsible for ~25% of the usr CPU time in tests (as performed by Ian). No more.

silence compiler warnings (these weren't really bugs)

Fix uninitialized variable warning. (This was a bug.) Submitted by: Cliff's compiler (warning) and Brian Pane (fix) Reviewed by: Justin Erenkrantz

**NO CODE CHANGES** This is a reformat commit *ONLY* Please drive on through. (If I have to work with this file any more, I want it in our style...)

- Remove extra include_module line - dunno how that got there. - make lazy_eval_sentinel a const - create #define for &lazy_eval_sentinel (LAZY_VALUE) - create get_include_var function (get, check, get real value if lazy) - cleanup the printenv call to be a bit more streamlined (can't use get_include_var here since it is iterating through the table here - well, you could do that, but I won't...) Submitted by: Greg Stein (concept) Reviewed by: Justin Erenkrantz

Make mod_include do lazy evaluation of potentially expensive to compute variables. Tested with httpd-test's printenv.shtml. (Justin threw in one or two unrelated formatting nits) Submitted by: Brian Pane <bpane@pacbell.net> Reviewed by: Justin Erenkrantz

Make mod_include check for BYTE_COUNT_THRESHOLD on a per-bucket basis rather than on a per-character basis. A significant amount of time was spent checking the limit. A better place to check for the threshold is when we read the bucket in not as we read each character in the bucket. If a bucket manages to be 200MB, it is not this code's problem as it is a mere filter. I ran this with the mod_include stuff in httpd-test and it looks good from here. Submitted by: Brian Pane <bpane@pacbell.net> Reviewed by: Justin Erenkrantz, Ryan Bloom, Greg Stein, Cliff Woolley, Paul Reder, etc, etc, etc...

Fix a segfault with mod_include when r->path_info is not set (which is the case with mod_proxy). My only question about this is whether we should place some value (such as <UNKNOWN>) when path_info isn't set. Submitted by: Ian Holsman <ianh@cnet.com> Reviewed by: Justin Erenkrantz

Moved split_and_pass_pretag_buckets back to being a macro at Ryans's request. Removed the return from it by setting and returning a return code instead. Updated the code to check the return code from teh macro and do the right thing.

The consensus now is that mod_include should just butt out of any decisions about what to do with different request methods. It's true that mod_include in 1.3.x did not allow POST, but back then it was a handler. Now it's a filter and can be used to filter the output of dynamically generated responses, even ones resulting from a POST request. So if mod_include is in the filter stack, it should just blindly parse the brigade regardless of request method. This still fixes the security problem, it just fixes it by being more flexible rather than less so.

Fix a security problem which would allow an SSI document to be passed to the client unparsed. Reported by: Brian Pane

Add the ability for mod_include to add the INCLUDES filter if the file is configured for the server-parsed handler. This makes the configuration for .shtml files much easier to understand, and allows mod_include to honor Apache 1.3 config files. Based on Doug MacEachern's patch to PHP to do the same thing.

fix bogus include recursion error when q->uri and rr->uri are both: "INTERNALLY GENERATED file-relative req" PR: Obtained from: Submitted by: Reviewed by:

Sanitize all the wacky indentation in this block prior to commiting the real fix. No functional change.

fix what would seem to be a serious problem in split_and_pass_pretag_buckets(): the retcode is not specified on one of the paths

Fix for mod_include. Ryan's patch to check error codes put a return in the wrong place. Also, the include handler return code wasn't being checked. I don't like macros with returns, so I converted SPLIT_AND_PASS_PRETAG_BUCKETS into a function.

whoops! replace two post 2.0.24 fixes I accidently wiped out yesterday. Reported by: Jeff Trawick, Paul Reder

get rid of nuisance log messages due to subrequests failing with EPIPE

Fix a segfault in mod_include when the original request has no associated filename (e.g., we're filtering the error document for a bad URI). Reported by: Joshua Slive

Fix a minor issue with Jeff Trawick's mod_include patch. Without this patch, the code will just allocate more bytes in get_combined_directive than are needed.

Fix a problem in mod_include when we reached the BYTE_COUNT_THRESHOLD after parsing the first part of the tag. We could get errors like [error] [client 127.0.0.1] unknown directive "<!" in parsed doc filename

we're only going to re-scan the directive when we're in PARSE_DIRECTIVE state, so only reset directive_length when in that state

Fix a problem parsing tags. We're in find_end_sequence() walking over the directive and the rest of the tag but we stop parsing so we don't walk over too much storage (e.g., mmap) at once). When we resume later, ctx->directive_length has the value it had when we bailed out, so directive_length is wrong and we hit errors like: [Fri Aug 17 11:12:06 2001] [error] [client 127.0.0.1] unknown directiv e "include virt" in parsed doc /home/trawick/apacheinst/htdocs/manual/ mod/mod_include.html

Fix the new method code. We need to cast 1 to an apr_int64_t or it will be treated as a 32-bit integer, and it will wrap after being shifted 32 times. Submitted by: Cody Sherr <csherr@covalent.net> and Ryan Morgan <rmorgan@covalent.net>

Fixed an error in ap_ssi_get_tag_and_value(). It was not placing the null terminator in the right spot for the tag_val if the value contained backslashes. This caused #if, #elif, and #else expressions with backslashes to be incorrectly evaluated.

I forgot to catch all the other return calls in this function, so this cleans up the warnings. Thanks OtherBill for beating me up about this. :-)

Add a handler to mod_includes.c. This handler is designed to implement the XbitHack directive. This can't be done with a fixup, because we need to check the content-type, which is only available in the handler phase. PR: 7751

Make the includes filter check return codes from filters lower in the filter chain. If a lower level filter returns an error, then the request needs to stop immediately. This allows mod_include to stop parsing data once a lower filter recognizes an error. PR: 8102

That's it. There are no further emits for signedness or size conversion in MSVC 5.x. Enough for 2.0.22, I'll revisit under -w4 (msvc's -wall) and attack the other modules in 2.0.23-dev.

Change over to apr_strfsize() for apr_off_t file size formatting.

The bucket should be created with the size of the data NOT including a null terminator as its length. Otherwise, the bucket length value is wrong (too big by one).

fix a typo (duplicate return statement) Submitted by: Justin Erenkrantz

Fix a cosmetic problem with mod_include. Non-existant SSI vars used to appear as '(none', without the closing paren. Submitted by: G�nter Knauf <eflash@gmx.net>

Add a pool to the ap_save_brigade prototype. This removes a todo from the comments that is really necessary before the setaside stuff will work properly.

filters should return APR status codes

Revert about half of the last commit because of an oversight on my part that broke it. Unfortunately, fixing the oversight "the right way" is almost as ugly as the original code; it's easier to just go back to the way it was, at least for now. The problem is that the original code would delete buckets from foo through bar in the brigade, and the patched code deletes *everything* up through bar, which is bad. I could have fixed it by doing two splits, but that introduces too many palloc's for my taste. It's also fixable with RING macros, but I refuse to start using RING macros directly on brigades. The best solution would be if there were a brigade equivalent to a RING_UNSPLICE/ RING_INSERT_HEAD sequence (this sequence is also used interally by apr_brigade_split(), btw), something like this: APR_BRIGADE_TRANSFER_BUCKETS(oldbrigade,newbrigade,startbucket,endbucket); Absent that, the affected parts of the patch are hereby reverted (grumble, grumble). If people liek the APR_BRIGADE_TRANSFER_BUCKETS() idea, I'll implement that and repatch mod_include later.

Change mod_include to use the latest bucket API tricks. This gets rid of some obscure while loop magic that had to be done before, making mod_include easier to read and a better example for future filter writers. There should be no semantic changes in this patch... just a 1-to-1 mapping from while loops to bucket API calls that do the same thing. Reviewed by: Paul J. Reder

change include_handler to include_handler_fn_t, and clean up a nasty explicit cast that could float from the include_handler_fn_t declaration.

We seem to use fn_t *fn throughout the rest of apache, so normalize this syntax for mod_include's include_handler(_t)

Always clear the C-L if we are going to try to parse the file. It is impossible for us to determine if there is going to be an SSI tag in the file until we have actually scanned it all. By that time, it is likely that the first chunk of data, and the headers have been sent to the client, and it is too late to clear the C-L. If we are parsing the file, we have to just assume we are going to change the content.

get rid of unused variable b_copy in function handle_echo() PR: 6980

Use the proper enum for the block/non-block parameter to apr_bucket_read(). A couple of these changed in meaning (e.g., 1->APR_BLOCK_READ). PR: 6980

Modify mod_include to send blocks of data no larger than 9k. Without this, mod_include will wait until the whole file is parsed, or the first tag is found to send any data to the client. Submitted by: Paul J. Reder <rederpj@raleigh.ibm.com>

Add config directives to override the DEFAULT_ERROR_MSG and DEFAULT_TIME_FORMAT. PR: 6193 Submitted by: Dan Rench <drench@xnet.com> Reviewed by: Ryan Bloom

Simplify by using apr_bucket_delete(e) where possible. (Oh, plus one tiny little loop simplification.)

Rename the module structures so that the exported symbol matches the file name, and it is easier to automate the installation process (generating LoadModule directives from the module filenames). Next step is to remove the 4th argument to the APACHE_MODULE macro completely and require people to use the matching names, and to reduce the LoadModule directive to 1 argument.... Objections?

Update copyright to 2001

*) continued header revamping *) torch some headers (and some libs) from the autoconf stuff

Clean up some of the includes: - explicitly include apr_lib.h since ap_config.h doesn't - use apr_want.h where possible - use APR_HAVE_ where possible - remove some unneeded includes

renaming various functions for consistency sake see: http://apr.apache.org/~dougm/apr_rename.pl PR: Obtained from: Submitted by: Reviewed by:

move the instantiation of includes_module out of mod_include.h

Move the logic for creating CGI processes from mod_include to mod_cgi(d). This removes a good deal of duplicate logic for creating CGI scripts.

Eliminate all assumptions that finfo.protection reflects the existance or absense of a file. finfo.filetype is defined as 0 if APR_NOFILE, or a non-zero value if the file could be apr_stat()'ed.

fix gcc warning mod_include.c: In function `find_file': mod_include.c:1281: warning: suggest parentheses around assignment used as truth value

*) Adopt apr features to simplify mod_includes. This changes the behavior of the USER_NAME variable, unknown uid's are now reported as USER_NAME="<unknown>" rather than the old user#000 result. WinNT now resolves USER_NAME on NTFS volumes. [William Rowe] ** Also fixes yet another stat result, allowing APR_INCOMPLETE

The changes required for the APR_FINFO_wanted argument to apr_stat/lstat/getfileinfo. These are -NOT- optimal, they are simply the required changes to get the server working. The size of the patch is a warning about how we need to really look at what we are trying to accomplish with all of these stat/lstat calls.

Remove ap_chdir_file. This function is not thread-safe, and nobody is currently using it. The proper way to do this, is to use the apr_create_process API.

The big change. This is part 3 of the apr-util symbols rename, please see the first commit of srclib/apr-util/include (cvs apr-util/include) for the quick glance at symbols changed.

Provide apr_pool_t arg to register_hooks, since anything they do in that step -must- be done with a pool that will not outlive the cmd pool, from which they may have been dynamically loaded.

get rid of some invalid errno references; use the apr_status_t instead

Make handlers use hooks.

Get rid of some warnings on Tru64 and OS/390. void * isn't compatible with function pointers.

Make mod_include use a hash table to associate directive tags with functions. This allows modules to implement their own SSI tags easily. The idea is simple enough, a module can insert it's own tag and function combination into a hash table provided by mod_include. While mod_include parses an SSI file, when it encounters a tag in the file, it does a hash lookup to find the function that implements that tag, and passes all of the relevant data to the function. That function is then responsible for processing the tag and handing the remaining data back to mod_include for further processing. Submitted by: Paul J. Reder <rederpj@raleigh.ibm.com> Reviewed by: Ryan Bloom

First step towards extracting the SSI handling from mod_include so that it is extensible by modules Submitted by: Paul J. Reder <rederpj@raleigh.ibm.com> Reviewed by: Ryan Bloom

Fix some lvalue casts so that we can compile with xlc on AIX. Submitted by: "Victor J. Orlikowski" <v.j.orlikowski@gte.net> Reviewed by: Jeff Trawick