Fix indent.

Turn some APR_BUCKET_REMOVE(e)+apr_bucket_destroy(e) into the equivalent apr_bucket_delete(e) to reduce code verbosity

Remove some 'register' in variable declaration.

Strip useless apr_brigade_cleanup() calls.

Avoid sending back uninitialized memory, use 'ftpmessage' in order to have something meaningful instead. Save 8k of stack by the same time.

mod_proxy: Ensure network errors detected by the proxy are returned as 504 Gateway Timout as opposed to 502 Bad Gateway, in order to be compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls.

* modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Remove unnecessary APLOGNO() for trace logging per dev@ discussion.

* modules/proxy/mod_proxy_ftp.c: Fill in APLOGNO.

* modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Simplify EPSV address handling to avoid overhead of unnecessary binary->text->binary conversion, and ensuring the socket family really matches the address used.

CVE-2012-3499 and CVE-2012-4558 Be sure to escape potential troubled strings

*) mod_proxy_ftp: Fix segfaults on IPv4 requests to hosts with DNS AAAA records. PR 40841. [Andrew Rucker Jones <arjones simultan dyndns org>, <ast domdv de>, Jim Jagielski]

Fix handling of ProxyBlock if a forward proxy is configured, and fix mod_proxy_connect to avoid an inappropriate DNS lookup: * modules/proxy/proxy_util.c (ap_proxy_checkproxyblock): Take hostname argument, make address argument optional. Check names against hostname arg, omit if addr not given. (ap_proxy_determine_connection): Adjust for the above; pass hostname from URI not the next hop. * modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Adjust for ap_proxy_checkproxyblock change. * modules/proxy/mod_proxy_connect.c (proxy_connect_handler): Adjust similarly, and avoid the DNS lookup on the request-URI hostname if a proxy is used. * include/ap_mmn.h: Bump MMN. PR: 43697

Various code clean up Submitted by: Christophe JAILLET <christophe jaillet wanadoo fr> PR: 52893

Various code cleanup to avoid compiler, cppcheck, or clang warnings: modules/debugging/mod_firehose.c: Make some internal functions static (to do: logs_cleanup() is unused) modules/filters/mod_charset_lite.c: Remove dead assignments modules/filters/mod_include.c: likewise modules/metadata/mod_usertrack.c: likewise modules/proxy/mod_proxy_ftp.c: likewise modules/ssl/ssl_engine_pphrase.c: likewise modules/proxy/mod_proxy_balancer.c: likewise; Remove NULL check that can never happen modules/proxy/proxy_util.c: Axe NULL-check that can never happen and if it would, it would just mask another bug os/unix/unixd.c: likewise modules/http/http_filters.c: Remove sub-condition that is always true modules/lua/mod_lua.c: Add default cases to switch statements modules/generators/mod_autoindex.c: Unsigned value can never be < 0 server/util_expr_eval.c: Fix compiler warnings with VC and on OS2

mod_proxy: Move ap_proxy_string_read() out of the public API into mod_proxy_ftp.

Add lots of unique tags to error log messages

Remove some getpid() logging, this is now also included in the error log format.

great proxy logging cleanup: * remove "proxy:", "FCGI", etc. prefixes and pid which are now included in the error log format * propagate frontend request's logconfig to backend request * use ap_log_rerror where possible * remove obsolete APLOG_NOERRNO

add missing 'static'

regex related cleanups: - use AP_MAX_REG_MATCH where appropriate - in mod_proxy_ftp, compile the "ls -s1" regex only once instead of once per request - add some coments

Cleanup effort in prep for GA push: Trim trailing whitespace... no func change

Avoid some memory allocations by using apr_table_setn where the string arguments are allocated from the request pool and not modified later on. Submitted by: Christophe JAILLET <christophe jaillet wanadoo fr> PR: 51358

Use APR_STATUS_IS_... in some more cases. While this is not strictly necessary everywhere, it makes it much easier to find the problematic cases.

Remove the thread mutex from the worker... it really should be in the balancer. Thus we have global and thread for the balancer. Use global when updating the full, shm list of workers; use thread when being local.

More movement to shared stuff...

Fix some compiler warnings: - suggest braces around empty body in an 'if' statement - comparison of unsigned expression >= 0 is always true - comparison of unsigned expression < 0 is always false Please review carefully.

- Be less verbose at levels INFO and DEBUG in mod_proxy* and mod_ssl - Add some trace logging to core and http

Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take advantage of per-module loglevels

Move ProxyFtpDirCharset from mod_proxy to mod_proxy_ftp.

* modules/proxy/mod_proxy_ftp.c (parse_epsv_reply): Remove redundant check for !p[0], thanks rpluem. Also update to take const argument and fix comment, since the string is not modified in-place.

Security fix - this is presumed to fix CVE-2009-3094 (the disclosed information was limited so this has not been confirmed): * modules/proxy/mod_proxy_ftp.c (parse_epsv_reply): New function. (proxy_ftp_handler): Fix possible NULL pointer deference in apr_socket_close(NULL) on error paths. Fix possible buffer overread in EPSV response parser; use parse_epsv_reply instead. Thanks to Jeff Trawick and Stefan Fritsch for analysis of this issue. Submitted by: Stefan Fritsch <sf fritsch.de>, jorton

Security fix - this is presumed to fix CVE-2009-3095 (the disclosed information was limited so this has not been confirmed): * modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Fail if the decoded Basic credentials contain "special" characters. Thanks to Stefan Fritsch for analysis of this issue.

OK, might as well finish this... Allow ServerTokens Off

remove TPF support

remove BeOS OS support

Add mod_proxy_ftp directives ProxyFtpListOnWildcard and ProxyFtpEscapeWildcards to allow filenames with globbing characters to be retrieved instead of presented in a directory listing. Submitted by: Dan Poirier <poirier pobox.com> Reviewed by: covener

Disabled DefaultType directive and removed ap_default_type() from core. We now exclude Content-Type from responses for which a media type has not been configured via mime.types, AddType, ForceType, or some other mechanism. MMN major bump to NZ time. PR: 13986

* Correctly construct base href url in the reverse proxy case.

* Rip out the old flushing approach for solving lifetime issues between the backend connection bucket allocator and front end connection bucket allocator. Instead copy the buckets from the backend over to ones that have been created using the front end bucket allocator. For metabucket this is done by recreating them, for data buckets this is done by reading them and putting the read data in a transient bucket. PR: 45792

* Prevent XSS attacks when using wildcards in the path of the FTP URL (CVE-2008-2939). Discovered by Marc Bevand of Rapid7.

* Construct a site in the reverse proxy case when there is non.

* Ensure that the SSL filters are not inserted on FTP data connections even if the virtual host that causes the proxy request has SSL enabled.

mod_proxy_ftp: Fix base for directory listings. PR 27834

Introduce the ProxyFtpDirCharset directive, allowing the administrator to identify a default, or specific servers or paths which list their contents in other-than ISO-8859-1 charset (e.g. utf-8). Submitted by: Ruediger Pluem

* Set character set for HTML outputs generated by mod_ldap, mod_proxy_balancer, mod_proxy_ftp, mod_info, mod_dav without a character set to ISO-8859-1. Submitted by: jorton

* Fix a SEGFAULT by ensuring that buckets that may have been buffered in the network filters get flushed to the network. This is needed since these buckets have been created with the bucket allocator of the backend connection. This allocator either gets destroyed if conn->close is set or the worker address is not reusable which causes the connection to the backend to be closed or it will be used again by another frontend connection that wants to recycle the backend connection. In this case we could run into nasty race conditions (e.g. if the next user of the backend connection destroys the allocator before we sent the buckets to the network). Remark 1: Doing a setaside does not help here as the buckets remain created by the wrong allocator in this case. Remark 2: Yes, this creates a possible performance penalty in the case of pipelined requests as we may send only a small amount of data over the wire.

mod_proxy_ftp: Don't segfault on bad line in FTP listing PR 40733 [Ulf Harnhammar]

*) mod_proxy: Improve network performance by setting APR_TCP_NODELAY (disable Nagle algorithm) on sockets if implemented. PR 42871 [Christian BOITEL <christian_boitel yahoo.fr>, Jim Jagielski]

Isolate the unlock return vals

Failure to unlock is very nasty, so log it to help with troubleshooting.

Replace ap_get_server_version with ap_get_server_banner() and ap_get_server_description(). High-level summary: The full server version information is now included in the error log at startup as well as server status reports, irrespective of the setting of the ServerTokens directive. Third-party modules must now use ap_get_server_banner() or ap_get_server_description() in place of ap_get_server_version().

Cleanup: Remove close_on_recycle from proxy_conn_rec. It behaves the same as close.

update license header text

Update the copyright year in all .c, .h and .xml files

No functional Change: Removing trailing whitespace. This also means that "blank" lines consisting of just spaces or tabs are now really blank lines

Remove the base href tag from mod_proxy_ftp, as it breaks relative links for clients not using an Authorization header.

mod_proxy_ftp: Fix comparison of char* to '\0' PR: 34512

Move the POSIX reg* implementations into the ap_* namespace; internalise the ap_reg*<->PCRE wrapper: * configure.in: Add srclib/pcre to the include path. * include/ap_regex.h: Renamed from include/pcreposix.h. Prefix all constants with AP_; prefix all functions and types with ap_. Define AP_DECLARE to nothing if necessary. Remove regcomp error codes. * include/httpd.h: Include ap_regex.h not pcreposix.h. (ap_pregcomp, ap_regexec, ap_regfree): s/regex_t/ap_regex_t/. (ap_regexec, ap_regerror): Prototypes moved to ap_regex.h. * server/util.c (regex_cleanup, ap_pregcomp, ap_pregsub, ap_pregfree): Adjust for ap_ prefixed types. (ap_regexec, ap_regerror): Removed. * server/Makefile.in: Build util_pcre.c. * server/util_pcre.c: Copied from srclib/pcre/pcreposix.c; remove use of PCRE-internals to do error mapping; rename types to add AP_/ap_ prefixes as above. Use APR includes. (ap_regerror): Use apr_snprintf. * srclib/pcre/Makefile.in: Don't build pcreposix.c into libpcre.la. * modules/*: Update to use new type and constant names. PR: 27750 (part one) Submitted by: Andres Salomon <dilinger voxel.net>, Joe Orton

Update copyright year to 2005 and standardize on current copyright owner line.

Rename proxy modules. * modules\proxy\mod_proxy_ajp.c * modules\proxy\mod_proxy_balancer.c * modules\proxy\mod_proxy_connect.c * modules\proxy\mod_proxy_ftp.c * modules\proxy\mod_proxy_http.c Renamed from proxy_{ajp,balancer,connect,ftp,http}.c * modules\proxy\mod_proxy_ajp.dsp * modules\proxy\mod_proxy_balancer.dsp * modules\proxy\mod_proxy_connect.dsp * modules\proxy\mod_proxy_ftp.dsp * modules\proxy\mod_proxy_http.dsp Update references to renamed files. * modules\proxy\NWGNUproxyajp * modules\proxy\NWGNUproxybalancer * modules\proxy\NWGNUproxycon * modules\proxy\NWGNUproxyftp * modules\proxy\NWGNUproxyhtp Update references to renamed files.