0d9a14afcdba2680a89f6b0b7777e914bda97c7b 1633522 |
|
22-Oct-2014 |
jailletc36 |
Fix indent. |
d29745cf3b7bc83a2b98a70d42ec5c18bc04c208 1615026 |
|
01-Aug-2014 |
jailletc36 |
Turn some APR_BUCKET_REMOVE(e)+apr_bucket_destroy(e) into the equivalent apr_bucket_delete(e) to reduce code verbosity |
5df5e943f377522b19786f126097da3a7288e2f0 1610366 |
|
14-Jul-2014 |
jailletc36 |
Remove some 'register' in variable declaration. |
7619b51fca6ecf16c28389e52a666e82f3c8d3ef 1601624 |
|
10-Jun-2014 |
ylavic |
Strip useless apr_brigade_cleanup() calls. |
a8cfeca626587f507d51fa0dbbd7e31ec08b36c7 1551714 |
|
17-Dec-2013 |
jailletc36 |
Avoid sending back uninitialized memory, use 'ftpmessage' in order to have something meaningful instead.
Save 8k of stack by the same time. |
63921358ef93fcb41bc71d9894221ba3d7fbb87b 1480058 |
|
07-May-2013 |
minfrin |
mod_proxy: Ensure network errors detected by the proxy are returned as
504 Gateway Timout as opposed to 502 Bad Gateway, in order to be
compliant with RFC2616 14.9.4 Cache Revalidation and Reload Controls. |
2ef3559af5669fcbac0a5fd280cd0a0577afe4c7 1428280 |
|
03-Jan-2013 |
jorton |
* modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Remove
unnecessary APLOGNO() for trace logging per dev@ discussion. |
15de7b9eb26bf649688bc954428d44c380c0b52b 1423353 |
|
18-Dec-2012 |
jorton |
* modules/proxy/mod_proxy_ftp.c: Fill in APLOGNO. |
1fe197be4585c8d210f17094ff49eceab8682e1e 1420223 |
|
11-Dec-2012 |
jorton |
* modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Simplify EPSV
address handling to avoid overhead of unnecessary
binary->text->binary conversion, and ensuring the socket family
really matches the address used. |
dcd19776e8e3d73519ffb0201d6dfea67f0aeb3e 1413732 |
|
26-Nov-2012 |
jim |
CVE-2012-3499 and CVE-2012-4558
Be sure to escape potential troubled strings |
cc45ee60ddfb8380b3703455098475eb72625ca8 1404625 |
|
01-Nov-2012 |
jim |
*) mod_proxy_ftp: Fix segfaults on IPv4 requests to hosts with DNS AAAA records.
PR 40841. [Andrew Rucker Jones <arjones simultan dyndns org>,
<ast domdv de>, Jim Jagielski] |
174b19659bdfe1b63e7154ef1af796612985c7db 1365001 |
|
24-Jul-2012 |
jorton |
Fix handling of ProxyBlock if a forward proxy is configured, and fix
mod_proxy_connect to avoid an inappropriate DNS lookup:
* modules/proxy/proxy_util.c (ap_proxy_checkproxyblock): Take hostname
argument, make address argument optional. Check names against
hostname arg, omit if addr not given.
(ap_proxy_determine_connection): Adjust for the above; pass hostname
from URI not the next hop.
* modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Adjust for
ap_proxy_checkproxyblock change.
* modules/proxy/mod_proxy_connect.c (proxy_connect_handler): Adjust
similarly, and avoid the DNS lookup on the request-URI hostname if a
proxy is used.
* include/ap_mmn.h: Bump MMN.
PR: 43697 |
fc251eb7714d158c2952bc2ddbbcfb9169098212 1361801 |
|
15-Jul-2012 |
sf |
Various code clean up
Submitted by: Christophe JAILLET <christophe jaillet wanadoo fr>
PR: 52893 |
723f28377d133603c20f4986d98992a9c43366ab 1220493 |
|
18-Dec-2011 |
sf |
Various code cleanup to avoid compiler, cppcheck, or clang warnings:
modules/debugging/mod_firehose.c: Make some internal functions static
(to do: logs_cleanup() is unused)
modules/filters/mod_charset_lite.c: Remove dead assignments
modules/filters/mod_include.c: likewise
modules/metadata/mod_usertrack.c: likewise
modules/proxy/mod_proxy_ftp.c: likewise
modules/ssl/ssl_engine_pphrase.c: likewise
modules/proxy/mod_proxy_balancer.c: likewise;
Remove NULL check that can never happen
modules/proxy/proxy_util.c: Axe NULL-check that can never happen and if it
would, it would just mask another bug
os/unix/unixd.c: likewise
modules/http/http_filters.c: Remove sub-condition that is always true
modules/lua/mod_lua.c: Add default cases to switch statements
modules/generators/mod_autoindex.c: Unsigned value can never be < 0
server/util_expr_eval.c: Fix compiler warnings with VC and on OS2 |
8bc77d0a7253172eba58438560681fd90737256c 1209776 |
|
03-Dec-2011 |
minfrin |
mod_proxy: Move ap_proxy_string_read() out of the public API into
mod_proxy_ftp. |
185aa71728867671e105178b4c66fbc22b65ae26 1209766 |
|
03-Dec-2011 |
sf |
Add lots of unique tags to error log messages |
d56e5e11228c459264cc445b51541ac0ff8dd317 1208835 |
|
30-Nov-2011 |
sf |
Remove some getpid() logging, this is now also included in the error log
format. |
994ced9dca1b824d03a44187f09d264215cd490c 1203859 |
|
18-Nov-2011 |
sf |
great proxy logging cleanup:
* remove "proxy:", "FCGI", etc. prefixes and pid which are now
included in the error log format
* propagate frontend request's logconfig to backend request
* use ap_log_rerror where possible
* remove obsolete APLOG_NOERRNO |
4af31eb47aaed1cfa70d500305c5efeb924e41f1 1185902 |
|
19-Oct-2011 |
sf |
add missing 'static' |
d15c6ed1d477fafee22d10c7249bb6372531aed2 1185898 |
|
19-Oct-2011 |
sf |
regex related cleanups:
- use AP_MAX_REG_MATCH where appropriate
- in mod_proxy_ftp, compile the "ls -s1" regex only once instead of once per request
- add some coments |
5bfaaf573bacb45c1cf290ce85ecc676587e8a64 1174751 |
|
23-Sep-2011 |
jim |
Cleanup effort in prep for GA push:
Trim trailing whitespace... no func change |
04d6458a2cd3b44376f00a56804bb6bf6bc46865 1135084 |
|
13-Jun-2011 |
sf |
Avoid some memory allocations by using apr_table_setn where the string arguments
are allocated from the request pool and not modified later on.
Submitted by: Christophe JAILLET <christophe jaillet wanadoo fr>
PR: 51358 |
2c2ced9d18f0b065f620b0ead09ba25e955c3cc7 1102124 |
|
12-May-2011 |
sf |
Use APR_STATUS_IS_... in some more cases.
While this is not strictly necessary everywhere, it makes it much easier
to find the problematic cases. |
4952d93743af3632518d1c925fac5227720cf64a 1068581 |
|
08-Feb-2011 |
jim |
Remove the thread mutex from the worker... it really should be
in the balancer. Thus we have global and thread for the balancer.
Use global when updating the full, shm list of workers; use
thread when being local. |
23a31b10f869a72c9197b5f153f4f3e1a4c68f28 1058623 |
|
13-Jan-2011 |
jim |
More movement to shared stuff... |
dcdabda52983308aa928293a933a4d1b87c2ec51 954641 |
|
14-Jun-2010 |
sf |
Fix some compiler warnings:
- suggest braces around empty body in an 'if' statement
- comparison of unsigned expression >= 0 is always true
- comparison of unsigned expression < 0 is always false
Please review carefully. |
c6cf638d68b4cfff4f74ebc360abca97ad38cd71 951900 |
|
06-Jun-2010 |
sf |
- Be less verbose at levels INFO and DEBUG in mod_proxy* and mod_ssl
- Add some trace logging to core and http |
36ef8f77bffe75d1aa327882be1b5bdbe2ff567a 951895 |
|
06-Jun-2010 |
sf |
Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take
advantage of per-module loglevels |
47ff2654d827dd3596ce2e4099d69cec0f1009b9 894526 |
|
30-Dec-2009 |
takashi |
Move ProxyFtpDirCharset from mod_proxy to mod_proxy_ftp. |
d82cb0013f93c3f2b0131bb3e82bbf2683c6c0ef 814785 |
|
14-Sep-2009 |
jorton |
* modules/proxy/mod_proxy_ftp.c (parse_epsv_reply): Remove redundant
check for !p[0], thanks rpluem. Also update to take const argument
and fix comment, since the string is not modified in-place. |
ce91ce3900ab31d68a0760c46e33158402fe86ba 814652 |
|
14-Sep-2009 |
jorton |
Security fix - this is presumed to fix CVE-2009-3094 (the disclosed
information was limited so this has not been confirmed):
* modules/proxy/mod_proxy_ftp.c (parse_epsv_reply): New function.
(proxy_ftp_handler): Fix possible NULL pointer deference in
apr_socket_close(NULL) on error paths. Fix possible buffer overread
in EPSV response parser; use parse_epsv_reply instead. Thanks to
Jeff Trawick and Stefan Fritsch for analysis of this issue.
Submitted by: Stefan Fritsch <sf fritsch.de>, jorton |
fdd401e65af21d7e718417acac44ed0d85f3f33b 814045 |
|
11-Sep-2009 |
jorton |
Security fix - this is presumed to fix CVE-2009-3095 (the disclosed
information was limited so this has not been confirmed):
* modules/proxy/mod_proxy_ftp.c (proxy_ftp_handler): Fail if the
decoded Basic credentials contain "special" characters.
Thanks to Stefan Fritsch for analysis of this issue. |
2eb5346b17b3b69767cfe87d0f632efd6d15500d 808895 |
|
28-Aug-2009 |
jim |
OK, might as well finish this... Allow ServerTokens Off |
eacb724157bafd5062590305826ebc6fecb48cd2 758936 |
|
27-Mar-2009 |
trawick |
remove TPF support |
d9d4644be2fe336af6e00cadaf28532f68d1e090 758891 |
|
26-Mar-2009 |
trawick |
remove BeOS OS support |
d1745d6933c22c807cf2388332426defd1b19f03 758626 |
|
26-Mar-2009 |
covener |
Add mod_proxy_ftp directives ProxyFtpListOnWildcard and ProxyFtpEscapeWildcards
to allow filenames with globbing characters to be retrieved instead of
presented in a directory listing.
Submitted by: Dan Poirier <poirier pobox.com>
Reviewed by: covener |
cf8d02ea0c91653917b044529f3133c5a1bb9200 739382 |
|
30-Jan-2009 |
fielding |
Disabled DefaultType directive and removed ap_default_type()
from core. We now exclude Content-Type from responses for which
a media type has not been configured via mime.types, AddType,
ForceType, or some other mechanism. MMN major bump to NZ time.
PR: 13986 |
ce10c0ea9ae8edc49b421e8b5a438a7f362cc6c8 738268 |
|
27-Jan-2009 |
rpluem |
* Correctly construct base href url in the reverse proxy case. |
2e6f0dfb107ab0072192fb8232770652c6b21fcb 712375 |
|
08-Nov-2008 |
rpluem |
* Rip out the old flushing approach for solving lifetime issues between the
backend connection bucket allocator and front end connection bucket allocator.
Instead copy the buckets from the backend over to ones that have been created
using the front end bucket allocator. For metabucket this is done by recreating
them, for data buckets this is done by reading them and putting the read data
in a transient bucket.
PR: 45792 |
e6d72969ca1e0e43ab2902171b46e9ffad299ab8 682868 |
|
05-Aug-2008 |
rpluem |
* Prevent XSS attacks when using wildcards in the path of the FTP URL
(CVE-2008-2939). Discovered by Marc Bevand of Rapid7. |
bfb348e864dd45fdffe385c4450708366e913529 681190 |
|
30-Jul-2008 |
rpluem |
* Construct a site in the reverse proxy case when there is non. |
5a58cc51db66f6982eca4c9a1eeab22dc81ab536 678761 |
|
22-Jul-2008 |
rpluem |
* Ensure that the SSL filters are not inserted on FTP data connections even
if the virtual host that causes the proxy request has SSL enabled. |
1a8cd4825d1f4fc2ff84099d9e45d0f19fa34a1e 611466 |
|
12-Jan-2008 |
niq |
mod_proxy_ftp: Fix base for directory listings.
PR 27834 |
9f2bf8ffc5b94f213da70d7b1defbaf51a5973e1 607638 |
|
31-Dec-2007 |
wrowe |
Introduce the ProxyFtpDirCharset directive, allowing the administrator
to identify a default, or specific servers or paths which list their
contents in other-than ISO-8859-1 charset (e.g. utf-8).
Submitted by: Ruediger Pluem |
a1790fb35c4b352dab721370985c623a9f8f5062 606693 |
|
24-Dec-2007 |
rpluem |
* Set character set for HTML outputs generated by mod_ldap,
mod_proxy_balancer, mod_proxy_ftp, mod_info, mod_dav without a character
set to ISO-8859-1.
Submitted by: jorton |
6f4dadd94220f9bdfe34fc4530527e4482319541 604447 |
|
15-Dec-2007 |
rpluem |
* Fix a SEGFAULT by ensuring that buckets that may have been buffered in the
network filters get flushed to the network. This is needed since
these buckets have been created with the bucket allocator of the
backend connection. This allocator either gets destroyed if
conn->close is set or the worker address is not reusable which
causes the connection to the backend to be closed or it will be used
again by another frontend connection that wants to recycle the
backend connection.
In this case we could run into nasty race conditions (e.g. if the
next user of the backend connection destroys the allocator before we
sent the buckets to the network).
Remark 1: Doing a setaside does not help here as the buckets remain
created by the wrong allocator in this case.
Remark 2: Yes, this creates a possible performance penalty in the case
of pipelined requests as we may send only a small amount of data over
the wire. |
8739639a54b2c89fdc4dd15a8453c7707a08b82c 574100 |
|
10-Sep-2007 |
niq |
mod_proxy_ftp: Don't segfault on bad line in FTP listing
PR 40733 [Ulf Harnhammar] |
c4a423b3ef5cf5bc7209b452ed0823b5a895ffd6 562510 |
|
03-Aug-2007 |
jim |
*) mod_proxy: Improve network performance by setting APR_TCP_NODELAY
(disable Nagle algorithm) on sockets if implemented.
PR 42871 [Christian BOITEL <christian_boitel yahoo.fr>, Jim Jagielski] |
4acc1bb2214d1b188ba22f0a5e9a319a6083672d 484978 |
|
09-Dec-2006 |
jim |
Isolate the unlock return vals |
0e43ad0d6c23825c2c37e67087471e361347ee41 484792 |
|
08-Dec-2006 |
jim |
Failure to unlock is very nasty, so log it to help
with troubleshooting. |
1ce78cf71b5baaf2c1ab48e818cb1f2397df5010 440337 |
|
05-Sep-2006 |
trawick |
Replace ap_get_server_version with ap_get_server_banner() and
ap_get_server_description().
High-level summary:
The full server version information is now included in the error log at
startup as well as server status reports, irrespective of the setting
of the ServerTokens directive.
Third-party modules must now use ap_get_server_banner() or
ap_get_server_description() in place of ap_get_server_version(). |
c1b34185c08311a96e54251f7d9a2df1009e3dc6 427959 |
|
02-Aug-2006 |
mturk |
Cleanup: Remove close_on_recycle from proxy_conn_rec.
It behaves the same as close. |
842ae4bd224140319ae7feec1872b93dfd491143 420983 |
|
11-Jul-2006 |
fielding |
update license header text |
3d81f57512275ca06a60a9bcbd23c1f8b429fdf2 395228 |
|
19-Apr-2006 |
colm |
Update the copyright year in all .c, .h and .xml files |
e8f95a682820a599fe41b22977010636be5c2717 332306 |
|
10-Nov-2005 |
jim |
No functional Change: Removing trailing whitespace. This also
means that "blank" lines consisting of just spaces or
tabs are now really blank lines |
ee508128c414648982d1cca7801f63b01a0a4f8a 231044 |
|
09-Aug-2005 |
minfrin |
Remove the base href tag from mod_proxy_ftp, as it breaks relative
links for clients not using an Authorization header. |
9f25ba5dbdf0dda2f0f7866d8d6425d0dd93688c 179704 |
|
03-Jun-2005 |
pquerna |
mod_proxy_ftp: Fix comparison of char* to '\0'
PR: 34512 |
ef5650b61a8e35f3cc93ec07e73efc17ea329894 153384 |
|
11-Feb-2005 |
jorton |
Move the POSIX reg* implementations into the ap_* namespace;
internalise the ap_reg*<->PCRE wrapper:
* configure.in: Add srclib/pcre to the include path.
* include/ap_regex.h: Renamed from include/pcreposix.h. Prefix all
constants with AP_; prefix all functions and types with ap_. Define
AP_DECLARE to nothing if necessary. Remove regcomp error codes.
* include/httpd.h: Include ap_regex.h not pcreposix.h.
(ap_pregcomp, ap_regexec, ap_regfree): s/regex_t/ap_regex_t/.
(ap_regexec, ap_regerror): Prototypes moved to ap_regex.h.
* server/util.c (regex_cleanup, ap_pregcomp, ap_pregsub, ap_pregfree):
Adjust for ap_ prefixed types. (ap_regexec, ap_regerror): Removed.
* server/Makefile.in: Build util_pcre.c.
* server/util_pcre.c: Copied from srclib/pcre/pcreposix.c; remove use
of PCRE-internals to do error mapping; rename types to add AP_/ap_
prefixes as above. Use APR includes. (ap_regerror): Use apr_snprintf.
* srclib/pcre/Makefile.in: Don't build pcreposix.c into libpcre.la.
* modules/*: Update to use new type and constant names.
PR: 27750 (part one)
Submitted by: Andres Salomon <dilinger voxel.net>, Joe Orton |
08cb74ca432a8c24e39f17dedce527e6a47b8001 151408 |
|
04-Feb-2005 |
jerenkrantz |
Update copyright year to 2005 and standardize on current copyright owner line. |
bf1e7c075ccc3e6597d17de7641332ff6ff92e8a 151238 |
|
03-Feb-2005 |
striker |
Rename proxy modules.
* modules\proxy\mod_proxy_ajp.c
* modules\proxy\mod_proxy_balancer.c
* modules\proxy\mod_proxy_connect.c
* modules\proxy\mod_proxy_ftp.c
* modules\proxy\mod_proxy_http.c
Renamed from proxy_{ajp,balancer,connect,ftp,http}.c
* modules\proxy\mod_proxy_ajp.dsp
* modules\proxy\mod_proxy_balancer.dsp
* modules\proxy\mod_proxy_connect.dsp
* modules\proxy\mod_proxy_ftp.dsp
* modules\proxy\mod_proxy_http.dsp
Update references to renamed files.
* modules\proxy\NWGNUproxyajp
* modules\proxy\NWGNUproxybalancer
* modules\proxy\NWGNUproxycon
* modules\proxy\NWGNUproxyftp
* modules\proxy\NWGNUproxyhtp
Update references to renamed files. |