5df5e943f377522b19786f126097da3a7288e2f0 1610366 |
|
14-Jul-2014 |
jailletc36 |
Remove some 'register' in variable declaration. |
8eee941f4b6c13e7a598dff3554e5fb4ac7b501b 1475878 |
|
25-Apr-2013 |
rjung |
htdigest: Fix buffer overflow when reading digest
password file with very long lines.
PR 54893. |
ab58253a96d7bce00414e4df37460808b524ae50 1463750 |
|
02-Apr-2013 |
jailletc36 |
Use apr_file_printf(... "%pm"...) instead of explicit call to apr_strerror |
311b78bebde908adc0bd8cf9c049193bd30a4ac0 987498 |
|
20-Aug-2010 |
trawick |
Fortify falsely complained that the sprintf() result was unbounded.
We may as well use apr_snprintf() though, as well as comment on the
available space for "::\0" (for people like me). |
5d7b03757a8c338d8eaf160dfc77e1d31d2e5408 826528 |
|
18-Oct-2009 |
sf |
Actually use the whole buffer for reading. |
296a81701dd29b7e347a73eef3e71a65fc957106 826520 |
|
18-Oct-2009 |
sf |
Fix some more overflows spotted by Ruediger Pluem |
46d8f3df5a564fd58591687e66cbde1e863a9a74 826507 |
|
18-Oct-2009 |
sf |
detab |
260956fd35708b11ad2a1ac13118f8366167e3bb 826506 |
|
18-Oct-2009 |
sf |
htdigest: Fix possible overflow in command line processing. htdigest is not
supposed to be suid save, therefore not treated as a security issue.
CVE-2005-1344
Submitted by: Adam Conrad
Reviewed by: Stefan Fritsch |
842ae4bd224140319ae7feec1872b93dfd491143 420983 |
|
11-Jul-2006 |
fielding |
update license header text |
3d81f57512275ca06a60a9bcbd23c1f8b429fdf2 395228 |
|
19-Apr-2006 |
colm |
Update the copyright year in all .c, .h and .xml files |
e8f95a682820a599fe41b22977010636be5c2717 332306 |
|
10-Nov-2005 |
jim |
No functional Change: Removing trailing whitespace. This also
means that "blank" lines consisting of just spaces or
tabs are now really blank lines |
74cdac609499bfef9628a732008e62052d902163 155681 |
|
28-Feb-2005 |
jorton |
* support/htdigest.c (main): Fix permissions of created files.
PR: 33765 |
08cb74ca432a8c24e39f17dedce527e6a47b8001 151408 |
|
04-Feb-2005 |
jerenkrantz |
Update copyright year to 2005 and standardize on current copyright owner line. |
b7a97b0024575459fe2534c51867411358834501 104078 |
|
29-Jun-2004 |
martin |
Use standardized names for ISO-8859-1, see http://www.iana.org/assignments/character-sets
(Using the name iso8859-1 may still work, because it is aliased in apr-iconv/ccs/charset.aliases) |
686cd089cc7f4d7be5752f026490ab3016763e95 103007 |
|
17-Mar-2004 |
bnicholes |
Remove the OMIT_DELONCLOSE #ifdef since this should happen automatically with the apr_temp_dir_get() function.
Submitted by: Guenter Knauf <eflash@gmx.net> |
ad801800f52dce3b0dcca793042b75ddec00e92f 103004 |
|
17-Mar-2004 |
bnicholes |
Replace calls to fprintf() with apr_file_printf()
submitted by: Guenter Knauf <eflash@gmx.net> |
ef7e63639347988498cc18f4beda85e73146cb28 103003 |
|
17-Mar-2004 |
bnicholes |
Replace tabs with spaces
Submitted by: Guenter Knauf <eflash@gmx.net> |
ed4850c59557f69424966d866a0ef56d494c1f1e 103002 |
|
17-Mar-2004 |
bnicholes |
Remove the dependance on external cp/copy commands
Submitted by: Guenter Knauf <eflash@gmx.net> |
2af4c491603b2321aa1f73256f4f93b708a23b96 102998 |
|
17-Mar-2004 |
bnicholes |
Use apr_temp_dir_get() to get the temporary directory
Submitted by: Guenter Knauf <eflash@gmx.net> |
6de8046f8f7e07cd83895a528df25d977e502c76 102619 |
|
09-Feb-2004 |
nd |
fix name of The Apache Software Foundation |
365b268c7d5320369bfdfb140a2b0cfa3dd4a5fc 102592 |
|
08-Feb-2004 |
nd |
fix copyright dates according the first cehck in |
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dc 102525 |
|
06-Feb-2004 |
nd |
apply Apache License, Version 2.0 |
26a4456dd6f1a5d7d7fff766551461a578687c4a 102135 |
|
01-Jan-2004 |
nd |
update license to 2004. |
5a6d8942dbe4020c9a75ed37538a0fa1eb9d6ff8 99680 |
|
01-May-2003 |
thommay |
Forward port a fix for a pair of potential buffer overflows in htdigest from 1.3 |
bfb54bd96690887dcdf184fd9083c2e167898ce2 98893 |
|
05-Mar-2003 |
nd |
Restore the ability of htdigest.exe to create files that contain
more than one user. On win32 we cannot system("copy") a file, while
it's open.
PR: PR 12910 |
33bdcae1f7a1a65e351dda2a766a0cf28b1e695d 98573 |
|
03-Feb-2003 |
nd |
finished that boring job:
update license to 2003.
Happy New Year! ;-)) |
58fd79b56eb624bf011772994e9761d3c2e228c1 95993 |
|
10-Jul-2002 |
orlikowski |
Continue the Bill Rowe apr_size_t crusade. |
e7157eb98138148328d992336570f1d3a9002928 95035 |
|
10-May-2002 |
trawick |
avoid colliding with getline() as defined by glibc
(it breaks if you need to turn on _GNU_SOURCE) |
563fa6715f6ad5703d30354644d61968a8460804 94633 |
|
13-Apr-2002 |
wrowe |
Correct const'ness of argv in all support apps, and use the new
apr_app_initialize over apr_initialize for win32, and other platforms
that may wish to tweak 'apr-ized' application support (e.g. Netware?) |
bc8fd1b0b1afdf89b8d28eefa8cd74e26ba97986 93918 |
|
13-Mar-2002 |
fielding |
Update our copyright for this year. |
ea283513d76eccfc30ee79bc031188e2c2b12b0c 92919 |
|
19-Jan-2002 |
bnicholes |
Updates to allow the utilities to run on NetWare |
f735f24701f40a9941aa3ec185213d0230f8da5c 92766 |
|
08-Jan-2002 |
rbb |
Add the ability to pass flags to both apr_file_open and apr_mktemp.
The reason for this, is that it is very possible to want a temp
file that isn't deleted when the file is closed. It also makes sense
to have the flags in the apr_file_t if possible. |
edd066ff15b401bdda270704bc982029586ff8c2 91222 |
|
01-Oct-2001 |
jwoolley |
Switch from tmpnam() to apr_file_mktemp() so that gcc with a recent glibc
will shut the hell up about tmpnam() being unsafe. htpasswd.c needs a
similar treatment, but it won't be _quite_ as easy since htpasswd has not
been completely apr-ized yet. |
47e7103aec3cc66a4f13debcabf3f18d4f50df34 89333 |
|
11-Jun-2001 |
jwoolley |
Silence gcc warning about rv being used when possibly uninitialized. That
can only happen if n<=1 (ie, a bad parameter value), so I figure APR_EINVAL
is the correct default value. |
7cc9511b8f1fff69439041327dc55e3423ccf439 89331 |
|
10-Jun-2001 |
stoddard |
Fix look in htdigest. Reimplemented getline to work properly with
APR. Shuld consider adding apr_file_getline() to APR. Should also consider
changing apr_file_getc() to return characters rather than apr_status. |
56544b868ff3f569c7f2d38d60d2be5c32dc8f44 89188 |
|
21-May-2001 |
trawick |
get rid of a warning for missing strXXX prototype. (I only saw this
on RH 7.1.) |
b99dbaab171d91e1b664397cc40e039d0c087c65 88184 |
|
16-Feb-2001 |
fielding |
Update copyright to 2001 |
be3223a6a18d9a3a3cf7155d5430a5d92bcddcee 88081 |
|
11-Feb-2001 |
gstein |
*) include "apr_signal.h" when needed
*) some other minor include tweaks |
066877f1a045103acfdd376d48cdd473c33f409b 88019 |
|
08-Feb-2001 |
dougm |
renaming various functions for consistency sake
see: http://apr.apache.org/~dougm/apr_rename.pl
PR:
Obtained from:
Submitted by:
Reviewed by: |
8707eafa84c6aab4b02a6218ea43e60504b954f1 87726 |
|
19-Jan-2001 |
wrowe |
When is a void fn(void) not a void fn(void)? It's a win32'ism, since
the APR_DECLARE (excluding _NONSTD) uses the pascal convention. Really
irrelevant in a function that never needs to clean up (atexit), but
the compiler complains. Possible workarounds, but that would break
non-c lanaguge code from linking into apr. |
42d788c1e0c6445846986b62092933711cbb2252 87623 |
|
09-Jan-2001 |
trawick |
get rid of a bogus use of perror() |
bb65aeae7af1d33b64252bbc1b966942d757ac60 87501 |
|
21-Dec-2000 |
wrowe |
All the supports now build on APR (+APRUTIL), no reliance on httpd. |
db3fa7db7c7910f2f23c3e3ffe0cf9f41a1899b9 87460 |
|
20-Dec-2000 |
trawick |
Switch to the APR-provided APR_CHARSET_EBCDIC feature test macro. |
886cd69ebf69e990dbc365be87ff8ea7cd681904 87424 |
|
19-Dec-2000 |
rbb |
Force all Apache functions to be linked into the executable, whether they
are used or not. This uses the same mechanism that is used for APR
and APR-util. This may not be the correct solution, but it works, and that
is what I really care about. This also renames CHARSET_EBCDIC to
AP_CHARSET_EBCDIC. This is for namespace correctness, but it also makes
the exports script a bit easier. |
cccd31fa4a72fe23cc3249c06db181b274a55a69 87080 |
|
26-Nov-2000 |
gstein |
*) Compensate for recent changes in the APR headers. Specifically, some
files need to specifically include stdio.h, or a particular apr_*.h
header.
*) Adjust callers of apr_create_process() to deal with the extra "const"
*) Add "const" to args of ap_os_create_privileged_process() |
f2159535eb8f7ea510a17038b8156256abc77a41 86745 |
|
25-Oct-2000 |
fanf |
ensure that all cpp directives start with a # in column one
PR: 6742 |
71ae70b321b6e872938934bbf569c5787962aca3 86020 |
|
07-Aug-2000 |
trawick |
A few more (last?) ap_xlate->apr_xlate changes covering stuff not completely
handled in the big apr rename last week. |
333d217f9ee70eb89cb5d5a30bf08a0032f571ff 86018 |
|
07-Aug-2000 |
trawick |
Fix some problems with the apr conversion so that APACHE_XLATE builds work
again. |
10a4cdd68ef1ca0e54af296fe1d08ac00150c90b 86008 |
|
06-Aug-2000 |
wrowe |
Remaining cleanup of ap_ -> apr_ and AP_ -> APR_ transformation...
see src/lib/apr/apr_compat.h for most details.
Also a few minor nits to get Win32 to build.
PR:
Obtained from:
Submitted by:
Reviewed by: |
1ccd992d37d62c8cb2056126f2234f64ec189bfd 85976 |
|
02-Aug-2000 |
dougm |
prefix libapr functions and types with apr_ |
9bd28994e3e77b7e68a1c0aa4b8e993761eaa3cf 85160 |
|
06-May-2000 |
trawick |
serious bug fix:
htdigest didn't init the first parm to ap_open(), so ap_open()
segfaults thinking it was passed valid storage
build portability:
make most src/lib/apr/test/Makefile.in compatible with OS/390
make (no -o outfile after infile specified)
MD5 translation support:
when APR_HAS_XLATE, low-level routines allow translation handle
to be specified
when CHARSET_EBCDIC, password-specific routines always translate,
but client app must set handle before using |
5f6e75bc39f8d95c7495ed17e585597cd6bd7fba 85080 |
|
28-Apr-2000 |
trawick |
Win32:
install ab.exe
fix dependency in Apache.dsw (ab is dependent on aprlib and ap)
fix ab and htdigest projects so that they find all header files
define ap_signal() in apr.hw - this is o.k. for casual use as with
cmd-line programs
use API_VAR_EXPORT as appropriate in getopt.c
general:
ab doesn't need to declare ap_optarg/ap_optind; fix a warning
htdigest needs to call ap_initialize() to avoid segfault at
startup |
d4df29f26b7bda144ffc4c2e0d2965a7d86207e9 85064 |
|
27-Apr-2000 |
rbb |
Merge the htdigest.c file from the apr/test directory to the support
directory. |
b8dd12594991e5c275d82fca865d13c5f9775f4e 85017 |
|
23-Apr-2000 |
fielding |
Finished move of ap_md5 routines to apr_md5. Removed ap_md5.h.
Replaced more magic numbers with MD5_DIGESTSIZE. Yuck.
Submitted by: William Rowe, Roy Fielding |
f3091cedd4abeda1026d9117c34e8f625754e8ae 84881 |
|
31-Mar-2000 |
fielding |
Update to Apache Software License version 1.1 |
64185f9824e42f21ca7b9ae6c004484215c031a7 84725 |
|
10-Mar-2000 |
rbb |
Fix all the License issues. Including:
s/Apache Group/Apache Software Foundation/
s/1999/2000/
s/Sascha's license/ASF license |
0942697a9b5de44865676345a3828741c827efe6 84007 |
|
20-Oct-1999 |
rbb |
Add a status value to ap_log_error and ap_log_rerror. This allows us to use
apr_status codes in our error logs. The main advantage of this, is portable
error codes. Now, Windows will finally be able to use errno! |
bbe866808ba50d71809ab58bbee377cadf60d3b7 83964 |
|
11-Oct-1999 |
dreid |
These changes allow the support programs to compile on BeOS.
The biggest change is in ab.c where the functions that BeOS needs that
aren't the standard format are hidden behind a new ab_* define. Tested
on FreeBSD and BeOS. |
09fe0b69d3d1e8c8041c9ce99ee77b8b44b5e3b1 83750 |
|
24-Aug-1999 |
fielding |
Apache 1.3.9 baseline for the Apache 2.0 repository.
Obtained from: Apache 1.3.9 (minus unused files), tag APACHE_1_3_9
Submitted by: Apache Group |