Petr Gajdos
d8f7f70594
*) core/mod_proxy/mod_ssl:
Adding `outgoing` flag to conn_rec, indicating a connection is
initiated by the server to somewhere, in contrast to incoming
connections from clients.
Adding 'ap_ssl_bind_outgoing()` function that marks a connection
as outgoing and is used by mod_proxy instead of the previous
optional function `ssl_engine_set`. This enables other SSL
module to secure proxy connections.
The optional functions `ssl_engine_set`, `ssl_engine_disable` and
`ssl_proxy_enable` are now provided by the core to have backward
compatibility with non-httpd modules that might use them. mod_ssl
itself no longer registers these functions, but keeps them in its
header for backward compatibility.
The core provided optional function wrap any registered function
like it was done for `ssl_is_ssl`.
[Stefan Eissing]
*) mod_ssl: Support logging private key material for use with
wireshark via log file given by SSLKEYLOGFILE environment
variable. Requires OpenSSL 1.1.1. PR 63391. [Joe Orton]
*) mod_proxy: Do not canonicalize the proxied URL when both "nocanon" and
"ProxyPassInterpolateEnv On" are configured. PR 65549.
[Joel Self <joelself gmail.com>]
*) mpm_event: Fix children processes possibly not stopped on graceful
restart. PR 63169. [Joel Self <joelself gmail.com>]
*) mod_proxy: Fix a potential infinite loop when tunneling Upgrade(d)
protocols from mod_proxy_http, and a timeout triggering falsely when
using mod_proxy_wstunnel, mod_proxy_connect or mod_proxy_http with
upgrade= setting. PRs 65521 and 65519. [Yann Ylavic]
*) mod_unique_id: Reduce the time window where duplicates may be generated
OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=655
174 lines
7.2 KiB
Diff
174 lines
7.2 KiB
Diff
From 530b5797af919d6d7ab7d6418d9feeb1abb914ae Mon Sep 17 00:00:00 2001
|
|
From: Justin Erenkrantz <jerenkrantz@apache.org>
|
|
Date: Mon, 30 Dec 2013 20:01:14 +0000
|
|
Subject: [PATCH] Add directives to control two protocol options:
|
|
|
|
HttpContentLengthHeadZero - allow Content-Length of 0 to be returned on HEAD
|
|
HttpExpectStrict - allow admin to control whether we must see "100-continue"
|
|
|
|
This is helpful when using Ceph's radosgw and httpd.
|
|
|
|
Inspired by: Yehuda Sadeh <yehuda@inktank.com>
|
|
See https://github.com/ceph/apache2/commits/precise
|
|
|
|
* include/http_core.h
|
|
(core_server_config): Add http_cl_head_zero and http_expect_strict fields.
|
|
* modules/http/http_filters.c
|
|
(ap_http_header_filter): Only clear out the C-L if http_cl_head_zero is not
|
|
explictly set.
|
|
* server/core.c
|
|
(merge_core_server_configs): Add new fields.
|
|
(set_cl_head_zero, set_expect_strict): New config helpers.
|
|
(HttpContentLengthHeadZero, HttpExpectStrict): Declare new directives.
|
|
* server/protocol.c
|
|
(ap_read_request): Allow http_expect_strict to control if we return 417.
|
|
* include/ap_mmn.h
|
|
(MODULE_MAGIC_NUMBER_MAJOR, MODULE_MAGIC_NUMBER_MINOR): Bump.
|
|
* CHANGES: Add a brief description.
|
|
|
|
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554303 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
Conflicts:
|
|
CHANGES
|
|
include/ap_mmn.h
|
|
include/http_core.h
|
|
server/core.c
|
|
---
|
|
CHANGES | 3 +++
|
|
include/ap_mmn.h | 4 +++-
|
|
include/http_core.h | 9 +++++++++
|
|
modules/http/http_filters.c | 10 +++++++++-
|
|
server/core.c | 36 ++++++++++++++++++++++++++++++++++++
|
|
server/protocol.c | 25 +++++++++++++++++--------
|
|
6 files changed, 77 insertions(+), 10 deletions(-)
|
|
|
|
Index: httpd-2.4.49/modules/http/http_filters.c
|
|
===================================================================
|
|
--- httpd-2.4.49.orig/modules/http/http_filters.c 2021-05-11 17:21:43.000000000 +0200
|
|
+++ httpd-2.4.49/modules/http/http_filters.c 2021-09-17 09:33:49.496853894 +0200
|
|
@@ -1488,10 +1488,17 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_
|
|
* zero C-L to the client. We can't just remove the C-L filter,
|
|
* because well behaved 2.0 handlers will send their data down the stack,
|
|
* and we will compute a real C-L for the head request. RBB
|
|
+ *
|
|
+ * Allow modification of this behavior through the
|
|
+ * HttpContentLengthHeadZero directive.
|
|
+ *
|
|
+ * The default (unset) behavior is to squelch the C-L in this case.
|
|
*/
|
|
+ core_server_config *conf = ap_get_core_module_config(r->server->module_config);
|
|
if (r->header_only
|
|
&& (clheader = apr_table_get(r->headers_out, "Content-Length"))
|
|
- && !strcmp(clheader, "0")) {
|
|
+ && !strcmp(clheader, "0")
|
|
+ && conf->http_cl_head_zero != AP_HTTP_CL_HEAD_ZERO_ENABLE) {
|
|
apr_table_unset(r->headers_out, "Content-Length");
|
|
}
|
|
|
|
Index: httpd-2.4.49/server/core.c
|
|
===================================================================
|
|
--- httpd-2.4.49.orig/server/core.c 2021-05-27 15:08:21.000000000 +0200
|
|
+++ httpd-2.4.49/server/core.c 2021-09-17 09:33:49.496853894 +0200
|
|
@@ -551,6 +551,12 @@ static void *merge_core_server_configs(a
|
|
if (virt->http_methods != AP_HTTP_METHODS_UNSET)
|
|
conf->http_methods = virt->http_methods;
|
|
|
|
+ if (virt->http_cl_head_zero != AP_HTTP_CL_HEAD_ZERO_UNSET)
|
|
+ conf->http_cl_head_zero = virt->http_cl_head_zero;
|
|
+
|
|
+ if (virt->http_expect_strict != AP_HTTP_EXPECT_STRICT_UNSET)
|
|
+ conf->http_expect_strict = virt->http_expect_strict;
|
|
+
|
|
/* no action for virt->accf_map, not allowed per-vhost */
|
|
|
|
if (virt->protocol)
|
|
@@ -4142,6 +4148,32 @@ static const char *set_http_method(cmd_p
|
|
return NULL;
|
|
}
|
|
|
|
+static const char *set_cl_head_zero(cmd_parms *cmd, void *dummy, int arg)
|
|
+{
|
|
+ core_server_config *conf =
|
|
+ ap_get_core_module_config(cmd->server->module_config);
|
|
+
|
|
+ if (arg) {
|
|
+ conf->http_cl_head_zero = AP_HTTP_CL_HEAD_ZERO_ENABLE;
|
|
+ } else {
|
|
+ conf->http_cl_head_zero = AP_HTTP_CL_HEAD_ZERO_DISABLE;
|
|
+ }
|
|
+ return NULL;
|
|
+}
|
|
+
|
|
+static const char *set_expect_strict(cmd_parms *cmd, void *dummy, int arg)
|
|
+{
|
|
+ core_server_config *conf =
|
|
+ ap_get_core_module_config(cmd->server->module_config);
|
|
+
|
|
+ if (arg) {
|
|
+ conf->http_expect_strict = AP_HTTP_EXPECT_STRICT_ENABLE;
|
|
+ } else {
|
|
+ conf->http_expect_strict = AP_HTTP_EXPECT_STRICT_DISABLE;
|
|
+ }
|
|
+ return NULL;
|
|
+}
|
|
+
|
|
static apr_hash_t *errorlog_hash;
|
|
|
|
static int log_constant_item(const ap_errorlog_info *info, const char *arg,
|
|
@@ -4685,6 +4717,10 @@ AP_INIT_TAKE1("TraceEnable", set_trace_e
|
|
"'on' (default), 'off' or 'extended' to trace request body content"),
|
|
AP_INIT_FLAG("MergeTrailers", set_merge_trailers, NULL, RSRC_CONF,
|
|
"merge request trailers into request headers or not"),
|
|
+AP_INIT_FLAG("HttpContentLengthHeadZero", set_cl_head_zero, NULL, OR_OPTIONS,
|
|
+ "whether to permit Content-Length of 0 responses to HEAD requests"),
|
|
+AP_INIT_FLAG("HttpExpectStrict", set_expect_strict, NULL, OR_OPTIONS,
|
|
+ "whether to return a 417 if a client doesn't send 100-Continue"),
|
|
AP_INIT_ITERATE("Protocols", set_protocols, NULL, RSRC_CONF,
|
|
"Controls which protocols are allowed"),
|
|
AP_INIT_TAKE1("ProtocolsHonorOrder", set_protocols_honor_order, NULL, RSRC_CONF,
|
|
Index: httpd-2.4.49/server/protocol.c
|
|
===================================================================
|
|
--- httpd-2.4.49.orig/server/protocol.c 2021-09-17 09:33:49.496853894 +0200
|
|
+++ httpd-2.4.49/server/protocol.c 2021-09-17 10:15:28.643596021 +0200
|
|
@@ -1056,6 +1056,11 @@ AP_DECLARE(int) ap_check_request_header(
|
|
if (ap_cstr_casecmp(expect, "100-continue") == 0) {
|
|
r->expecting_100 = 1;
|
|
}
|
|
+ else if (conf->http_expect_strict == AP_HTTP_EXPECT_STRICT_DISABLE) {
|
|
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02595)
|
|
+ "client sent an unrecognized expectation value "
|
|
+ "of Expect (not fatal): %s", expect);
|
|
+ }
|
|
else {
|
|
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00570)
|
|
"client sent an unrecognized expectation value "
|
|
Index: httpd-2.4.49/include/http_core.h
|
|
===================================================================
|
|
--- httpd-2.4.49.orig/include/http_core.h 2021-05-27 15:08:21.000000000 +0200
|
|
+++ httpd-2.4.49/include/http_core.h 2021-09-17 09:33:49.496853894 +0200
|
|
@@ -733,6 +733,16 @@ typedef struct {
|
|
#define AP_MERGE_TRAILERS_DISABLE 2
|
|
int merge_trailers;
|
|
|
|
+#define AP_HTTP_CL_HEAD_ZERO_UNSET 0
|
|
+#define AP_HTTP_CL_HEAD_ZERO_ENABLE 1
|
|
+#define AP_HTTP_CL_HEAD_ZERO_DISABLE 2
|
|
+ int http_cl_head_zero;
|
|
+
|
|
+#define AP_HTTP_EXPECT_STRICT_UNSET 0
|
|
+#define AP_HTTP_EXPECT_STRICT_ENABLE 1
|
|
+#define AP_HTTP_EXPECT_STRICT_DISABLE 2
|
|
+ int http_expect_strict;
|
|
+
|
|
apr_array_header_t *protocols;
|
|
int protocols_honor_order;
|
|
|
|
@@ -776,7 +786,6 @@ apr_status_t ap_core_input_filter(ap_fil
|
|
apr_off_t readbytes);
|
|
apr_status_t ap_core_output_filter(ap_filter_t *f, apr_bucket_brigade *b);
|
|
|
|
-
|
|
AP_DECLARE(const char*) ap_get_server_protocol(server_rec* s);
|
|
AP_DECLARE(void) ap_set_server_protocol(server_rec* s, const char* proto);
|
|
|