Re: mod_ssl FakeBasicAuth, the colon problem (PR 52644)

On 06/26/2014 09:22 AM, Ruediger Pluem wrote: Joe Orton wrote: I've had a user hit this: with FakeBasicAuth the client DN gets translated into a Basic auth blob of base64(username:password), which then fails when the username part contains a : colon character. At minimum mod_ssl could/should

Re: svn commit: r1609680 - in /httpd/httpd/trunk/modules/proxy: mod_proxy.c mod_proxy.h proxy_util.c

please check r1641381 On Sun, Nov 23, 2014 at 9:59 PM, Eric Covener cove...@gmail.com wrote: On Sun, Nov 23, 2014 at 9:57 PM, Eric Covener cove...@gmail.com wrote: On Fri, Jul 11, 2014 at 6:36 AM, jkal...@apache.org wrote: static int ap_proxy_strcmp_ematch(const char *str, const char

Re: PR56729: reqtimeout bug with fast response and slow POST

On Sun, Nov 23, 2014 at 12:11 AM, Eric Covener cove...@gmail.com wrote: On Thu, Nov 20, 2014 at 9:57 AM, Yann Ylavic ylavic@gmail.com wrote: On Wed, Nov 19, 2014 at 1:13 PM, Eric Covener cove...@gmail.com wrote: On Wed, Nov 19, 2014 at 4:47 AM, Yann Ylavic ylavic@gmail.com wrote: Errr,

Re: svn commit: r1609680 - in /httpd/httpd/trunk/modules/proxy: mod_proxy.c mod_proxy.h proxy_util.c

On 11/24/2014 03:59 AM, Eric Covener wrote: On Sun, Nov 23, 2014 at 9:57 PM, Eric Covener cove...@gmail.com wrote: On Fri, Jul 11, 2014 at 6:36 AM, jkal...@apache.org wrote: static int ap_proxy_strcmp_ematch(const char *str, const char *expected) +{ +apr_size_t x, y; + +for (x = 0, y

Re: svn commit: r1540052 - in /httpd/httpd/trunk/modules/proxy: mod_proxy.c proxy_util.c

Hmmm let me try to recreate. On Nov 23, 2014, at 7:47 PM, Eric Covener cove...@gmail.com wrote: On Fri, Nov 8, 2013 at 9:30 AM, j...@apache.org wrote: URL: http://svn.apache.org/r1540052 Log: UDS urls need to be desockified when configuring... Modified:

Re: svn commit: r1540052 - in /httpd/httpd/trunk/modules/proxy: mod_proxy.c proxy_util.c

On Mon, Nov 24, 2014 at 7:54 AM, Jim Jagielski j...@jagunet.com wrote: Hmmm let me try to recreate. I am really confused about how it required both, but focused on the ematch thing and have a fix in for that. -- Eric Covener cove...@gmail.com

Fwd: [Bug 57204] New: LuaAuthzProvider mixes up parsed require arguments when used multiple times

Mark, can you allocate a CVE for this? It is already public. -- Forwarded message -- From: Eric Covener cove...@gmail.com Date: Wed, Nov 19, 2014 at 7:16 PM Subject: Fwd: [Bug 57204] New: LuaAuthzProvider mixes up parsed require arguments when used multiple times To: Apache HTTP

Re: [RFC] CGIPassHeader Authorization|Proxy-Authorization|...

On Thu, Aug 21, 2014 at 8:42 AM, Jeff Trawick traw...@gmail.com wrote: CGIPassHeader could be allowed in htaccess if the httpd admin has specified AllowOverride ... AuthConfig ...* or AllowOverrideList CGIPassHeader in the main config. Make sense? *Only auth headers are currently