cvs commit: apache-1.3/src/main http_config.c http_core.c
dougm 99/05/06 17:16:13 Modified:src CHANGES src/include ap_compat.h ap_mmn.h http_config.h http_core.h src/main http_config.c http_core.c Log: Fix configuration engine re-entrant hangups, which solve a handful of problems seen with mod_perl Perl configuration sections Submitted by: Salvador Ortiz Garcia [EMAIL PROTECTED] Reviewed by: Doug, Dean Revision ChangesPath 1.1351+4 -0 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1350 retrieving revision 1.1351 diff -u -r1.1350 -r1.1351 --- CHANGES 1999/05/06 00:49:38 1.1350 +++ CHANGES 1999/05/07 00:16:06 1.1351 @@ -1,5 +1,9 @@ Changes with Apache 1.3.7 + *) Fix configuration engine re-entrant hangups, which solve a + handful of problems seen with mod_perl Perl configuration sections + [Salvador Ortiz Garcia [EMAIL PROTECTED]] + *) Mac OS and Mac OS X Server now use the appropriate custom layout by default when building with APACI; allow for platform-specific variable defaults in configure. [Wilfredo Sanchez] 1.17 +2 -0 apache-1.3/src/include/ap_compat.h Index: ap_compat.h === RCS file: /export/home/cvs/apache-1.3/src/include/ap_compat.h,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- ap_compat.h 1999/01/28 09:24:58 1.16 +++ ap_compat.h 1999/05/07 00:16:09 1.17 @@ -23,6 +23,7 @@ #define acquire_mutex ap_acquire_mutex #define add_cgi_vars ap_add_cgi_vars #define add_common_varsap_add_common_vars +#define add_file_conf ap_add_file_conf #define add_module ap_add_module #define add_named_module ap_add_named_module #define add_per_dir_conf ap_add_per_dir_conf @@ -350,6 +351,7 @@ #define server_root_relative ap_server_root_relative #define set_byterange ap_set_byterange #define set_callback_and_alarm ap_set_callback_and_alarm +#define set_config_vectors ap_set_config_vectors #define set_content_length ap_set_content_length #define set_etag ap_set_etag #define set_file_slot ap_set_file_slot 1.34 +3 -1 apache-1.3/src/include/ap_mmn.h Index: ap_mmn.h === RCS file: /export/home/cvs/apache-1.3/src/include/ap_mmn.h,v retrieving revision 1.33 retrieving revision 1.34 diff -u -r1.33 -r1.34 --- ap_mmn.h 1999/04/20 17:51:37 1.33 +++ ap_mmn.h 1999/05/07 00:16:09 1.34 @@ -215,6 +215,8 @@ * 19990108.7 - ap_isxdigit added * 19990320 - METHODS and M_INVALID symbol values modified * 19990320.1 - add ap_vrprintf() + * 19990320.2 - add cmd_parms.context, ap_set_config_vectors, + *export ap_add_file_conf */ #define MODULE_MAGIC_COOKIE 0x41503133UL /* AP13 */ @@ -222,7 +224,7 @@ #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 19990320 #endif -#define MODULE_MAGIC_NUMBER_MINOR 1 /* 0...n */ +#define MODULE_MAGIC_NUMBER_MINOR 2 /* 0...n */ #define MODULE_MAGIC_NUMBER MODULE_MAGIC_NUMBER_MAJOR/* backward compat */ /* Useful for testing for features. */ 1.102 +3 -0 apache-1.3/src/include/http_config.h Index: http_config.h === RCS file: /export/home/cvs/apache-1.3/src/include/http_config.h,v retrieving revision 1.101 retrieving revision 1.102 diff -u -r1.101 -r1.102 --- http_config.h 1999/03/10 10:34:08 1.101 +++ http_config.h 1999/05/07 00:16:10 1.102 @@ -170,6 +170,8 @@ */ const command_rec *cmd; /* configuration command */ const char *end_token; /* end token required to end a nested section */ +void *context; /* per_dir_config vector passed + * to handle_command */ } cmd_parms; /* This structure records the existence of handlers in a module... */ @@ -400,6 +402,7 @@ CORE_EXPORT(const command_rec *) ap_find_command(const char *name, const command_rec *cmds); CORE_EXPORT(const command_rec *) ap_find_command_in_modules(const char *cmd_name, module **mod); +CORE_EXPORT(void *) ap_set_config_vectors(cmd_parms *parms, void *config, module *mod); CORE_EXPORT(const char *) ap_handle_command(cmd_parms *parms, void *config, const char *l); #endif
cvs commit: apache-1.3/src/main http_config.c http_core.c
dgaudet 99/02/22 09:07:40 Modified:src CHANGES src/main http_config.c http_core.c Log: pad out some initializers; reduce a string constant from 510 to below 509 characters Submitted by: John Bley [EMAIL PROTECTED] Revision ChangesPath 1.1257+2 -0 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1256 retrieving revision 1.1257 diff -u -r1.1256 -r1.1257 --- CHANGES 1999/02/20 18:12:32 1.1256 +++ CHANGES 1999/02/22 17:07:37 1.1257 @@ -1,5 +1,7 @@ Changes with Apache 1.3.5 + *) Fixed a few compiler nits. [John Bley [EMAIL PROTECTED]] + *) Added some informative error messages for some failed malloc() calls. [John Bley [EMAIL PROTECTED], Jim Jagielski] 1.142 +1 -1 apache-1.3/src/main/http_config.c Index: http_config.c === RCS file: /home/cvs/apache-1.3/src/main/http_config.c,v retrieving revision 1.141 retrieving revision 1.142 diff -u -r1.141 -r1.142 --- http_config.c 1999/02/20 18:12:35 1.141 +++ http_config.c 1999/02/22 17:07:39 1.142 @@ -1075,7 +1075,7 @@ */ static cmd_parms default_parms = -{NULL, 0, -1, NULL, NULL, NULL, NULL, NULL, NULL}; +{NULL, 0, -1, NULL, NULL, NULL, NULL, NULL, NULL, NULL}; API_EXPORT(char *) ap_server_root_relative(pool *p, char *file) { 1.250 +7 -8 apache-1.3/src/main/http_core.c Index: http_core.c === RCS file: /home/cvs/apache-1.3/src/main/http_core.c,v retrieving revision 1.249 retrieving revision 1.250 diff -u -r1.249 -r1.250 --- http_core.c 1999/02/09 20:20:26 1.249 +++ http_core.c 1999/02/22 17:07:39 1.250 @@ -1902,7 +1902,7 @@ Error:\tApache has not been designed to serve pages while\n \trunning as root. There are known race conditions that\n \twill allow any local user to read any file on the system.\n - \tShould you still desire to serve pages as root then\n + \tIf you still desire to serve pages as root then\n \tadd -DBIG_SECURITY_HOLE to the EXTRA_CFLAGS line in your\n \tsrc/Configuration file and rebuild the server. It is\n \tstrongly suggested that you instead modify the User\n @@ -2859,6 +2859,10 @@ { BS2000Account, set_bs2000_account, NULL, RSRC_CONF, TAKE1, Name of server User's bs2000 logon account name }, #endif +#ifdef WIN32 +{ ScriptInterpreterSource, set_interpreter_source, NULL, OR_FILEINFO, TAKE1, + Where to find interpreter to run Win32 scripts (Registry or script shebang line) }, +#endif { ServerTokens, set_serv_tokens, NULL, RSRC_CONF, TAKE1, Determine tokens displayed in the Server: header - Min(imal), OS or Full }, { LimitRequestLine, set_limit_req_line, NULL, RSRC_CONF, TAKE1, @@ -2870,12 +2874,7 @@ { LimitRequestBody, set_limit_req_body, (void*)XtOffsetOf(core_dir_config, limit_req_body), OR_ALL, TAKE1, - Limit (in bytes) on maximum size of request message body }, -#ifdef WIN32 -{ ScriptInterpreterSource, set_interpreter_source, NULL, OR_FILEINFO, TAKE1, - Where to find interpreter to run Win32 scripts (Registry or script shebang line) }, -#endif -{ NULL }, + Limit (in bytes) on maximum size of request message body } }; /* @@ -3116,7 +3115,7 @@ static const handler_rec core_handlers[] = { { */*, default_handler }, { default-handler, default_handler }, -{ NULL } +{ NULL, NULL } }; API_VAR_EXPORT module core_module = {
cvs commit: apache-1.3/src/main http_config.c http_core.c http_protocol.c
fielding98/08/09 21:16:16 Modified:src CHANGES src/include http_config.h http_core.h httpd.h src/main http_config.c http_core.c http_protocol.c Log: Fixed request limit change to be more portable. Removed the server_rec variables since compile-time control of the request-line, fieldsize, and number of fields is sufficient. Added a per-dir configuration directive LimitRequestBody for setting a maximum request message body, with the default of 0 meaning no limit. Revision ChangesPath 1.1015+3 -2 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1014 retrieving revision 1.1015 diff -u -r1.1014 -r1.1015 --- CHANGES 1998/08/10 00:10:18 1.1014 +++ CHANGES 1998/08/10 04:16:11 1.1015 @@ -3,10 +3,11 @@ *) SECURITY: Eliminate O(n^2) space DoS attacks (and other O(n^2) cpu time attacks) in header parsing. [Dean Gaudet] - *) SECURITY: Added default limits for various aspects of reading a + *) SECURITY: Added compile-time limits for various aspects of reading a client request to avoid some simple denial of service attacks, including limits on maximum request-line size, number of header - fields, size of any one header field, and size of the request + fields, and size of any one header field. Also added a configurable + directive LimitRequestBody for limiting the size of the request message body. [Roy Fielding] *) Make status module aware of DNS and logging states, even if 1.93 +1 -1 apache-1.3/src/include/http_config.h Index: http_config.h === RCS file: /home/cvs/apache-1.3/src/include/http_config.h,v retrieving revision 1.92 retrieving revision 1.93 diff -u -r1.92 -r1.93 --- http_config.h 1998/08/09 06:37:15 1.92 +++ http_config.h 1998/08/10 04:16:12 1.93 @@ -275,7 +275,7 @@ * handle it back-compatibly, or at least signal an error). */ -#define MODULE_MAGIC_NUMBER 19980808 +#define MODULE_MAGIC_NUMBER 19980809 #define STANDARD_MODULE_STUFF MODULE_MAGIC_NUMBER, -1, __FILE__, NULL, NULL /* Generic accessors for other modules to get at their own module-specific 1.47 +2 -0 apache-1.3/src/include/http_core.h Index: http_core.h === RCS file: /home/cvs/apache-1.3/src/include/http_core.h,v retrieving revision 1.46 retrieving revision 1.47 diff -u -r1.46 -r1.47 --- http_core.h 1998/08/06 19:23:43 1.46 +++ http_core.h 1998/08/10 04:16:13 1.47 @@ -131,6 +131,7 @@ API_EXPORT(char *) ap_construct_url(pool *p, const char *uri, const request_rec *r); API_EXPORT(const char *) ap_get_server_name(const request_rec *r); API_EXPORT(unsigned) ap_get_server_port(const request_rec *r); +API_EXPORT(unsigned long) ap_get_limit_req_body(const request_rec *r); API_EXPORT(void) ap_custom_response(request_rec *r, int status, char *string); /* Authentication stuff. This is one of the places where compatibility @@ -236,6 +237,7 @@ #ifdef RLIMIT_NPROC struct rlimit *limit_nproc; #endif +unsigned long limit_req_body; /* limit on bytes in request msg body */ /* logging options */ enum { srv_sig_off, srv_sig_on, srv_sig_withmail } server_signature; 1.233 +18 -27apache-1.3/src/include/httpd.h Index: httpd.h === RCS file: /home/cvs/apache-1.3/src/include/httpd.h,v retrieving revision 1.232 retrieving revision 1.233 diff -u -r1.232 -r1.233 --- httpd.h 1998/08/09 16:57:28 1.232 +++ httpd.h 1998/08/10 04:16:13 1.233 @@ -369,6 +369,24 @@ #define DEFAULT_LISTENBACKLOG 511 #endif +/* Limits on the size of various request items. These limits primarily + * exist to prevent simple denial-of-service attacks on a server based + * on misuse of the protocol. The recommended values will depend on the + * nature of the server resources -- CGI scripts and database backends + * might require large values, but most servers could get by with much + * smaller limits than we use below. The request message body size can + * be limited by the per-dir config directive LimitRequestBody. + */ +#ifndef AP_LIMIT_REQUEST_LINE +#define AP_LIMIT_REQUEST_LINE 8192 +#endif /* default limit on bytes in Request-Line (Method+URI+HTTP-version) */ +#ifndef AP_LIMIT_REQUEST_FIELDS +#define AP_LIMIT_REQUEST_FIELDS 100 +#endif /* default limit on number of request header fields */ +#ifndef AP_LIMIT_REQUEST_FIELDSIZE +#define AP_LIMIT_REQUEST_FIELDSIZE 8192 +#endif /* default limit on bytes in
cvs commit: apache-1.3/src/main http_config.c http_core.c
dgaudet 98/07/06 21:06:24 Modified:src CHANGES src/main http_config.c http_core.c Log: better solution for reporting handler not found errors PR: 2529 Submitted by: John Van Essen [EMAIL PROTECTED] Revision ChangesPath 1.948 +4 -0 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.947 retrieving revision 1.948 diff -u -r1.947 -r1.948 --- CHANGES 1998/07/06 11:54:27 1.947 +++ CHANGES 1998/07/07 04:06:17 1.948 @@ -1,4 +1,8 @@ Changes with Apache 1.3.1 + + *) The handler not found error was issued in cases where the handler + really did exist, but was just declining to serve the request. + [John Van Essen [EMAIL PROTECTED]] PR#2529 *) Add Dynamic Shared Object (DSO) support for SCO5 (OpenServer 5.0.x). [Ronald Record [EMAIL PROTECTED]] PR#2533 1.118 +8 -2 apache-1.3/src/main/http_config.c Index: http_config.c === RCS file: /export/home/cvs/apache-1.3/src/main/http_config.c,v retrieving revision 1.117 retrieving revision 1.118 diff -u -r1.117 -r1.118 --- http_config.c 1998/06/13 15:22:52 1.117 +++ http_config.c 1998/07/07 04:06:20 1.118 @@ -479,6 +479,7 @@ const char *handler; char *p; size_t handler_len; +int result = NOT_IMPLEMENTED; if (r-handler) { handler = r-handler; @@ -501,19 +502,24 @@ for (handp = handlers; handp-hr.content_type; ++handp) { if (handler_len == handp-len !strncmp(handler, handp-hr.content_type, handler_len)) { -int result = (*handp-hr.handler) (r); +result = (*handp-hr.handler) (r); if (result != DECLINED) return result; } } +if (result == NOT_IMPLEMENTED r-handler) { +ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, r-server, +handler \%s\ not found for: %s, r-handler, r-filename); +} + /* Pass two --- wildcard matches */ for (handp = wildhandlers; handp-hr.content_type; ++handp) { if (handler_len = handp-len !strncmp(handler, handp-hr.content_type, handp-len)) { - int result = (*handp-hr.handler) (r); + result = (*handp-hr.handler) (r); if (result != DECLINED) return result; 1.209 +0 -6 apache-1.3/src/main/http_core.c Index: http_core.c === RCS file: /export/home/cvs/apache-1.3/src/main/http_core.c,v retrieving revision 1.208 retrieving revision 1.209 diff -u -r1.208 -r1.209 --- http_core.c 1998/07/03 22:15:56 1.208 +++ http_core.c 1998/07/07 04:06:21 1.209 @@ -2548,12 +2548,6 @@ caddr_t mm; #endif -if (r-handler) { - ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, - r-server, handler \%s\ not found, using default - handler for: %s, r-handler, r-filename); -} - /* This handler has no use for a request body (yet), but we still * need to read and discard it if the client sent one. */
cvs commit: apache-1.3/src/main http_config.c http_core.c
dougm 98/03/16 19:26:46 Modified:src/include http_config.h http_core.h src/main http_config.c http_core.c Log: export a few functions so mod_perl's Perl config sections work under win32 Submitted by: Doug MacEachern Reviewed by: Dean Gaudet Revision ChangesPath 1.74 +6 -4 apache-1.3/src/include/http_config.h Index: http_config.h === RCS file: /export/home/cvs/apache-1.3/src/include/http_config.h,v retrieving revision 1.73 retrieving revision 1.74 diff -u -r1.73 -r1.74 --- http_config.h 1998/03/13 19:20:10 1.73 +++ http_config.h 1998/03/17 03:26:41 1.74 @@ -267,7 +267,7 @@ * handle it back-compatibly, or at least signal an error). */ -#define MODULE_MAGIC_NUMBER 19980312 +#define MODULE_MAGIC_NUMBER 19980317 #define STANDARD_MODULE_STUFF MODULE_MAGIC_NUMBER, -1, __FILE__, NULL, NULL /* Generic accessors for other modules to get at their own module-specific @@ -302,6 +302,8 @@ #ifdef CORE_PRIVATE +extern API_VAR_EXPORT module *top_module; + extern module *prelinked_modules[]; extern module *preloaded_modules[]; @@ -318,7 +320,7 @@ /* For http_request.c... */ void *create_request_config(pool *p); -void *create_per_dir_config(pool *p); +API_EXPORT(void *) create_per_dir_config(pool *p); void *merge_per_dir_configs(pool *p, void *base, void *new); void *create_empty_config(pool *p); @@ -328,9 +330,9 @@ int parse_htaccess(void **result, request_rec *r, int override, const char *path, const char *access_name); -const char *srm_command_loop(cmd_parms *parms, void *config); +API_EXPORT(const char *) srm_command_loop(cmd_parms *parms, void *config); -const char *init_virtual_host(pool *p, const char *hostname, +API_EXPORT(const char *) init_virtual_host(pool *p, const char *hostname, server_rec *main_server, server_rec **); void process_resource_config(server_rec *s, char *fname, pool *p, pool *ptemp); 1.37 +1 -1 apache-1.3/src/include/http_core.h Index: http_core.h === RCS file: /export/home/cvs/apache-1.3/src/include/http_core.h,v retrieving revision 1.36 retrieving revision 1.37 diff -u -r1.36 -r1.37 --- http_core.h 1998/02/21 01:42:36 1.36 +++ http_core.h 1998/03/17 03:26:42 1.37 @@ -132,7 +132,7 @@ char *response_code_string (request_rec *r, int error_index); -extern module core_module; +extern API_VAR_EXPORT module core_module; /* Per-directory configuration */ 1.107 +7 -7 apache-1.3/src/main/http_config.c Index: http_config.c === RCS file: /export/home/cvs/apache-1.3/src/main/http_config.c,v retrieving revision 1.106 retrieving revision 1.107 diff -u -r1.106 -r1.107 --- http_config.c 1998/03/16 12:09:52 1.106 +++ http_config.c 1998/03/17 03:26:44 1.107 @@ -94,7 +94,7 @@ * than DYNAMIC_MODULE_LIMIT. */ static int dynamic_modules = 0; -module *top_module = NULL; +API_VAR_EXPORT module *top_module = NULL; typedef int (*handler_func) (request_rec *); typedef void *(*dir_maker_func) (pool *, char *); @@ -213,7 +213,7 @@ return create_empty_config(p); } -void *create_per_dir_config(pool *p) +API_EXPORT(void *) create_per_dir_config(pool *p) { return create_empty_config(p); } @@ -861,7 +861,7 @@ } } -const command_rec *find_command(const char *name, const command_rec *cmds) +API_EXPORT(const command_rec *) find_command(const char *name, const command_rec *cmds) { while (cmds-name) if (!strcasecmp(name, cmds-name)) @@ -872,7 +872,7 @@ return NULL; } -const command_rec *find_command_in_modules(const char *cmd_name, module **mod) +API_EXPORT(const command_rec *) find_command_in_modules(const char *cmd_name, module **mod) { const command_rec *cmdp; module *modp; @@ -886,7 +886,7 @@ return NULL; } -const char *handle_command(cmd_parms *parms, void *config, const char *l) +API_EXPORT(const char *) handle_command(cmd_parms *parms, void *config, const char *l) { const char *args, *cmd_name, *retval; const command_rec *cmd; @@ -931,7 +931,7 @@ return retval; } -const char *srm_command_loop(cmd_parms *parms, void *config) +API_EXPORT(const char *) srm_command_loop(cmd_parms *parms, void *config) { char l[MAX_STRING_LEN]; @@ -1201,7 +1201,7 @@ } -const char *init_virtual_host(pool *p, const char *hostname, +API_EXPORT(const char *) init_virtual_host(pool *p, const char *hostname, server_rec