summaryrefslogtreecommitdiffstats
path: root/usr.sbin/httpd/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* this commit is really florian@'s, since he's the one who made removalhenning2014-04-22276-133440/+0
| | | | | | | | of our forked apache possible by his work on nginx and slowcgi, but he doesn't want it - so it is my pleasure to tedu it. I spent so much work on chroot in it 10 years ago - and am very happy to see it go now, nginx is a far better choice today. Bye bye, Apache, won't miss you.
* If a constant string needs a name, use a static const array instead of aguenther2013-10-271-1/+1
| | | | | | | | pointer or non-const array, as that minimizes the symbols, maximizes the placement into read-only memory, and avoids warnings from gcc -Wformat=2 when they're used as format strings. ok deraadt@
* Correct format string mismatches turned up by -Wformat=2guenther2013-08-222-7/+7
| | | | suggestions and ok millert@
* Fix calls to printf-like functions which passed a non-fixed stringguenther2013-08-181-2/+2
| | | | | | | | as the format and no variable args. Replace "%#0.*X" with "%#.*X": the zero-fill flag is ignored/implied on numeric conversions when a precision is specified. ok jung@ millert@ krw@
* Prep for big ino_t: cast to unsigned long long and format with %ll or %qguenther2013-08-081-3/+3
| | | | httpd correction and ok kettenis@
* Don't assume inode numbers fit in a longguenther2013-08-051-6/+7
| | | | ok kettenis@
* Disable SSL compression in order to mitigate CRIME attacks. Addjsing2013-07-164-5/+23
| | | | | | | an SSLCompression option so that it can be turned back on, however on this is currently a no-op due to the compile options for libssl. Requested by and ok djm@
* Enable ECDHE support in httpd via a SSLECDHCurve option. This specifies thejsing2013-07-164-4/+47
| | | | | | | | named curve to use when generating ephemeral EC keys for an ECDHE-based cipher suite, or can be set to `none' to disable. The default is to use a prime256v1 curve. yay^Wok djm@
* Define HonorCipherOrder as a FLAG (rather than as a TAKE1), so that itjsing2013-07-165-18/+19
| | | | | | | works correctly as a boolean on/off flag. While here, rename the variable so that it is consistent with existing naming scheme. ok otto@ djm@
* introduce HonorCipherOrder to use the server's order of preference of ciphersotto2013-07-115-3/+23
| | | | ok djm@ guenther@
* remove useless line that breaks with new perlsthen2013-03-251-1/+0
|
* Use __attribute__((__gnu_inline__)) with __inline__ if __GNUC_STDC_INLINE__brad2013-01-071-1/+5
| | | | | | is defined. Fixes build with LLVM. From and OK millert@
* acknowlege -> acknowledgemartynas2013-01-061-3/+3
| | | | | | compatability -> compatibility OK jmc@.
* allow httpd to build if sslv2 is disabled, ok guenther@sthen2012-07-071-5/+2
|
* In preparation for getline and getdelim additions to libc, rename getline()fgsch2012-03-043-10/+10
| | | | | occurrences to get_line(). Based on a diff from Jan Klemkow <j-dot-klemkow-at-wemelug-dot-de> to tech.
* Apply the fnmatch recursion limit fix to the local copy of fnmatch in httpd.stsp2011-09-171-4/+29
| | | | ok henning
* typo in usage summaryjcs2011-07-171-2/+2
|
* Avoid using NULL in non-pointer contexts: use 0 for integer values and '\0'miod2011-04-061-3/+3
| | | | for chars.
* Local variables storing integer values and printed with %d should bemiod2011-04-061-2/+3
| | | | declared as integer types, not pointers, really.
* - properly fix pr6009. a different fix was commited as the original patchjasper2011-01-051-1/+7
| | | | | | | used atoi(). this fix uses strtonum() instead. from bjorn ketelaars, pr6515. ok henning@
* adapt to API changes in OpenSSL-1.0.0adjm2010-10-011-5/+5
|
* Allow mod_headers to handle RequestHeader directives known from apache2,sebastia2010-09-261-6/+42
| | | | | | | | and update documentation accordingly. Patch mostly based on an old patch from Martin Algesten he posted 2002 in apache bugzilla entry: 10772 OK, pyr@
* nessesary -> necessary.miod2010-09-091-2/+2
|
* add an EXIT STATUS section for /usr/sbin;jmc2010-09-032-8/+6
|
* Various comment typos. 'wether' -> 'whether' (most popular), 'possiblity' ->krw2010-05-102-3/+3
| | | | | 'possibility', 'optins' -> 'options', 'resposne' -> 'response', 'unecessary' -> 'unnecessary', 'desination' -> 'destination'. Collected from various misc@ and tech@ postings, many by Brad Tilley.
* Unconditionally set HAVE_ISINF and HAVE_ISNAN in the generatedkettenis2010-05-051-32/+11
| | | | | | | ap_config_auto.h. We know we have these functions in libc on OpenBSD, but the check for them fails with gcc due to some __builtin__xxx stupidity. ok drahn@, sthen@, henning@
* make ProxyPass exclude directives only exclude on match, instead of alwayshalex2010-03-311-3/+3
| | | | | | noted by Vasiliy Kiryanov, thanks! ok stephan@
* - apache would send the wrong Host-Header back when setup as a reverse proxyjasper2010-02-251-1/+1
| | | | | | | | with ProxyPreserveHost. fixes pr6009, though i applied a different fix as what was suggested in that pr. ok sthen@
* fix some fallout from the >2G commit. namely allow for all byte counters topyr2010-02-259-35/+35
| | | | | | report the correct size when it exceeds a long's capacity. From Dan Harnett <daniel @ harnett . name>
* Fix byte range parsing, broken in last revision of http_protocol.c,pyr2010-02-234-24/+20
| | | | | | | | | unfortunately this backs out the use of strtonum and goes back to strtoll will need more love in a future diff. This fix from Dan Harnett <daniel @ harnett . name> ok deraadt@
* Add a SECURITY FIX for CVE-2010-0010jasper2010-02-031-3/+3
| | | | | | | | | "on 64-bit platforms this allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a large chunk size that triggers a heap-based buffer overflow." "looks good" to henning@ ok otto@
* could write one word too far, found by parfait; ok millertderaadt2009-12-141-1/+1
|
* wrote one byte too far, found by parfait; ok beck millertderaadt2009-12-141-2/+2
|
* repair typederaadt2009-12-131-1/+1
|
* copy correctly sized object, found by parfait; ok jsgderaadt2009-12-131-1/+1
|
* s/Mhz/MHz/, MHz is a multiple of the SI unit hertz (whose symbol is Hz).sobrado2009-10-311-2/+2
|
* Add ! support to ProxyPass to exclude directories from being proxied.fgsch2009-08-261-0/+3
| | | | | From Stephan A. Rickauer <stephan dot rickauer at startek dot ch> with minor tweaks. ok by many.
* fix rcs ids. ok sthen@martynas2009-06-213-3/+3
|
* add RCFLAGS to config test casessimon2009-06-041-3/+3
| | | | ok henning@
* Fix the way apache reports Content-Length by promoting the clength fieldpyr2009-06-023-26/+31
| | | | | | | | | | | | of request_rec from long to off_t, which makes it 64bit on i386. This allows files bigger than 2gig to be correctly served on arches where long is only 32bits. Warning: this introduces an ABI break, and hence some third party apache modules will need to be rebuilt to correctly link to this new apache. ok miod@, deraadt@
* by default drop privs to www/www, not nobody/nogroup if User/Groupmartynas2009-03-101-3/+3
| | | | | entries are not present; or it's being run configless "sure" henning@, "makes sense" merdely@, ok sthen@
* update ap_config_auto.h for new libcmartynas2008-12-091-0/+10
|
* Some more ambigous -> ambiguous pointed out by mbalmer (there aresthen2008-12-031-1/+1
| | | | | others, these are the ones from code unlikely to be re-merged with upstream sources).
* correct spelling (ambigous -> ambiguous)sthen2008-12-021-4/+4
|
* Don't exit if the logfile specified on the command line can not bembalmer2008-10-061-16/+19
| | | | | | created due to a path component not existing, but log the error and retry. This will repeatetly log an error, like it does without the patch, but it will not slowly eat up memory. This fixes pr 4228.
* Readability changes.mbalmer2008-10-031-4/+4
|
* KNF and readability changes; no binary changes.mbalmer2008-10-031-789/+780
|
* Use correct function signature when calling the write_host_header hook.mbalmer2008-10-032-1/+11
| | | | from Josh Elsasser <josh@elsasser.org>, thanks.
* adapt to API changes in OpenSSL 0.9.8hdjm2008-09-061-1/+1
|
* Use only safe functions in signal handlers.tobias2008-08-112-6/+9
| | | | ok millert, otto
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.