| Age | Commit message (Collapse) | Author |
|---|
|
- Use sizeof(buf) instead of BUFSIZ.
- Only overwrite '\n'.
From Charles Longeau.
OK millert@ and moritz@.
|
|
|
|
sizeof(buf) - 1 to sizeof(buf), since fgets takes the whole buffer size.
Based on diff from Charles Longeau <chl at tuxfamily dot org> long ago.
OK millert@.
|
|
case), ok espie, also noticed by simon
|
|
|
|
configure system.
the mod_auth_digest module has such a section, and there (via two other
indirections, of course!) -DDEV_RANDOM=/dev/arandom is added to CFLAGS.
via a few more bizarre indicrections that ends up in ap_config_auto.h.
Since ap_config_auto.h gets installed in /usr/lib/apache/include/ and
thus might be used by 3rd party modules, we must be very careful with
removing shitz there. But I kinda doubt anything relies on a define
that is only there when a module marked as experimental is compiled in.
since we long ago made mod_auth_digest use arc4random and do not use
said DEV_RANDOM define at all any more, we don't need it ourselves.
so nuke the mod_auth_digest ConfigStart/End section, which doesn't do
anything else, alltogether.
Since mod_auth_digest is only compiled as DSO, the define was missing
on static archs, therefore breaking the build on vax an friends since
espie put the pregenerated ap_config_auto.h in. ok millert deraadt
|
|
|
|
|
|
be MI since we removed stuff that was arch-dependent). The Configure script
still rebuilds a copy of that file, and we check it for diffs.
okay millert@
|
|
- ap_snprintf can grab needed types from stdint.h
- expat-lite can grab byte-order from system includes.
no breakage in modules in the ports tree.
work by me and millert@, ok miod@.
|
|
is good! so let's do it in all cases...
missed case: on restart and graceful, when apachectl figures out that no
httpd is running, it tries to start one.
found out the hard way by yours truly
|
|
'preceeding' -> 'preceding'
'preceeds' -> 'precedes'
'preceeded' -> 'preceded'
|
|
an ip address, that's for sure; pr 5232 arjones@simultan.dyndns.org
|
|
CVE-2006-3918; ok cloder@
|
|
Host header to the backend. default off. henning@ ok.
|
|
|
|
leave the function there of course, it's part of the API
|
|
be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused by a off-by-one error in mod_rewrite and can be
exploited to cause a one-byte buffer overflow.
http://secunia.com/advisories/21197/
report "Alexey E. Suslikov" <cruel@texnika.com.ua>, the obvious fix
mailed in by Stuart Henderson <stu@spacehopper.org>
|
|
From: John Wong <johnw@wonghome.net>, ok ckuethe
|
|
case where an ssl connection is not found in the scache dbm
Reported by, and fix suggested by
Darrin Chandler <darrin@puffy.asicommunications.com>
testing by me, ok henning@
|
|
|
|
From: Daniel Ouellet <daniel@presscom.net>
|
|
From: Daniel Ouellet <daniel@presscom.net>
|
|
From: "Alex Holst" <a@mongers.org>
"It's the brave new world of rss/atom feeds. It's what the kids want."
|
|
put_scoreboard_info, and update_scoreboard_global.
From Daniel Ouellet, plus one line he missed.
OK henning@ and otto@
|
|
ok millert@ jmc@ ketennis@ and others from before 3.9 lock
|
|
|
|
from Chris Kuethe <chris.kuethe@gmail.com>
running at UofA for months now, ok beck niallo, also tested mbalmer
|
|
From: Alex Holst <a@mongers.org>
|
|
|
|
ok kettenis@
|
|
CVE-2005-3352
ok niallo@; henning@ no objections
|
|
that useful for debugging.
OK henning, deraadt
|
|
|
|
|
|
move the whole section to SEE ALSO, which is more appropriate anyway;
from alexey e. suslikov;
|
|
optional" to "SSLVerifyClient require"
fixes CAN-2005-2700
ok henning@, "go for it" deraadt@
|
|
|
|
discussed with tamas tevesz.
|
|
|
|
==> two more historic modules have gone away
|
|
==> de-multiviewification complete.
|
|
==> de-multiviewification complete.
(rename *.html.html -> *.html)
|
|
==> some more alien platforms and obsolete info. the mod/core.html
change is because 1) the target link doesn't exist, 2) it
probably was meant to refer to misc/known_bugs.html in the
first place, which just got removed.
thanks henning for guidance.
|
|
further removal of irrelevant bits...
|
|
==> duplicate of the files of the same name in manual/vhosts/, save
formatting and one extra remark in manual/vhosts/vhosts-in-depth.html.
no references to either.
|
|
==> some obsolete info regarding apache 1.2
|
|
further removal of irrelevant stuff;
|
|
thanks henning for pointing this out;
thanks tamas for prompt diff;
|
|
==> remove of a number of alien platforms
==> remove broken links in sitemap.html
==> remove unreferenced install_1_1.html
|
