summaryrefslogtreecommitdiff
path: root/usr.sbin/httpd
AgeCommit message (Collapse)Author
2008-07-04Make the proxy module work with https again by allowing the destinationMarc Balmer
port to be set in the config file instead of using HTTP_DEFAULT_PORT in all cases. Prevent a segfault that would happen when the SSL connection from the proxy fails. Problem found and analyzed by Mischa Diehm; fix by me.
2008-06-24Garbage collect some unused nor relevant config files. They're eitherBrad Smith
empty stubs (access.conf-dist/srm.conf-dist) or poor example configs for "high performance" which users are much better served by actually reading the documentation and understanding what they're doing. ok deraadt@
2008-06-18Remove references to httpd.conf-dist.Brad Smith
ok deraadt@
2008-06-13Don't install httpd.conf-dist.Marc Balmer
from brad.
2008-06-07Move the Apache manual out of etcXX and to miscXX where it belongs.Jason Dixon
It has also been moved to /usr/share/doc/html/httpd/. This will ease sysmerge upgrades and help keep htdocs clean. Help from okan and phessler, doc tweaks by jmc ok deraadt@ millert@ beck@
2008-05-27grammar fixes; from Jochem Kossen, system/5822;Jason McIntyre
ok henning
2008-05-25de-register, remove #ifdefs and #ifndefs using SIN6_LEN, add OpenBSD cvsMarc Balmer
markers. no binary changes
2008-05-23KNF and readability changes. de-register, remove #ifndef SIN6_LEN defines.Marc Balmer
Add OpenBSD cvs markers. No binary changes.
2008-05-23de-registerMarc Balmer
2008-05-23Last chunk of KNF and readability changes here.Marc Balmer
no binary changes.
2008-05-22Remove the german announcement text.Marc Balmer
"yes, let it rot in the attic" claudio
2008-05-22More KNF and readability.Marc Balmer
no binary changes.
2008-05-21KNF and readability changes.Marc Balmer
No binary changes.
2008-05-21Remove #ifndef SIN6_LEN/#else/#endif constructs.Marc Balmer
Suggested by djm a while ago. No binary changes.
2008-05-21Document and implement -U option, fix usage information for '-?'.Marc Balmer
Documentation corrections and spelling by jmc.
2008-05-21The default address family to be used is stored in a global variable. IfMarc Balmer
no options are given on the commandline, it is set to PF_INET. The configuration file parser did not use this variable in all cases, but used PF_UNSPEC for getaddrinfo/getnameinfo, leading to bogus error messages in some cases (but httpd operated as expected). Use the global variable instead of the hardcode PF_UNSPEC in the cases. Add a new commandline flag, -U, to set the default address family to PF_UNSPEC for ambigous directives. Discussed with sthen.
2008-05-19Permit compilation on 3 architectures which show that this diff wasTheo de Raadt
not tested on them. Older gcc's require decl before code, and this is supposed to be portable code in that sense.
2008-05-17documentation tweaks.Igor Sobrado
ok (some time ago) jmc@
2008-05-15Add OpenBSD markers.Marc Balmer
no binary change.
2008-05-14fix comment.Marc Balmer
2008-05-14Next chunk of KNF/readability.Marc Balmer
no binary changes.
2008-05-14More KNF/readability changes.Marc Balmer
no binary changes.
2008-05-14Next chunk of KNF/readability changes.Marc Balmer
no binary change.
2008-05-13Rename to README.IPv6, to be clear this is not version 6 of the README file.Marc Balmer
Suggested by henning.
2008-05-13knf. no binary changes.Marc Balmer
2008-05-13A first chunk of readability/knf changes. Since there is nothing moreMarc Balmer
to merge from upstream, we can safely sanitize the code and hopefully the build system. Discussed with and feedback from sthen, todd, dlg and henning. no binary changes.
2008-05-09tweak previous; ok mbalmerJason McIntyre
2008-05-09Add support for IPv6 while keeping the default at IPv4 to not breakMarc Balmer
existing installations. See the documentation for the IPv6 related configuration. This changes the module ABI since addresses are now struct addrinfo. This has been tested by many people and run on production machines for several months. feedback many, ok todd
2008-04-25neccessary -> necessary; from Pierre RiteauJason McIntyre
2008-04-25spelling: pathes->paths, ok henningStuart Henderson
2008-04-13Use arc4random_buf() when requesting more than a single word of outputDamien Miller
Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
2008-01-25show an example for writing ErrorLog to syslogStuart Henderson
ok henning
2008-01-24"read(..., ..., sizeof Y) < sizeof Y" is a dangerous idiom because itKenneth R Westerback
does an unsigned comparison and read() can return -1. Use '!=' instead of '<' since read() can't return more than 'sizeof Y'. Not perfect (that would require a separate test for -1) but a very common usage. ok henning@
2008-01-12Fix mod_status XSS CVE-2007-6388:Martynas Venckus
A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available. Fix mod_imap XSS CVE-2007-5000: A flaw was found in the mod_imap module. On sites where mod_imap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible. ok miod@
2008-01-08sync patches in messages with realityHenning Brauer
Matthew Mulrooney <openbsd-2008.01.07@fm.beyonddata.net>
2007-11-24fix yacc/lex parallel file generationMarc Espie
2007-11-19do not print "Processing config {dir,file} ...." messages unless the -tRobert Nagy
or -T option is specified, which is only going to do a syntax check on the config file(s) ok henning@, deraadt@
2007-11-03make sure configure is done before we try building manpages.Marc Espie
2007-10-30Add two module configuration directories named modules and modules.sampleRobert Nagy
and include *.conf files from the modules directory by default. The modules.sample directory will be used by some ports to place their configuration files. ok deraadt@, jsign@
2007-10-14'expresion' -> 'expression'. Reported by Jung on tech@.Kenneth R Westerback
2007-09-15[fF]uther -> [fF]urther in comments and man page. First one spotted onKenneth R Westerback
tech@ by Jung.
2007-09-11use strcspn to properly overwrite '\n' in fgets returned bufferGilles Chehade
ok pyr@, ray@, millert@, moritz@, chl@
2007-09-11add application/x-bittorrentHenning Brauer
From: Alex Holst <a@mongers.org>
2007-08-24Add a new configuration directive 'RLimitNOFILE' to set the number ofMarc Balmer
of open filedescriptors (like RLimitNPROC for the number of processes). ok ckuethe, "no objection" henning
2007-08-09fix CVE-2007-3304Martynas Venckus
The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service. ok miod@ (who also noticed to protect reclaim_child_processes); henning@; djm@
2007-08-08fix CVE-2006-5752Martynas Venckus
A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available. ok miod@, henning@
2007-07-23fix a variable shadowing problemHenning Brauer
PR5549, From: veins@evilkittens.org
2007-06-01paranoid snprintf length calculation to avoid a possible bufferPeter Valchev
overflow in SSL session id parsing (by reaching a negative size arg) ok henning
2007-05-31convert to new .Dd format;Jason McIntyre
2007-05-25"interupt" -> "interrupt" in various comments. Mostly from Diego Casati.Kenneth R Westerback
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-18 02:56:42 +0000