You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ic...@apache.org on 2019/11/05 15:04:05 UTC
svn commit: r1869392 - in /httpd/httpd/trunk: CHANGES modules/md/md_acme.c
modules/md/md_acme_drive.c modules/md/md_curl.c modules/md/md_http.c
modules/md/md_version.h modules/md/mod_md_config.c
Author: icing
Date: Tue Nov 5 10:06:15 2019
New Revision: 1869392
URL: http://svn.apache.org/viewvc?rev=1869392&view=rev
Log:
*) mod_md v2.2.3:
- Configuring MDCAChallenges replaces any previous existing challenge configuration. It
had been additive before which was not the intended behaviour. [@mkauf]
- Fixing order of ACME challenges used when nothing else configured. Code now behaves as
documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
- Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
- Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
"transfer-encoding" to POST requests. This failed in directy communication with
Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/md/md_acme.c
httpd/httpd/trunk/modules/md/md_acme_drive.c
httpd/httpd/trunk/modules/md/md_curl.c
httpd/httpd/trunk/modules/md/md_http.c
httpd/httpd/trunk/modules/md/md_version.h
httpd/httpd/trunk/modules/md/mod_md_config.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1869392&r1=1869391&r2=1869392&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Nov 5 10:06:15 2019
@@ -1,5 +1,15 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.1
+
+ *) mod_md v2.2.3:
+ - Configuring MDCAChallenges replaces any previous existing challenge configuration. It
+ had been additive before which was not the intended behaviour. [@mkauf]
+ - Fixing order of ACME challenges used when nothing else configured. Code now behaves as
+ documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
+ - Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
+ - Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
+ "transfer-encoding" to POST requests. This failed in directy communication with
+ Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing. [Stefan Eissing]
*) mod_proxy: Put mod_proxy_{connect,wstunnel} tunneling code in common in
proxy_util. [Yann Ylavic]
Modified: httpd/httpd/trunk/modules/md/md_acme.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/md_acme.c?rev=1869392&r1=1869391&r2=1869392&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/md/md_acme.c (original)
+++ httpd/httpd/trunk/modules/md/md_acme.c Tue Nov 5 10:06:15 2019
@@ -402,7 +402,7 @@ static apr_status_t md_acme_req_send(md_
if (req->req_json) {
body = apr_pcalloc(req->p, sizeof(*body));
body->data = md_json_writep(req->req_json, req->p, MD_JSON_FMT_INDENT);
- if (!body->data) {
+ if (!body) {
rv = APR_EINVAL; goto leave;
}
body->len = strlen(body->data);
Modified: httpd/httpd/trunk/modules/md/md_acme_drive.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/md_acme_drive.c?rev=1869392&r1=1869391&r2=1869392&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/md/md_acme_drive.c (original)
+++ httpd/httpd/trunk/modules/md/md_acme_drive.c Tue Nov 5 10:06:15 2019
@@ -530,8 +530,8 @@ static apr_status_t acme_driver_init(md_
}
else {
/* free to chose. Add all we support and see what we get offered */
- APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_HTTP01;
APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_TLSALPN01;
+ APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_HTTP01;
APR_ARRAY_PUSH(ad->ca_challenges, const char*) = MD_AUTHZ_TYPE_DNS01;
if (!d->can_http && !d->can_https
Modified: httpd/httpd/trunk/modules/md/md_curl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/md_curl.c?rev=1869392&r1=1869391&r2=1869392&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/md/md_curl.c (original)
+++ httpd/httpd/trunk/modules/md/md_curl.c Tue Nov 5 10:06:15 2019
@@ -294,6 +294,12 @@ static apr_status_t internals_setup(md_h
curl_easy_setopt(curl, CURLOPT_LOW_SPEED_TIME, timeout_sec(req->timeout.stalled));
}
+ if (req->body_len >= 0) {
+ /* set the Content-Length */
+ curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)req->body_len);
+ curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, (curl_off_t)req->body_len);
+ }
+
if (req->user_agent) {
curl_easy_setopt(curl, CURLOPT_USERAGENT, req->user_agent);
}
Modified: httpd/httpd/trunk/modules/md/md_http.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/md_http.c?rev=1869392&r1=1869391&r2=1869392&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/md/md_http.c (original)
+++ httpd/httpd/trunk/modules/md/md_http.c Tue Nov 5 10:06:15 2019
@@ -207,19 +207,8 @@ void md_http_set_on_response_cb(md_http_
req->cb.on_response_data = baton;
}
-static void req_init_cl(md_http_request_t *req)
-{
- if (req->body_len == 0 && apr_strnatcasecmp("GET", req->method)) {
- apr_table_setn(req->headers, "Content-Length", "0");
- }
- else if (req->body_len > 0) {
- apr_table_setn(req->headers, "Content-Length", apr_off_t_toa(req->pool, req->body_len));
- }
-}
-
apr_status_t md_http_perform(md_http_request_t *req)
{
- req_init_cl(req);
return req->http->impl->perform(req);
}
@@ -232,11 +221,8 @@ static apr_status_t proxy_nextreq(md_htt
md_http_t *http, int in_flight)
{
nextreq_proxy_t *proxy = baton;
- apr_status_t rv;
- rv = proxy->nextreq(preq, proxy->baton, http, in_flight);
- if (APR_SUCCESS == rv) req_init_cl(*preq);
- return rv;
+ return proxy->nextreq(preq, proxy->baton, http, in_flight);
}
apr_status_t md_http_multi_perform(md_http_t *http, md_http_next_req *nextreq, void *baton)
Modified: httpd/httpd/trunk/modules/md/md_version.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/md_version.h?rev=1869392&r1=1869391&r2=1869392&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/md/md_version.h (original)
+++ httpd/httpd/trunk/modules/md/md_version.h Tue Nov 5 10:06:15 2019
@@ -27,7 +27,7 @@
* @macro
* Version number of the md module as c string
*/
-#define MOD_MD_VERSION "2.2.1"
+#define MOD_MD_VERSION "2.2.3"
/**
* @macro
@@ -35,7 +35,7 @@
* release. This is a 24 bit number with 8 bits for major number, 8 bits
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
*/
-#define MOD_MD_VERSION_NUM 0x020201
+#define MOD_MD_VERSION_NUM 0x020203
#define MD_ACME_DEF_URL "https://acme-v02.api.letsencrypt.org/directory"
Modified: httpd/httpd/trunk/modules/md/mod_md_config.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/mod_md_config.c?rev=1869392&r1=1869391&r2=1869392&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/md/mod_md_config.c (original)
+++ httpd/httpd/trunk/modules/md/mod_md_config.c Tue Nov 5 10:06:15 2019
@@ -714,7 +714,10 @@ static const char *md_config_set_cha_tye
pcha = &config->ca_challenges;
ca_challenges = *pcha;
- if (!ca_challenges) {
+ if (ca_challenges) {
+ apr_array_clear(ca_challenges);
+ }
+ else {
*pcha = ca_challenges = apr_array_make(cmd->pool, 5, sizeof(const char *));
}
for (i = 0; i < argc; ++i) {
Re: svn commit: r1869392 - in /httpd/httpd/trunk: CHANGES
modules/md/md_acme.c modules/md/md_acme_drive.c modules/md/md_curl.c
modules/md/md_http.c modules/md/md_version.h modules/md/mod_md_config.c
Posted by Marion & Christophe JAILLET <ch...@wanadoo.fr>.
Le 05/11/2019 à 16:04, icing@apache.org a écrit :
> Author: icing
> Date: Tue Nov 5 10:06:15 2019
> New Revision: 1869392
>
> URL: http://svn.apache.org/viewvc?rev=1869392&view=rev
> Log:
> *) mod_md v2.2.3:
> - Configuring MDCAChallenges replaces any previous existing challenge configuration. It
> had been additive before which was not the intended behaviour. [@mkauf]
> - Fixing order of ACME challenges used when nothing else configured. Code now behaves as
> documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
> - Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
> - Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
> "transfer-encoding" to POST requests. This failed in directy communication with
> Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing.
>
>
> Modified:
> httpd/httpd/trunk/CHANGES
> httpd/httpd/trunk/modules/md/md_acme.c
> httpd/httpd/trunk/modules/md/md_acme_drive.c
> httpd/httpd/trunk/modules/md/md_curl.c
> httpd/httpd/trunk/modules/md/md_http.c
> httpd/httpd/trunk/modules/md/md_version.h
> httpd/httpd/trunk/modules/md/mod_md_config.c
>
> Modified: httpd/httpd/trunk/CHANGES
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1869392&r1=1869391&r2=1869392&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/CHANGES [utf-8] (original)
> +++ httpd/httpd/trunk/CHANGES [utf-8] Tue Nov 5 10:06:15 2019
> @@ -1,5 +1,15 @@
> -*- coding: utf-8 -*-
> Changes with Apache 2.5.1
> +
> + *) mod_md v2.2.3:
> + - Configuring MDCAChallenges replaces any previous existing challenge configuration. It
> + had been additive before which was not the intended behaviour. [@mkauf]
> + - Fixing order of ACME challenges used when nothing else configured. Code now behaves as
> + documented for `MDCAChallenges`. Fixes #156. Thanks again to @mkauf for finding this.
> + - Fixing a potential, low memory null pointer dereference [thanks to @uhliarik].
> + - Fixing an incompatibility with a change in libcurl v7.66.0 that added unwanted
> + "transfer-encoding" to POST requests. This failed in directy communication with
> + Let's Encrypt boulder server. Thanks to @mkauf for finding and fixing. [Stefan Eissing]
>
> *) mod_proxy: Put mod_proxy_{connect,wstunnel} tunneling code in common in
> proxy_util. [Yann Ylavic]
>
> Modified: httpd/httpd/trunk/modules/md/md_acme.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/md/md_acme.c?rev=1869392&r1=1869391&r2=1869392&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/md/md_acme.c (original)
> +++ httpd/httpd/trunk/modules/md/md_acme.c Tue Nov 5 10:06:15 2019
> @@ -402,7 +402,7 @@ static apr_status_t md_acme_req_send(md_
> if (req->req_json) {
> body = apr_pcalloc(req->p, sizeof(*body));
> body->data = md_json_writep(req->req_json, req->p, MD_JSON_FMT_INDENT);
> - if (!body->data) {
> + if (!body) {
> rv = APR_EINVAL; goto leave;
This revert r1869018 that I committed on trunk a few days ago.
Not sure if my fix was correct, but in r1869018 this code was changed.
Before we were checking the result of 'md_json_writep()' stored in
'data', but now the retune valued is stored in 'body->data', so updating
the check accordingly makes sense to me.
Just my 2c.
CJ