You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "Philip M. Gollucci" <pg...@p6m7g8.com> on 2011/05/18 19:34:39 UTC
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
> Modified: httpd/httpd/trunk/include/httpd.h
> URL:
http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=1082196&r1=1082195&r2=1082196&view=diff
>
==============================================================================
> --- httpd/httpd/trunk/include/httpd.h (original)
> +++ httpd/httpd/trunk/include/httpd.h Wed Mar 16 16:45:25 2011
> @@ -1496,7 +1496,7 @@ AP_DECLARE(int) ap_unescape_url(char *ur
> * @param url The url to unescape
> * @return 0 on success, non-zero otherwise
> */
> -AP_DECLARE(int) ap_unescape_url_keep2f(char *url);
> +AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes);
Did we mean to change a public API in a patch release ? .17 -> .18 ?
This has broken things in FreeBSD ports and is being reported a bit.
I see the mmn bump so you can detect it at least.
On 03/16/11 16:45, poirier@apache.org wrote:
> Author: poirier
> Date: Wed Mar 16 16:45:25 2011
> New Revision: 1082196
>
> URL: http://svn.apache.org/viewvc?rev=1082196&view=rev
> Log:
> core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
> in request URL path info but not decode them. Change behavior of option
> "On" to decode the encoded slashes as 2.0 and 2.2 do. PR 35256,
> PR 46830.
>
>
> Modified:
> httpd/httpd/trunk/CHANGES
> httpd/httpd/trunk/docs/manual/mod/core.xml
> httpd/httpd/trunk/include/ap_mmn.h
> httpd/httpd/trunk/include/http_core.h
> httpd/httpd/trunk/include/httpd.h
> httpd/httpd/trunk/server/core.c
> httpd/httpd/trunk/server/request.c
> httpd/httpd/trunk/server/util.c
>
> Modified: httpd/httpd/trunk/CHANGES
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1082196&r1=1082195&r2=1082196&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/CHANGES [utf-8] (original)
> +++ httpd/httpd/trunk/CHANGES [utf-8] Wed Mar 16 16:45:25 2011
> @@ -2,6 +2,11 @@
>
> Changes with Apache 2.3.12
>
> + *) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
> + in request URL path info but not decode them. Change behavior of option
> + "On" to decode the encoded slashes as 2.0 and 2.2 do. PR 35256,
> + PR 46830. [Dan Poirier]
> +
> *) mod_ssl: Check SNI hostname against Host header case-insensitively.
> PR 49491. [Mayank Agrawal <magrawal.08 gmail.com>]
>
>
> Modified: httpd/httpd/trunk/include/ap_mmn.h
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/ap_mmn.h?rev=1082196&r1=1082195&r2=1082196&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/include/ap_mmn.h (original)
> +++ httpd/httpd/trunk/include/ap_mmn.h Wed Mar 16 16:45:25 2011
> @@ -306,6 +306,7 @@
> util_ldap_state_t.connectionPoolTTL,
> util_ldap_connection_t.freed, and
> util_ldap_connection_t.rebind_pool.
> + * 20110312.1 (2.3.12-dev) Add core_dir_config.decode_encoded_slashes.
> */
>
> #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
> @@ -313,7 +314,7 @@
> #ifndef MODULE_MAGIC_NUMBER_MAJOR
> #define MODULE_MAGIC_NUMBER_MAJOR 20110312
> #endif
> -#define MODULE_MAGIC_NUMBER_MINOR 0 /* 0...n */
> +#define MODULE_MAGIC_NUMBER_MINOR 1 /* 0...n */
>
> /**
> * Determine if the server's current MODULE_MAGIC_NUMBER is at least a
>
> Modified: httpd/httpd/trunk/include/http_core.h
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/http_core.h?rev=1082196&r1=1082195&r2=1082196&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/include/http_core.h (original)
> +++ httpd/httpd/trunk/include/http_core.h Wed Mar 16 16:45:25 2011
> @@ -540,6 +540,8 @@ typedef struct {
>
> /** per-dir log config */
> struct ap_logconf *log;
> +
> + unsigned int decode_encoded_slashes : 1; /* whether to decode encoded slashes in URLs */
> } core_dir_config;
>
> /* macro to implement off by default behaviour */
>
--
------------------------------------------------------------------------
1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C
Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354
Member, Apache Software Foundation
Committer, FreeBSD Foundation
Consultant, P6M7G8 Inc.
Sr. System Admin, Ridecharge Inc.
Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by "Wijn.org" <wi...@mac.com>.
Hi, I found this in my Apple Spambox
Met vriendelijke groet,
Gilbert van Houten
Wijn.org
Woerden
info@wijn.org
T 0348-483838
0622-488964
http://shop.wijn.org
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
Posted by "Philip M. Gollucci" <pg...@p6m7g8.com>.
On 05/18/11 18:29, Eric Covener wrote:
>> AP_DECLARE(int) ap_unescape_url_keep2f(char *url)
>> {
>> return ap_unescape_url_keep2f(url,1);
>> }
>
> Duh, not in C.
>
LOL I was reading that and was wondering how long I'd wait for this email.
--
------------------------------------------------------------------------
1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C
Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354
Member, Apache Software Foundation
Committer, FreeBSD Foundation
Consultant, P6M7G8 Inc.
Sr. System Admin, Ridecharge Inc.
Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by Eric Covener <co...@gmail.com>.
On Wed, May 18, 2011 at 2:29 PM, Eric Covener <co...@gmail.com> wrote:
>> AP_DECLARE(int) ap_unescape_url_keep2f(char *url)
>> {
>> return ap_unescape_url_keep2f(url,1);
>> }
>
> Duh, not in C.
>
http://people.apache.org/~covener/patches/httpd-2.2.x-fix_keep2f.diff
lets us still use the new AllowEncodedSlashes directive and call the
new method? For trunk it might be nice to leave it as-is and make
callers explicitly say what happens to the encoded slashes.
(plus another minor bump I guess -- on conference calls all day)
--
Eric Covener
covener@gmail.com
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
On 5/18/2011 9:01 PM, Eric Covener wrote:
>
> Please don't notify the rest of the mailing list about this.
Please ignore the spam; moderators already nuked the subscription.
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by Eric Covener <co...@gmail.com>.
On Wed, May 18, 2011 at 8:04 PM, Wijn.org <wi...@mac.com> wrote:
> Hi, I found this in my Apple spambox
Please don't notify the rest of the mailing list about this.
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by "Wijn.org" <wi...@mac.com>.
Hi, I found this in my Apple spambox
Met vriendelijke groet,
Gilbert van Houten
Wijn.org
Woerden
info@wijn.org
T 0348-483838
0622-488964
http://shop.wijn.org
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
On 5/18/2011 1:53 PM, Eric Covener wrote:
> emails crossed and I got a 15-minute conference call reprieve. w/
> minor MMN bump:
>
> http://people.apache.org/~covener/patches/httpd-2.2.x-fix_keep2f-2.diff
>
"and is superceded." -- did you mean retracted?
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by Jeff Trawick <tr...@gmail.com>.
On Wed, May 18, 2011 at 4:51 PM, William A. Rowe Jr.
<wr...@rowe-clan.net> wrote:
> On 5/18/2011 1:53 PM, Eric Covener wrote:
>> emails crossed and I got a 15-minute conference call reprieve. w/
>> minor MMN bump:
>>
>> http://people.apache.org/~covener/patches/httpd-2.2.x-fix_keep2f-2.diff
>
> return ap_unescape_url_keep2f_ex(url,1); could be better formatted
> (consistent indentation and space between args), and note my other comment
> on wordsmithing the ap_mmn file.
>
> otherwise +1 from me for this to be committed to 2.2.x branch.
same comment from me on the spacing
needs something like "BROKEN ABI -- fixed in 2.2.19" instead of "superceded"
otherwise +1
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
On 5/18/2011 1:53 PM, Eric Covener wrote:
> emails crossed and I got a 15-minute conference call reprieve. w/
> minor MMN bump:
>
> http://people.apache.org/~covener/patches/httpd-2.2.x-fix_keep2f-2.diff
return ap_unescape_url_keep2f_ex(url,1); could be better formatted
(consistent indentation and space between args), and note my other comment
on wordsmithing the ap_mmn file.
otherwise +1 from me for this to be committed to 2.2.x branch.
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by Eric Covener <co...@gmail.com>.
emails crossed and I got a 15-minute conference call reprieve. w/
minor MMN bump:
http://people.apache.org/~covener/patches/httpd-2.2.x-fix_keep2f-2.diff
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
On 5/18/2011 1:29 PM, Eric Covener wrote:
>> AP_DECLARE(int) ap_unescape_url_keep2f(char *url)
>> {
>> return ap_unescape_url_keep2f(url,1);
>> }
>
> Duh, not in C.
Nope :)
AP_DECLARE(int) ap_unescape_url_keep2f_ex(char *url, int decode_slashes);
AP_DECLARE(int) ap_unescape_url_keep2f(char *url);
AP_DECLARE(int) ap_unescape_url_keep2f(char *url)
{
return ap_unescape_url_keep2f_ex(url, 1);
}
You will also need an MMN bump, and should MARK the known-bad MMN as broken
in the MMN revision list.
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by Eric Covener <co...@gmail.com>.
> AP_DECLARE(int) ap_unescape_url_keep2f(char *url)
> {
> return ap_unescape_url_keep2f(url,1);
> }
Duh, not in C.
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by Eric Covener <co...@gmail.com>.
On Wed, May 18, 2011 at 2:06 PM, Eric Covener <co...@gmail.com> wrote:
> On Wed, May 18, 2011 at 2:04 PM, William A. Rowe Jr. <wr...@apache.org> wrote:
>> On 5/18/2011 12:34 PM, Philip M. Gollucci wrote:
>>>> Modified: httpd/httpd/trunk/include/httpd.h
>>>> URL:
>>> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=1082196&r1=1082195&r2=1082196&view=diff
>>>>
>>> ==============================================================================
>>>> --- httpd/httpd/trunk/include/httpd.h (original)
>>>> +++ httpd/httpd/trunk/include/httpd.h Wed Mar 16 16:45:25 2011
>>>> @@ -1496,7 +1496,7 @@ AP_DECLARE(int) ap_unescape_url(char *ur
>>>> * @param url The url to unescape
>>>> * @return 0 on success, non-zero otherwise
>>>> */
>>>> -AP_DECLARE(int) ap_unescape_url_keep2f(char *url);
>>>> +AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes);
>>>
>>> Did we mean to change a public API in a patch release ? .17 -> .18 ?
>>> This has broken things in FreeBSD ports and is being reported a bit.
>>> I see the mmn bump so you can detect it at least.
>>
>> If this was backported, that's bad. We proclaim binary compatibility within any
>> stable sub-rev release. Sorry that I did not catch this.
>>
>> http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/include/httpd.h?r1=1076611&r2=1082630
>>
>> I suggest we revert in 2.2.19 and consider this .18 an aberration/broken release.
>> I would offer to tag and roll today. Those who wish to work around it, may, but
>> a quick reaction would allow folks to avoid it.
>>
>> Other thoughts?
>
> Missed this in review. Seems we could add the old signature back in
> and grab the setting from the core dir_config instead of reverting the
> entire thing? (util.s already defines CORE_PRIVATE)
>
Actually not even this much, since the old caller of "keep2f" always
decoded. Can we resolve with just e.g.:
AP_DECLARE(int) ap_unescape_url_keep2f(char *url)
{
return ap_unescape_url_keep2f(url,1);
}
?
--
Eric Covener
covener@gmail.com
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by "Wijn.org" <wi...@mac.com>.
Hi, I found this in my Apple Spambox
Met vriendelijke groet,
Gilbert van Houten
Wijn.org
Woerden
info@wijn.org
T 0348-483838
0622-488964
http://shop.wijn.org
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
On 5/18/2011 1:06 PM, Eric Covener wrote:
> On Wed, May 18, 2011 at 2:04 PM, William A. Rowe Jr. <wr...@apache.org> wrote:
>> On 5/18/2011 12:34 PM, Philip M. Gollucci wrote:
>>>> Modified: httpd/httpd/trunk/include/httpd.h
>>>> URL:
>>> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=1082196&r1=1082195&r2=1082196&view=diff
>>>>
>>> ==============================================================================
>>>> --- httpd/httpd/trunk/include/httpd.h (original)
>>>> +++ httpd/httpd/trunk/include/httpd.h Wed Mar 16 16:45:25 2011
>>>> @@ -1496,7 +1496,7 @@ AP_DECLARE(int) ap_unescape_url(char *ur
>>>> * @param url The url to unescape
>>>> * @return 0 on success, non-zero otherwise
>>>> */
>>>> -AP_DECLARE(int) ap_unescape_url_keep2f(char *url);
>>>> +AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes);
>>>
>>> Did we mean to change a public API in a patch release ? .17 -> .18 ?
>>> This has broken things in FreeBSD ports and is being reported a bit.
>>> I see the mmn bump so you can detect it at least.
>>
>> If this was backported, that's bad. We proclaim binary compatibility within any
>> stable sub-rev release. Sorry that I did not catch this.
>>
>> http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/include/httpd.h?r1=1076611&r2=1082630
>>
>> I suggest we revert in 2.2.19 and consider this .18 an aberration/broken release.
>> I would offer to tag and roll today. Those who wish to work around it, may, but
>> a quick reaction would allow folks to avoid it.
>>
>> Other thoughts?
>
> Missed this in review. Seems we could add the old signature back in
> and grab the setting from the core dir_config instead of reverting the
> entire thing? (util.s already defines CORE_PRIVATE)
Patches welcome...
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES
docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h include/httpd.h
server/core.c server/request.c server/util.c
Posted by Eric Covener <co...@gmail.com>.
On Wed, May 18, 2011 at 2:04 PM, William A. Rowe Jr. <wr...@apache.org> wrote:
> On 5/18/2011 12:34 PM, Philip M. Gollucci wrote:
>>> Modified: httpd/httpd/trunk/include/httpd.h
>>> URL:
>> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=1082196&r1=1082195&r2=1082196&view=diff
>>>
>> ==============================================================================
>>> --- httpd/httpd/trunk/include/httpd.h (original)
>>> +++ httpd/httpd/trunk/include/httpd.h Wed Mar 16 16:45:25 2011
>>> @@ -1496,7 +1496,7 @@ AP_DECLARE(int) ap_unescape_url(char *ur
>>> * @param url The url to unescape
>>> * @return 0 on success, non-zero otherwise
>>> */
>>> -AP_DECLARE(int) ap_unescape_url_keep2f(char *url);
>>> +AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes);
>>
>> Did we mean to change a public API in a patch release ? .17 -> .18 ?
>> This has broken things in FreeBSD ports and is being reported a bit.
>> I see the mmn bump so you can detect it at least.
>
> If this was backported, that's bad. We proclaim binary compatibility within any
> stable sub-rev release. Sorry that I did not catch this.
>
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/include/httpd.h?r1=1076611&r2=1082630
>
> I suggest we revert in 2.2.19 and consider this .18 an aberration/broken release.
> I would offer to tag and roll today. Those who wish to work around it, may, but
> a quick reaction would allow folks to avoid it.
>
> Other thoughts?
Missed this in review. Seems we could add the old signature back in
and grab the setting from the core dir_config instead of reverting the
entire thing? (util.s already defines CORE_PRIVATE)
Re: svn commit: r1082196 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/core.xml
include/ap_mmn.h include/http_core.h include/httpd.h server/core.c server/request.c
server/util.c
Posted by "William A. Rowe Jr." <wr...@apache.org>.
On 5/18/2011 12:34 PM, Philip M. Gollucci wrote:
>> Modified: httpd/httpd/trunk/include/httpd.h
>> URL:
> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=1082196&r1=1082195&r2=1082196&view=diff
>>
> ==============================================================================
>> --- httpd/httpd/trunk/include/httpd.h (original)
>> +++ httpd/httpd/trunk/include/httpd.h Wed Mar 16 16:45:25 2011
>> @@ -1496,7 +1496,7 @@ AP_DECLARE(int) ap_unescape_url(char *ur
>> * @param url The url to unescape
>> * @return 0 on success, non-zero otherwise
>> */
>> -AP_DECLARE(int) ap_unescape_url_keep2f(char *url);
>> +AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes);
>
> Did we mean to change a public API in a patch release ? .17 -> .18 ?
> This has broken things in FreeBSD ports and is being reported a bit.
> I see the mmn bump so you can detect it at least.
If this was backported, that's bad. We proclaim binary compatibility within any
stable sub-rev release. Sorry that I did not catch this.
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/include/httpd.h?r1=1076611&r2=1082630
I suggest we revert in 2.2.19 and consider this .18 an aberration/broken release.
I would offer to tag and roll today. Those who wish to work around it, may, but
a quick reaction would allow folks to avoid it.
Other thoughts?