You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ic...@apache.org on 2019/03/12 09:24:19 UTC
svn commit: r1855297 -
/httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch
Author: icing
Date: Tue Mar 12 09:24:19 2019
New Revision: 1855297
URL: http://svn.apache.org/viewvc?rev=1855297&view=rev
Log:
adding the lastest fix to the backport
Modified:
httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch
Modified: httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch
URL: http://svn.apache.org/viewvc/httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch?rev=1855297&r1=1855296&r2=1855297&view=diff
==============================================================================
--- httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch (original)
+++ httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch Tue Mar 12 09:24:19 2019
@@ -1,11 +1,15 @@
Index: CHANGES
===================================================================
---- CHANGES (revision 1854963)
+--- CHANGES (revision 1855295)
+++ CHANGES (working copy)
-@@ -1,6 +1,44 @@
+@@ -1,6 +1,48 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.39
++ *) mod_http2: when SSL renegotiation is inhibited and a 403 ErrorDocument is
++ in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED.
++ Fixed. [Michael Kaufmann]
++
+ *) mod_http2: new configuration directive: ```H2Padding numbits``` to control
+ padding of HTTP/2 payload frames. 'numbits' is a number from 0-8,
+ controlling the range of padding bytes added to a frame. The actual number
@@ -49,7 +53,7 @@ Index: CHANGES
Index: docs/manual/mod/mod_http2.xml
===================================================================
---- docs/manual/mod/mod_http2.xml (revision 1854963)
+--- docs/manual/mod/mod_http2.xml (revision 1855295)
+++ docs/manual/mod/mod_http2.xml (working copy)
@@ -244,6 +244,8 @@
<contextlist>
@@ -137,7 +141,7 @@ Index: docs/manual/mod/mod_http2.xml
</modulesynopsis>
Index: modules/http2/config2.m4
===================================================================
---- modules/http2/config2.m4 (revision 1854963)
+--- modules/http2/config2.m4 (revision 1855295)
+++ modules/http2/config2.m4 (working copy)
@@ -31,7 +31,6 @@
h2_h2.lo dnl
@@ -149,7 +153,7 @@ Index: modules/http2/config2.m4
h2_session.lo dnl
Index: modules/http2/h2.h
===================================================================
---- modules/http2/h2.h (revision 1854963)
+--- modules/http2/h2.h (revision 1855295)
+++ modules/http2/h2.h (working copy)
@@ -48,12 +48,12 @@
#define H2_HEADER_PATH_LEN 5
@@ -176,7 +180,7 @@ Index: modules/http2/h2.h
#endif /* defined(__mod_h2__h2__) */
Index: modules/http2/h2_alt_svc.c
===================================================================
---- modules/http2/h2_alt_svc.c (revision 1854963)
+--- modules/http2/h2_alt_svc.c (revision 1855295)
+++ modules/http2/h2_alt_svc.c (working copy)
@@ -75,7 +75,7 @@
@@ -220,7 +224,7 @@ Index: modules/http2/h2_alt_svc.c
ahost = NULL;
Index: modules/http2/h2_config.c
===================================================================
---- modules/http2/h2_config.c (revision 1854963)
+--- modules/http2/h2_config.c (revision 1855295)
+++ modules/http2/h2_config.c (working copy)
@@ -42,6 +42,55 @@
#define H2_CONFIG_GET(a, b, n) \
@@ -1170,7 +1174,7 @@ Index: modules/http2/h2_config.c
-}
Index: modules/http2/h2_config.h
===================================================================
---- modules/http2/h2_config.h (revision 1854963)
+--- modules/http2/h2_config.h (revision 1855295)
+++ modules/http2/h2_config.h (working copy)
@@ -42,6 +42,8 @@
H2_CONF_PUSH_DIARY_SIZE,
@@ -1264,7 +1268,7 @@ Index: modules/http2/h2_config.h
Index: modules/http2/h2_conn.c
===================================================================
---- modules/http2/h2_conn.c (revision 1854963)
+--- modules/http2/h2_conn.c (revision 1855295)
+++ modules/http2/h2_conn.c (working copy)
@@ -18,6 +18,7 @@
#include <apr_strings.h>
@@ -1389,7 +1393,7 @@ Index: modules/http2/h2_conn.c
Index: modules/http2/h2_conn.h
===================================================================
---- modules/http2/h2_conn.h (revision 1854963)
+--- modules/http2/h2_conn.h (revision 1855295)
+++ modules/http2/h2_conn.h (working copy)
@@ -23,11 +23,11 @@
/**
@@ -1420,7 +1424,7 @@ Index: modules/http2/h2_conn.h
* The connection is about to close. If we have not send a GOAWAY
Index: modules/http2/h2_conn_io.c
===================================================================
---- modules/http2/h2_conn_io.c (revision 1854963)
+--- modules/http2/h2_conn_io.c (revision 1855295)
+++ modules/http2/h2_conn_io.c (working copy)
@@ -40,12 +40,17 @@
* ~= 1300 bytes */
@@ -1473,7 +1477,7 @@ Index: modules/http2/h2_conn_io.c
WRITE_SIZE_INITIAL : WRITE_SIZE_MAX);
Index: modules/http2/h2_conn_io.h
===================================================================
---- modules/http2/h2_conn_io.h (revision 1854963)
+--- modules/http2/h2_conn_io.h (revision 1855295)
+++ modules/http2/h2_conn_io.h (working copy)
@@ -48,8 +48,7 @@
apr_size_t slen;
@@ -1487,7 +1491,7 @@ Index: modules/http2/h2_conn_io.h
* Append data to the buffered output.
Index: modules/http2/h2_ctx.c
===================================================================
---- modules/http2/h2_ctx.c (revision 1854963)
+--- modules/http2/h2_ctx.c (revision 1855295)
+++ modules/http2/h2_ctx.c (working copy)
@@ -29,8 +29,8 @@
{
@@ -1552,7 +1556,7 @@ Index: modules/http2/h2_ctx.c
-}
Index: modules/http2/h2_ctx.h
===================================================================
---- modules/http2/h2_ctx.h (revision 1854963)
+--- modules/http2/h2_ctx.h (revision 1855295)
+++ modules/http2/h2_ctx.h (working copy)
@@ -56,12 +56,11 @@
*/
@@ -1585,7 +1589,7 @@ Index: modules/http2/h2_ctx.h
#endif /* defined(__mod_h2__h2_ctx__) */
Index: modules/http2/h2_filter.c
===================================================================
---- modules/http2/h2_filter.c (revision 1854963)
+--- modules/http2/h2_filter.c (revision 1855295)
+++ modules/http2/h2_filter.c (working copy)
@@ -54,6 +54,7 @@
const char *data;
@@ -1701,7 +1705,7 @@ Index: modules/http2/h2_filter.c
if ((status = ap_discard_request_body(r)) != OK) {
Index: modules/http2/h2_from_h1.c
===================================================================
---- modules/http2/h2_from_h1.c (revision 1854963)
+--- modules/http2/h2_from_h1.c (revision 1855295)
+++ modules/http2/h2_from_h1.c (working copy)
@@ -594,9 +594,9 @@
}
@@ -1732,7 +1736,7 @@ Index: modules/http2/h2_from_h1.c
}
Index: modules/http2/h2_h2.c
===================================================================
---- modules/http2/h2_h2.c (revision 1854963)
+--- modules/http2/h2_h2.c (revision 1855295)
+++ modules/http2/h2_h2.c (working copy)
@@ -463,12 +463,11 @@
return opt_ssl_is_https && opt_ssl_is_https(c);
@@ -1927,7 +1931,7 @@ Index: modules/http2/h2_h2.c
"h2_slave_out(%s): copy_files on", task->id);
Index: modules/http2/h2_h2.h
===================================================================
---- modules/http2/h2_h2.h (revision 1854963)
+--- modules/http2/h2_h2.h (revision 1855295)
+++ modules/http2/h2_h2.h (working copy)
@@ -57,23 +57,15 @@
* the handshake is still ongoing.
@@ -1959,7 +1963,7 @@ Index: modules/http2/h2_h2.h
#endif /* defined(__mod_h2__h2_h2__) */
Index: modules/http2/h2_headers.c
===================================================================
---- modules/http2/h2_headers.c (revision 1854963)
+--- modules/http2/h2_headers.c (revision 1855295)
+++ modules/http2/h2_headers.c (working copy)
@@ -28,6 +28,7 @@
@@ -1969,7 +1973,34 @@ Index: modules/http2/h2_headers.c
#include "h2_util.h"
#include "h2_request.h"
#include "h2_headers.h"
-@@ -141,9 +142,11 @@
+@@ -128,22 +129,28 @@
+ {
+ h2_headers *headers = h2_headers_create(status, header, r->notes, 0, pool);
+ if (headers->status == HTTP_FORBIDDEN) {
+- const char *cause = apr_table_get(r->notes, "ssl-renegotiate-forbidden");
+- if (cause) {
+- /* This request triggered a TLS renegotiation that is now allowed
+- * in HTTP/2. Tell the client that it should use HTTP/1.1 for this.
+- */
+- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, headers->status, r,
+- APLOGNO(03061)
+- "h2_headers(%ld): renegotiate forbidden, cause: %s",
+- (long)r->connection->id, cause);
+- headers->status = H2_ERR_HTTP_1_1_REQUIRED;
++ request_rec *r_prev;
++ for (r_prev = r; r_prev != NULL; r_prev = r_prev->prev) {
++ const char *cause = apr_table_get(r_prev->notes, "ssl-renegotiate-forbidden");
++ if (cause) {
++ /* This request triggered a TLS renegotiation that is not allowed
++ * in HTTP/2. Tell the client that it should use HTTP/1.1 for this.
++ */
++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, headers->status, r,
++ APLOGNO(03061)
++ "h2_headers(%ld): renegotiate forbidden, cause: %s",
++ (long)r->connection->id, cause);
++ headers->status = H2_ERR_HTTP_1_1_REQUIRED;
++ break;
++ }
}
}
if (is_unsafe(r->server)) {
@@ -1985,7 +2016,7 @@ Index: modules/http2/h2_headers.c
Index: modules/http2/h2_mplx.c
===================================================================
---- modules/http2/h2_mplx.c (revision 1854963)
+--- modules/http2/h2_mplx.c (revision 1855295)
+++ modules/http2/h2_mplx.c (working copy)
@@ -40,7 +40,6 @@
#include "h2_ctx.h"
@@ -2397,7 +2428,7 @@ Index: modules/http2/h2_mplx.c
Index: modules/http2/h2_mplx.h
===================================================================
---- modules/http2/h2_mplx.h (revision 1854963)
+--- modules/http2/h2_mplx.h (revision 1855295)
+++ modules/http2/h2_mplx.h (working copy)
@@ -47,8 +47,6 @@
struct apr_thread_cond_t;
@@ -2466,8 +2497,8 @@ Index: modules/http2/h2_mplx.h
#endif /* defined(__mod_h2__h2_mplx__) */
Index: modules/http2/h2_ngn_shed.c
===================================================================
---- modules/http2/h2_ngn_shed.c (revision 1854963)
-+++ modules/http2/h2_ngn_shed.c (nonexistent)
+--- modules/http2/h2_ngn_shed.c (revision 1855295)
++++ modules/http2/h2_ngn_shed.c (working copy)
@@ -1,392 +0,0 @@
-/* Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
@@ -2861,17 +2892,10 @@ Index: modules/http2/h2_ngn_shed.c
- ap_assert(apr_hash_count(shed->ngns) == 0);
-}
-
-
-Property changes on: modules/http2/h2_ngn_shed.c
-___________________________________________________________________
-Deleted: svn:eol-style
-## -1 +0,0 ##
--native
-\ No newline at end of property
Index: modules/http2/h2_ngn_shed.h
===================================================================
---- modules/http2/h2_ngn_shed.h (revision 1854963)
-+++ modules/http2/h2_ngn_shed.h (nonexistent)
+--- modules/http2/h2_ngn_shed.h (revision 1855295)
++++ modules/http2/h2_ngn_shed.h (working copy)
@@ -1,79 +0,0 @@
-/* Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
@@ -2952,16 +2976,9 @@ Index: modules/http2/h2_ngn_shed.h
-
-
-#endif /* h2_req_shed_h */
-
-Property changes on: modules/http2/h2_ngn_shed.h
-___________________________________________________________________
-Deleted: svn:eol-style
-## -1 +0,0 ##
--native
-\ No newline at end of property
Index: modules/http2/h2_proxy_session.c
===================================================================
---- modules/http2/h2_proxy_session.c (revision 1854963)
+--- modules/http2/h2_proxy_session.c (revision 1855295)
+++ modules/http2/h2_proxy_session.c (working copy)
@@ -429,12 +429,6 @@
stream_id, NGHTTP2_STREAM_CLOSED);
@@ -3047,7 +3064,7 @@ Index: modules/http2/h2_proxy_session.c
-
Index: modules/http2/h2_proxy_session.h
===================================================================
---- modules/http2/h2_proxy_session.h (revision 1854963)
+--- modules/http2/h2_proxy_session.h (revision 1855295)
+++ modules/http2/h2_proxy_session.h (working copy)
@@ -120,9 +120,6 @@
@@ -3061,7 +3078,7 @@ Index: modules/http2/h2_proxy_session.h
#endif /* h2_proxy_session_h */
Index: modules/http2/h2_request.c
===================================================================
---- modules/http2/h2_request.c (revision 1854963)
+--- modules/http2/h2_request.c (revision 1855295)
+++ modules/http2/h2_request.c (working copy)
@@ -17,6 +17,7 @@
#include <assert.h>
@@ -3146,7 +3163,7 @@ Index: modules/http2/h2_request.c
+
Index: modules/http2/h2_session.c
===================================================================
---- modules/http2/h2_session.c (revision 1854963)
+--- modules/http2/h2_session.c (revision 1855295)
+++ modules/http2/h2_session.c (working copy)
@@ -495,9 +495,7 @@
return NGHTTP2_ERR_WOULDBLOCK;
@@ -3394,7 +3411,7 @@ Index: modules/http2/h2_session.c
h2_session_shutdown(session,
Index: modules/http2/h2_session.h
===================================================================
---- modules/http2/h2_session.h (revision 1854963)
+--- modules/http2/h2_session.h (revision 1855295)
+++ modules/http2/h2_session.h (working copy)
@@ -80,12 +80,13 @@
request_rec *r; /* the request that started this in case
@@ -3443,7 +3460,7 @@ Index: modules/http2/h2_session.h
Index: modules/http2/h2_stream.c
===================================================================
---- modules/http2/h2_stream.c (revision 1854963)
+--- modules/http2/h2_stream.c (revision 1855295)
+++ modules/http2/h2_stream.c (working copy)
@@ -365,9 +365,8 @@
static void set_policy_for(h2_stream *stream, h2_request *r)
@@ -3477,7 +3494,7 @@ Index: modules/http2/h2_stream.c
return NULL;
Index: modules/http2/h2_switch.c
===================================================================
---- modules/http2/h2_switch.c (revision 1854963)
+--- modules/http2/h2_switch.c (revision 1855295)
+++ modules/http2/h2_switch.c (working copy)
@@ -55,7 +55,6 @@
int is_tls = h2_h2_is_tls(c);
@@ -3536,7 +3553,7 @@ Index: modules/http2/h2_switch.c
}
Index: modules/http2/h2_task.c
===================================================================
---- modules/http2/h2_task.c (revision 1854963)
+--- modules/http2/h2_task.c (revision 1855295)
+++ modules/http2/h2_task.c (working copy)
@@ -97,7 +97,7 @@
apr_brigade_length(bb, 0, &written);
@@ -3724,7 +3741,7 @@ Index: modules/http2/h2_task.c
-}
Index: modules/http2/h2_task.h
===================================================================
---- modules/http2/h2_task.h (revision 1854963)
+--- modules/http2/h2_task.h (revision 1855295)
+++ modules/http2/h2_task.h (working copy)
@@ -42,7 +42,6 @@
struct h2_conn;
@@ -3766,7 +3783,7 @@ Index: modules/http2/h2_task.h
#endif /* defined(__mod_h2__h2_task__) */
Index: modules/http2/h2_version.h
===================================================================
---- modules/http2/h2_version.h (revision 1854963)
+--- modules/http2/h2_version.h (revision 1855295)
+++ modules/http2/h2_version.h (working copy)
@@ -27,7 +27,7 @@
* @macro
@@ -3788,7 +3805,7 @@ Index: modules/http2/h2_version.h
#endif /* mod_h2_h2_version_h */
Index: modules/http2/mod_http2.c
===================================================================
---- modules/http2/mod_http2.c (revision 1854963)
+--- modules/http2/mod_http2.c (revision 1855295)
+++ modules/http2/mod_http2.c (working copy)
@@ -172,27 +172,6 @@
conn_rec *, request_rec *, char *name);
@@ -3904,7 +3921,7 @@ Index: modules/http2/mod_http2.c
for (i = 0; ctx && i < H2_ALEN(H2_VARS); ++i) {
Index: modules/http2/mod_http2.h
===================================================================
---- modules/http2/mod_http2.h (revision 1854963)
+--- modules/http2/mod_http2.h (revision 1855295)
+++ modules/http2/mod_http2.h (working copy)
@@ -30,22 +30,20 @@
@@ -3984,7 +4001,7 @@ Index: modules/http2/mod_http2.h
#endif
Index: modules/http2/mod_proxy_http2.c
===================================================================
---- modules/http2/mod_proxy_http2.c (revision 1854963)
+--- modules/http2/mod_proxy_http2.c (revision 1855295)
+++ modules/http2/mod_proxy_http2.c (working copy)
@@ -16,6 +16,7 @@
@@ -4571,11 +4588,11 @@ Index: modules/http2/mod_proxy_http2.c
APLOGNO(03377) "leaving handler");
Index: .
===================================================================
---- . (revision 1854963)
+--- . (revision 1855295)
+++ . (working copy)
Property changes on: .
___________________________________________________________________
Modified: svn:mergeinfo
## -0,0 +0,1 ##
- Merged /httpd/httpd/trunk:r1849296,1852038,1852101,1852339,1853171,1853967,1854365,1854963-1854964
+ Merged /httpd/httpd/trunk:r1855295