From cvs-return-65175-archive-asf-public=cust-asf.ponee.io@httpd.apache.org Tue Mar 12 09:24:23 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 0F41D180600 for ; Tue, 12 Mar 2019 10:24:21 +0100 (CET) Received: (qmail 85719 invoked by uid 500); 12 Mar 2019 09:24:20 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 85710 invoked by uid 99); 12 Mar 2019 09:24:20 -0000 Received: from Unknown (HELO svn01-us-west.apache.org) (209.188.14.144) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 12 Mar 2019 09:24:20 +0000 Received: from svn01-us-west.apache.org (localhost [127.0.0.1]) by svn01-us-west.apache.org (ASF Mail Server at svn01-us-west.apache.org) with ESMTP id 19F9F3A0044 for ; Tue, 12 Mar 2019 09:24:19 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1855297 - /httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch Date: Tue, 12 Mar 2019 09:24:19 -0000 To: cvs@httpd.apache.org From: icing@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20190312092420.19F9F3A0044@svn01-us-west.apache.org> Author: icing Date: Tue Mar 12 09:24:19 2019 New Revision: 1855297 URL: http://svn.apache.org/viewvc?rev=1855297&view=rev Log: adding the lastest fix to the backport Modified: httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch Modified: httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch URL: http://svn.apache.org/viewvc/httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch?rev=1855297&r1=1855296&r2=1855297&view=diff ============================================================================== --- httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch (original) +++ httpd/httpd/patches/2.4.x/h2-mega-v1.14.1-backport-bugs-and-whistles.patch Tue Mar 12 09:24:19 2019 @@ -1,11 +1,15 @@ Index: CHANGES =================================================================== ---- CHANGES (revision 1854963) +--- CHANGES (revision 1855295) +++ CHANGES (working copy) -@@ -1,6 +1,44 @@ +@@ -1,6 +1,48 @@ -*- coding: utf-8 -*- Changes with Apache 2.4.39 ++ *) mod_http2: when SSL renegotiation is inhibited and a 403 ErrorDocument is ++ in play, the proper HTTP/2 stream reset did not trigger with H2_ERR_HTTP_1_1_REQUIRED. ++ Fixed. [Michael Kaufmann] ++ + *) mod_http2: new configuration directive: ```H2Padding numbits``` to control + padding of HTTP/2 payload frames. 'numbits' is a number from 0-8, + controlling the range of padding bytes added to a frame. The actual number @@ -49,7 +53,7 @@ Index: CHANGES Index: docs/manual/mod/mod_http2.xml =================================================================== ---- docs/manual/mod/mod_http2.xml (revision 1854963) +--- docs/manual/mod/mod_http2.xml (revision 1855295) +++ docs/manual/mod/mod_http2.xml (working copy) @@ -244,6 +244,8 @@ @@ -137,7 +141,7 @@ Index: docs/manual/mod/mod_http2.xml Index: modules/http2/config2.m4 =================================================================== ---- modules/http2/config2.m4 (revision 1854963) +--- modules/http2/config2.m4 (revision 1855295) +++ modules/http2/config2.m4 (working copy) @@ -31,7 +31,6 @@ h2_h2.lo dnl @@ -149,7 +153,7 @@ Index: modules/http2/config2.m4 h2_session.lo dnl Index: modules/http2/h2.h =================================================================== ---- modules/http2/h2.h (revision 1854963) +--- modules/http2/h2.h (revision 1855295) +++ modules/http2/h2.h (working copy) @@ -48,12 +48,12 @@ #define H2_HEADER_PATH_LEN 5 @@ -176,7 +180,7 @@ Index: modules/http2/h2.h #endif /* defined(__mod_h2__h2__) */ Index: modules/http2/h2_alt_svc.c =================================================================== ---- modules/http2/h2_alt_svc.c (revision 1854963) +--- modules/http2/h2_alt_svc.c (revision 1855295) +++ modules/http2/h2_alt_svc.c (working copy) @@ -75,7 +75,7 @@ @@ -220,7 +224,7 @@ Index: modules/http2/h2_alt_svc.c ahost = NULL; Index: modules/http2/h2_config.c =================================================================== ---- modules/http2/h2_config.c (revision 1854963) +--- modules/http2/h2_config.c (revision 1855295) +++ modules/http2/h2_config.c (working copy) @@ -42,6 +42,55 @@ #define H2_CONFIG_GET(a, b, n) \ @@ -1170,7 +1174,7 @@ Index: modules/http2/h2_config.c -} Index: modules/http2/h2_config.h =================================================================== ---- modules/http2/h2_config.h (revision 1854963) +--- modules/http2/h2_config.h (revision 1855295) +++ modules/http2/h2_config.h (working copy) @@ -42,6 +42,8 @@ H2_CONF_PUSH_DIARY_SIZE, @@ -1264,7 +1268,7 @@ Index: modules/http2/h2_config.h Index: modules/http2/h2_conn.c =================================================================== ---- modules/http2/h2_conn.c (revision 1854963) +--- modules/http2/h2_conn.c (revision 1855295) +++ modules/http2/h2_conn.c (working copy) @@ -18,6 +18,7 @@ #include @@ -1389,7 +1393,7 @@ Index: modules/http2/h2_conn.c Index: modules/http2/h2_conn.h =================================================================== ---- modules/http2/h2_conn.h (revision 1854963) +--- modules/http2/h2_conn.h (revision 1855295) +++ modules/http2/h2_conn.h (working copy) @@ -23,11 +23,11 @@ /** @@ -1420,7 +1424,7 @@ Index: modules/http2/h2_conn.h * The connection is about to close. If we have not send a GOAWAY Index: modules/http2/h2_conn_io.c =================================================================== ---- modules/http2/h2_conn_io.c (revision 1854963) +--- modules/http2/h2_conn_io.c (revision 1855295) +++ modules/http2/h2_conn_io.c (working copy) @@ -40,12 +40,17 @@ * ~= 1300 bytes */ @@ -1473,7 +1477,7 @@ Index: modules/http2/h2_conn_io.c WRITE_SIZE_INITIAL : WRITE_SIZE_MAX); Index: modules/http2/h2_conn_io.h =================================================================== ---- modules/http2/h2_conn_io.h (revision 1854963) +--- modules/http2/h2_conn_io.h (revision 1855295) +++ modules/http2/h2_conn_io.h (working copy) @@ -48,8 +48,7 @@ apr_size_t slen; @@ -1487,7 +1491,7 @@ Index: modules/http2/h2_conn_io.h * Append data to the buffered output. Index: modules/http2/h2_ctx.c =================================================================== ---- modules/http2/h2_ctx.c (revision 1854963) +--- modules/http2/h2_ctx.c (revision 1855295) +++ modules/http2/h2_ctx.c (working copy) @@ -29,8 +29,8 @@ { @@ -1552,7 +1556,7 @@ Index: modules/http2/h2_ctx.c -} Index: modules/http2/h2_ctx.h =================================================================== ---- modules/http2/h2_ctx.h (revision 1854963) +--- modules/http2/h2_ctx.h (revision 1855295) +++ modules/http2/h2_ctx.h (working copy) @@ -56,12 +56,11 @@ */ @@ -1585,7 +1589,7 @@ Index: modules/http2/h2_ctx.h #endif /* defined(__mod_h2__h2_ctx__) */ Index: modules/http2/h2_filter.c =================================================================== ---- modules/http2/h2_filter.c (revision 1854963) +--- modules/http2/h2_filter.c (revision 1855295) +++ modules/http2/h2_filter.c (working copy) @@ -54,6 +54,7 @@ const char *data; @@ -1701,7 +1705,7 @@ Index: modules/http2/h2_filter.c if ((status = ap_discard_request_body(r)) != OK) { Index: modules/http2/h2_from_h1.c =================================================================== ---- modules/http2/h2_from_h1.c (revision 1854963) +--- modules/http2/h2_from_h1.c (revision 1855295) +++ modules/http2/h2_from_h1.c (working copy) @@ -594,9 +594,9 @@ } @@ -1732,7 +1736,7 @@ Index: modules/http2/h2_from_h1.c } Index: modules/http2/h2_h2.c =================================================================== ---- modules/http2/h2_h2.c (revision 1854963) +--- modules/http2/h2_h2.c (revision 1855295) +++ modules/http2/h2_h2.c (working copy) @@ -463,12 +463,11 @@ return opt_ssl_is_https && opt_ssl_is_https(c); @@ -1927,7 +1931,7 @@ Index: modules/http2/h2_h2.c "h2_slave_out(%s): copy_files on", task->id); Index: modules/http2/h2_h2.h =================================================================== ---- modules/http2/h2_h2.h (revision 1854963) +--- modules/http2/h2_h2.h (revision 1855295) +++ modules/http2/h2_h2.h (working copy) @@ -57,23 +57,15 @@ * the handshake is still ongoing. @@ -1959,7 +1963,7 @@ Index: modules/http2/h2_h2.h #endif /* defined(__mod_h2__h2_h2__) */ Index: modules/http2/h2_headers.c =================================================================== ---- modules/http2/h2_headers.c (revision 1854963) +--- modules/http2/h2_headers.c (revision 1855295) +++ modules/http2/h2_headers.c (working copy) @@ -28,6 +28,7 @@ @@ -1969,7 +1973,34 @@ Index: modules/http2/h2_headers.c #include "h2_util.h" #include "h2_request.h" #include "h2_headers.h" -@@ -141,9 +142,11 @@ +@@ -128,22 +129,28 @@ + { + h2_headers *headers = h2_headers_create(status, header, r->notes, 0, pool); + if (headers->status == HTTP_FORBIDDEN) { +- const char *cause = apr_table_get(r->notes, "ssl-renegotiate-forbidden"); +- if (cause) { +- /* This request triggered a TLS renegotiation that is now allowed +- * in HTTP/2. Tell the client that it should use HTTP/1.1 for this. +- */ +- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, headers->status, r, +- APLOGNO(03061) +- "h2_headers(%ld): renegotiate forbidden, cause: %s", +- (long)r->connection->id, cause); +- headers->status = H2_ERR_HTTP_1_1_REQUIRED; ++ request_rec *r_prev; ++ for (r_prev = r; r_prev != NULL; r_prev = r_prev->prev) { ++ const char *cause = apr_table_get(r_prev->notes, "ssl-renegotiate-forbidden"); ++ if (cause) { ++ /* This request triggered a TLS renegotiation that is not allowed ++ * in HTTP/2. Tell the client that it should use HTTP/1.1 for this. ++ */ ++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, headers->status, r, ++ APLOGNO(03061) ++ "h2_headers(%ld): renegotiate forbidden, cause: %s", ++ (long)r->connection->id, cause); ++ headers->status = H2_ERR_HTTP_1_1_REQUIRED; ++ break; ++ } } } if (is_unsafe(r->server)) { @@ -1985,7 +2016,7 @@ Index: modules/http2/h2_headers.c Index: modules/http2/h2_mplx.c =================================================================== ---- modules/http2/h2_mplx.c (revision 1854963) +--- modules/http2/h2_mplx.c (revision 1855295) +++ modules/http2/h2_mplx.c (working copy) @@ -40,7 +40,6 @@ #include "h2_ctx.h" @@ -2397,7 +2428,7 @@ Index: modules/http2/h2_mplx.c Index: modules/http2/h2_mplx.h =================================================================== ---- modules/http2/h2_mplx.h (revision 1854963) +--- modules/http2/h2_mplx.h (revision 1855295) +++ modules/http2/h2_mplx.h (working copy) @@ -47,8 +47,6 @@ struct apr_thread_cond_t; @@ -2466,8 +2497,8 @@ Index: modules/http2/h2_mplx.h #endif /* defined(__mod_h2__h2_mplx__) */ Index: modules/http2/h2_ngn_shed.c =================================================================== ---- modules/http2/h2_ngn_shed.c (revision 1854963) -+++ modules/http2/h2_ngn_shed.c (nonexistent) +--- modules/http2/h2_ngn_shed.c (revision 1855295) ++++ modules/http2/h2_ngn_shed.c (working copy) @@ -1,392 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with @@ -2861,17 +2892,10 @@ Index: modules/http2/h2_ngn_shed.c - ap_assert(apr_hash_count(shed->ngns) == 0); -} - - -Property changes on: modules/http2/h2_ngn_shed.c -___________________________________________________________________ -Deleted: svn:eol-style -## -1 +0,0 ## --native -\ No newline at end of property Index: modules/http2/h2_ngn_shed.h =================================================================== ---- modules/http2/h2_ngn_shed.h (revision 1854963) -+++ modules/http2/h2_ngn_shed.h (nonexistent) +--- modules/http2/h2_ngn_shed.h (revision 1855295) ++++ modules/http2/h2_ngn_shed.h (working copy) @@ -1,79 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with @@ -2952,16 +2976,9 @@ Index: modules/http2/h2_ngn_shed.h - - -#endif /* h2_req_shed_h */ - -Property changes on: modules/http2/h2_ngn_shed.h -___________________________________________________________________ -Deleted: svn:eol-style -## -1 +0,0 ## --native -\ No newline at end of property Index: modules/http2/h2_proxy_session.c =================================================================== ---- modules/http2/h2_proxy_session.c (revision 1854963) +--- modules/http2/h2_proxy_session.c (revision 1855295) +++ modules/http2/h2_proxy_session.c (working copy) @@ -429,12 +429,6 @@ stream_id, NGHTTP2_STREAM_CLOSED); @@ -3047,7 +3064,7 @@ Index: modules/http2/h2_proxy_session.c - Index: modules/http2/h2_proxy_session.h =================================================================== ---- modules/http2/h2_proxy_session.h (revision 1854963) +--- modules/http2/h2_proxy_session.h (revision 1855295) +++ modules/http2/h2_proxy_session.h (working copy) @@ -120,9 +120,6 @@ @@ -3061,7 +3078,7 @@ Index: modules/http2/h2_proxy_session.h #endif /* h2_proxy_session_h */ Index: modules/http2/h2_request.c =================================================================== ---- modules/http2/h2_request.c (revision 1854963) +--- modules/http2/h2_request.c (revision 1855295) +++ modules/http2/h2_request.c (working copy) @@ -17,6 +17,7 @@ #include @@ -3146,7 +3163,7 @@ Index: modules/http2/h2_request.c + Index: modules/http2/h2_session.c =================================================================== ---- modules/http2/h2_session.c (revision 1854963) +--- modules/http2/h2_session.c (revision 1855295) +++ modules/http2/h2_session.c (working copy) @@ -495,9 +495,7 @@ return NGHTTP2_ERR_WOULDBLOCK; @@ -3394,7 +3411,7 @@ Index: modules/http2/h2_session.c h2_session_shutdown(session, Index: modules/http2/h2_session.h =================================================================== ---- modules/http2/h2_session.h (revision 1854963) +--- modules/http2/h2_session.h (revision 1855295) +++ modules/http2/h2_session.h (working copy) @@ -80,12 +80,13 @@ request_rec *r; /* the request that started this in case @@ -3443,7 +3460,7 @@ Index: modules/http2/h2_session.h Index: modules/http2/h2_stream.c =================================================================== ---- modules/http2/h2_stream.c (revision 1854963) +--- modules/http2/h2_stream.c (revision 1855295) +++ modules/http2/h2_stream.c (working copy) @@ -365,9 +365,8 @@ static void set_policy_for(h2_stream *stream, h2_request *r) @@ -3477,7 +3494,7 @@ Index: modules/http2/h2_stream.c return NULL; Index: modules/http2/h2_switch.c =================================================================== ---- modules/http2/h2_switch.c (revision 1854963) +--- modules/http2/h2_switch.c (revision 1855295) +++ modules/http2/h2_switch.c (working copy) @@ -55,7 +55,6 @@ int is_tls = h2_h2_is_tls(c); @@ -3536,7 +3553,7 @@ Index: modules/http2/h2_switch.c } Index: modules/http2/h2_task.c =================================================================== ---- modules/http2/h2_task.c (revision 1854963) +--- modules/http2/h2_task.c (revision 1855295) +++ modules/http2/h2_task.c (working copy) @@ -97,7 +97,7 @@ apr_brigade_length(bb, 0, &written); @@ -3724,7 +3741,7 @@ Index: modules/http2/h2_task.c -} Index: modules/http2/h2_task.h =================================================================== ---- modules/http2/h2_task.h (revision 1854963) +--- modules/http2/h2_task.h (revision 1855295) +++ modules/http2/h2_task.h (working copy) @@ -42,7 +42,6 @@ struct h2_conn; @@ -3766,7 +3783,7 @@ Index: modules/http2/h2_task.h #endif /* defined(__mod_h2__h2_task__) */ Index: modules/http2/h2_version.h =================================================================== ---- modules/http2/h2_version.h (revision 1854963) +--- modules/http2/h2_version.h (revision 1855295) +++ modules/http2/h2_version.h (working copy) @@ -27,7 +27,7 @@ * @macro @@ -3788,7 +3805,7 @@ Index: modules/http2/h2_version.h #endif /* mod_h2_h2_version_h */ Index: modules/http2/mod_http2.c =================================================================== ---- modules/http2/mod_http2.c (revision 1854963) +--- modules/http2/mod_http2.c (revision 1855295) +++ modules/http2/mod_http2.c (working copy) @@ -172,27 +172,6 @@ conn_rec *, request_rec *, char *name); @@ -3904,7 +3921,7 @@ Index: modules/http2/mod_http2.c for (i = 0; ctx && i < H2_ALEN(H2_VARS); ++i) { Index: modules/http2/mod_http2.h =================================================================== ---- modules/http2/mod_http2.h (revision 1854963) +--- modules/http2/mod_http2.h (revision 1855295) +++ modules/http2/mod_http2.h (working copy) @@ -30,22 +30,20 @@ @@ -3984,7 +4001,7 @@ Index: modules/http2/mod_http2.h #endif Index: modules/http2/mod_proxy_http2.c =================================================================== ---- modules/http2/mod_proxy_http2.c (revision 1854963) +--- modules/http2/mod_proxy_http2.c (revision 1855295) +++ modules/http2/mod_proxy_http2.c (working copy) @@ -16,6 +16,7 @@ @@ -4571,11 +4588,11 @@ Index: modules/http2/mod_proxy_http2.c APLOGNO(03377) "leaving handler"); Index: . =================================================================== ---- . (revision 1854963) +--- . (revision 1855295) +++ . (working copy) Property changes on: . ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## - Merged /httpd/httpd/trunk:r1849296,1852038,1852101,1852339,1853171,1853967,1854365,1854963-1854964 + Merged /httpd/httpd/trunk:r1855295