head 1.12; access; symbols pkgsrc-2014Q1:1.11.0.54 pkgsrc-2014Q1-base:1.11 pkgsrc-2013Q4:1.11.0.52 pkgsrc-2013Q4-base:1.11 pkgsrc-2013Q3:1.11.0.50 pkgsrc-2013Q3-base:1.11 pkgsrc-2013Q2:1.11.0.48 pkgsrc-2013Q2-base:1.11 pkgsrc-2013Q1:1.11.0.46 pkgsrc-2013Q1-base:1.11 pkgsrc-2012Q4:1.11.0.44 pkgsrc-2012Q4-base:1.11 pkgsrc-2012Q3:1.11.0.42 pkgsrc-2012Q3-base:1.11 pkgsrc-2012Q2:1.11.0.40 pkgsrc-2012Q2-base:1.11 pkgsrc-2012Q1:1.11.0.38 pkgsrc-2012Q1-base:1.11 pkgsrc-2011Q4:1.11.0.36 pkgsrc-2011Q4-base:1.11 pkgsrc-2011Q3:1.11.0.34 pkgsrc-2011Q3-base:1.11 pkgsrc-2011Q2:1.11.0.32 pkgsrc-2011Q2-base:1.11 pkgsrc-2011Q1:1.11.0.30 pkgsrc-2011Q1-base:1.11 pkgsrc-2010Q4:1.11.0.28 pkgsrc-2010Q4-base:1.11 pkgsrc-2010Q3:1.11.0.26 pkgsrc-2010Q3-base:1.11 pkgsrc-2010Q2:1.11.0.24 pkgsrc-2010Q2-base:1.11 pkgsrc-2010Q1:1.11.0.22 pkgsrc-2010Q1-base:1.11 pkgsrc-2009Q4:1.11.0.20 pkgsrc-2009Q4-base:1.11 pkgsrc-2009Q3:1.11.0.18 pkgsrc-2009Q3-base:1.11 pkgsrc-2009Q2:1.11.0.16 pkgsrc-2009Q2-base:1.11 pkgsrc-2009Q1:1.11.0.14 pkgsrc-2009Q1-base:1.11 pkgsrc-2008Q4:1.11.0.12 pkgsrc-2008Q4-base:1.11 pkgsrc-2008Q3:1.11.0.10 pkgsrc-2008Q3-base:1.11 cube-native-xorg:1.11.0.8 cube-native-xorg-base:1.11 pkgsrc-2008Q2:1.11.0.6 pkgsrc-2008Q2-base:1.11 cwrapper:1.11.0.4 pkgsrc-2008Q1:1.11.0.2 pkgsrc-2008Q1-base:1.11 pkgsrc-2007Q4:1.10.0.26 pkgsrc-2007Q4-base:1.10 pkgsrc-2007Q3:1.10.0.24 pkgsrc-2007Q3-base:1.10 pkgsrc-2007Q2:1.10.0.22 pkgsrc-2007Q2-base:1.10 pkgsrc-2007Q1:1.10.0.20 pkgsrc-2007Q1-base:1.10 pkgsrc-2006Q4:1.10.0.18 pkgsrc-2006Q4-base:1.10 pkgsrc-2006Q3:1.10.0.16 pkgsrc-2006Q3-base:1.10 pkgsrc-2006Q2:1.10.0.14 pkgsrc-2006Q2-base:1.10 pkgsrc-2006Q1:1.10.0.12 pkgsrc-2006Q1-base:1.10 pkgsrc-2005Q4:1.10.0.10 pkgsrc-2005Q4-base:1.10 pkgsrc-2005Q3:1.10.0.8 pkgsrc-2005Q3-base:1.10 pkgsrc-2005Q2:1.10.0.6 pkgsrc-2005Q2-base:1.10 pkgsrc-2005Q1:1.10.0.4 pkgsrc-2005Q1-base:1.10 pkgsrc-2004Q4:1.10.0.2 pkgsrc-2004Q4-base:1.10 pkgsrc-2004Q3:1.9.0.16 pkgsrc-2004Q3-base:1.9 pkgsrc-2004Q2:1.9.0.14 pkgsrc-2004Q2-base:1.9 pkgsrc-2004Q1:1.9.0.12 pkgsrc-2004Q1-base:1.9 pkgsrc-2003Q4:1.9.0.10 pkgsrc-2003Q4-base:1.9 netbsd-1-6-1:1.9.0.6 netbsd-1-6-1-base:1.9 netbsd-1-6:1.9.0.8 netbsd-1-6-RELEASE-base:1.9 pkgviews:1.9.0.4 pkgviews-base:1.9 buildlink2:1.9.0.2 buildlink2-base:1.9 netbsd-1-5-PATCH003:1.9 netbsd-1-5-PATCH001:1.7 netbsd-1-5-RELEASE:1.6 netbsd-1-4-PATCH003:1.6 netbsd-1-4-PATCH002:1.5 comdex-fall-1999:1.4 netbsd-1-4-PATCH001:1.4 netbsd-1-4-RELEASE:1.4; locks; strict; comment @# @; 1.12 date 2014.06.10.15.22.18; author joerg; state dead; branches; next 1.11; commitid djgMkPoOrhNxnZDx; 1.11 date 2008.02.23.05.16.34; author obache; state Exp; branches; next 1.10; 1.10 date 2004.10.29.13.48.31; author abs; state Exp; branches; next 1.9; 1.9 date 2002.02.01.16.04.39; author jlam; state Exp; branches 1.9.16.1; next 1.8; 1.8 date 2001.10.17.19.17.00; author jlam; state Exp; branches; next 1.7; 1.7 date 2001.02.02.16.39.57; author jlam; state Exp; branches; next 1.6; 1.6 date 2000.09.12.14.17.32; author jlam; state Exp; branches; next 1.5; 1.5 date 99.11.21.22.09.28; author tron; state Exp; branches; next 1.4; 1.4 date 98.12.07.16.20.40; author tv; state Exp; branches; next 1.3; 1.3 date 98.12.04.17.23.20; author tv; state Exp; branches; next 1.2; 1.2 date 98.12.03.22.26.53; author tv; state Exp; branches; next 1.1; 1.1 date 98.12.03.17.23.53; author tv; state Exp; branches; next ; 1.9.16.1 date 2004.12.01.00.25.56; author salo; state Exp; branches; next ; desc @@ 1.12 log @Retire Apache 1.3 and 2.0. @ text @$NetBSD: patch-af,v 1.11 2008/02/23 05:16:34 obache Exp $ --- src/modules/standard/mod_so.c.orig 2008-02-23 04:22:56.000000000 +0000 +++ src/modules/standard/mod_so.c @@@@ -322,7 +322,15 @@@@ static const char *load_file(cmd_parms * return err; } - file = ap_server_root_relative(cmd->pool, filename); + /* + * If the filename starts with '!', then just dlopen() it without + * translating it to a pathname relative to ServerRoot. + */ + if (filename[0] == '!') { + file = filename + 1; + } else { + file = ap_server_root_relative(cmd->pool, filename); + } if (!(handle = ap_os_dso_load(file))) { const char *my_error = ap_os_dso_error(); @ 1.11 log @Update apache to 1.3.41. Changes with Apache 1.3.41 *) SECURITY: CVE-2007-6388 (cve.mitre.org) mod_status: Ensure refresh parameter is numeric to prevent a possible XSS attack caused by redirecting to other URLs. Reported by SecurityReason. [Mark Cox] Changes with Apache 1.3.40 (not released) *) SECURITY: CVE-2007-5000 (cve.mitre.org) mod_imap: Fix cross-site scripting issue. Reported by JPCERT. [Joe Orton] *) SECURITY: CVE-2007-3847 (cve.mitre.org) mod_proxy: Prevent reading past the end of a buffer when parsing date-related headers. PR 41144. With Apache 1.3, the denial of service vulnerability applies only to the Windows and NetWare platforms. [Jeff Trawick] *) More efficient implementation of the CVE-2007-3304 PID table patch. This fixes issues with excessive memory usage by the parent process if long-running and with a high number of child process forks during that timeframe. Also fixes bogus "Bad pid" errors. [Jim Jagielski, Jeff Trawick] Changes with Apache 1.3.39 *) SECURITY: CVE-2006-5752 (cve.mitre.org) mod_status: Fix a possible XSS attack against a site with a public server-status page and ExtendedStatus enabled, for browsers which perform charset "detection". Reported by Stefan Esser. [Joe Orton] *) SECURITY: CVE-2007-3304 (cve.mitre.org) Ensure that the parent process cannot be forced to kill non-child processes by checking scoreboard PID data with parent process privately stored PID data. [Jim Jagielski] *) mime.types: Many updates to sync with IANA registry and common unregistered types that the owners refuse to register. Admins are encouraged to update their installed mime.types file. pr: 35550, 37798, 39317, 31483 [Roy T. Fielding] There was no Apache 1.3.38 @ text @d1 1 a1 1 $NetBSD: patch-af,v 1.10 2004/10/29 13:48:31 abs Exp $ @ 1.10 log @Update apache to 1.3.33 The main security vulnerabilities addressed in 1.3.33 are: * CAN-2004-0940 (cve.mitre.org) Fix potential buffer overflow with escaped characters in SSI tag string. * CAN-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. New features * Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. * Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. The following bugs were found in Apache 1.3.31 (or earlier) and have been fixed in Apache 1.3.33: * mod_rewrite: Fix query string handling for proxied URLs. PR 14518. * mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. * mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. * Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. * No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. @ text @d1 1 a1 1 $NetBSD: patch-af,v 1.9 2002/02/01 16:04:39 jlam Exp $ d3 1 a3 1 --- src/modules/standard/mod_so.c.orig 2004-10-29 14:44:35.000000000 +0100 d5 1 a5 1 @@@@ -321,7 +321,15 @@@@ static const char *load_file(cmd_parms * @ 1.9 log @Update apache to 1.3.23 with the EAPI patch from mod_ssl-2.8.6-1.3.23. The main new features in 1.3.23 (compared to 1.3.22) are: * HTTP/1.1 support for mod_proxy. * Other mod_proxy improvements. * The new 'FileETag' directive to allow one to build the format of the ETag via runtime directives. * Addition of a 'filter callback' function to enable modules to intercept the output byte stream for dynamic page caching. The following bugs were found in Apache 1.3.22 and have been fixed in Apache 1.3.23: * Fix incorrect "Content-Length" header in the 416 response. * Revert mod_negotation's handling of path_info and query_args to the 1.3.20 behavior (PRs: 8628, 8582, 8538). * Prevent an Apache module from being loaded or added twice due to duplicate LoadModule or AddModule directives. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- src/modules/standard/mod_so.c.orig Fri Feb 1 10:05:43 2002 d5 1 a5 1 @@@@ -324,7 +324,15 @@@@ @ 1.9.16.1 log @Pullup ticket 141 - requested by David Brownlee security fix for apache Module Name: pkgsrc Committed By: tron Date: Mon Oct 25 08:44:16 UTC 2004 Modified Files: pkgsrc/www/apache: Makefile PLIST distinfo Removed Files: pkgsrc/www/apache/patches: patch-ap Log Message: Update "apache" package to version 1.3.32. Changes since version 1.3.31: - mod_rewrite: Fix query string handling for proxied URLs. PR 14518. [michael teitler , Jan Kratochvil ] - mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. [André Malo] - mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. [Joe Orton] - Trigger an error when a LoadModule directive attempts to load a module which is built-in. This is a common error when switching from a DSO build to a static build. [Jeff Trawick, Geoffrey Young] - Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. [Will Slater ] - Fix memory leak in the cache handling of mod_rewrite. PR 27862. [chunyan sheng , André Malo] - mod_rewrite no longer confuses the RewriteMap caches if different maps defined in different virtual hosts use the same map name. PR 26462. [André Malo] - mod_setenvif: Remove "support" for Remote_User variable which never worked at all. PR 25725. [André Malo] - mod_usertrack: Escape the cookie name before pasting into the regexp. [André Malo] - Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. [Jeff Trawick] - SECURITY: CAN-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. [Mark Cox] - Fix a bunch of cases where the return code of the regex compiler was not checked properly. This affects mod_usertrack and core. PR 28218. [André Malo] - No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. [Jim Jagielski, Rasmus Lerdorf] - COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. [Jim Jagielski] --- Module Name: pkgsrc Committed By: abs Date: Fri Oct 29 13:48:31 UTC 2004 Modified Files: pkgsrc/www/apache: Makefile distinfo pkgsrc/www/apache/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af patch-ag patch-ah patch-ai patch-aj patch-ak patch-am patch-ao Removed Files: pkgsrc/www/apache/patches: patch-al Log Message: Update apache to 1.3.33 The main security vulnerabilities addressed in 1.3.33 are: * CAN-2004-0940 (cve.mitre.org) Fix potential buffer overflow with escaped characters in SSI tag string. * CAN-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. New features * Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. * Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. The following bugs were found in Apache 1.3.31 (or earlier) and have been fixed in Apache 1.3.33: * mod_rewrite: Fix query string handling for proxied URLs. PR 14518. * mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. * mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. * Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. * No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. --- Module Name: pkgsrc Committed By: salo Date: Mon Nov 15 19:13:41 UTC 2004 Modified Files: pkgsrc/www/apache/patches: patch-ai Log Message: Revert rev 1.9, do not expand @@INSTALL@@, it's done in post-patch. (hi abs!) --- Module Name: pkgsrc Committed By: tron Date: Tue Nov 16 08:23:45 UTC 2004 Modified Files: pkgsrc/www/apache: distinfo Log Message: Regen after "patch-ai" was changed. (hi salo!) @ text @d1 1 a1 1 $NetBSD: patch-af,v 1.10 2004/10/29 13:48:31 abs Exp $ d3 1 a3 1 --- src/modules/standard/mod_so.c.orig 2004-10-29 14:44:35.000000000 +0100 d5 1 a5 1 @@@@ -321,7 +321,15 @@@@ static const char *load_file(cmd_parms * @ 1.8 log @Update apache to 1.3.22. Relevant changes from version 1.3.20 include using the pkgsrc expat library instead of the builtin one (this is to avoid conflicts between expat libraries when an expat XML parser is loaded by either mod_perl or mod_php), and: Security vulnerabilities * A vulnerability was found in the split-logfile support program. A request with a specially crafted Host: header could allow any file with a .log extension on the system to be written to. * A vulnerability was found when Multiviews are used to negotiate the directory index. In some configurations, requesting a URI with a QUERY_STRING of M=D could return a directory listing rather than the expected index page. General bug fixes and improvements * Bug fixes * The supplied icons are now also distributed in PNG format * New directives have been added to the mod_usertrack module, The first, CookieDomain, can be used to customise the Domain attribute. * A new directive, AcceptMutex, allows run-time configuration of the mutex type used for accept serialization. * mod_auth has been enhanced to allow access to a document to be controlled based on the owner of the file being served. * A new directive, AcceptFilter, has been added to control BSD accept filters at run-time. The functionality can postpone the requirement for a child process to handle a new connection until an HTTP request has arrived, therefore increasing the number of connections that a given number of child processes can handle @ text @d3 1 a3 1 --- src/modules/standard/mod_so.c.orig Wed Oct 17 11:47:02 2001 d5 1 a5 1 @@@@ -321,7 +321,15 @@@@ @ 1.7 log @Update apache to 1.3.17. Important changes from version 1.3.14 include: -) Remove patch to avoid dlclose()ing on NetBSD. The mod_perl vs. perl CGI mis-interaction seems to be gone and I wasn't able to reproduce it on my system. *) Fix the declaration of the module structure in mod_example. *) Fix the handling of variable expansion look-ahead in mod_rewrite, i.e. syntax like %{LA-U:REMOTE_USER}, and also fix the parsing of more complicated nested RewriteMap lookups. *) mod_status now respects ?refresh=n of 1 or greater. If the given refresh value is not a number, ?refresh is set to 1 second. *) Accomodate an out-of-space condition in the piped logs and the rotatelogs.c code, and no longer churn log processes for this condition. *) Make cgi-bin work as a regular directory when using mod_vhost_alias with no VirtualScriptAlias directives. *) Move the check of the Expect request header field after the hook for ap_post_read_request, since that is the only opportunity for modules to handle Expect extensions. *) Eliminate caching problems of mod_autoindex results, so the last modified date of the directory is returned as the Last-Modified and ETag HTTP header tags are sent if IndexOptions TrackModified directive/option is used. *) Correct an issue with Alias and ScriptAlias directives that file path arguments were not normalized in canonical form. This correction makes no attempt to normalize regular expression forms of Alias or ScriptAlias. *) Add a new LogFormat directive, %c, that will log connection status at the end of the response. *) Update the mime.types file to the registered media types as of 2000-10-19. *) Restore functionality broken by the mod_rewrite security fix: rewrite map lookup keys and default values are now expanded so that the lookup can depend on the requested URI etc. @ text @d3 1 a3 1 --- src/modules/standard/mod_so.c.orig Fri Feb 2 00:42:13 2001 d5 1 a5 1 @@@@ -318,7 +318,15 @@@@ @ 1.6 log @Update build to work with mod_ssl-2.6.6-1.3.12 to keep in sync with ap-ssl. EAPI didn't change so no need to change Apache's version number. Also standardize package builds to have Apache listen on ports 80/443 regardless of UID of user that builds the package, and make MAINTAINER point to me. @ text @d3 1 a3 1 --- src/modules/standard/mod_so.c.orig Thu Sep 7 01:28:46 2000 d5 4 a8 4 @@@@ -307,7 +307,15 @@@@ ap_os_dso_handle_t handle; char *file; d11 2 a12 2 + * XXX Hack: If the filename starts with '!', then just as dlopen() + * XXX without translating to a pathname relative to ServerRoot. @ 1.5 log @Update Apache package to version 1.3.9 (SSL Module 2.4.8) using patches suppled by SUNAGAWA Keiki in PR pkg/8819. This version mostly fixes bugs discovered since version 1.3.6. @ text @d1 1 a1 1 $NetBSD: patch-af,v 1.4 1998/12/07 16:20:40 tv Exp $ d3 19 a21 85 --- src/modules/standard/mod_include.c.orig Sat May 22 08:57:57 1999 +++ src/modules/standard/mod_include.c Mon Oct 4 20:53:14 1999 @@@@ -92,7 +92,11 @@@@ #include "http_log.h" #include "http_main.h" #include "util_script.h" +#include "ap_include_extern.h" +#include "ap_hook.h" #endif +#define get_tag ap_include_get_tag +#define parse_string ap_include_parse_string #define STARTING_SEQUENCE "" @@@@ -354,7 +358,8 @@@@ * the tag value is html decoded if dodecode is non-zero */ -static char *get_tag(pool *p, FILE *in, char *tag, int tagbuf_len, int dodecode) +API_EXPORT(char *) +ap_include_get_tag(pool *p, FILE *in, char *tag, int tagbuf_len, int dodecode) { char *t = tag, *tag_val, c, term; @@@@ -473,7 +478,7 @@@@ /* * Do variable substitution on strings */ -static void parse_string(request_rec *r, const char *in, char *out, +API_EXPORT(void) ap_include_parse_string(request_rec *r, const char *in, char *out, size_t length, int leave_name) { char ch; @@@@ -666,7 +671,8 @@@@ parse_string(r, tag_val, parsed_string, sizeof(parsed_string), 0); if (tag[0] == 'f') { /* be safe; only files in this directory or below allowed */ - if (!is_only_below(parsed_string)) { + if ((ap_allow_options(r) & OPT_INCNOEXEC) && + !is_only_below(parsed_string)) { error_fmt = "unable to include file \"%s\" " "in parsed file %s"; } @@@@ -1057,7 +1063,9 @@@@ "in parsed file %s"; } else { - ap_getparents(tag_val); /* get rid of any nasties */ + if (ap_allow_options(r) & OPT_INCNOEXEC) + ap_getparents(tag_val); /* get rid of any nasties */ + rr = ap_sub_req_lookup_file(tag_val, r); if (rr->status == HTTP_OK && rr->finfo.st_mode != 0) { @@@@ -2135,6 +2143,16 @@@@ } } +API_EXPORT(int) +ap_include_register_extern(const char *cmd, ap_include_extern_func func) { + char cmdbuf[40] = "include::"; + + strncat(cmdbuf, cmd, 30); + ap_hook_configure(cmdbuf, AP_HOOK_SIG5(int,ptr,ptr,ptr,ptr), AP_HOOK_TOPMOST); + ap_hook_register(cmdbuf, func, NULL); + + return 0; +} /* -------------------------- The main function --------------------------- */ @@@@ -2259,6 +2277,13 @@@@ } #endif else { + char cmdbuf[40] = "include::"; + + strncat(cmdbuf, directive, 30); + if ((ap_hook_status(cmdbuf) >= AP_HOOK_STATE_CONFIGURED) && + (ap_hook_call(cmdbuf, &ret, f, r, error, timefmt) == TRUE)) + continue; + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, "unknown directive \"%s\" " "in parsed doc %s", @ 1.4 log @- Update mod_ssl's distname to 2.1.3 (does not require an apache version bump; EAPI is unchanged) - Remove restriction of mod_include to disallow "../" or "/" prefixed file names in if Includes (but not IncludesNOEXEC) is set; proposed in Apache PR mod_include/3500 - Add signature for hook function used to do mod_include callbacks (perl-embedded SSI was not working with new 4 argument call) @ text @d1 1 a1 1 $NetBSD$ d3 2 a4 2 --- src/modules/standard/mod_include.c.orig Thu Sep 24 10:06:42 1998 +++ src/modules/standard/mod_include.c Mon Dec 7 11:17:39 1998 d46 9 a54 9 @@@@ -1010,7 +1016,8 @@@@ int ret=0; if (!strcmp(tag, "file")) { - ap_getparents(tag_val); /* get rid of any nasties */ + if (ap_allow_options(r) & OPT_INCNOEXEC) + ap_getparents(tag_val); /* get rid of any nasties */ rr = ap_sub_req_lookup_file(tag_val, r); d56 2 a57 1 @@@@ -2090,6 +2097,16 @@@@ d74 1 a74 1 @@@@ -2214,6 +2231,13 @@@@ d86 2 a87 2 "httpd: unknown directive \"%s\" " "in parsed doc %s", @ 1.3 log @Bump version to `1.3.3.2' - add `timefmt' argument to ap_include_extern_func's (needed for a couple upcoming XSSI-extending modules). Also fix apxs to use `install' and fix the cgi-bin `preservation' while we're here. @ text @d4 1 a4 1 +++ src/modules/standard/mod_include.c Fri Dec 4 10:51:50 1998 d36 21 a56 1 @@@@ -2090,6 +2095,16 @@@@ d65 1 a65 1 + ap_hook_configure(cmdbuf, AP_HOOK_SIG5(int,ptr,ptr,ptr,ptr), AP_HOOK_DECLINE(-32767)); d73 1 a73 1 @@@@ -2214,6 +2229,12 @@@@ d80 2 a81 1 + if (ap_hook_call(cmdbuf, &ret, f, r, error, timefmt) == TRUE) @ 1.2 log @Bump version to "1.3.3.1": Add parse_string to the include_extern interface, and use the EAPI hooks interface for calling external mod_include subs. (Needed to make mod_perl work as a DSO.) @ text @d4 1 a4 1 +++ src/modules/standard/mod_include.c Thu Dec 3 17:24:12 1998 d45 1 a45 1 + ap_hook_configure(cmdbuf, AP_HOOK_SIG4(int,ptr,ptr,ptr), AP_HOOK_DECLINE(-32767)); d60 1 a60 1 + if (ap_hook_call(cmdbuf, &ret, f, r, error) == TRUE) @ 1.1 log @Update Apache and mod_ssl using new build layout (see post to tech-pkg for details). No security fixes in Apache 1.3.3, so immediate upgrade from 1.3.2 is not necessary. @ text @d4 2 a5 2 +++ src/modules/standard/mod_include.c Wed Dec 2 10:36:06 1998 @@@@ -92,7 +92,9 @@@@ d10 1 d13 1 d17 1 a17 14 @@@@ -111,6 +113,12 @@@@ /* just need some arbitrary non-NULL pointer which can't also be a request_rec */ #define NESTED_INCLUDE_MAGIC (&includes_module) +static struct extern_handler { + struct extern_handler *next; + char cmd[20]; + ap_include_extern_func func; +} *extern_handlers; + /* ------------------------ Environment function -------------------------- */ /* XXX: could use ap_table_overlap here */ @@@@ -354,7 +362,8 @@@@ d27 10 a36 1 @@@@ -2090,6 +2099,50 @@@@ d41 2 a42 2 +ap_register_include_extern(const char *cmd, ap_include_extern_func func) { + struct extern_handler *h; d44 3 a46 5 + for (h = extern_handlers; h; h = h->next) + if (!strncmp(h->cmd, cmd, 20)) + return -1; + if (!(h = calloc(1, sizeof(*h)))) + return -1; a47 4 + h->next = extern_handlers; + strncpy(h->cmd, cmd, 20); + h->func = func; + extern_handlers = h; a49 28 + +/* + * Since we should be compiled in, dynamic modules will all initialize + * _after_ us. This assumption breaks if mod_includes is made dynamic, + * or if modules using ap_register_include_extern() are compiled in. + */ +static void includes_init(server_rec *s, pool *p) { + struct extern_handler *h, *n; + + for (h = extern_handlers; h; h = n) { + n = h->next; + free(h); + } + extern_handlers = NULL; +} + +static int do_externs(FILE *in, request_rec *r, const char *error, + const char *cmd, int *ret) { + struct extern_handler *h; + + for (h = extern_handlers; h; h = h->next) + if (!strncmp(h->cmd, cmd, 20)) { + *ret = (*h->func)(in, r, error); + return 0; + } + return -1; +} + d53 1 a53 2 @@@@ -2213,6 +2266,7 @@@@ ret = handle_perl(f, r, error); a55 1 + else if (!do_externs(f, r, error, directive, &ret)) {} d57 6 d65 1 a65 9 @@@@ -2420,7 +2474,7 @@@@ module MODULE_VAR_EXPORT includes_module = { STANDARD_MODULE_STUFF, - NULL, /* initializer */ + includes_init, /* initializer */ create_includes_dir_config, /* dir config creater */ NULL, /* dir merger --- default is to override */ NULL, /* server config */ @