[Pkg-apache-commits] [SCM] Debian packaging for apache2 (Apache HTTPD 2.x) branch, next, updated. 79f16b2ca0f671e5b3f891e7b71a06e8c6e17dae
Stefan Fritsch
sf at sfritsch.de
Sat Mar 31 17:17:18 UTC 2012
The following commit has been merged in the next branch:
commit 79f16b2ca0f671e5b3f891e7b71a06e8c6e17dae
Author: Stefan Fritsch <sf at sfritsch.de>
Date: Sat Mar 31 19:12:03 2012 +0200
Import lots of bug fixes from upstream svn
All code changes from branch 2.4.x up to r1307835, plus r1294306 and
r1307067 from trunk.
diff --git a/debian/changelog b/debian/changelog
index b2107ea..a63e78c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -27,6 +27,8 @@ apache2 (2.4.1-3) experimental; urgency=low
didn't have bad side-effects, but caused a disturbing warning.
[ Stefan Fritsch ]
+ * Import lots of bug fixes from upstream svn: All code changes from branch
+ 2.4.x up to r1307835, plus r1294306 and r1307067 from trunk.
* Move /usr/share/doc alias to separate config file and don't enable it
by default.
diff --git a/debian/patches/fixes_from_upstream_trunk.patch b/debian/patches/fixes_from_upstream_trunk.patch
new file mode 100644
index 0000000..2853762
--- /dev/null
+++ b/debian/patches/fixes_from_upstream_trunk.patch
@@ -0,0 +1,174 @@
+Description: add r1294306 and r1307067 from upstream trunk
+Forwarded: not-needed
+Author: Stefan Fritsch <sf at debian.org>
+Last-Update: 2012-03-31
+commit b9feb2ddc332776a4bb02dc493a75ee091d9e3b3
+Author: Stefan Fritsch <sf at apache.org>
+Date: Mon Feb 27 20:01:40 2012 +0000
+
+ Initialize EC temporary key on server startup, as for DH and
+ RSA. This fixes a race condition that could lead to a crash with threaded
+ MPMs.
+
+
+ git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1294306 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
+index acaf5d5..5d81647 100644
+--- a/modules/ssl/ssl_engine_init.c
++++ b/modules/ssl/ssl_engine_init.c
+@@ -77,6 +77,9 @@ static void ssl_tmp_keys_free(server_rec *s)
+
+ MODSSL_TMP_KEYS_FREE(mc, RSA);
+ MODSSL_TMP_KEYS_FREE(mc, DH);
++#ifndef OPENSSL_NO_EC
++ MODSSL_TMP_KEY_FREE(mc, EC_KEY, SSL_TMP_KEY_EC_256);
++#endif
+ }
+
+ static int ssl_tmp_key_init_rsa(server_rec *s,
+@@ -157,6 +160,40 @@ static int ssl_tmp_key_init_dh(server_rec *s,
+ return OK;
+ }
+
++#ifndef OPENSSL_NO_EC
++static int ssl_tmp_key_init_ec(server_rec *s,
++ int bits, int idx)
++{
++ SSLModConfigRec *mc = myModConfig(s);
++ EC_KEY *ecdh = NULL;
++
++ /* XXX: Are there any FIPS constraints we should enforce? */
++
++ if (bits != 256) {
++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02298)
++ "Init: Failed to generate temporary "
++ "%d bit EC parameters, only 256 bits supported", bits);
++ return !OK;
++ }
++
++ if ((ecdh = EC_KEY_new()) == NULL ||
++ EC_KEY_set_group(ecdh, EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)) != 1)
++ {
++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02299)
++ "Init: Failed to generate temporary "
++ "%d bit EC parameters", bits);
++ return !OK;
++ }
++
++ mc->pTmpKeys[idx] = ecdh;
++ return OK;
++}
++
++#define MODSSL_TMP_KEY_INIT_EC(s, bits) \
++ ssl_tmp_key_init_ec(s, bits, SSL_TMP_KEY_EC_##bits)
++
++#endif
++
+ #define MODSSL_TMP_KEY_INIT_RSA(s, bits) \
+ ssl_tmp_key_init_rsa(s, bits, SSL_TMP_KEY_RSA_##bits)
+
+@@ -181,6 +218,15 @@ static int ssl_tmp_keys_init(server_rec *s)
+ return !OK;
+ }
+
++#ifndef OPENSSL_NO_EC
++ ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, s,
++ "Init: Generating temporary EC parameters (256 bits)");
++
++ if (MODSSL_TMP_KEY_INIT_EC(s, 256)) {
++ return !OK;
++ }
++#endif
++
+ return OK;
+ }
+
+diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
+index 8d1aad8..35b2a85 100644
+--- a/modules/ssl/ssl_engine_kernel.c
++++ b/modules/ssl/ssl_engine_kernel.c
+@@ -1386,24 +1386,20 @@ DH *ssl_callback_TmpDH(SSL *ssl, int export, int keylen)
+ EC_KEY *ssl_callback_TmpECDH(SSL *ssl, int export, int keylen)
+ {
+ conn_rec *c = (conn_rec *)SSL_get_app_data(ssl);
+- static EC_KEY *ecdh = NULL;
+- static int init = 0;
++ SSLModConfigRec *mc = myModConfigFromConn(c);
++ int idx;
+
+ /* XXX Uses 256-bit key for now. TODO: support other sizes. */
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
+ "handing out temporary 256 bit ECC key");
+
+- if (init == 0) {
+- ecdh = EC_KEY_new();
+- if (ecdh != NULL) {
+- /* ecdh->group = EC_GROUP_new_by_nid(NID_secp160r2); */
+- EC_KEY_set_group(ecdh,
+- EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+- }
+- init = 1;
++ switch (keylen) {
++ case 256:
++ default:
++ idx = SSL_TMP_KEY_EC_256;
+ }
+
+- return ecdh;
++ return (EC_KEY *)mc->pTmpKeys[idx];
+ }
+ #endif
+
+diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
+index fb9ac26..1b5d042 100644
+--- a/modules/ssl/ssl_private.h
++++ b/modules/ssl/ssl_private.h
+@@ -298,7 +298,12 @@ typedef int ssl_algo_t;
+ #define SSL_TMP_KEY_RSA_1024 (1)
+ #define SSL_TMP_KEY_DH_512 (2)
+ #define SSL_TMP_KEY_DH_1024 (3)
++#ifndef OPENSSL_NO_EC
++#define SSL_TMP_KEY_EC_256 (4)
++#define SSL_TMP_KEY_MAX (5)
++#else
+ #define SSL_TMP_KEY_MAX (4)
++#endif
+
+ /**
+ * Define the SSL options
+commit e2767fc2deb44bba6ef1a67fb2aaee9de240ed94
+Author: Stefan Fritsch <sf at apache.org>
+Date: Thu Mar 29 19:24:04 2012 +0000
+
+ Fix treatment of regex backreferences.
+
+ r904765 only made half of the necessary changes to remove the use
+ of '&' as an alias for '$0' and allow to escape any character with a
+ backslash.
+
+
+ git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1307067 13f79535-47bb-0310-9956-ffa450edef68
+
+diff --git a/server/util.c b/server/util.c
+index 3c38fa9..177f378 100644
+--- a/server/util.c
++++ b/server/util.c
+@@ -437,15 +437,13 @@ static apr_status_t regsub_core(apr_pool_t *p, char **result,
+ src = input;
+
+ while ((c = *src++) != '\0') {
+- if (c == '&')
+- no = 0;
+- else if (c == '$' && apr_isdigit(*src))
++ if (c == '$' && apr_isdigit(*src))
+ no = *src++ - '0';
+ else
+ no = AP_MAX_REG_MATCH;
+
+ if (no >= AP_MAX_REG_MATCH) { /* Ordinary character. */
+- if (c == '\\' && (*src == '$' || *src == '&'))
++ if (c == '\\' && *src)
+ c = *src++;
+ *dst++ = c;
+ }
diff --git a/debian/patches/pull_branch_2.4.x.patch b/debian/patches/pull_branch_2.4.x.patch
new file mode 100644
index 0000000..2b4f6e4
--- /dev/null
+++ b/debian/patches/pull_branch_2.4.x.patch
@@ -0,0 +1,994 @@
+Description: Pull code changes from upstream branch 2.4.x up to r1307835
+Forwarded: not-needed
+Author: various
+Last-Update: 2012-03-31
+
+ *) mod_proxy: Add the forcerecovery balancer parameter that determines if
+ recovery for balancer workers is enforced. [Ruediger Pluem]
+
+ *) Fix MPM DSO load failure on AIX. [Jeff Trawick]
+
+ *) mod_proxy: Correctly set up reverse proxy worker. PR 52935.
+ [Petter Berntsen <petterb gmail.com>]
+
+ *) mod_sed: Don't define PATH_MAX to a potentially undefined value, causing
+ compile problems on GNU hurd. [Stefan Fritsch]
+
+ *) core: Add ap_runtime_dir_relative() and DefaultRuntimeDir.
+ [Jeff Trawick]
+
+ *) core: Fix breakage of Listen directives with MPMs that use a
+ per-directory config. PR 52904. [Stefan Fritsch]
+
+ *) core: Disallow directives in AllowOverrideList which are only allowed
+ in VirtualHost or server context. These are usually not prepared to be
+ called in .htaccess files. [Stefan Fritsch]
+
+ *) core: In AllowOverrideList, do not allow 'None' together with other
+ directives. PR 52823. [Stefan Fritsch]
+
+ *) mod_slotmem_shm: Support DEFAULT_REL_RUNTIMEDIR for file-based shm.
+ [Jim Jagielski]
+
+ *) core: Fix merging of AllowOverrideList and ContentDigest.
+ [Stefan Fritsch]
+
+ *) mod_request: Fix validation of the KeptBodySize argument so it
+ doesn't always throw a configuration error. PR 52981 [Eric Covener]
+
+ *) core: Add filesystem paths to access denied / access failed messages
+ AH00035 and AH00036. [Eric Covener]
+
+ *) mod_dumpio: Properly handle errors from subsequent input filters.
+ PR 52914. [Stefan Fritsch]
+
+ *) Unix MPMs: Fix small memory leak in parent process if connect()
+ failed when waking up children. [Joe Orton]
+
+ *) "DirectoryIndex disabled" now undoes DirectoryIndex settings in
+ the current configuration section, not just previous config sections.
+ PR 52845. [Eric Covener]
+
+ *) mod_xml2enc: Fix broken handling of EOS buckets which could lead to
+ response headers not being sent. PR 52766. [Stefan Fritsch]
+
+ *) mod_ssl: Properly free the GENERAL_NAMEs. PR 32652. [Kaspar Brand]
+
+ *) core: Check during config test that directories for the access
+ logs actually exist. PR 29941. [Stefan Fritsch]
+
+ *) mod_xml2enc, mod_proxy_html: Enable per-module loglevels.
+ [Stefan Fritsch]
+
+ *) mod_filter: Fix segfault with AddOutputFilterByType. PR 52755.
+ [Stefan Fritsch]
+
+ *) mod_session: Sessions are encoded as application/x-www-form-urlencoded
+ strings, however we do not handle the encoding of spaces properly.
+ Fixed. [Graham Leggett]
+
+diff --git a/modules/debugging/mod_dumpio.c b/modules/debugging/mod_dumpio.c
+index a56fa16..e02127b 100644
+--- a/modules/debugging/mod_dumpio.c
++++ b/modules/debugging/mod_dumpio.c
+@@ -146,6 +146,7 @@ static int dumpio_input_filter (ap_filter_t *f, apr_bucket_brigade *bb,
+ } else {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c,
+ "mod_dumpio: %s - %d", f->frec->name, ret) ;
++ return ret;
+ }
+
+ return APR_SUCCESS ;
+diff --git a/modules/filters/libsed.h b/modules/filters/libsed.h
+index a889d50..76cbc0c 100644
+--- a/modules/filters/libsed.h
++++ b/modules/filters/libsed.h
+@@ -28,9 +28,6 @@ extern "C" {
+ #include <limits.h>
+
+ #include "apr_file_io.h"
+-#ifndef PATH_MAX
+-#define PATH_MAX MAX_PATH
+-#endif
+
+ #define SED_NLINES 256
+ #define SED_DEPTH 20
+diff --git a/modules/filters/mod_filter.c b/modules/filters/mod_filter.c
+index 32d8bd3..7dd7db1 100644
+--- a/modules/filters/mod_filter.c
++++ b/modules/filters/mod_filter.c
+@@ -131,6 +131,7 @@ static int filter_init(ap_filter_t *f)
+ f->ctx = fctx;
+ return OK;
+ }
++
+ static int filter_lookup(ap_filter_t *f, ap_filter_rec_t *filter)
+ {
+ ap_filter_provider_t *provider;
+@@ -461,9 +462,11 @@ static const char *add_filter(cmd_parms *cmd, void *CFG,
+ NULL);
+ }
+ provider->expr = node;
++ provider->types = NULL;
+ }
+ else {
+ provider->types = types;
++ provider->expr = NULL;
+ }
+ provider->frec = provider_frec;
+ provider->next = frec->providers;
+@@ -594,7 +597,7 @@ static const char *filter_bytype(cmd_parms *cmd, void *CFG,
+ name = apr_pstrdup(cmd->temp_pool, argv[0]);
+ types = apr_palloc(cmd->pool, argc * sizeof(char *));
+ memcpy(types, &argv[1], (argc - 1) * sizeof(char *));
+- types[argc] = NULL;
++ types[argc-1] = NULL;
+ for (pname = apr_strtok(name, ";", &strtok_state);
+ pname != NULL && rv == NULL;
+ pname = apr_strtok(NULL, ";", &strtok_state)) {
+diff --git a/modules/filters/mod_proxy_html.c b/modules/filters/mod_proxy_html.c
+index 3bac898..6cbe87a 100644
+--- a/modules/filters/mod_proxy_html.c
++++ b/modules/filters/mod_proxy_html.c
+@@ -1265,7 +1265,8 @@ static void proxy_html_hooks(apr_pool_t *p)
+ ap_hook_pre_config(mod_proxy_html, NULL, NULL, APR_HOOK_MIDDLE);
+ ap_hook_insert_filter(proxy_html_insert, NULL, aszSucc, APR_HOOK_MIDDLE);
+ }
+-module AP_MODULE_DECLARE_DATA proxy_html_module = {
++
++AP_DECLARE_MODULE(proxy_html) = {
+ STANDARD20_MODULE_STUFF,
+ proxy_html_config,
+ proxy_html_merge,
+diff --git a/modules/filters/mod_request.c b/modules/filters/mod_request.c
+index ae59ab6..9cbde0a 100644
+--- a/modules/filters/mod_request.c
++++ b/modules/filters/mod_request.c
+@@ -358,7 +358,7 @@ static const char *set_kept_body_size(cmd_parms *cmd, void *dconf,
+ char *end = NULL;
+
+ if (APR_SUCCESS != apr_strtoff(&(conf->keep_body), arg, &end, 10)
+- || conf->keep_body < 0 || end) {
++ || conf->keep_body < 0 || *end) {
+ return "KeptBodySize must be a valid size in bytes, or zero.";
+ }
+ conf->keep_body_set = 1;
+diff --git a/modules/filters/mod_xml2enc.c b/modules/filters/mod_xml2enc.c
+index fd54444..f82f8bf 100644
+--- a/modules/filters/mod_xml2enc.c
++++ b/modules/filters/mod_xml2enc.c
+@@ -392,13 +392,14 @@ static apr_status_t xml2enc_ffunc(ap_filter_t* f, apr_bucket_brigade* bb)
+ while (b = APR_BRIGADE_FIRST(bb), b != APR_BRIGADE_SENTINEL(bb)) {
+ ctx->bytes = 0;
+ if (APR_BUCKET_IS_METADATA(b)) {
++ APR_BUCKET_REMOVE(b);
+ if (APR_BUCKET_IS_EOS(b)) {
+ /* send remaining data */
++ APR_BRIGADE_INSERT_TAIL(ctx->bbnext, b);
+ return ap_fflush(f->next, ctx->bbnext);
+ } else if (APR_BUCKET_IS_FLUSH(b)) {
+ ap_fflush(f->next, ctx->bbnext);
+ }
+- APR_BUCKET_REMOVE(b);
+ apr_bucket_destroy(b);
+ }
+ else { /* data bucket */
+@@ -614,7 +615,8 @@ static void* xml2enc_merge(apr_pool_t* pool, void* BASE, void* ADD)
+ ret->skipto = add->skipto ? add->skipto : base->skipto;
+ return ret;
+ }
+-module AP_MODULE_DECLARE_DATA xml2enc_module = {
++
++AP_DECLARE_MODULE(xml2enc) = {
+ STANDARD20_MODULE_STUFF,
+ xml2enc_config,
+ xml2enc_merge,
+@@ -623,6 +625,7 @@ module AP_MODULE_DECLARE_DATA xml2enc_module = {
+ xml2enc_cmds,
+ xml2enc_hooks
+ };
++
+ APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(xml2enc, XML2ENC, int, preprocess,
+ (ap_filter_t *f, char** bufp, apr_size_t* bytesp),
+ (f, bufp, bytesp), OK, DECLINED)
+diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c
+index caea1f3..026a6cf 100644
+--- a/modules/loggers/mod_log_config.c
++++ b/modules/loggers/mod_log_config.c
+@@ -263,6 +263,8 @@ typedef struct {
+ void *log_writer;
+ char *condition_var;
+ ap_expr_info_t *condition_expr;
++ /** place of definition or NULL if already checked */
++ const ap_directive_t *directive;
+ } config_log_state;
+
+ /*
+@@ -1271,6 +1273,7 @@ static const char *add_custom_log(cmd_parms *cmd, void *dummy, const char *fn,
+
+ cls->fname = fn;
+ cls->format_string = fmt;
++ cls->directive = cmd->directive;
+ if (fmt == NULL) {
+ cls->format = NULL;
+ }
+@@ -1678,9 +1681,59 @@ static int log_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp)
+ return OK;
+ }
+
++static int check_log_dir(apr_pool_t *p, server_rec *s, config_log_state *cls)
++{
++ if (!cls->fname || cls->fname[0] == '|' || !cls->directive) {
++ return OK;
++ }
++ else {
++ char *abs = ap_server_root_relative(p, cls->fname);
++ char *dir = ap_make_dirstr_parent(p, abs);
++ apr_finfo_t finfo;
++ const ap_directive_t *directive = cls->directive;
++ apr_status_t rv = apr_stat(&finfo, dir, APR_FINFO_TYPE, p);
++ cls->directive = NULL; /* Don't check this config_log_state again */
++ if (rv == APR_SUCCESS && finfo.filetype != APR_DIR)
++ rv = APR_ENOTDIR;
++ if (rv != APR_SUCCESS) {
++ ap_log_error(APLOG_MARK, APLOG_STARTUP|APLOG_EMERG, rv, s,
++ APLOGNO(02297)
++ "Cannot access directory '%s' for log file '%s' "
++ "defined at %s:%d", dir, cls->fname,
++ directive->filename, directive->line_num);
++ return !OK;
++ }
++ }
++ return OK;
++}
++
++static int log_check_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
++{
++ int rv = OK;
++ while (s) {
++ multi_log_state *mls = ap_get_module_config(s->module_config,
++ &log_config_module);
++ /*
++ * We don't need to check mls->server_config_logs because it just
++ * points to the parent server's mls->config_logs.
++ */
++ apr_array_header_t *log_list = mls->config_logs;
++ config_log_state *clsarray = (config_log_state *) log_list->elts;
++ int i;
++ for (i = 0; i < log_list->nelts; ++i) {
++ if (check_log_dir(ptemp, s, &clsarray[i]) != OK)
++ rv = !OK;
++ }
++
++ s = s->next;
++ }
++ return rv;
++}
++
+ static void register_hooks(apr_pool_t *p)
+ {
+ ap_hook_pre_config(log_pre_config,NULL,NULL,APR_HOOK_REALLY_FIRST);
++ ap_hook_check_config(log_check_config,NULL,NULL,APR_HOOK_MIDDLE);
+ ap_hook_child_init(init_child,NULL,NULL,APR_HOOK_MIDDLE);
+ ap_hook_open_logs(init_config_log,NULL,NULL,APR_HOOK_MIDDLE);
+ ap_hook_log_transaction(multi_log_transaction,NULL,NULL,APR_HOOK_MIDDLE);
+diff --git a/modules/lua/lua_request.c b/modules/lua/lua_request.c
+index 614f81d..91bd3b7 100644
+--- a/modules/lua/lua_request.c
++++ b/modules/lua/lua_request.c
+@@ -82,7 +82,7 @@ void ap_lua_rstack_dump(lua_State *L, request_rec *r, const char *msg)
+ }
+ default:{
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
+- "%d: unkown: -[%s]-", i, lua_typename(L, i));
++ "%d: unknown: -[%s]-", i, lua_typename(L, i));
+ break;
+ }
+ }
+diff --git a/modules/lua/lua_vmprep.c b/modules/lua/lua_vmprep.c
+index 308ffe6..7c383ca 100644
+--- a/modules/lua/lua_vmprep.c
++++ b/modules/lua/lua_vmprep.c
+@@ -84,7 +84,7 @@ static void pstack_dump(lua_State *L, apr_pool_t *r, int level,
+ }
+ default:{
+ ap_log_perror(APLOG_MARK, level, 0, r,
+- "%d: unkown: [%s]", i, lua_typename(L, i));
++ "%d: unknown: [%s]", i, lua_typename(L, i));
+ break;
+ }
+ }
+diff --git a/modules/mappers/mod_dir.c b/modules/mappers/mod_dir.c
+index 4386dba..52d0273 100644
+--- a/modules/mappers/mod_dir.c
++++ b/modules/mappers/mod_dir.c
+@@ -68,6 +68,7 @@ static const char *add_index(cmd_parms *cmd, void *dummy, const char *arg)
+ const char *ww = ap_getword_conf(cmd->temp_pool, &tt);
+ if (ww == NULL || !ww[0]) {
+ /* "disabled" is first, and alone */
++ apr_array_clear(d->index_names);
+ break;
+ }
+ }
+diff --git a/modules/metadata/mod_remoteip.c b/modules/metadata/mod_remoteip.c
+index d2858cc..60d7a1f 100644
+--- a/modules/metadata/mod_remoteip.c
++++ b/modules/metadata/mod_remoteip.c
+@@ -397,7 +397,7 @@ static int remoteip_modify_request(request_rec *r)
+ r->useragent_addr = req->useragent_addr;
+ r->useragent_ip = req->useragent_ip;
+
+- ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
++ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
+ req->proxy_ips
+ ? "Using %s as client's IP by proxies %s"
+ : "Using %s as client's IP by internal proxies",
+diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c
+index e7e1696..dc86def 100644
+--- a/modules/proxy/ajp_header.c
++++ b/modules/proxy/ajp_header.c
+@@ -256,7 +256,7 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
+
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00968)
+ "ajp_marshal_into_msgb: "
+- "Error appending the message begining");
++ "Error appending the message beginning");
+ return APR_EGENERAL;
+ }
+
+diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
+index ede29a1..f9a8009 100644
+--- a/modules/proxy/mod_proxy.c
++++ b/modules/proxy/mod_proxy.c
+@@ -387,6 +387,14 @@ static const char *set_balancer_param(proxy_server_conf *conf,
+ return "growth must be between 1 and 100";
+ balancer->growth = ival;
+ }
++ else if (!strcasecmp(key, "forcerecovery")) {
++ if (!strcasecmp(val, "on"))
++ balancer->s->forcerecovery = 1;
++ else if (!strcasecmp(val, "off"))
++ balancer->s->forcerecovery = 0;
++ else
++ return "forcerecovery must be On|Off";
++ }
+ else {
+ return "unknown Balancer parameter";
+ }
+@@ -2466,6 +2474,7 @@ static void child_init(apr_pool_t *p, server_rec *s)
+ /* Disable address cache for generic reverse worker */
+ reverse->s->is_address_reusable = 0;
+ }
++ conf->reverse = reverse;
+ s = s->next;
+ }
+ }
+diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h
+index 5348d02..5ad91fb 100644
+--- a/modules/proxy/mod_proxy.h
++++ b/modules/proxy/mod_proxy.h
+@@ -424,6 +424,7 @@ typedef struct {
+ unsigned int need_reset:1;
+ unsigned int vhosted:1;
+ unsigned int inactive:1;
++ unsigned int forcerecovery:1;
+ } proxy_balancer_shared;
+
+ #define ALIGNED_PROXY_BALANCER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_balancer_shared)))
+diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c
+index 08417d6..96e0901 100644
+--- a/modules/proxy/mod_proxy_balancer.c
++++ b/modules/proxy/mod_proxy_balancer.c
+@@ -423,7 +423,7 @@ static void force_recovery(proxy_balancer *balancer, server_rec *s)
+ }
+ }
+ }
+- if (!ok) {
++ if (!ok && balancer->s->forcerecovery) {
+ /* If all workers are in error state force the recovery.
+ */
+ worker = (proxy_worker **)balancer->workers->elts;
+@@ -624,8 +624,9 @@ static int proxy_balancer_post_request(proxy_worker *worker,
+ int val = ((int *)balancer->errstatuses->elts)[i];
+ if (r->status == val) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01174)
+- "%s: Forcing recovery for worker (%s), "
+- "failonstatus %d",
++ "%s: Forcing worker (%s) into error state "
++ "due to status code %d matching 'failonstatus' "
++ "balancer parameter",
+ balancer->s->name, worker->s->name, val);
+ worker->s->status |= PROXY_WORKER_IN_ERROR;
+ worker->s->error_time = apr_time_now();
+diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
+index 5821aa9..fe2ac43 100644
+--- a/modules/proxy/proxy_util.c
++++ b/modules/proxy/proxy_util.c
+@@ -1164,6 +1164,8 @@ PROXY_DECLARE(char *) ap_proxy_define_balancer(apr_pool_t *p,
+ bshared->hash.fnv = ap_proxy_hashfunc(bshared->name, PROXY_HASHFUNC_FNV);
+ (*balancer)->hash = bshared->hash;
+
++ bshared->forcerecovery = 1;
++
+ /* Retrieve a UUID and store the nonce for the lifetime of
+ * the process. */
+ apr_uuid_get(&uuid);
+diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
+index 3e1275b..e053619 100644
+--- a/modules/session/mod_session.c
++++ b/modules/session/mod_session.c
+@@ -303,11 +303,11 @@ static int identity_concat(char *buffer, const char *key, const char *val)
+ *slider = '&';
+ slider++;
+ }
+- ap_escape_path_segment_buffer(slider, key);
++ ap_escape_urlencoded_buffer(slider, key);
+ slider += strlen(slider);
+ *slider = '=';
+ slider++;
+- ap_escape_path_segment_buffer(slider, val);
++ ap_escape_urlencoded_buffer(slider, val);
+ return 1;
+ }
+
+@@ -384,7 +384,7 @@ static apr_status_t session_identity_decode(request_rec * r, session_rec * z)
+ if (!val || !*val) {
+ apr_table_unset(z->entries, key);
+ }
+- else if (!ap_unescape_all(key) && !ap_unescape_all(val)) {
++ else if (!ap_unescape_urlencoded(key) && !ap_unescape_urlencoded(val)) {
+ if (!strcmp(SESSION_EXPIRY, key)) {
+ z->expiry = (apr_time_t) apr_atoi64(val);
+ }
+diff --git a/modules/slotmem/mod_slotmem_shm.c b/modules/slotmem/mod_slotmem_shm.c
+index cd6ead2..b3a5ddc 100644
+--- a/modules/slotmem/mod_slotmem_shm.c
++++ b/modules/slotmem/mod_slotmem_shm.c
+@@ -124,14 +124,21 @@ static apr_status_t unixd_set_shm_perms(const char *fname)
+ * /abs_name : $abs_name
+ *
+ */
+-static const char *store_filename(apr_pool_t *pool, const char *slotmemname)
++
++#define DEFAULT_SLOTMEM_PREFIX DEFAULT_REL_RUNTIMEDIR "/slotmem-shm-"
++
++#define DEFAULT_SLOTMEM_SUFFIX ".shm"
++
++static const char *slotmem_filename(apr_pool_t *pool, const char *slotmemname)
+ {
+ const char *fname;
+- if (strcasecmp(slotmemname, "none") == 0) {
++ if (!slotmemname || strcasecmp(slotmemname, "none") == 0) {
+ return NULL;
+ }
+ else if (slotmemname[0] != '/') {
+- fname = ap_server_root_relative(pool, slotmemname);
++ const char *path = apr_pstrcat(pool, DEFAULT_SLOTMEM_PREFIX, slotmemname,
++ DEFAULT_SLOTMEM_SUFFIX, NULL);
++ fname = ap_server_root_relative(pool, path);
+ }
+ else {
+ fname = slotmemname;
+@@ -146,7 +153,7 @@ static void store_slotmem(ap_slotmem_instance_t *slotmem)
+ apr_size_t nbytes;
+ const char *storename;
+
+- storename = store_filename(slotmem->gpool, slotmem->name);
++ storename = slotmem_filename(slotmem->gpool, slotmem->name);
+
+ if (storename) {
+ rv = apr_file_open(&fp, storename, APR_CREATE | APR_READ | APR_WRITE,
+@@ -175,7 +182,7 @@ static void restore_slotmem(void *ptr, const char *name, apr_size_t size,
+ apr_size_t nbytes = size;
+ apr_status_t rv;
+
+- storename = store_filename(pool, name);
++ storename = slotmem_filename(pool, name);
+
+ if (storename) {
+ rv = apr_file_open(&fp, storename, APR_READ | APR_WRITE, APR_OS_DEFAULT,
+@@ -252,7 +259,7 @@ static apr_status_t slotmem_create(ap_slotmem_instance_t **new,
+ ap_slotmem_type_t type, apr_pool_t *pool)
+ {
+ /* void *slotmem = NULL; */
+- int fbased;
++ int fbased = 1;
+ char *ptr;
+ sharedslotdesc_t desc;
+ ap_slotmem_instance_t *res;
+@@ -267,14 +274,8 @@ static apr_status_t slotmem_create(ap_slotmem_instance_t **new,
+ if (gpool == NULL) {
+ return APR_ENOSHMAVAIL;
+ }
+- if (name) {
+- if (name[0] != '/') {
+- fname = ap_server_root_relative(pool, name);
+- }
+- else {
+- fname = name;
+- }
+-
++ fname = slotmem_filename(pool, name);
++ if (fname) {
+ /* first try to attach to existing slotmem */
+ if (next) {
+ for (;;) {
+@@ -291,11 +292,11 @@ static apr_status_t slotmem_create(ap_slotmem_instance_t **new,
+ }
+ }
+ else {
++ fbased = 0;
+ fname = "none";
+ }
+
+ /* first try to attach to existing shared memory */
+- fbased = (name != NULL);
+ if (fbased) {
+ rv = apr_shm_attach(&shm, fname, gpool);
+ }
+@@ -395,15 +396,8 @@ static apr_status_t slotmem_attach(ap_slotmem_instance_t **new,
+ if (gpool == NULL) {
+ return APR_ENOSHMAVAIL;
+ }
+- if (name) {
+- if (name[0] == ':') {
+- fname = name;
+- }
+- else {
+- fname = ap_server_root_relative(pool, name);
+- }
+- }
+- else {
++ fname = slotmem_filename(pool, name);
++ if (!fname) {
+ return APR_ENOSHMAVAIL;
+ }
+
+diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c
+index 13362be..48b561d 100644
+--- a/modules/ssl/ssl_util_ssl.c
++++ b/modules/ssl/ssl_util_ssl.c
+@@ -325,7 +325,7 @@ BOOL SSL_X509_getIDs(apr_pool_t *p, X509 *x509, apr_array_header_t **ids)
+ }
+
+ if (names)
+- sk_GENERAL_NAME_free(names);
++ sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
+
+ /* Second, the CN-IDs (commonName attributes in the subject DN) */
+ subj = X509_get_subject_name(x509);
+diff --git a/server/config.c b/server/config.c
+index 96ab9c9..7585704 100644
+--- a/server/config.c
++++ b/server/config.c
+@@ -59,6 +59,7 @@
+
+ AP_DECLARE_DATA const char *ap_server_argv0 = NULL;
+ AP_DECLARE_DATA const char *ap_server_root = NULL;
++AP_DECLARE_DATA const char *ap_runtime_dir = NULL;
+ AP_DECLARE_DATA server_rec *ap_server_conf = NULL;
+ AP_DECLARE_DATA apr_pool_t *ap_pglobal = NULL;
+
+@@ -1560,6 +1561,25 @@ AP_DECLARE(char *) ap_server_root_relative(apr_pool_t *p, const char *file)
+ }
+ }
+
++AP_DECLARE(char *) ap_runtime_dir_relative(apr_pool_t *p, const char *file)
++{
++ char *newpath = NULL;
++ apr_status_t rv;
++ const char *runtime_dir = ap_runtime_dir ? ap_runtime_dir : ap_server_root_relative(p, DEFAULT_REL_RUNTIMEDIR);
++
++ rv = apr_filepath_merge(&newpath, runtime_dir, file,
++ APR_FILEPATH_TRUENAME, p);
++ if (newpath && (rv == APR_SUCCESS || APR_STATUS_IS_EPATHWILD(rv)
++ || APR_STATUS_IS_ENOENT(rv)
++ || APR_STATUS_IS_ENOTDIR(rv))) {
++ return newpath;
++ }
++ else {
++ return NULL;
++ }
++}
++
++
+ AP_DECLARE(const char *) ap_soak_end_container(cmd_parms *cmd, char *directive)
+ {
+ struct ap_varbuf vb;
+diff --git a/server/core.c b/server/core.c
+index e96eaa3..541f6e8 100644
+--- a/server/core.c
++++ b/server/core.c
+@@ -247,7 +247,7 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv)
+ conf->override_opts = new->override_opts;
+ }
+
+- if (conf->override_list == NULL) {
++ if (new->override_list != NULL) {
+ conf->override_list = new->override_list;
+ }
+
+@@ -274,7 +274,7 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv)
+ conf->hostname_lookups = new->hostname_lookups;
+ }
+
+- if (new->content_md5 == AP_CONTENT_MD5_UNSET) {
++ if (new->content_md5 != AP_CONTENT_MD5_UNSET) {
+ conf->content_md5 = new->content_md5;
+ }
+
+@@ -314,8 +314,6 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv)
+
+ if (new->limit_xml_body != AP_LIMIT_UNSET)
+ conf->limit_xml_body = new->limit_xml_body;
+- else
+- conf->limit_xml_body = base->limit_xml_body;
+
+ if (!conf->sec_file) {
+ conf->sec_file = new->sec_file;
+@@ -1661,28 +1659,45 @@ static const char *set_override_list(cmd_parms *cmd, void *d_, int argc, char *c
+ /* Throw a warning if we're in <Location> or <Files> */
+ if (ap_check_cmd_context(cmd, NOT_IN_LOCATION | NOT_IN_FILES)) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00115)
+- "Useless use of AllowOverrideList in line %d of %s.",
+- cmd->directive->line_num, cmd->directive->filename);
++ "Useless use of AllowOverrideList at %s:%d",
++ cmd->directive->filename, cmd->directive->line_num);
+ }
+ if ((err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS)) != NULL)
+ return err;
+
+- d->override_list = apr_table_make(cmd->pool, 1);
++ d->override_list = apr_table_make(cmd->pool, argc);
+
+ for (i=0;i<argc;i++){
+ if (!strcasecmp(argv[i], "None")) {
++ if (argc != 1) {
++ return "'None' not allowed with other directives in "
++ "AllowOverrideList";
++ }
+ return NULL;
+ }
+ else {
+ const command_rec *result = NULL;
+ module *mod = ap_top_module;
+ result = ap_find_command_in_modules(argv[i], &mod);
+- if (result)
++ if (result == NULL) {
++ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
++ APLOGNO(00116) "Discarding unrecognized "
++ "directive `%s' in AllowOverrideList at %s:%d",
++ argv[i], cmd->directive->filename,
++ cmd->directive->line_num);
++ continue;
++ }
++ else if ((result->req_override & (OR_ALL|ACCESS_CONF)) == 0) {
++ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
++ APLOGNO(02304) "Discarding directive `%s' not "
++ "allowed in AllowOverrideList at %s:%d",
++ argv[i], cmd->directive->filename,
++ cmd->directive->line_num);
++ continue;
++ }
++ else {
+ apr_table_set(d->override_list, argv[i], "1");
+- else
+- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00116)
+- "Discarding unrecognized directive `%s' in AllowOverrideList.",
+- argv[i]);
++ }
+ }
+ }
+
+@@ -2775,6 +2790,24 @@ static const char *set_server_root(cmd_parms *cmd, void *dummy,
+ return NULL;
+ }
+
++static const char *set_runtime_dir(cmd_parms *cmd, void *dummy, const char *arg)
++{
++ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
++
++ if (err != NULL) {
++ return err;
++ }
++
++ if ((apr_filepath_merge((char**)&ap_runtime_dir, NULL,
++ ap_server_root_relative(cmd->pool, arg),
++ APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS)
++ || !ap_is_directory(cmd->temp_pool, ap_runtime_dir)) {
++ return "DefaultRuntimeDir must be a valid directory, absolute or relative to ServerRoot";
++ }
++
++ return NULL;
++}
++
+ static const char *set_timeout(cmd_parms *cmd, void *dummy, const char *arg)
+ {
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE);
+@@ -3928,6 +3961,8 @@ AP_INIT_TAKE1("ServerSignature", set_signature_flag, NULL, OR_ALL,
+ "En-/disable server signature (on|off|email)"),
+ AP_INIT_TAKE1("ServerRoot", set_server_root, NULL, RSRC_CONF | EXEC_ON_READ,
+ "Common directory of server-related files (logs, confs, etc.)"),
++AP_INIT_TAKE1("DefaultRuntimeDir", set_runtime_dir, NULL, RSRC_CONF | EXEC_ON_READ,
++ "Common directory for run-time files (shared memory, locks, etc.)"),
+ AP_INIT_TAKE1("ErrorLog", set_server_string_slot,
+ (void *)APR_OFFSETOF(server_rec, error_fname), RSRC_CONF,
+ "The filename of the error log"),
+@@ -4059,7 +4094,7 @@ AP_INIT_TAKE1("MaxConnectionsPerChild", ap_mpm_set_max_requests, NULL, RSRC_CONF
+ AP_INIT_TAKE1("CoreDumpDirectory", ap_mpm_set_coredumpdir, NULL, RSRC_CONF,
+ "The location of the directory Apache changes to before dumping core"),
+ AP_INIT_TAKE1("MaxMemFree", ap_mpm_set_max_mem_free, NULL, RSRC_CONF,
+- "Maximum number of 1k blocks a particular childs allocator may hold."),
++ "Maximum number of 1k blocks a particular child's allocator may hold."),
+ AP_INIT_TAKE1("ThreadStackSize", ap_mpm_set_thread_stacksize, NULL, RSRC_CONF,
+ "Size in bytes of stack used by threads handling client connections"),
+ #if AP_ENABLE_EXCEPTION_HOOK
+diff --git a/server/listen.c b/server/listen.c
+index a4935aa..a85095d 100644
+--- a/server/listen.c
++++ b/server/listen.c
+@@ -238,7 +238,7 @@ static apr_status_t close_listeners_on_exec(void *v)
+
+ static const char *alloc_listener(process_rec *process, char *addr,
+ apr_port_t port, const char* proto,
+- void *dummy)
++ void *slave)
+ {
+ ap_listen_rec **walk, *last;
+ apr_status_t status;
+@@ -273,7 +273,7 @@ static const char *alloc_listener(process_rec *process, char *addr,
+ }
+
+ if (found_listener) {
+- if (ap_listeners->slave != dummy) {
++ if (ap_listeners->slave != slave) {
+ return "Cannot define a slave on the same IP:port as a Listener";
+ }
+ return NULL;
+@@ -333,7 +333,7 @@ static const char *alloc_listener(process_rec *process, char *addr,
+ last->next = new;
+ last = new;
+ }
+- new->slave = dummy;
++ new->slave = slave;
+ }
+
+ return NULL;
+@@ -612,10 +612,6 @@ AP_DECLARE(void) ap_listen_pre_config(void)
+ ap_listenbacklog = DEFAULT_LISTENBACKLOG;
+ }
+
+-/* Hack: populate an extra field
+- * When this gets called from a Listen directive, dummy is null.
+- * So we can use non-null dummy to pass a data pointer without conflict
+- */
+ AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy,
+ int argc, char *const argv[])
+ {
+@@ -662,7 +658,7 @@ AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy,
+ ap_str_tolower(proto);
+ }
+
+- return alloc_listener(cmd->server->process, host, port, proto, dummy);
++ return alloc_listener(cmd->server->process, host, port, proto, NULL);
+ }
+
+ AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd,
+diff --git a/server/mpm_common.c b/server/mpm_common.c
+index 0cd65e5..4448ec6 100644
+--- a/server/mpm_common.c
++++ b/server/mpm_common.c
+@@ -139,13 +139,13 @@ static struct mpm_gen_info_head_t *geninfo, *unused_geninfo;
+ static int gen_head_init; /* yuck */
+
+ /* variables representing config directives implemented here */
+-const char *ap_pid_fname;
+-int ap_max_requests_per_child;
+-char ap_coredump_dir[MAX_STRING_LEN];
+-int ap_coredumpdir_configured;
+-int ap_graceful_shutdown_timeout;
++AP_DECLARE_DATA const char *ap_pid_fname;
++AP_DECLARE_DATA int ap_max_requests_per_child;
++AP_DECLARE_DATA char ap_coredump_dir[MAX_STRING_LEN];
++AP_DECLARE_DATA int ap_coredumpdir_configured;
++AP_DECLARE_DATA int ap_graceful_shutdown_timeout;
+ AP_DECLARE_DATA apr_uint32_t ap_max_mem_free;
+-apr_size_t ap_thread_stacksize;
++AP_DECLARE_DATA apr_size_t ap_thread_stacksize;
+
+ #define ALLOCATOR_MAX_FREE_DEFAULT (2048*1024)
+
+@@ -170,8 +170,9 @@ void mpm_common_pre_config(apr_pool_t *pconf)
+ #endif
+ static int wait_or_timeout_counter;
+
+-void ap_wait_or_timeout(apr_exit_why_e *status, int *exitcode, apr_proc_t *ret,
+- apr_pool_t *p, server_rec *s)
++AP_DECLARE(void) ap_wait_or_timeout(apr_exit_why_e *status, int *exitcode,
++ apr_proc_t *ret, apr_pool_t *p,
++ server_rec *s)
+ {
+ apr_status_t rv;
+
+@@ -356,8 +357,9 @@ const char *ap_mpm_set_coredumpdir(cmd_parms *cmd, void *dummy,
+ return NULL;
+ }
+
+-const char * ap_mpm_set_graceful_shutdown(cmd_parms *cmd, void *dummy,
+- const char *arg)
++AP_DECLARE(const char *)ap_mpm_set_graceful_shutdown(cmd_parms *cmd,
++ void *dummy,
++ const char *arg)
+ {
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ if (err != NULL) {
+diff --git a/server/mpm_unix.c b/server/mpm_unix.c
+index 6b1d6ee..87df8f5 100644
+--- a/server/mpm_unix.c
++++ b/server/mpm_unix.c
+@@ -73,7 +73,7 @@ typedef struct extra_process_t {
+
+ static extra_process_t *extras;
+
+-void ap_register_extra_mpm_process(pid_t pid, ap_generation_t gen)
++AP_DECLARE(void) ap_register_extra_mpm_process(pid_t pid, ap_generation_t gen)
+ {
+ extra_process_t *p = (extra_process_t *)ap_malloc(sizeof(extra_process_t));
+
+@@ -83,7 +83,7 @@ void ap_register_extra_mpm_process(pid_t pid, ap_generation_t gen)
+ extras = p;
+ }
+
+-int ap_unregister_extra_mpm_process(pid_t pid, ap_generation_t *gen)
++AP_DECLARE(int) ap_unregister_extra_mpm_process(pid_t pid, ap_generation_t *old_gen)
+ {
+ extra_process_t *cur = extras;
+ extra_process_t *prev = NULL;
+@@ -100,7 +100,7 @@ int ap_unregister_extra_mpm_process(pid_t pid, ap_generation_t *gen)
+ else {
+ extras = cur->next;
+ }
+- *gen = cur->gen;
++ *old_gen = cur->gen;
+ free(cur);
+ return 1; /* found */
+ }
+@@ -173,8 +173,8 @@ static int reclaim_one_pid(pid_t pid, action_t action)
+ return 0;
+ }
+
+-void ap_reclaim_child_processes(int terminate,
+- ap_reclaim_callback_fn_t *mpm_callback)
++AP_DECLARE(void) ap_reclaim_child_processes(int terminate,
++ ap_reclaim_callback_fn_t *mpm_callback)
+ {
+ apr_time_t waittime = 1024 * 16;
+ int i;
+@@ -270,7 +270,7 @@ void ap_reclaim_child_processes(int terminate,
+ action_table[cur_action].action != GIVEUP);
+ }
+
+-void ap_relieve_child_processes(ap_reclaim_callback_fn_t *mpm_callback)
++AP_DECLARE(void) ap_relieve_child_processes(ap_reclaim_callback_fn_t *mpm_callback)
+ {
+ int i;
+ extra_process_t *cur_extra;
+@@ -313,7 +313,7 @@ void ap_relieve_child_processes(ap_reclaim_callback_fn_t *mpm_callback)
+ * the pid is a member of the current process group; either using
+ * apr_proc_wait(), where waitpid() guarantees to fail for non-child
+ * processes; or by using getpgid() directly, if available. */
+-apr_status_t ap_mpm_safe_kill(pid_t pid, int sig)
++AP_DECLARE(apr_status_t) ap_mpm_safe_kill(pid_t pid, int sig)
+ {
+ #ifndef HAVE_GETPGID
+ apr_proc_t proc;
+@@ -368,7 +368,8 @@ apr_status_t ap_mpm_safe_kill(pid_t pid, int sig)
+ }
+
+
+-int ap_process_child_status(apr_proc_t *pid, apr_exit_why_e why, int status)
++AP_DECLARE(int) ap_process_child_status(apr_proc_t *pid, apr_exit_why_e why,
++ int status)
+ {
+ int signum = status;
+ const char *sigdesc;
+@@ -569,6 +570,8 @@ static apr_status_t dummy_connection(ap_pod_t *pod)
+
+ ap_log_error(APLOG_MARK, log_level, rv, ap_server_conf, APLOGNO(00056)
+ "connect to listener on %pI", lp->bind_addr);
++ apr_pool_destroy(p);
++ return rv;
+ }
+
+ /* Create the request string. We include a User-Agent so that
+@@ -867,13 +870,14 @@ static void sig_coredump(int sig)
+ */
+ }
+
+-apr_status_t ap_fatal_signal_child_setup(server_rec *s)
++AP_DECLARE(apr_status_t) ap_fatal_signal_child_setup(server_rec *s)
+ {
+ my_pid = getpid();
+ return APR_SUCCESS;
+ }
+
+-apr_status_t ap_fatal_signal_setup(server_rec *s, apr_pool_t *in_pconf)
++AP_DECLARE(apr_status_t) ap_fatal_signal_setup(server_rec *s,
++ apr_pool_t *in_pconf)
+ {
+ #ifndef NO_USE_SIGACTION
+ struct sigaction sa;
+diff --git a/server/request.c b/server/request.c
+index 37cffdd..c2fdd89 100644
+--- a/server/request.c
++++ b/server/request.c
+@@ -1094,9 +1094,9 @@ AP_DECLARE(int) ap_directory_walk(request_rec *r)
+ }
+ else if (APR_STATUS_IS_EACCES(rv)) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00035)
+- "access to %s denied because search "
+- "permissions are missing on a component "
+- "of the path", r->uri);
++ "access to %s denied (filesystem path '%s') "
++ "because search permissions are missing on a "
++ "component of the path", r->uri, r->filename);
+ return r->status = HTTP_FORBIDDEN;
+ }
+ else if ((rv != APR_SUCCESS && rv != APR_INCOMPLETE)
+@@ -1105,7 +1105,8 @@ AP_DECLARE(int) ap_directory_walk(request_rec *r)
+ * rather than assume not found.
+ */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00036)
+- "access to %s failed", r->uri);
++ "access to %s failed (filesystem path '%s')",
++ r->uri, r->filename);
+ return r->status = HTTP_FORBIDDEN;
+ }
+
+diff --git a/server/scoreboard.c b/server/scoreboard.c
+index 4201995..344dc5a 100644
+--- a/server/scoreboard.c
++++ b/server/scoreboard.c
+@@ -143,7 +143,7 @@ AP_DECLARE(int) ap_calc_scoreboard_size(void)
+ return scoreboard_size;
+ }
+
+-void ap_init_scoreboard(void *shared_score)
++AP_DECLARE(void) ap_init_scoreboard(void *shared_score)
+ {
+ char *more_storage;
+ int i;
+@@ -251,7 +251,8 @@ static apr_status_t open_scoreboard(apr_pool_t *pconf)
+ /* If detach is non-zero, this is a separate child process,
+ * if zero, it is a forked child.
+ */
+-apr_status_t ap_reopen_scoreboard(apr_pool_t *p, apr_shm_t **shm, int detached)
++AP_DECLARE(apr_status_t) ap_reopen_scoreboard(apr_pool_t *p, apr_shm_t **shm,
++ int detached)
+ {
+ #if APR_HAS_SHARED_MEMORY
+ if (!detached) {
+diff --git a/server/util_script.c b/server/util_script.c
+index 3f7d847..18c4aea 100644
+--- a/server/util_script.c
++++ b/server/util_script.c
+@@ -682,6 +682,7 @@ static int getsfunc_BRIGADE(char *buf, int len, void *arg)
+ rv = apr_bucket_read(e, &bucket_data, &bucket_data_len,
+ APR_BLOCK_READ);
+ if (rv != APR_SUCCESS || (bucket_data_len == 0)) {
++ *dst = '\0';
+ return APR_STATUS_IS_TIMEUP(rv) ? -1 : 0;
+ }
+ src = bucket_data;
+@@ -738,8 +739,10 @@ static int getsfunc_STRING(char *w, int len, void *pvastrs)
+ const char *p;
+ int t;
+
+- if (!strs->curpos || !*strs->curpos)
++ if (!strs->curpos || !*strs->curpos) {
++ w[0] = '\0';
+ return 0;
++ }
+ p = ap_strchr_c(strs->curpos, '\n');
+ if (p)
+ ++p;
diff --git a/debian/patches/series b/debian/patches/series
index f5dffe0..f0baeec 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,6 +6,8 @@ no_LD_LIBRARY_PATH.patch
suexec-CVE-2007-1742.patch
customize_apxs.patch
build_suexec-custom.patch
+pull_branch_2.4.x.patch
+fixes_from_upstream_trunk.patch
# The patch below must not be applied by quilt at extraction time. It depends
# on some script-fu to be executed before. Have a look
# to debian/rules' prepare-custom-suexec target.
--
Debian packaging for apache2 (Apache HTTPD 2.x)
More information about the Pkg-apache-commits
mailing list