Author: jim
Date: Tue May 17 18:19:36 2022
New Revision: 1901010
URL: http://svn.apache.org/viewvc?rev=1901010&view=rev
Log:
Merge r1900356 from trunk:
*) mod_http2: remove unused and insecure code. Fixes PR66037.
Thanks to Ronald Crane (Zippenhop LLC) for reporting this.
Submitted by: icing
Reviewed by: jailletc36, icing, rpluem
Added:
httpd/httpd/branches/2.4.x/changes-entries/pr66037.txt
- copied unchanged from r1900356, httpd/httpd/trunk/changes-entries/pr66037.txt
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/modules/http2/h2_util.c
httpd/httpd/branches/2.4.x/modules/http2/h2_util.h
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1900356
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue May 17 18:19:36 2022
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.54
+ *) mod_http2: remove unused and insecure code. Fixes PR66037.
+ Thanks to Ronald Crane (Zippenhop LLC) for reporting this.
+
*) mod_http2: removing unscheduling of ongonig tasks when
connection shows potential abuse by a client. This proved
counter-productive and the abuse detection can false flag
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Tue May 17 18:19:36 2022
@@ -148,12 +148,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_http2: remove obsolete, insecure code. Fixes PR66037.
- trunk patches: https://svn.apache.org/r1900356
- 2.4.x patches: svn merge -c 1900356 ^/httpd/httpd/trunk .
- +1: jailletc36, icing, rpluem
- icing: I just waited to see what you think!
-
*) core: make ap_escape_quotes() work correctly on strings
with more than MAX_INT/2 characters, counting quotes double.
trunk patch: https://svn.apache.org/r1899609
Modified: httpd/httpd/branches/2.4.x/modules/http2/h2_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/h2_util.c?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/http2/h2_util.c (original)
+++ httpd/httpd/branches/2.4.x/modules/http2/h2_util.c Tue May 17 18:19:36 2022
@@ -75,26 +75,6 @@ size_t h2_util_hex_dump(char *buffer, si
return strlen(buffer);
}
-size_t h2_util_header_print(char *buffer, size_t maxlen,
- const char *name, size_t namelen,
- const char *value, size_t valuelen)
-{
- size_t offset = 0;
- size_t i;
- for (i = 0; i < namelen && offset < maxlen; ++i, ++offset) {
- buffer[offset] = name[i];
- }
- for (i = 0; i < 2 && offset < maxlen; ++i, ++offset) {
- buffer[offset] = ": "[i];
- }
- for (i = 0; i < valuelen && offset < maxlen; ++i, ++offset) {
- buffer[offset] = value[i];
- }
- buffer[offset] = '\0';
- return offset;
-}
-
-
void h2_util_camel_case_header(char *s, size_t len)
{
size_t start = 1;
Modified: httpd/httpd/branches/2.4.x/modules/http2/h2_util.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/h2_util.h?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/http2/h2_util.h (original)
+++ httpd/httpd/branches/2.4.x/modules/http2/h2_util.h Tue May 17 18:19:36 2022
@@ -28,10 +28,6 @@ struct nghttp2_frame;
size_t h2_util_hex_dump(char *buffer, size_t maxlen,
const char *data, size_t datalen);
-size_t h2_util_header_print(char *buffer, size_t maxlen,
- const char *name, size_t namelen,
- const char *value, size_t valuelen);
-
void h2_util_camel_case_header(char *s, size_t len);
int h2_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen);
Date: Tue May 17 18:19:36 2022
New Revision: 1901010
URL: http://svn.apache.org/viewvc?rev=1901010&view=rev
Log:
Merge r1900356 from trunk:
*) mod_http2: remove unused and insecure code. Fixes PR66037.
Thanks to Ronald Crane (Zippenhop LLC) for reporting this.
Submitted by: icing
Reviewed by: jailletc36, icing, rpluem
Added:
httpd/httpd/branches/2.4.x/changes-entries/pr66037.txt
- copied unchanged from r1900356, httpd/httpd/trunk/changes-entries/pr66037.txt
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/modules/http2/h2_util.c
httpd/httpd/branches/2.4.x/modules/http2/h2_util.h
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1900356
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue May 17 18:19:36 2022
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.54
+ *) mod_http2: remove unused and insecure code. Fixes PR66037.
+ Thanks to Ronald Crane (Zippenhop LLC) for reporting this.
+
*) mod_http2: removing unscheduling of ongonig tasks when
connection shows potential abuse by a client. This proved
counter-productive and the abuse detection can false flag
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Tue May 17 18:19:36 2022
@@ -148,12 +148,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_http2: remove obsolete, insecure code. Fixes PR66037.
- trunk patches: https://svn.apache.org/r1900356
- 2.4.x patches: svn merge -c 1900356 ^/httpd/httpd/trunk .
- +1: jailletc36, icing, rpluem
- icing: I just waited to see what you think!
-
*) core: make ap_escape_quotes() work correctly on strings
with more than MAX_INT/2 characters, counting quotes double.
trunk patch: https://svn.apache.org/r1899609
Modified: httpd/httpd/branches/2.4.x/modules/http2/h2_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/h2_util.c?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/http2/h2_util.c (original)
+++ httpd/httpd/branches/2.4.x/modules/http2/h2_util.c Tue May 17 18:19:36 2022
@@ -75,26 +75,6 @@ size_t h2_util_hex_dump(char *buffer, si
return strlen(buffer);
}
-size_t h2_util_header_print(char *buffer, size_t maxlen,
- const char *name, size_t namelen,
- const char *value, size_t valuelen)
-{
- size_t offset = 0;
- size_t i;
- for (i = 0; i < namelen && offset < maxlen; ++i, ++offset) {
- buffer[offset] = name[i];
- }
- for (i = 0; i < 2 && offset < maxlen; ++i, ++offset) {
- buffer[offset] = ": "[i];
- }
- for (i = 0; i < valuelen && offset < maxlen; ++i, ++offset) {
- buffer[offset] = value[i];
- }
- buffer[offset] = '\0';
- return offset;
-}
-
-
void h2_util_camel_case_header(char *s, size_t len)
{
size_t start = 1;
Modified: httpd/httpd/branches/2.4.x/modules/http2/h2_util.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/h2_util.h?rev=1901010&r1=1901009&r2=1901010&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/http2/h2_util.h (original)
+++ httpd/httpd/branches/2.4.x/modules/http2/h2_util.h Tue May 17 18:19:36 2022
@@ -28,10 +28,6 @@ struct nghttp2_frame;
size_t h2_util_hex_dump(char *buffer, size_t maxlen,
const char *data, size_t datalen);
-size_t h2_util_header_print(char *buffer, size_t maxlen,
- const char *name, size_t namelen,
- const char *value, size_t valuelen);
-
void h2_util_camel_case_header(char *s, size_t len);
int h2_util_frame_print(const nghttp2_frame *frame, char *buffer, size_t maxlen);