diff options
| author | Stefan Fritsch <sf@debian.org> | 2011-02-06 14:51:40 +0000 |
|---|---|---|
| committer | Stefan Fritsch <sf@sfritsch.de> | 2012-01-02 10:37:11 +0100 |
| commit | e171cb659a91468b117179023c39d35229da07a5 (patch) | |
| tree | 9b398af63524c00147b51ad51869db8c91dc457a | |
| parent | a03a7eb1f566d02517ff2bd55371a141ddb29975 (diff) | |
| download | apache2-e171cb659a91468b117179023c39d35229da07a5.tar.gz | |
new upstream version
git-svn-id: svn+ssh://svn.debian.org/svn/pkg-apache/trunk/apache2@1270 01b336ce-410b-0410-9a02-a0e7f243c266
| -rw-r--r-- | debian/changelog | 6 | ||||
| -rw-r--r-- | debian/patches/00list | 4 | ||||
| -rwxr-xr-x | debian/patches/042_htdigest_CAN-2005-1344 | 23 | ||||
| -rwxr-xr-x | debian/patches/047_fix_usage_message.dpatch | 22 | ||||
| -rwxr-xr-x | debian/patches/080_mod_reqtimeout_fixes.dpatch | 370 | ||||
| -rwxr-xr-x | debian/patches/083_mod_ssl_memcpy.dpatch | 29 | ||||
| -rw-r--r-- | debian/patches/084_mod_reqtimeout_CVE-2010-1623.dpatch | 63 |
7 files changed, 17 insertions, 500 deletions
diff --git a/debian/changelog b/debian/changelog index 4aba816c..2498e605 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +apache2 (2.2.17-1) UNRELEASED; urgency=low + + * New upstream version + + -- Stefan Fritsch <sf@debian.org> Sun, 06 Feb 2011 15:23:35 +0100 + apache2 (2.2.16-6) unstable; urgency=low * Also add $named to the secondary-init-script example. diff --git a/debian/patches/00list b/debian/patches/00list index 3a3f09bb..c8dec549 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -8,7 +8,6 @@ 033_dbm_read_hash_or_btree 034_apxs2_libtool_fixtastic 038_no_LD_LIBRARY_PATH -042_htdigest_CAN-2005-1344 045_suexec_log_cloexec.dpatch 047_fix_usage_message.dpatch 052_logresolve_linelength.dpatch @@ -23,10 +22,7 @@ 076_apxs2_a2enmod.dpatch 077_CacheIgnoreURLSessionIdentifiers.dpatch 079_polish_translation.dpatch -080_mod_reqtimeout_fixes.dpatch 082_ab_num_requests -083_mod_ssl_memcpy.dpatch -084_mod_reqtimeout_CVE-2010-1623.dpatch 099_config_guess_sub_update 200_cp_suexec.dpatch 201_build_suexec-custom.dpatch diff --git a/debian/patches/042_htdigest_CAN-2005-1344 b/debian/patches/042_htdigest_CAN-2005-1344 deleted file mode 100755 index f23f627d..00000000 --- a/debian/patches/042_htdigest_CAN-2005-1344 +++ /dev/null @@ -1,23 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 042_htdigest_CAN-2005-1344 by Adam Conrad <adconrad@0c3.net> -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Fix buffer overflow in htdigest. - -@DPATCH@ ---- apache2/support/htdigest.c.orig 2005-05-05 02:54:31.000000000 -0600 -+++ apache2/support/htdigest.c 2005-05-05 02:59:05.000000000 -0600 -@@ -222,9 +222,11 @@ - apr_strerror(rv, errmsg, sizeof errmsg)); - exit(1); - } -+ apr_cpystrn(user, argv[4], sizeof(user)); -+ apr_cpystrn(realm, argv[3], sizeof(realm)); - apr_file_printf(errfile, "Adding password for %s in realm %s.\n", -- argv[4], argv[3]); -- add_password(argv[4], argv[3], f); -+ user, realm); -+ add_password(user, realm, f); - apr_file_close(f); - exit(0); - } diff --git a/debian/patches/047_fix_usage_message.dpatch b/debian/patches/047_fix_usage_message.dpatch index d9e43ae7..bb31f23f 100755 --- a/debian/patches/047_fix_usage_message.dpatch +++ b/debian/patches/047_fix_usage_message.dpatch @@ -5,24 +5,24 @@ ## DP: Add -X to the help message @DPATCH@ -diff -urNad apache2-2.2.4~/server/main.c apache2-2.2.4/server/main.c ---- apache2-2.2.4~/server/main.c 2006-09-15 15:19:25.000000000 +0200 -+++ apache2-2.2.4/server/main.c 2007-06-25 23:19:58.000000000 +0200 -@@ -336,7 +336,7 @@ +diff -urNad trunk~/server/main.c trunk/server/main.c +--- trunk~/server/main.c 2011-02-06 15:33:27.000000000 +0100 ++++ trunk/server/main.c 2011-02-06 15:38:54.900628737 +0100 +@@ -353,7 +353,7 @@ #endif /* AP_MPM_WANT_SET_GRACEFUL_SHUTDOWN */ #endif ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, -- " %s [-v] [-V] [-h] [-l] [-L] [-t] [-S]", pad); -+ " %s [-v] [-V] [-h] [-l] [-L] [-t] [-S] [-X]", pad); +- " %*s [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S]", ++ " %*s [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X]", + pad_len, " "); ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, "Options:"); - -@@ -415,6 +415,8 @@ - " -M : a synonym for -t -D DUMP_MODULES"); - ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, +@@ -435,6 +435,8 @@ " -t : run syntax check for config files"); + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, + " -T : start without DocumentRoot(s) check"); + ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, -+ " -X : debug mode (only one worker, do not detach)"); ++ " -X : debug mode (only one worker, do not detach)"); destroy_and_exit_process(process, 1); } diff --git a/debian/patches/080_mod_reqtimeout_fixes.dpatch b/debian/patches/080_mod_reqtimeout_fixes.dpatch deleted file mode 100755 index ec5622ff..00000000 --- a/debian/patches/080_mod_reqtimeout_fixes.dpatch +++ /dev/null @@ -1,370 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## -## DP: r921378, r921526, r922407, r923418, r923429, r925986, r928881 from upstream trunk: -## DP: - Move initialization to process_connection hook, right before -## DP: ap_process_http_request. This ensures that we are not inserted for other -## DP: protocol handlers (like mod_ftp) and mod_proxy's backend connections. -## DP: - Enforce request timeout even for AP_MODE_GETLINE. -## DP: - Shorten lingering close wait time to 2s if timeout occurs. -## DP: - Disable body timeout for CONNECT requests. -@DPATCH@ -diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' trunk~/modules/filters/mod_reqtimeout.c trunk/modules/filters/mod_reqtimeout.c ---- trunk~/modules/filters/mod_reqtimeout.c 2010-03-29 21:51:42.000000000 +0200 -+++ trunk/modules/filters/mod_reqtimeout.c 2010-03-29 22:22:21.652500789 +0200 -@@ -20,9 +20,12 @@ - #include "http_connection.h" - #include "http_protocol.h" - #include "http_log.h" -+#define CORE_PRIVATE -+#include "http_core.h" - #include "util_filter.h" - #define APR_WANT_STRFUNC - #include "apr_strings.h" -+#include "apr_support.h" - - module AP_MODULE_DECLARE_DATA reqtimeout_module; - -@@ -38,6 +41,7 @@ - apr_time_t body_rate_factor; - } reqtimeout_srv_cfg; - -+/* this struct is used both as conn_config and as filter context */ - typedef struct - { - apr_time_t timeout_at; -@@ -47,14 +51,11 @@ - int new_max_timeout; - int in_keep_alive; - char *type; -+ apr_socket_t *socket; - apr_time_t rate_factor; -+ apr_bucket_brigade *tmpbb; - } reqtimeout_con_cfg; - --typedef struct --{ -- apr_socket_t *socket; --} reqtimeout_ctx; -- - static const char *const reqtimeout_filter_name = "reqtimeout"; - - static void extend_timeout(reqtimeout_con_cfg *ccfg, apr_bucket_brigade *bb) -@@ -74,24 +75,60 @@ - } - } - -+static apr_status_t check_time_left(reqtimeout_con_cfg *ccfg, -+ apr_time_t *time_left_p) -+{ -+ *time_left_p = ccfg->timeout_at - apr_time_now(); -+ if (*time_left_p <= 0) -+ return APR_TIMEUP; -+ -+ if (*time_left_p < apr_time_from_sec(1)) { -+ *time_left_p = apr_time_from_sec(1); -+ } -+ return APR_SUCCESS; -+} -+ -+static apr_status_t have_lf_or_eos(apr_bucket_brigade *bb) -+{ -+ apr_bucket *b = APR_BRIGADE_LAST(bb); -+ -+ for ( ; b != APR_BRIGADE_SENTINEL(bb) ; b = APR_BUCKET_PREV(b) ) { -+ const char *str; -+ apr_size_t len; -+ apr_status_t rv; -+ -+ if (APR_BUCKET_IS_EOS(b)) -+ return APR_SUCCESS; -+ -+ if (APR_BUCKET_IS_METADATA(b)) -+ continue; -+ -+ rv = apr_bucket_read(b, &str, &len, APR_BLOCK_READ); -+ if (rv != APR_SUCCESS) -+ return rv; -+ -+ if (len == 0) -+ continue; -+ -+ if (str[len-1] == APR_ASCII_LF) -+ return APR_SUCCESS; -+ } -+ return APR_INCOMPLETE; -+} -+ -+ -+#define MIN(x,y) ((x) < (y) ? (x) : (y)) - static apr_status_t reqtimeout_filter(ap_filter_t *f, - apr_bucket_brigade *bb, - ap_input_mode_t mode, - apr_read_type_e block, - apr_off_t readbytes) - { -- reqtimeout_ctx *ctx; - apr_time_t time_left; - apr_time_t now; - apr_status_t rv; - apr_interval_time_t saved_sock_timeout = -1; -- reqtimeout_con_cfg *ccfg; -- -- ctx = f->ctx; -- AP_DEBUG_ASSERT(ctx != NULL); -- -- ccfg = ap_get_module_config(f->c->conn_config, &reqtimeout_module); -- AP_DEBUG_ASSERT(ccfg != NULL); -+ reqtimeout_con_cfg *ccfg = f->ctx; - - if (ccfg->in_keep_alive) { - /* For this read, the normal keep-alive timeout must be used */ -@@ -114,13 +151,14 @@ - return ap_get_brigade(f->next, bb, mode, block, readbytes); - } - -- time_left = ccfg->timeout_at - now; -- if (time_left <= 0) { -- ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c, -- "Request %s read timeout", ccfg->type); -- return APR_TIMEUP; -+ if (!ccfg->socket) { -+ ccfg->socket = ap_get_module_config(f->c->conn_config, &core_module); - } - -+ rv = check_time_left(ccfg, &time_left); -+ if (rv != APR_SUCCESS) -+ goto out; -+ - if (block == APR_NONBLOCK_READ || mode == AP_MODE_INIT - || mode == AP_MODE_EATCRLF) { - rv = ap_get_brigade(f->next, bb, mode, block, readbytes); -@@ -130,41 +168,103 @@ - return rv; - } - -- if (time_left < apr_time_from_sec(1)) { -- time_left = apr_time_from_sec(1); -- } -+ rv = apr_socket_timeout_get(ccfg->socket, &saved_sock_timeout); -+ AP_DEBUG_ASSERT(rv == APR_SUCCESS); - -- rv = apr_socket_timeout_get(ctx->socket, &saved_sock_timeout); -+ rv = apr_socket_timeout_set(ccfg->socket, MIN(time_left, saved_sock_timeout)); - AP_DEBUG_ASSERT(rv == APR_SUCCESS); - -- if (saved_sock_timeout >= time_left) { -- rv = apr_socket_timeout_set(ctx->socket, time_left); -- AP_DEBUG_ASSERT(rv == APR_SUCCESS); -- } -- else { -- saved_sock_timeout = -1; -- } -+ if (mode == AP_MODE_GETLINE) { -+ /* -+ * For a blocking AP_MODE_GETLINE read, apr_brigade_split_line() -+ * would loop until a whole line has been read. As this would make it -+ * impossible to enforce a total timeout, we only do non-blocking -+ * reads. -+ */ -+ apr_off_t remaining = HUGE_STRING_LEN; -+ do { -+ apr_off_t bblen; - -- rv = ap_get_brigade(f->next, bb, mode, block, readbytes); -+ rv = ap_get_brigade(f->next, bb, AP_MODE_GETLINE, APR_NONBLOCK_READ, remaining); -+ if (APR_STATUS_IS_EAGAIN(rv)) { -+ rv = APR_SUCCESS; -+ } -+ else if (rv != APR_SUCCESS) { -+ break; -+ } - -- if (saved_sock_timeout != -1) { -- apr_socket_timeout_set(ctx->socket, saved_sock_timeout); -- } -+ if (!APR_BRIGADE_EMPTY(bb)) { -+ if (ccfg->min_rate > 0) { -+ extend_timeout(ccfg, bb); -+ } -+ -+ rv = have_lf_or_eos(bb); -+ if (rv != APR_INCOMPLETE) { -+ break; -+ } -+ -+ rv = apr_brigade_length(bb, 1, &bblen); -+ if (rv != APR_SUCCESS) { -+ break; -+ } -+ remaining -= bblen; -+ if (remaining <= 0) { -+ break; -+ } -+ -+ /* Haven't got a whole line yet, save what we have ... */ -+ if (!ccfg->tmpbb) { -+ ccfg->tmpbb = apr_brigade_create(f->c->pool, f->c->bucket_alloc); -+ } -+ APR_BRIGADE_CONCAT(ccfg->tmpbb, bb); -+ } -+ -+ /* ... and wait for more */ -+ rv = apr_wait_for_io_or_timeout(NULL, ccfg->socket, 1); -+ if (rv != APR_SUCCESS) -+ break; -+ -+ rv = check_time_left(ccfg, &time_left); -+ if (rv != APR_SUCCESS) -+ break; -+ -+ rv = apr_socket_timeout_set(ccfg->socket, -+ MIN(time_left, saved_sock_timeout)); -+ AP_DEBUG_ASSERT(rv == APR_SUCCESS); -+ -+ } while (1); -+ -+ if (ccfg->tmpbb) -+ APR_BRIGADE_PREPEND(bb, ccfg->tmpbb); - -- if (ccfg->min_rate > 0 && rv == APR_SUCCESS) { -- extend_timeout(ccfg, bb); - } -+ else { -+ /* mode != AP_MODE_GETLINE */ -+ rv = ap_get_brigade(f->next, bb, mode, block, readbytes); -+ if (ccfg->min_rate > 0 && rv == APR_SUCCESS) { -+ extend_timeout(ccfg, bb); -+ } -+ } -+ -+ apr_socket_timeout_set(ccfg->socket, saved_sock_timeout); - -+out: - if (APR_STATUS_IS_TIMEUP(rv)) { - ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, f->c, - "Request %s read timeout", ccfg->type); -+ /* -+ * If we allow a normal lingering close, the client may keep this -+ * process/thread busy for another 30s (MAX_SECS_TO_LINGER). -+ * Therefore we tell ap_lingering_close() to shorten this period to -+ * 2s (SECONDS_TO_LINGER). -+ */ -+ apr_table_setn(f->c->notes, "short-lingering-close", "1"); - } - return rv; - } - --static int reqtimeout_pre_conn(conn_rec *c, void *csd) -+static int reqtimeout_init(conn_rec *c) - { -- reqtimeout_ctx *ctx; - reqtimeout_con_cfg *ccfg; - reqtimeout_srv_cfg *cfg; - -@@ -173,12 +273,9 @@ - AP_DEBUG_ASSERT(cfg != NULL); - if (cfg->header_timeout <= 0 && cfg->body_timeout <= 0) { - /* not configured for this vhost */ -- return OK; -+ return DECLINED; - } - -- ctx = apr_pcalloc(c->pool, sizeof(reqtimeout_ctx)); -- ctx->socket = csd; -- - ccfg = apr_pcalloc(c->pool, sizeof(reqtimeout_con_cfg)); - ccfg->new_timeout = cfg->header_timeout; - ccfg->new_max_timeout = cfg->header_max_timeout; -@@ -187,8 +284,9 @@ - ccfg->rate_factor = cfg->header_rate_factor; - ap_set_module_config(c->conn_config, &reqtimeout_module, ccfg); - -- ap_add_input_filter("reqtimeout", ctx, NULL, c); -- return OK; -+ ap_add_input_filter("reqtimeout", ccfg, NULL, c); -+ /* we are not handling the connection, we just do initialization */ -+ return DECLINED; - } - - static int reqtimeout_after_headers(request_rec *r) -@@ -198,7 +296,7 @@ - ap_get_module_config(r->connection->conn_config, &reqtimeout_module); - - if (ccfg == NULL) { -- /* not configured for this vhost */ -+ /* not configured for this connection */ - return OK; - } - -@@ -208,11 +306,13 @@ - - ccfg->timeout_at = 0; - ccfg->max_timeout_at = 0; -- ccfg->new_timeout = cfg->body_timeout; -- ccfg->new_max_timeout = cfg->body_max_timeout; -- ccfg->min_rate = cfg->body_min_rate; -- ccfg->rate_factor = cfg->body_rate_factor; -- ccfg->type = "body"; -+ if (r->method_number != M_CONNECT) { -+ ccfg->new_timeout = cfg->body_timeout; -+ ccfg->new_max_timeout = cfg->body_max_timeout; -+ ccfg->min_rate = cfg->body_min_rate; -+ ccfg->rate_factor = cfg->body_rate_factor; -+ ccfg->type = "body"; -+ } - - return OK; - } -@@ -224,7 +324,7 @@ - ap_get_module_config(r->connection->conn_config, &reqtimeout_module); - - if (ccfg == NULL) { -- /* not configured for this vhost */ -+ /* not configured for this connection */ - return OK; - } - -@@ -406,7 +506,16 @@ - */ - ap_register_input_filter(reqtimeout_filter_name, reqtimeout_filter, NULL, - AP_FTYPE_CONNECTION + 8); -- ap_hook_pre_connection(reqtimeout_pre_conn, NULL, NULL, APR_HOOK_MIDDLE); -+ -+ /* -+ * mod_reqtimeout needs to be called before ap_process_http_request (which -+ * is run at APR_HOOK_REALLY_LAST) but after all other protocol modules. -+ * This ensures that it only influences normal http connections and not -+ * e.g. mod_ftp. Also, if mod_reqtimeout used the pre_connection hook, it -+ * would be inserted on mod_proxy's backend connections. -+ */ -+ ap_hook_process_connection(reqtimeout_init, NULL, NULL, APR_HOOK_LAST); -+ - ap_hook_post_read_request(reqtimeout_after_headers, NULL, NULL, - APR_HOOK_MIDDLE); - ap_hook_log_transaction(reqtimeout_after_body, NULL, NULL, -diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' trunk~/server/connection.c trunk/server/connection.c ---- trunk~/server/connection.c 2010-03-29 21:51:42.000000000 +0200 -+++ trunk/server/connection.c 2010-03-29 22:22:07.100030216 +0200 -@@ -154,8 +154,20 @@ - break; - - if (timeup == 0) { -- /* First time through; calculate now + 30 seconds. */ -- timeup = apr_time_now() + apr_time_from_sec(MAX_SECS_TO_LINGER); -+ /* -+ * First time through; -+ * calculate now + 30 seconds (MAX_SECS_TO_LINGER). -+ * -+ * If some module requested a shortened waiting period, only wait for -+ * 2s (SECONDS_TO_LINGER). This is useful for mitigating certain -+ * DoS attacks. -+ */ -+ if (apr_table_get(c->notes, "short-lingering-close")) { -+ timeup = apr_time_now() + apr_time_from_sec(SECONDS_TO_LINGER); -+ } -+ else { -+ timeup = apr_time_now() + apr_time_from_sec(MAX_SECS_TO_LINGER); -+ } - continue; - } - } while (apr_time_now() < timeup); diff --git a/debian/patches/083_mod_ssl_memcpy.dpatch b/debian/patches/083_mod_ssl_memcpy.dpatch deleted file mode 100755 index a997a01a..00000000 --- a/debian/patches/083_mod_ssl_memcpy.dpatch +++ /dev/null @@ -1,29 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 082_mod_ssl_memcpy.dpatch by Stefan Fritsch <sf@debian.org> -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Use memmove for overlapping buffers -## DP: http://issues.apache.org/bugzilla/show_bug.cgi?id=45444 -## DP: http://svn.apache.org/viewvc?rev=683280&view=rev -## DP: LP: https://bugs.launchpad.net/bugs/609290 - -@DPATCH@ -diff -urNad trunk~/modules/ssl/ssl_engine_io.c trunk/modules/ssl/ssl_engine_io.c ---- trunk~/modules/ssl/ssl_engine_io.c 2010-03-01 22:27:17.000000000 +0100 -+++ trunk/modules/ssl/ssl_engine_io.c 2010-07-24 21:26:55.763976033 +0200 -@@ -352,13 +352,13 @@ - - if (buffer->length > inl) { - /* we have have enough to fill the caller's buffer */ -- memcpy(in, buffer->value, inl); -+ memmove(in, buffer->value, inl); - buffer->value += inl; - buffer->length -= inl; - } - else { - /* swallow remainder of the buffer */ -- memcpy(in, buffer->value, buffer->length); -+ memmove(in, buffer->value, buffer->length); - inl = buffer->length; - buffer->value = NULL; - buffer->length = 0; diff --git a/debian/patches/084_mod_reqtimeout_CVE-2010-1623.dpatch b/debian/patches/084_mod_reqtimeout_CVE-2010-1623.dpatch deleted file mode 100644 index 70effcd9..00000000 --- a/debian/patches/084_mod_reqtimeout_CVE-2010-1623.dpatch +++ /dev/null @@ -1,63 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## -## DP: Our version of mod_reqtimeout has all fixes from trunk. -## DP: Therefore backport the fix for CVE-2010-1623, too. -## DP: Upstream commit r1003626. -@DPATCH@ -diff --git a/modules/filters/mod_reqtimeout.c b/modules/filters/mod_reqtimeout.c -index b0de997..adc4def 100644 ---- a/modules/filters/mod_reqtimeout.c -+++ b/modules/filters/mod_reqtimeout.c -@@ -115,6 +115,41 @@ static apr_status_t have_lf_or_eos(apr_bucket_brigade *bb) - return APR_INCOMPLETE; - } - -+/* -+ * Append bbIn to bbOut and merge small buckets, to avoid DoS by high memory -+ * usage -+ */ -+static apr_status_t brigade_append(apr_bucket_brigade *bbOut, apr_bucket_brigade *bbIn) -+{ -+ while (!APR_BRIGADE_EMPTY(bbIn)) { -+ apr_bucket *e = APR_BRIGADE_FIRST(bbIn); -+ const char *str; -+ apr_size_t len; -+ apr_status_t rv; -+ -+ rv = apr_bucket_read(e, &str, &len, APR_BLOCK_READ); -+ if (rv != APR_SUCCESS) { -+ return rv; -+ } -+ -+ APR_BUCKET_REMOVE(e); -+ if (APR_BUCKET_IS_METADATA(e) || len > APR_BUCKET_BUFF_SIZE/4) { -+ APR_BRIGADE_INSERT_TAIL(bbOut, e); -+ } -+ else { -+ if (len > 0) { -+ rv = apr_brigade_write(bbOut, NULL, NULL, str, len); -+ if (rv != APR_SUCCESS) { -+ apr_bucket_destroy(e); -+ return rv; -+ } -+ } -+ apr_bucket_destroy(e); -+ } -+ } -+ return APR_SUCCESS; -+} -+ - - #define MIN(x,y) ((x) < (y) ? (x) : (y)) - static apr_status_t reqtimeout_filter(ap_filter_t *f, -@@ -217,7 +252,9 @@ static apr_status_t reqtimeout_filter(ap_filter_t *f, - if (!ccfg->tmpbb) { - ccfg->tmpbb = apr_brigade_create(f->c->pool, f->c->bucket_alloc); - } -- APR_BRIGADE_CONCAT(ccfg->tmpbb, bb); -+ rv = brigade_append(ccfg->tmpbb, bb); -+ if (rv != APR_SUCCESS) -+ break; - } - - /* ... and wait for more */ |