diff --git a/CHANGES b/CHANGES index bcf4833200..5bf0e7145f 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,10 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.1 + *) core: Remove support for the Content-MD5 header, removed in RFC7231. + Functions ap_md5digest() and ap_md5contextTo64() removed, and + ContentDigest directive. [Graham Leggett] + *) mod_dav: Allow other DAV modules to use dav_get_resource(). [Graham Leggett] diff --git a/docs/manual/developer/new_api_2_6.xml b/docs/manual/developer/new_api_2_6.xml index 3c87831031..898c26f77f 100644 --- a/docs/manual/developer/new_api_2_6.xml +++ b/docs/manual/developer/new_api_2_6.xml @@ -71,8 +71,9 @@ If your module uses these existing APIs...
-
ap_fillmein()
-
This is no longer available;
+
ap_md5digest() / ap_md5contextTo64
+
These functions are no longer available. Use the equivalent functions + from APR if needed.
diff --git a/docs/manual/mod/core.xml b/docs/manual/mod/core.xml index 1ca415bbd0..62823be60f 100644 --- a/docs/manual/mod/core.xml +++ b/docs/manual/mod/core.xml @@ -668,48 +668,6 @@ variables - -ContentDigest -Enables the generation of Content-MD5 HTTP Response -headers -ContentDigest On|Off -ContentDigest Off -server configvirtual host -directory.htaccess - -Options -Experimental - - -

This directive enables the generation of - Content-MD5 headers as defined in RFC1864 - respectively RFC2616.

- -

MD5 is an algorithm for computing a "message digest" - (sometimes called "fingerprint") of arbitrary-length data, with - a high degree of confidence that any alterations in the data - will be reflected in alterations in the message digest.

- -

The Content-MD5 header provides an end-to-end - message integrity check (MIC) of the entity-body. A proxy or - client may check this header for detecting accidental - modification of the entity-body in transit. Example header:

- - - Content-MD5: AuLb7Dp1rqtRtxz2m9kRpA== - - -

Note that this can cause performance problems on your server - since the message digest is computed on every request (the - values are not cached).

- -

Content-MD5 is only sent for documents served - by the core, and not by any module. For example, - SSI documents, output from CGI scripts, and byte range responses - do not have this header.

- - - DefaultRuntimeDir Base directory for the server run-time files diff --git a/docs/manual/new_features_2_6.xml b/docs/manual/new_features_2_6.xml index 5298b7ddb4..c498eaafa5 100644 --- a/docs/manual/new_features_2_6.xml +++ b/docs/manual/new_features_2_6.xml @@ -34,8 +34,13 @@
Core Enhancements
-
Fill me in
-
+
ContentDigest directive and Content-MD5 header
+
The ContentDigest directive and support for the the + Content-MD5 header has been removed from the server, + corresponding with the removal of this header from + + RFC7231 Hypertext Transfer Protocol (HTTP/1.1): Semantics and + Content.
diff --git a/include/ap_mmn.h b/include/ap_mmn.h index 8bf8ffc087..7629fe7c15 100644 --- a/include/ap_mmn.h +++ b/include/ap_mmn.h @@ -651,6 +651,8 @@ * 20200702.1 (2.5.1-dev) Add pool arg to mpm_register_poll_callback and * mpm_register_poll_callback_timeout hooks * 20200702.2 (2.5.1-dev) Add dav_get_resource(). + * 20200703.0 (2.5.1-dev) Remove ap_md5digest(), ap_md5contextTo64(), + * ContentDigest directive. */ #define MODULE_MAGIC_COOKIE 0x41503235UL /* "AP25" */ diff --git a/include/http_core.h b/include/http_core.h index 2bcd713560..17a2c50f1a 100644 --- a/include/http_core.h +++ b/include/http_core.h @@ -553,8 +553,6 @@ typedef struct { #define HOSTNAME_LOOKUP_UNSET 3 unsigned int hostname_lookups : 4; - unsigned int content_md5 : 2; /* calculate Content-MD5? */ - #define USE_CANONICAL_NAME_OFF (0) #define USE_CANONICAL_NAME_ON (1) #define USE_CANONICAL_NAME_DNS (2) diff --git a/include/util_md5.h b/include/util_md5.h index 0287ef9f03..a334cbb234 100644 --- a/include/util_md5.h +++ b/include/util_md5.h @@ -49,21 +49,6 @@ AP_DECLARE(char *) ap_md5(apr_pool_t *a, const unsigned char *string); */ AP_DECLARE(char *) ap_md5_binary(apr_pool_t *a, const unsigned char *buf, int len); -/** - * Convert an MD5 checksum into a base64 encoding. - * @param p The pool to allocate out of - * @param context The context to convert - * @return The converted encoding - */ -AP_DECLARE(char *) ap_md5contextTo64(apr_pool_t *p, apr_md5_ctx_t *context); - -/** - * Create an MD5 Digest for a given file. - * @param p The pool to allocate out of - * @param infile The file to create the digest for - */ -AP_DECLARE(char *) ap_md5digest(apr_pool_t *p, apr_file_t *infile); - #ifdef __cplusplus } #endif diff --git a/server/core.c b/server/core.c index 8bdac75bf0..e9df6617a7 100644 --- a/server/core.c +++ b/server/core.c @@ -41,7 +41,6 @@ #include "http_vhost.h" #include "http_main.h" /* For the default_handler below... */ #include "http_log.h" -#include "util_md5.h" #include "http_connection.h" #include "apr_buckets.h" #include "util_filter.h" @@ -84,10 +83,6 @@ /* valid in core-conf, but not in runtime r->used_path_info */ #define AP_ACCEPT_PATHINFO_UNSET 3 -#define AP_CONTENT_MD5_OFF 0 -#define AP_CONTENT_MD5_ON 1 -#define AP_CONTENT_MD5_UNSET 2 - #define AP_FLUSH_MAX_THRESHOLD 65536 #define AP_FLUSH_MAX_PIPELINED 5 @@ -159,7 +154,6 @@ static void *create_core_dir_config(apr_pool_t *a, char *dir) conf->override = OR_UNSET|OR_NONE; conf->override_opts = OPT_UNSET | OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; - conf->content_md5 = AP_CONTENT_MD5_UNSET; conf->accept_path_info = AP_ACCEPT_PATHINFO_UNSET; conf->use_canonical_name = USE_CANONICAL_NAME_UNSET; @@ -286,10 +280,6 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv) conf->hostname_lookups = new->hostname_lookups; } - if (new->content_md5 != AP_CONTENT_MD5_UNSET) { - conf->content_md5 = new->content_md5; - } - if (new->accept_path_info != AP_ACCEPT_PATHINFO_UNSET) { conf->accept_path_info = new->accept_path_info; } @@ -3394,14 +3384,6 @@ static const char *set_serverpath(cmd_parms *cmd, void *dummy, return NULL; } -static const char *set_content_md5(cmd_parms *cmd, void *d_, int arg) -{ - core_dir_config *d = d_; - - d->content_md5 = arg ? AP_CONTENT_MD5_ON : AP_CONTENT_MD5_OFF; - return NULL; -} - static const char *set_accept_path_info(cmd_parms *cmd, void *d_, const char *arg) { core_dir_config *d = d_; @@ -4784,8 +4766,6 @@ AP_INIT_TAKE1("ServerPath", set_serverpath, NULL, RSRC_CONF, "The pathname the server can be reached at"), AP_INIT_TAKE1("Timeout", set_timeout, NULL, RSRC_CONF, "Timeout duration (sec)"), -AP_INIT_FLAG("ContentDigest", set_content_md5, NULL, OR_OPTIONS, - "whether or not to send a Content-MD5 header with each request"), AP_INIT_TAKE1("UseCanonicalName", set_use_canonical_name, NULL, RSRC_CONF|ACCESS_CONF, "How to work out the ServerName : Port when constructing URLs"), @@ -5099,18 +5079,8 @@ static int default_handler(request_rec *r) int errstatus; apr_file_t *fd = NULL; apr_status_t status; - /* XXX if/when somebody writes a content-md5 filter we either need to - * remove this support or coordinate when to use the filter vs. - * when to use this code - * The current choice of when to compute the md5 here matches the 1.3 - * support fairly closely (unlike 1.3, we don't handle computing md5 - * when the charset is translated). - */ - int bld_content_md5; d = (core_dir_config *)ap_get_core_module_config(r->per_dir_config); - bld_content_md5 = (d->content_md5 == AP_CONTENT_MD5_ON) - && r->output_filters->frec->ftype != AP_FTYPE_RESOURCE; ap_allow_standard_methods(r, MERGE_ALLOW, M_GET, M_OPTIONS, M_POST, -1); @@ -5187,10 +5157,6 @@ static int default_handler(request_rec *r) ap_set_etag_fd(r, fd); ap_set_accept_ranges(r); ap_set_content_length(r, r->finfo.size); - if (bld_content_md5) { - apr_table_setn(r->headers_out, "Content-MD5", - ap_md5digest(r->pool, fd)); - } bb = apr_brigade_create(r->pool, c->bucket_alloc); diff --git a/server/util_md5.c b/server/util_md5.c index bba3b88e42..4555594037 100644 --- a/server/util_md5.c +++ b/server/util_md5.c @@ -76,91 +76,3 @@ AP_DECLARE(char *) ap_md5(apr_pool_t *p, const unsigned char *string) { return ap_md5_binary(p, string, (int) strlen((char *)string)); } - -/* these portions extracted from mpack, John G. Myers - jgm+@cmu.edu */ - -/* (C) Copyright 1993,1994 by Carnegie Mellon University - * All Rights Reserved. - * - * Permission to use, copy, modify, distribute, and sell this software - * and its documentation for any purpose is hereby granted without - * fee, provided that the above copyright notice appear in all copies - * and that both that copyright notice and this permission notice - * appear in supporting documentation, and that the name of Carnegie - * Mellon University not be used in advertising or publicity - * pertaining to distribution of the software without specific, - * written prior permission. Carnegie Mellon University makes no - * representations about the suitability of this software for any - * purpose. It is provided "as is" without express or implied - * warranty. - * - * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO - * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE - * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS - * SOFTWARE. - */ - -/* - * Copyright (c) 1991 Bell Communications Research, Inc. (Bellcore) - * - * Permission to use, copy, modify, and distribute this material - * for any purpose and without fee is hereby granted, provided - * that the above copyright notice and this permission notice - * appear in all copies, and that the name of Bellcore not be - * used in advertising or publicity pertaining to this - * material without the specific, prior written permission - * of an authorized representative of Bellcore. BELLCORE - * MAKES NO REPRESENTATIONS ABOUT THE ACCURACY OR SUITABILITY - * OF THIS MATERIAL FOR ANY PURPOSE. IT IS PROVIDED "AS IS", - * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. - */ - -static char basis_64[] = -"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -AP_DECLARE(char *) ap_md5contextTo64(apr_pool_t *a, apr_md5_ctx_t *context) -{ - unsigned char digest[18]; - char *encodedDigest; - int i; - char *p; - - encodedDigest = (char *) apr_pcalloc(a, 25 * sizeof(char)); - - apr_md5_final(digest, context); - digest[sizeof(digest) - 1] = digest[sizeof(digest) - 2] = 0; - - p = encodedDigest; - for (i = 0; i < sizeof(digest); i += 3) { - *p++ = basis_64[digest[i] >> 2]; - *p++ = basis_64[((digest[i] & 0x3) << 4) | ((int) (digest[i + 1] & 0xF0) >> 4)]; - *p++ = basis_64[((digest[i + 1] & 0xF) << 2) | ((int) (digest[i + 2] & 0xC0) >> 6)]; - *p++ = basis_64[digest[i + 2] & 0x3F]; - } - *p-- = '\0'; - *p-- = '='; - *p-- = '='; - return encodedDigest; -} - -AP_DECLARE(char *) ap_md5digest(apr_pool_t *p, apr_file_t *infile) -{ - apr_md5_ctx_t context; - unsigned char buf[4096]; /* keep this a multiple of 64 */ - apr_size_t nbytes; - apr_off_t offset = 0L; - - apr_md5_init(&context); - nbytes = sizeof(buf); - while (apr_file_read(infile, buf, &nbytes) == APR_SUCCESS) { - apr_md5_update(&context, buf, nbytes); - nbytes = sizeof(buf); - } - apr_file_seek(infile, APR_SET, &offset); - return ap_md5contextTo64(p, &context); -} -