Since Apache 1.3.35 the "Include" directive in the Apache config file seems to ignore wildcards, which correctly worked in the 1.3.34 as it should work, like described in de Apache documentation (http://httpd.apache.org/docs/1.3/mod/core.html#include). Worked in 1.3.34, not working in 1.3.35: Include /path/to/httpd/config/*.conf Errorlog doesn't tell me anything - no errormessages at all.
Other Includes work as expected: Include /path/to/httpd/config/file.conf -> Works in 1.3.34 and 1.3.35 Include /path/to/httpd/config/ -> Also works
This is presumably a regression caused by http://svn.apache.org/viewcvs?rev=396294&view=rev
*** Bug 39516 has been marked as a duplicate of this bug. ***
*** Bug 39513 has been marked as a duplicate of this bug. ***
*** Bug 39531 has been marked as a duplicate of this bug. ***
This message from Colm: http://mail-archives.apache.org/mod_mbox/httpd-dev/200605.mbox/%3c20060508144521.GA27159@dochas.stdlib.net%3e references this patch: http://mail-archives.apache.org/mod_mbox/httpd-dev/200605.mbox/raw/%3c20060508144521.GA27159@dochas.stdlib.net%3e/2
The patch doesn't seem to solve all problems. One of my web servers has a configuration file that includes another file, and that file includes another file. This worked fine with 1.3.34, but produces a segmentation fault on 1.3.35. The problem is totally reproducible using the example below.. Create 3 files in /tmp as follows: /tmp/1.config containing: Include /tmp/2.config /tmp/2.config containing: Include /tmp/3.config /tmp/3.config containing: # With 1.3.34, I could: ./configure cd src ./httpd -f /tmp/1.config With 1.3.35, when I do the same thing, I get a segmentation fault. Applying the patch above does not solve this problem.
If I run through gdb, I get: #0 0x4207abfd in free () from /lib/i686/libc.so.6 #1 0x4206b551 in fclose@@GLIBC_2.1 () from /lib/i686/libc.so.6 #2 0x0806369f in ap_pfclose () #3 0x0808025f in cfg_close () #4 0x0808022b in ap_cfg_closefile () #5 0x08068038 in ap_process_include_config () #6 0x0806d8bb in include_config () #7 0x08066d6e in invoke_cmd () #8 0x080677ef in ap_handle_command () #9 0x0806787a in ap_srm_command_loop () #10 0x0806857d in ap_process_resource_config () #11 0x08068ea1 in ap_read_config () #12 0x08074d03 in main () If I run the same app on my newer RedHat glibc2.3 based system, I get: *** glibc detected *** double free or corruption (top): 0x080b5478 ***
*** Bug 39545 has been marked as a duplicate of this bug. ***
(In reply to comment #9) > *** Bug 39545 has been marked as a duplicate of this bug. *** Sorry for the duplicate, but I didn't notice it because my problem had nothing to do with wildcards. Include in an Include is apperantly borked too. As I mentioned in bug 39545, anyone who wants the CVE-2005-3352 fix and doesn't want to rewrite their configs can simply copy the src/main/http_core.c file from 1.3.34 to 1.3.35 to effectively revert the Include change to 1.3.34 behaviour.
As much as we would like to tell you this is fixed, with the subdirectory feature from 1.3.35 retained - the answer was to back out that patch. This regression from 1.3.34 is resolved in 1.3.36, sans Include subdir/ new feature :(
When will 1.3.36 be available on the apache site?