Re: mod_md backports and happy turkey day

[Ruediger Pluem]

On 11/24/2017 07:22 PM, Steffen wrote:
> -1 
> 

> 
> 
> *mod_ssl*
> ---
> mod-ssl, as pointed before is going to contain experimental code. Seen so far 
> only patched mod-ssl tested with mod_md.
> 

If mod_md is not loaded mod_ssl does nothing different except for one log 
message. All other code is actually only
executed if mod_md is loaded.

> 
> 
> btw.
> 
> I am new to svn and did not used the patches file in /patches but latest git, 
> not clear to me against what I have to patch (trunk, 2.4 or trunk_md ?):I 
> like to see the patched/new files.

The patches needs to be applied to the svn branch they are proposed against. In 
this case 2.4.


Two other questions to the patch though:

1. mod_md.h is required as it is included by ssl_engine_init.c but it is not 
included in the patch.
2. Who is consumer of modssl_read_encrypted_pkey?

Regards

Rüdiger

Re: mod_md backports and happy turkey day

[Steffen]

-1

mod_md

Starting service httpd  with mod_md the OS is signaling an 
error-event:


Error 24-11-2017 10:25:34 Apache Service 3299
The Apache service named  reported the following error:

>>> [Fri Nov 24 10:25:34.432533 2017] [md:info] [pid 7704:tid 444] 
AH10071: mod_md (v1.0.3-git), initializing... .


Also warnings are signaled as error-event, for example:

Error 24-11-2017 13:57:47 Apache Service 3299
The Apache service named  reported the following error:

>>> [Fri Nov 24 13:57:47.194101 2017] [md:warn] [pid 9460:tid 456] 
AH10045: No VirtualHost matches Managed Domain x.nl .


Notes:
loglevel info
Other modules (like mod_http2) has the same kind of  (initializing) 
messages, and  no signaling an error by the OS.



mod_ssl
---
mod-ssl, as pointed before is going to contain experimental code. Seen 
so far only patched mod-ssl tested with mod_md.



We need to make-sure/test  patched mod-ssl without mod_md, and check 
interference with /.well-known/acme-challenge/ from other LetsEncrypt 
utilities.




a2md
---
When I understand we do not have a2md command line anymore since 
yesterday ?

Just curious about the reason ? Was building fine on Windows.

Quick look windows
---
See _tryserf in Buildbin.dsp
Miss  mak files and others


Reminder:  last week off-list to Stefan:
Baseaddr.ref never backports as is without conflict
BuildBin.dsp however will never patch because of _tryserf in trunk.



btw.

I am new to svn and did not used the patches file in /patches but 
latest git,
not clear to me against what I have to patch (trunk, 2.4 or trunk_md 
?):I like to see the patched/new files.








On Thursday 23/11/2017 at 16:27, Stefan Eissing  wrote:

Happy Turkey everyone!

Just added backport proposals and patches for mod_md to 2.4.x/STATUS. 
The mod_ssl patch proposed is the minimal one, without policy or other 
niceties.


I hope I did get all Windows related changes, people might want to 
check this. Also, I think I just got the basics from the docs.


Cheers,

Stefan

PS. Boy, does CHANGES and generated html suck!

Re: apache 2.4.29: mod_http2 stucks from time to time

[Stefan Priebe - Profihost AG]

Thanks i‘ll post a log tonight with a 120s stalled request.

Greets,
Stefan

Excuse my typo sent from my mobile phone.

> Am 23.11.2017 um 17:09 schrieb Stefan Eissing :
> 
> Hey,
> 
> could you try the patch below and produce such a lovely log file again? 
> H2MaxWorkers please back to before, unconfigured. Thanks! This is a small 
> change that a) logs the interaction with h2_workers a bit more and makes sure 
> that time gets lost where I think it does. It also switches the fifo queue in 
> set mode where duplicate entries are checked, in case that interferes here.
> 
> Cheers,
> 
> Stefan
> 
> 
> 
> 
>> Am 23.11.2017 um 14:16 schrieb Stefan Priebe - Profihost AG 
>> :
>> 
>> Hi,
>>> Am 23.11.2017 um 14:10 schrieb Stefan Eissing:
>>> Interesting. I assume that otherwise this host is the same (OS/CPU etc.) as 
>>> others where it runs without probs?
>> 
>> Yes and no i got some more reports by colleagues where they've disabled
>> http2 as the customers had unexpected long loading times.
>> 
>>> We are not ghosted by some strange blabla-lake hyper threading thingie 
>>> singularity?
>> 
>> Huhoh what's that? Any chance to add some more debugging?
>> 
>> Greets,
>> Stefan
>> 
>>> 
>>> Need to think about this.
>>> 
 Am 23.11.2017 um 13:43 schrieb Stefan Priebe - Profihost AG 
 :
 
 *argh*, i was too fast no it did NOT fix the problem. It even happens with:
 H2MaxWorkers4096
 
 Sorry about that.
 
 Stefan
 
> Am 23.11.2017 um 13:42 schrieb Stefan Priebe - Profihost AG:
> Hello,,
> 
> setting:
> H2MaxWorkers1024
> 
> fixes the issue for me. The main problem is how to i know how many
> workers are needed? How can i detect whether all workers of h2 are busy?
> 
> Stefan
> 
>> Am 22.11.2017 um 13:23 schrieb Stefan Priebe - Profihost AG:
>> Hell Stefan,
>> 
>> will send a log to you in a few seconds via private email.
>> 
>> Greets,
>> Stefan
>> 
>>> Am 21.11.2017 um 23:18 schrieb Stefan Eissing:
>>> sorry for the late reply. for stucks trace2 is best. 
>>> 
 Am 21.11.2017 um 19:35 schrieb Stefan Priebe - Profihost AG 
 :
 
 Hello Stefan,
 
 which loglevel do you need? trace2?
 
 Greets,
 Stefan
 
> Am 21.11.2017 um 16:48 schrieb Stefan Eissing:
> Never done this, but https://www.howtoforge.com/setenvif_apache2 
> seems like one way to do make it work.
> 
>> Am 21.11.2017 um 16:16 schrieb Stefan Priebe - Profihost AG 
>> :
>> 
>> 
 Am 21.11.2017 um 16:06 schrieb Stefan Priebe - Profihost AG:
> Am 21.11.2017 um 15:45 schrieb Stefan Eissing:
> 
> Am 21.11.2017 um 14:33 schrieb Stefan Priebe - Profihost AG 
> :
> 
> Hello Stefan,
> Hello Yann,
> 
> me the http2 bug tester is calling again ;-)
 
 And the day was going so well...
>>> 
>>> I'm sorry ;-)
>>> 
> While running two bash curl while loops the one using http1.1 
> always
> finishes in < 0.05s while the http2 one takes sometimes 0.4 to 
> 20s to
> finish. Sadly i can't reproduce this all the time - mostly more 
> requests
> more failures. As this is a production server i've no idea how to 
> debug
> as the http2 trace logs might flood the harddisk.
 
 Hmmm. Do you know if this happens waiting for a response or at the 
 end of a connection? Or in the middle of a body? All GETs or also 
 POSTs?
>>> 
>>> My Test only contains GET - but most probably there are also running
>>> POST requests but not started by me.
>>> 
>>> Strangely this only happens between 1pm and 2pm a day but i've no 
>>> idea
>>> what's different at that time.
>> 
>> OK i'm also able to reproduce this whenever your want. Can we 
>> activate
>> trace logging for a specific IP? So i can generate a http2 log?
>> 
>>> 
>>> I can output a lot of information from curl:
>>>   time_namelookup
>>>   time_connect
>>>time_appconnect
>>>   time_pretransfer
>>>  time_redirect
>>> time_starttransfer
>>> 
>>> Another way might be to enable trace logging only for "my" IP? Is
>>> something like this possible?
>>> 
>>> Greets,
>>> Stefan
> 
>>> 
>>> 
> 

RE: Research volunteers needed

[Nithila Shanmugananthan]

I  am interested may I know more details

Sent from Mail for Windows 10

From: Rich Bowen
Sent: 24 November 2017 19:23
To: dev@httpd.apache.org
Subject: Research volunteers needed

I'm sure many of you know Dawn Foster. She keynoted Apachecon for us in Denver.

She's looking for several volunteers from the httpd community to help her with 
her PhD research. If you are interested in participating please let me know and 
I will make the introductions. The research is around open source software and 
techniques of addressing bugs.

Thanks 

Research volunteers needed

[Rich Bowen]

I'm sure many of you know Dawn Foster. She keynoted Apachecon for us in
Denver.

She's looking for several volunteers from the httpd community to help her
with her PhD research. If you are interested in participating please let me
know and I will make the introductions. The research is around open source
software and techniques of addressing bugs.

Thanks