Passed: apache/httpd#1466 (2.4.x - 184a3aa)
Build Update for apache/httpd - Build: #1466 Status: Passed Duration: 16 mins and 17 secs Commit: 184a3aa (2.4.x) Author: Yann Ylavic Message: Merge r1885691 from trunk: mod_proxy_hcheck: don't pile up health checks. PR 63010. Prevent health checks from running for a worker until the last one is fully finished, to avoid making things worse (memory growth, #connections, ..). This is done by zeroing worker->s->updated before scheduling the worker in the threadpool, and resetting the time when it's finished. The scheduler then does nothing if worker->s->updated is zero. Also, to save some apr_time_now() calls when !HC_USE_THREADS, *baton->now is updated in the callback and reused by the scheduler. Submitted by: ylavic Reviewed by: ylavic, covener, icing git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1887119 13f79535-47bb-0310-9956-ffa450edef68 View the changeset: https://github.com/apache/httpd/compare/9f7d27daddf1...184a3aa8b71d View the full build log and details: https://travis-ci.com/github/apache/httpd/builds/218770762?utm_medium=notification_source=email -- You can unsubscribe from build emails from the apache/httpd repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=16806660_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Passed: apache/httpd#1465 (2.4.x - 9f7d27d)
Build Update for apache/httpd - Build: #1465 Status: Passed Duration: 16 mins and 30 secs Commit: 9f7d27d (2.4.x) Author: Yann Ylavic Message: Merge r1886141, r1886151 from trunk: * We need to check for (!scheme && (u = strchr(url, ':')) && (u - url) > 14) later as (!scheme || u[0] != '/' || u[1] != '/' || u[2] == '\0') is true for requests with the CONNECT method which we need to decline. But in many cases requests with the CONNECT method have (u - url) > 14 as in this case (u - url) is the length of the FQDN the forward proxy should connect to. mod_proxy_http: follow up to r1886141, axe overlong scheme check. Since mod_proxy can see CONNECT URIs, "hostname:port" versus "scheme:" is hardly distinguishable (we don't want to limit the length of hostnames), and we don't allocate the scheme anymore while parsing, let's simply decline unrecognized schemes (overlong or not) and be caught by the no-handler case if there really is no proxy handler interested. Submitted by: rpluem, ylavic Reviewed by: ylavic, covener, icing git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1887118 13f79535-47bb-0310-9956-ffa450edef68 View the changeset: https://github.com/apache/httpd/compare/599310caf39a...9f7d27daddf1 View the full build log and details: https://travis-ci.com/github/apache/httpd/builds/218770654?utm_medium=notification_source=email -- You can unsubscribe from build emails from the apache/httpd repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=16806660_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Errored: apache/httpd#1464 (2.4.x - 599310c)
Build Update for apache/httpd - Build: #1464 Status: Errored Duration: 18 mins and 2 secs Commit: 599310c (2.4.x) Author: Ruediger Pluem Message: Merge r1398307, r1465839, r1530603, r1578759, r1729507 from trunk: * If we face a timeout during receiving the response from the backend and if we pinged it successfully before don't assume the whole backend has failed. Assume that only the request has failed and return a gateway timeout then. Add failontimeout to allow server admin to mark balancer member in err if IO timeout occurs. ping tuning via Yann Ylavic Use 'apr_table_setn' instead of 'apr_table_set' when possible in order to save memory. mod_proxy: axe negative "ping" parameter setting and handling. This used to check for the backend connection readability only (instead of the full ping/100-continue round-trip), but the case is already handled by ap_proxy_connect_backend() which is always called. Submitted by: rpluem, druggeri, jim, jailletc36, ylavic Reviewed by: rpluem, ylavic, icing Github: closes #170 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1887116 13f79535-47bb-0310-9956-ffa450edef68 View the changeset: https://github.com/apache/httpd/compare/d9fcb966e486...599310caf39a View the full build log and details: https://travis-ci.com/github/apache/httpd/builds/218765059?utm_medium=notification_source=email -- You can unsubscribe from build emails from the apache/httpd repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=16806660_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Re: svn commit: r1887085 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/http_protocol.h modules/md/mod_md.c modules/ssl/ssl_engine_init.c modules/ssl/ssl_engine_kernel.c modules/ssl/ssl_pri
On 3/2/21 3:21 PM, ic...@apache.org wrote: > Author: icing > Date: Tue Mar 2 14:21:18 2021 > New Revision: 1887085 > > URL: http://svn.apache.org/viewvc?rev=1887085=rev > Log: > Adding more ap_ssl_* functions and hooks to the core server. > > - ap_ssl_add_cert_files() to enable other modules like mod_md to provide >certificate and keys for an SSL module like mod_ssl. > - ap_ssl_add_fallback_cert_files() to enable other modules like mod_md to >provide a fallback certificate in case no 'proper' certificate is >available for an SSL module like mod_ssl. > - ap_ssl_answer_challenge() to enable other modules like mod_md to >provide a certificate as used in the RFC 8555 'tls-alpn-01' challenge >for the ACME protocol for an SSL module like mod_ssl. > - Hooks for 'ssl_add_cert_files', 'ssl_add_fallback_cert_files' and > 'ssl_answer_challenge' where modules like mod_md can provide providers > to the above mentioned functions. > > > Modified: > httpd/httpd/trunk/CHANGES > httpd/httpd/trunk/include/ap_mmn.h > httpd/httpd/trunk/include/http_protocol.h > httpd/httpd/trunk/modules/md/mod_md.c > httpd/httpd/trunk/modules/ssl/ssl_engine_init.c > httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c > httpd/httpd/trunk/modules/ssl/ssl_private.h > httpd/httpd/trunk/server/protocol.c > > Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1887085=1887084=1887085=diff > == > --- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original) > +++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Tue Mar 2 14:21:18 2021 > @@ -2316,11 +2316,29 @@ void ssl_callback_Info(const SSL *ssl, i > #ifdef HAVE_TLSEXT > > static apr_status_t set_challenge_creds(conn_rec *c, const char *servername, > -SSL *ssl, X509 *cert, EVP_PKEY *key) > +SSL *ssl, X509 *cert, EVP_PKEY *key, > +const char *cert_file, const char > *key_file) > { > SSLConnRec *sslcon = myConnConfig(c); > > sslcon->service_unavailable = 1; > +if (cert_file) { > +if (SSL_use_certificate_chain_file(ssl, cert_file) < 1) { As noted by the failure of build #1461 ( https://travis-ci.com/github/apache/httpd/jobs/487481449) SSL_use_certificate_chain_file is not available with OpenSSL 1.0.2 which is still the OS provided standard version with Ubuntu 16 LTS and RedHat / Centos 7. Regards RĂ¼diger
Re: Errored: apache/httpd#1461 (trunk - cd1fa48)
On Tue, Mar 02, 2021 at 03:17:36PM +, Travis CI wrote: > Build Update for apache/httpd > - > > Build: #1461 > Status: Errored > > Duration: 21 mins and 38 secs > Commit: cd1fa48 (trunk) > Author: Stefan Eissing > Message: Adding log tags where log tags are needed. > > > > git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1887087 > 13f79535-47bb-0310-9956-ffa450edef68 > > View the changeset: > https://github.com/apache/httpd/compare/5dc01860dbf5...cd1fa489d29d > > View the full build log and details: > https://travis-ci.com/github/apache/httpd/builds/218728190?utm_medium=notification_source=email Most of this crop of failures are docker hub stuff, which I apparently forgot to test/push fixes for (WIP, sorry), but the other half is a genuine failure: waiting 60 seconds for server to start: .httpd: Syntax error on line 312 of /home/travis/build/apache/httpd/test/perl-framework/t/conf/httpd.conf: Cannot load /home/travis/build/apache/httpd/modules/ssl/.libs/mod_ssl.so into server: /home/travis/build/apache/httpd/modules/ssl/.libs/mod_ssl.so: undefined symbol: SSL_use_certificate_chain_file on the Xenial build, which has: OpenSSL 1.0.2g 1 Mar 2016 https://travis-ci.com/github/apache/httpd/jobs/487481449
Re: Allowing balancer without ProxyPass
On 02/03/2021 16:07, Yann Ylavic wrote: On Tue, Mar 2, 2021 at 3:44 PM jean-frederic clere wrote: On 02/03/2021 12:35, Yann Ylavic wrote: On Tue, Mar 2, 2021 at 11:05 AM jean-frederic clere wrote: Has anyone something against making the above creating a balancer that can be used later by the balancer-manager handler to create the corresponding workers and a customized load_balancer provider to replace the ProxyPass logic? +1 That's something like this right? Yes ;-) OK, but note that it also affects the proxy workers (not only balancers), such that it may define workers that weren't previously and thus enabling keepalive and things like this for them. Yes I already had to add a WorkerGrowth directive in my prototype to be able to create the workers via the logic of the balancer-handler. So at backport time (if ever), this is possibly something to think about ;) Yes I will try to minimize changes ;-) Cheers; Yann. -- Cheers Jean-Frederic
Errored: apache/httpd#1462 (2.4.x - 97c9e9d)
Build Update for apache/httpd - Build: #1462 Status: Errored Duration: 13 mins and 13 secs Commit: 97c9e9d (2.4.x) Author: Yann Ylavic Message: Merge r1887050, r1887052 from trunk: mod_session: save one apr_strtok() in session_identity_decode(). When the encoding is invalid (missing '='), no need to parse further. mod_session: account for the '&' in identity_concat(). Submitted by: ylavic Reviewed by: ylavic, covener, jailletc36 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1887090 13f79535-47bb-0310-9956-ffa450edef68 View the changeset: https://github.com/apache/httpd/compare/d40961fcef88...97c9e9d66cd2 View the full build log and details: https://travis-ci.com/github/apache/httpd/builds/218735008?utm_medium=notification_source=email -- You can unsubscribe from build emails from the apache/httpd repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=16806660_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Errored: apache/httpd#1461 (trunk - cd1fa48)
Build Update for apache/httpd - Build: #1461 Status: Errored Duration: 21 mins and 38 secs Commit: cd1fa48 (trunk) Author: Stefan Eissing Message: Adding log tags where log tags are needed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1887087 13f79535-47bb-0310-9956-ffa450edef68 View the changeset: https://github.com/apache/httpd/compare/5dc01860dbf5...cd1fa489d29d View the full build log and details: https://travis-ci.com/github/apache/httpd/builds/218728190?utm_medium=notification_source=email -- You can unsubscribe from build emails from the apache/httpd repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=16806660_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Re: Allowing balancer without ProxyPass
On Tue, Mar 2, 2021 at 3:44 PM jean-frederic clere wrote: > > On 02/03/2021 12:35, Yann Ylavic wrote: > > On Tue, Mar 2, 2021 at 11:05 AM jean-frederic clere > > wrote: > >> > >> Has anyone something against making the above creating a balancer that > >> can be used later by the balancer-manager handler to create the > >> corresponding workers and a customized load_balancer provider to replace > >> the ProxyPass logic? > > > > +1 > > > > That's something like this right? > > Yes ;-) OK, but note that it also affects the proxy workers (not only balancers), such that it may define workers that weren't previously and thus enabling keepalive and things like this for them. So at backport time (if ever), this is possibly something to think about ;) Cheers; Yann.
Broken: apache/httpd#1460 (trunk - 5dc0186)
Build Update for apache/httpd - Build: #1460 Status: Broken Duration: 6 mins and 46 secs Commit: 5dc0186 (trunk) Author: Stefan Eissing Message: Adding more ap_ssl_* functions and hooks to the core server. - ap_ssl_add_cert_files() to enable other modules like mod_md to provide certificate and keys for an SSL module like mod_ssl. - ap_ssl_add_fallback_cert_files() to enable other modules like mod_md to provide a fallback certificate in case no 'proper' certificate is available for an SSL module like mod_ssl. - ap_ssl_answer_challenge() to enable other modules like mod_md to provide a certificate as used in the RFC 8555 'tls-alpn-01' challenge for the ACME protocol for an SSL module like mod_ssl. - Hooks for 'ssl_add_cert_files', 'ssl_add_fallback_cert_files' and 'ssl_answer_challenge' where modules like mod_md can provide providers to the above mentioned functions. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1887085 13f79535-47bb-0310-9956-ffa450edef68 View the changeset: https://github.com/apache/httpd/compare/ba708f0e78a5...5dc01860dbf5 View the full build log and details: https://travis-ci.com/github/apache/httpd/builds/218724522?utm_medium=notification_source=email -- You can unsubscribe from build emails from the apache/httpd repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=16806660_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Re: Allowing balancer without ProxyPass
On 02/03/2021 12:35, Yann Ylavic wrote: On Tue, Mar 2, 2021 at 11:05 AM jean-frederic clere wrote: Has anyone something against making the above creating a balancer that can be used later by the balancer-manager handler to create the corresponding workers and a customized load_balancer provider to replace the ProxyPass logic? +1 That's something like this right? Yes ;-) Index: modules/proxy/mod_proxy.c === --- modules/proxy/mod_proxy.c(revision 1887057) +++ modules/proxy/mod_proxy.c(working copy) @@ -2649,7 +2649,7 @@ static const char *proxysection(cmd_parms *cmd, vo ap_add_per_proxy_conf(cmd->server, new_dir_conf); -if (*arg != '\0') { +{ if (thiscmd->cmd_data) return "Multiple arguments not (yet) supported."; if (conf->p_is_fnmatch) -- Regards; Yann. -- Cheers Jean-Frederic
Re: Allowing balancer without ProxyPass
On Tue, Mar 2, 2021 at 11:05 AM jean-frederic clere wrote: > > Has anyone something against making the above creating a balancer that > can be used later by the balancer-manager handler to create the > corresponding workers and a customized load_balancer provider to replace > the ProxyPass logic? +1 That's something like this right? Index: modules/proxy/mod_proxy.c === --- modules/proxy/mod_proxy.c(revision 1887057) +++ modules/proxy/mod_proxy.c(working copy) @@ -2649,7 +2649,7 @@ static const char *proxysection(cmd_parms *cmd, vo ap_add_per_proxy_conf(cmd->server, new_dir_conf); -if (*arg != '\0') { +{ if (thiscmd->cmd_data) return "Multiple arguments not (yet) supported."; if (conf->p_is_fnmatch) -- Regards; Yann.
Allowing balancer without ProxyPass
Hi, The following in httpd.conf: +++ +++ does nothing in a configuration, not even a warning ;-) Has anyone something against making the above creating a balancer that can be used later by the balancer-manager handler to create the corresponding workers and a customized load_balancer provider to replace the ProxyPass logic? -- Cheers Jean-Frederic