Re: httpd and php integration

On 10/18/2018 07:29 PM, Rainer Jung wrote: Am 19.10.2018 um 00:46 schrieb Dennis Clarke: On 10/18/2018 04:57 PM, Rainer Jung wrote: Am 18.10.2018 um 21:55 schrieb Dennis Clarke: You debugger output shows jump = 0x101e2915c. This address is not divisible by 8, so it seems it confirms the

Re: httpd and php integration

Am 19.10.2018 um 00:46 schrieb Dennis Clarke: On 10/18/2018 04:57 PM, Rainer Jung wrote: Am 18.10.2018 um 21:55 schrieb Dennis Clarke: You debugger output shows jump = 0x101e2915c. This address is not divisible by 8, so it seems it confirms the alignment problem.  0x101e2915c ?? Not sure

Re: httpd and php integration

On 10/18/2018 04:57 PM, Rainer Jung wrote: Am 18.10.2018 um 21:55 schrieb Dennis Clarke: On 10/18/2018 03:42 PM, Rainer Jung wrote: Am 18.10.2018 um 21:18 schrieb Dennis Clarke: On 10/18/2018 02:12 PM, Daniel Ruggeri wrote: php: "5.6.38" I do build PHP 7.x myself including recent library

Re: svn commit: r1844286 - /httpd/test/framework/trunk/t/ssl/ocsp.t

Thanks! Am 18.10.2018 um 23:10 schrieb yla...@apache.org: Author: ylavic Date: Thu Oct 18 21:10:10 2018 New Revision: 1844286 URL: http://svn.apache.org/viewvc?rev=1844286=rev Log: Add 'use Net::SSLeay' required by Net::SSLeay::OPENSSL_VERSION_NUMBER(). Modified:

Re: httpd and php integration

Am 18.10.2018 um 21:55 schrieb Dennis Clarke: On 10/18/2018 03:42 PM, Rainer Jung wrote: Am 18.10.2018 um 21:18 schrieb Dennis Clarke: On 10/18/2018 02:12 PM, Daniel Ruggeri wrote: php: "5.6.38" I do build PHP 7.x myself including recent library versions both on some Linux platforms as

httpd and php integration

On 10/18/2018 03:42 PM, Rainer Jung wrote: Am 18.10.2018 um 21:18 schrieb Dennis Clarke: On 10/18/2018 02:12 PM, Daniel Ruggeri wrote: php: "5.6.38" I do build PHP 7.x myself including recent library versions both on some Linux platforms as well as on Solaris Sparc. But the typical use is

Re: [VOTE] Release httpd-2.4.37

Am 18.10.2018 um 21:18 schrieb Dennis Clarke: On 10/18/2018 02:12 PM, Daniel Ruggeri wrote: php: "5.6.38" Slightly off topic but I see you have ye old php 5.6.38 there. Was this built and installed yourself? Just curious is there is any guidance anywhere regarding php 7.x which builds but it

Re: svn commit: r1843478 - /httpd/test/framework/trunk/t/ssl/ocsp.t

> On Oct 16, 2018, at 11:36 AM, William A Rowe Jr wrote: > > To button this issue up, it's clear to me that Jim had transposed the meaning > of result values from posix commands, and that was the origin of > irrationality in this discussion. > Actually, I did not. But thanks for playing.

Re: [VOTE] Release httpd-2.4.37

On 10/18/2018 02:12 PM, Daniel Ruggeri wrote: php: "5.6.38" Slightly off topic but I see you have ye old php 5.6.38 there. Was this built and installed yourself? Just curious is there is any guidance anywhere regarding php 7.x which builds but it is a religious experience complete with prayer

Re: [VOTE] Release httpd-2.4.37

On 2018-10-18 09:36, Daniel Ruggeri wrote: Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.37: [ ] +1: It's not just good, it's

Re: svn commit: r1844231 - in /httpd/httpd/branches/2.4.x/docs/manual: ./ faq/ howto/ misc/ mod/ platform/ programs/ rewrite/ ssl/ style/ style/lang/ style/xsl/util/ vhosts/

Le 18/10/2018 à 15:49, William A Rowe Jr a écrit : Please never do this again on the eve of a release, it is not easily reviewed and is very inconsiderate to the RM. This doesn't meet the idea of minimal scope, or the spirit of docs@h.a.o being exempt from backport review(!) That said...

Re: OCSP in 2.4 with OpenSSL 0.9.8(zh)

Some answers inline and the solution at the end ... Am 18.10.2018 um 15:01 schrieb William A Rowe Jr: On Thu, Oct 18, 2018 at 7:27 AM Rainer Jung > wrote: I get test suite failures for t/ssl/ocsp.t when the server is build against OpenSSL 0.9.8zh. I

[VOTE] Release httpd-2.4.37

Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.37: [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ]

Re: OCSP in 2.4 with OpenSSL 0.9.8(zh)

On Thu, Oct 18, 2018 at 8:01 AM William A Rowe Jr wrote: > On Thu, Oct 18, 2018 at 7:27 AM Rainer Jung > wrote: > >> I get test suite failures for t/ssl/ocsp.t when the server is build >> against OpenSSL 0.9.8zh. I can't judge on whether that is expected for >> OpenSSL 0.9.8. > > > A very good

Re: [NOTICE] Intent to T 2.4.37 - about 12:00 GMT tomorrow

On 2018-10-18 07:12, Rainer Jung wrote: Am 17.10.2018 um 13:41 schrieb Daniel Ruggeri: Hi, all; With the fix for detected OpenSSL 1.1.1 issues now backported to 2.4.x, I would like to tag the next version of our venerable server soon. I have already successfully completed the test suite

Re: svn commit: r1844231 - in /httpd/httpd/branches/2.4.x/docs/manual: ./ faq/ howto/ misc/ mod/ platform/ programs/ rewrite/ ssl/ style/ style/lang/ style/xsl/util/ vhosts/

Please never do this again on the eve of a release, it is not easily reviewed and is very inconsiderate to the RM. This doesn't meet the idea of minimal scope, or the spirit of docs@h.a.o being exempt from backport review(!) That said...

Re: OCSP in 2.4 with OpenSSL 0.9.8(zh)

On Thu, Oct 18, 2018 at 7:27 AM Rainer Jung wrote: > I get test suite failures for t/ssl/ocsp.t when the server is build > against OpenSSL 0.9.8zh. I can't judge on whether that is expected for > OpenSSL 0.9.8. A very good question, and I can't either. Can you confirm your openssl command line

Re: Keeping backported CHANGES in trunk CHANGES?

On Thu, Oct 18, 2018 at 5:21 AM Rainer Jung wrote: > In trunk we do now have a 2.5 CHANGES file, ie. the file contains > entries for 2.5.0-alpha and the entries above those under the 2.5.1 > heading. > > I think we should add entries under 2.5.1 even if things get likely > backported and such

Re: [Discussion] Limit the scope of 2.4.x patches until 2.4.next is released?

On Thu, Oct 18, 2018 at 4:56 AM Rainer Jung wrote: > - The other one goes back to the other big refactoring which allowed to > use SSLProxy* directives in containers, first released in 2.4.32 > this year. It fixes a missing config merge (very small patch). This is > not related to the OpenSSL

Re: [NOTICE] Intent to T 2.4.37 - about 12:00 GMT tomorrow

Am 18.10.2018 um 14:23 schrieb Stefan Eissing: Am 18.10.2018 um 14:12 schrieb Rainer Jung : - t/modules/http2.t fails when the server is build using OpenSSL 0.9.8zh with the "Bad plan. You planned 52 tests..." message indicating, that h2 using TLS does not work. It happens on all

OCSP in 2.4 with OpenSSL 0.9.8(zh)

I get test suite failures for t/ssl/ocsp.t when the server is build against OpenSSL 0.9.8zh. I can't judge on whether that is expected for OpenSSL 0.9.8. Example error log: ... 18 14:15:11.833126 [ssl:debug] ssl_util_ocsp.c(406): Configuring Trusted OCSP certificates ... 18 14:15:12.238943

Re: [NOTICE] Intent to T 2.4.37 - about 12:00 GMT tomorrow

> Am 18.10.2018 um 14:12 schrieb Rainer Jung : > > - t/modules/http2.t fails when the server is build using OpenSSL 0.9.8zh with > the "Bad plan. You planned 52 tests..." message indicating, that h2 using > TLS does not work. It happens on all platforms, but not if the client also > uses

Re: [NOTICE] Intent to T 2.4.37 - about 12:00 GMT tomorrow

Am 17.10.2018 um 13:41 schrieb Daniel Ruggeri: Hi, all; With the fix for detected OpenSSL 1.1.1 issues now backported to 2.4.x, I would like to tag the next version of our venerable server soon. I have already successfully completed the test suite against my "latest sources" docker

ap_request_core_filter issues

On Thu, Oct 18, 2018 at 12:51:06PM +0200, Ruediger Pluem wrote: > >>> > >>> Curiously inefficient writev use when stracing the process, though, > >>> dunno what's going on there (trunk/prefork): > >>> > >>> writev(46, [{iov_base="\r\n", iov_len=2}], 1) = 2 > >>> writev(46, [{iov_base="1f84\r\n",

Re: svn commit: r1841225 - /httpd/httpd/trunk/modules/dav/main/props.c

On Thu, Oct 18, 2018 at 11:09:13AM +0200, Ruediger Pluem wrote: > On 10/17/2018 07:47 PM, Joe Orton wrote: > > On Wed, Oct 17, 2018 at 03:32:34PM +0100, Joe Orton wrote: > >> I see constant memory use for a simple PROPFIND/depth:1 for the > >> attached, though I'm not sure this is sufficient to

Re: svn commit: r1841225 - /httpd/httpd/trunk/modules/dav/main/props.c

On Thu, Oct 18, 2018 at 11:29 AM Ruediger Pluem wrote: > > > > The reason is ap_request_core_filter. It iterates over the brigade and > > hands over each bucket alone to > > ap_core_output_filter. IMHO a bug. > > How about the attached patch for fixing? +1, nice way to address it! Thanks,

Re: Crash with SSL renegotiations in 2.4.x branch

Backported in 1844223, will be part of 2.4.37. Thanks again! Rainer Great! Thanks a lot for proposing & backporting. Regards, Michael

Re: svn commit: r1841225 - /httpd/httpd/trunk/modules/dav/main/props.c

On 10/18/2018 11:29 AM, Ruediger Pluem wrote: > > > On 10/18/2018 11:09 AM, Ruediger Pluem wrote: >> >> >> On 10/17/2018 07:47 PM, Joe Orton wrote: >>> On Wed, Oct 17, 2018 at 03:32:34PM +0100, Joe Orton wrote: I see constant memory use for a simple PROPFIND/depth:1 for the

Keeping backported CHANGES in trunk CHANGES?

In trunk we do now have a 2.5 CHANGES file, ie. the file contains entries for 2.5.0-alpha and the entries above those under the 2.5.1 heading. I think we should add entries under 2.5.1 even if things get likely backported and such items should no longer be removed when being backported.

Re: Crash with SSL renegotiations in 2.4.x branch

Am 18.10.2018 um 11:09 schrieb Rainer Jung: Hi Michael, Am 18.10.2018 um 09:39 schrieb Michael Kaufmann: Hi, there's a bug in the current 2.4.x branch of httpd which leads to crashes for SSL renegotiations. The variable "ctx" is always NULL in ssl_engine_kernel.c,

Re: svn commit: r1844002 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_config.c

Ok, the vote storm (category 3) was released and my proposal is moot. ;-) > Am 18.10.2018 um 11:26 schrieb Stefan Eissing : > > Can we not just make a ssl-for-2.4.37 branch, merge the mod_ssl related > changes there and do one row of tests and vote on it? Maybe attach the branch > revision to

Re: [Discussion] Limit the scope of 2.4.x patches until 2.4.next is released?

Am 15.10.2018 um 16:10 schrieb William A Rowe Jr: Like my beg for getting us to the 2.4.35 release tag, I'd like to propose we keep patches to branches/2.4.x/ generally within the scope of straightening out the remaining quirks related to the OpenSSL 1.1.1 API and library behavior changes (and

Re: [NOTICE] Intent to T 2.4.37 - about 12:00 GMT tomorrow

Am 17.10.2018 um 13:41 schrieb Daniel Ruggeri: Hi, all; With the fix for detected OpenSSL 1.1.1 issues now backported to 2.4.x, I would like to tag the next version of our venerable server soon. I have already successfully completed the test suite against my "latest sources" docker

Re: svn commit: r1841225 - /httpd/httpd/trunk/modules/dav/main/props.c

On 10/18/2018 11:09 AM, Ruediger Pluem wrote: > > > On 10/17/2018 07:47 PM, Joe Orton wrote: >> On Wed, Oct 17, 2018 at 03:32:34PM +0100, Joe Orton wrote: >>> I see constant memory use for a simple PROPFIND/depth:1 for the >>> attached, though I'm not sure this is sufficient to repro the

Re: svn commit: r1844002 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_config.c

Can we not just make a ssl-for-2.4.37 branch, merge the mod_ssl related changes there and do one row of tests and vote on it? Maybe attach the branch revision to the vote that was tested... Seems to be able to save work, or? > Am 18.10.2018 um 11:22 schrieb Yann Ylavic : > > On Thu, Oct 18,

Re: svn commit: r1844002 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_config.c

On Thu, Oct 18, 2018 at 11:18 AM Rainer Jung wrote: > > This fix at least formally applies to 2.4.x as well? Shouldn't it get > backported? +1 Regards, Yann.

Re: svn commit: r1844002 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_config.c

This fix at least formally applies to 2.4.x as well? Shouldn't it get backported? Due to the below svn log message the bug was introduced by the feature that SSLProxy* can be used in sections. That feature got backported to 2.4.x, so probably this fix here should be backported as well.

Re: Crash with SSL renegotiations in 2.4.x branch

Hi Michael, Am 18.10.2018 um 09:39 schrieb Michael Kaufmann: Hi, there's a bug in the current 2.4.x branch of httpd which leads to crashes for SSL renegotiations. The variable "ctx" is always NULL in ssl_engine_kernel.c, ssl_hook_Access_classic(), and it's used here: if (!(cert_store ||

Re: svn commit: r1841225 - /httpd/httpd/trunk/modules/dav/main/props.c

On 10/17/2018 07:47 PM, Joe Orton wrote: > On Wed, Oct 17, 2018 at 03:32:34PM +0100, Joe Orton wrote: >> I see constant memory use for a simple PROPFIND/depth:1 for the >> attached, though I'm not sure this is sufficient to repro the problem >> you saw before. Thanks for having a look. My

Crash with SSL renegotiations in 2.4.x branch

Hi, there's a bug in the current 2.4.x branch of httpd which leads to crashes for SSL renegotiations. The variable "ctx" is always NULL in ssl_engine_kernel.c, ssl_hook_Access_classic(), and it's used here: if (!(cert_store || (cert_store = SSL_CTX_get_cert_store(ctx ... In