I'd like to propose that we think about a 2.4.17 release
within a coupla weeks and that we try to get http/2
support in for that release.
+1
> Am 22.09.2015 um 21:49 schrieb Jim Jagielski :
>
> I'd like to propose that we think about a 2.4.17 release
> within a coupla weeks and that we try to get http/2
> support in for that release.
>
IMO, we should keep it where it is (modules/http2 to complement
modules/http) but change the configure to --enable-http2 (but
also allow --enable-h2 as well)... After all, we enable http/1
via --enable-http
+1
> On Sep 22, 2015, at 1:01 PM, Gregg Smith wrote:
>
> http2 is more descriptive for the module's purpose, even if the name is
> mod_h2. I like it where it is.
> - 0
>
> On 9/22/2015 5:08 AM, Stefan Eissing wrote:
>> +0.5
>>
>> h2 ftw! (but there is also a mod_mime in the
That quickly went the wrong way... ;-)
> Am 22.09.2015 um 19:39 schrieb Greg Stein :
>
> Yeah... if anything, rename to mod_http2.
>
>> On Tue, Sep 22, 2015 at 12:01 PM, Gregg Smith wrote:
>> http2 is more descriptive for the module's purpose, even if the name
http2 is more descriptive for the module's purpose, even if the name is
mod_h2. I like it where it is.
- 0
On 9/22/2015 5:08 AM, Stefan Eissing wrote:
+0.5
h2 ftw! (but there is also a mod_mime in the http dir, so I do not really feel
strongly about this)
Am 22.09.2015 um 14:05 schrieb
Yeah... if anything, rename to mod_http2.
On Tue, Sep 22, 2015 at 12:01 PM, Gregg Smith wrote:
> http2 is more descriptive for the module's purpose, even if the name is
> mod_h2. I like it where it is.
> - 0
>
>
> On 9/22/2015 5:08 AM, Stefan Eissing wrote:
>
>> +0.5
>>
>> h2
I struggled with the phrasing here, any fine-tuning (or more) appreciated.
Does our default make sense considering the warning at the top of the
doc? Should we make people specify "RemoteIPTrustedProxy *" if they
don't want to restrict it?
On Tue, Sep 22, 2015 at 2:11 PM,
Yann,
Thanks very much for bringing it up. We would love to see that SO_REUSEPORT
patch being merged into the release version of the httpd. It has been a long
time :)
Thanks,
Yingqi
-Original Message-
From: Yann Ylavic [mailto:ylavic@gmail.com]
Sent: Tuesday, September 22, 2015
On Wed, Sep 16, 2015 at 10:08 AM, Jim Jagielski wrote:
> All this is due to changes mode with the mainter-mode and
> which causes build stop error and stop for these kinds
> of warnings. These are simple 'squash warning' patches.
As Greg points out these are toxic and
I will try, I'm having trouble coming to terms with the idea because there
is no way
one would ever want private IP info from networks outside of their control
to be
used for access control.
If you require ip 127.0.0.1 for your monitoring app/mod_status for example,
this
suggestion completely
Maybe my followup is better phrased. No issue with handling of internal IPs.
Currently, we act like RemoteIPTrustedProxy * by default (once they've
named the XFF header) and warn people they'd better restrict it.
On Tue, Sep 22, 2015 at 9:20 PM, William A Rowe Jr wrote:
>
+1 to picking this up now-ish and letting it run through the paces while we
are completing other things.
On Tue, Sep 22, 2015 at 3:23 PM, Yann Ylavic wrote:
> +1, possibly with SO_REUSEPORT too.
>
> On Tue, Sep 22, 2015 at 9:49 PM, Jim Jagielski wrote:
>
On Sat, Sep 19, 2015 at 4:05 AM, Kaspar Brand
wrote:
> On 17.10.2014 19:25, Kaspar Brand wrote:
> > On 17.10.2014 12:02, Takashi Sato wrote:
> >> SSLv3 is now insecure (CVE-2014-3566, POODLE)
> >> Let's disable SSLv3 by default, at least trunk.
> >>
> >> SSLProtocol
On Tue, Sep 22, 2015 at 9:52 PM, Jim Jagielski wrote:
> IMO, we should keep it where it is (modules/http2 to complement
> modules/http) but change the configure to --enable-http2 (but
> also allow --enable-h2 as well)... After all, we enable http/1
> via --enable-http
I'm fine
+1, possibly with SO_REUSEPORT too.
On Tue, Sep 22, 2015 at 9:49 PM, Jim Jagielski wrote:
> I'd like to propose that we think about a 2.4.17 release
> within a coupla weeks and that we try to get http/2
> support in for that release.
>
On Tue, Sep 22, 2015 at 8:48 PM, Eric Covener wrote:
> Maybe my followup is better phrased. No issue with handling of internal
> IPs.
>
> Currently, we act like RemoteIPTrustedProxy * by default (once they've
> named the XFF header) and warn people they'd better restrict it.
+1 - mostly because --enable-http2 is easier to grok than --enable-h2, not
because I object to the old name :)
On Sep 22, 2015 12:39, "Greg Stein" wrote:
> Yeah... if anything, rename to mod_http2.
>
> On Tue, Sep 22, 2015 at 12:01 PM, Gregg Smith wrote:
>
>>
Apachelounge made the branches/2.4.17-protocols-http2 binary available.
Issue reported: see https://www.apachelounge.com/viewtopic.php?p=31720
The poster there is referring to
https://http2.github.io/http2-spec/#rfc.section.9.1.1
Steffen
Apachelounge made the binary available.
Issue reported: see https://www.apachelounge.com/viewtopic.php?p=31720#31720
The poster there is referring to
https://http2.github.io/http2-spec/#rfc.section.9.1.1
Steffen
On Tue, Sep 22, 2015 at 1:24 PM, Stefan Eissing
wrote:
>
> SSL renegotiation is forbidden in HTTP/2, exactly due to concurrency issues.
Certainly a concurrency between each one's privacy and every one's
data in the same stream :)
Also, let servers trust the security
Just an update on this topic:
We currently allow only connection reuse for the server/vhost that was selected
by the SNI, thanks to the patch by Yann.
However, the problem is deeper than I originally thought: SSL renegotiation is
forbidden in HTTP/2, exactly due to concurrency issues. There is
Update, running a few days.
Once in a few hours I see crashes.
With no-ssl and no_mod_h2 crash in libapr-1.dll
With ssl and mod_h2 crash in mod_h2.so
With mod_h2 see till now a few in the log:
[h2:warn] [pid 8980:tid 2740] (70015)Could not find specified socket in poll
list.: [client
I'm confused about the sources being in modules/http2 and the module
being mod_h2 (configured with --enable-h2, ...), it seems to be the
only one like this.
+1 for me...
+0.5
h2 ftw! (but there is also a mod_mime in the http dir, so I do not really feel
strongly about this)
> Am 22.09.2015 um 14:05 schrieb Yann Ylavic :
>
> I'm confused about the sources being in modules/http2 and the module
> being mod_h2 (configured with --enable-h2,
>Messaggio originale
>Da: sor...@gmail.com
>Data: 21-set-2015 9.22
>A:
>Ogg: Re: graceful child process exit
>
>On 2015-09-21 00:45, Massimo
Manghi wrote:
>
>Have a look at apr_pool_cleanup_register.
>
>I don't have
pleasant memories with process pools. The problem is that
26 matches
Mail list logo