On 20.02.2013 08:07, William A. Rowe Jr. wrote:
On Wed, 20 Feb 2013 16:42:56 +1000
Noel Butler noel.but...@ausics.net wrote:
On Tue, 2013-02-19 at 23:31 -0600, William A. Rowe Jr. wrote:
Note he mentioned SHA512, not crypt(). I don't know that this makes
a difference on that
Noone familiar enough with this code to have a clue/hint on what's
going on and what's really supposed to happen?
On Sun, 10 Feb 2013, Niklas Edmundsson wrote:
On Fri, 8 Feb 2013, Joe Orton wrote:
On Sun, Feb 03, 2013 at 08:32:11PM +0100, Niklas Edmundsson wrote:
Hi all!
Something is
Should we be including/moving this discussion to dev@apr ?
On Feb 20, 2013, at 3:07 AM, Rainer Jung rainer.j...@kippdata.de wrote:
On 20.02.2013 08:07, William A. Rowe Jr. wrote:
On Wed, 20 Feb 2013 16:42:56 +1000
Noel Butler noel.but...@ausics.net wrote:
On Tue, 2013-02-19 at 23:31 -0600,
On 20.02.2013 13:06, Jim Jagielski wrote:
Should we be including/moving this discussion to dev@apr ?
I guess so. Strong evidence that the problem sits in
apr_password_validate as part of apu 1.5.1.
Regards,
Rainer
On Feb 20, 2013, at 3:07 AM, Rainer Jung rainer.j...@kippdata.de wrote:
On
For thorough testing Windows 32 and 64 Release Candidates binaries are
available, see www.apachelounge.com/viewtopic.php?p=23851
Running for a few days on AL, no issues seen.
Steffen
-Original Message-
From: Jim Jagielski
Sent: Monday, February 18, 2013 9:34 PM Newsgroups:
On 19.02.2013 18:26, Jim Jagielski wrote:
Hmmm I'm not seeing crashes, ...
Concerning the crashes using prefork on Solaris 10. I have a
reproduction scenario, but I need to load lots of modules. But then the
stacks look very similar to the problem described in
+1: OSX 10.8.2, Fedora 16 and 18 (x86_64) and CentOS 6 (x86_64)
On Feb 18, 2013, at 3:34 PM, Jim Jagielski j...@jagunet.com wrote:
The pre-release test tarballs for Apache httpd 2.4.4 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing
On Wed, 20 Feb 2013 12:58:07 -0500
Jim Jagielski j...@jagunet.com wrote:
+1: OSX 10.8.2, Fedora 16 and 18 (x86_64) and CentOS 6 (x86_64)
So what is your thinking on the apr-util 1.5.1 crypt mess?
Should we re-roll 2.4.4 deps and either re-roll 2.2.24 with a
corrected roll-release script to
-deps for 2.4.4 are not released, so it's a non-issue for 2.4.x.
I can't recall if we bundle apr/apu with 2.2.x but if we do, then
I say simply rerolling with apu-1.4 instead of apu-1.5 is fine.
On Feb 20, 2013, at 1:10 PM, William A. Rowe Jr. wr...@rowe-clan.net wrote:
On Wed, 20 Feb 2013
On Wed, 2013-02-20 at 01:07 -0600, William A. Rowe Jr. wrote:
Which remains my point... our current 2.4 and 2.2 candidates should
suffer the same flaw.
Confirmed, 2.2 candidate suffers same problem
signature.asc
Description: This is a digitally signed message part
On Wed, 2013-02-20 at 15:06 -0500, Jim Jagielski wrote:
-deps for 2.4.4 are not released, so it's a non-issue for 2.4.x.
I can't recall if we bundle apr/apu with 2.2.x but if we do, then
I ran a test for Bill to check if it suffers same fate, yes it is
included, and yes, it does.
I say
On Mon, 18 Feb 2013 18:02:57 -0600
William A. Rowe Jr. wr...@rowe-clan.net wrote:
The tarball candidates for Apache httpd 2.2.24 can be found at
the usual place:
http://httpd.apache.org/dev/dist/
Note these have been replaced 2013-02-20 21:19 on the /dev/dist
space as a package
[moving to dev@apr, please remove dev@httpd when replying]
On Wednesday 20 February 2013, Noel Butler wrote:
On Wed, 2013-02-20 at 01:07 -0600, William A. Rowe Jr. wrote:
Which remains my point... our current 2.4 and 2.2 candidates
should suffer the same flaw.
Confirmed, 2.2 candidate
Hi Rainer,
On Wed, 2013-02-20 at 09:07 +0100, Rainer Jung wrote:
I prepared another round of patches t check, what's wrong in
apr_password_validate. All patches can be applied in srclib/apr-util.
They are *not* cumulative:
1) Undo one change in the password validation function and check
On Wed, 2013-02-20 at 22:28 +0100, Stefan Fritsch wrote:
[moving to dev@apr, please remove dev@httpd when replying]
On Wednesday 20 February 2013, Noel Butler wrote:
On Wed, 2013-02-20 at 01:07 -0600, William A. Rowe Jr. wrote:
Which remains my point... our current 2.4 and 2.2 candidates
On 02/18/2013 09:34 PM, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.4 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.4 GA.
NOTE: The -deps tarballs are included here *only* to
On 20.02.2013 22:33, Noel Butler wrote:
On Wed, 2013-02-20 at 09:07 +0100, Rainer Jung wrote:
2) Keep original validation code but ad some debug output to STDERR:
http://people.apache.org/~rjung/patches/apr-util-password_validate-debug.patch
On Wed, 2013-02-20 at 23:56 +0100, Rainer Jung wrote:
That's strange, the additional stderr output
crypt_r returned NULL
or
crypt_r returned '%s'
is not shown here.
Indeed, I'm running :
LogLevel debug auth_basic:trace8 authn_dbd:trace8
Briefly ran trace8 globally, but only
[x] +1 for GA: Happy Birthday, 2.2.24.
[ ] -1: Exterminate. (What broke?)
+1 -- AIX/XLC/PPC64 passed test framework after
upgrading/re-installing HTTP::Request (t/apache/server_name_port.t
failing originally)
19 matches
Mail list logo
