I did some test builds for r1151214 on Solaris 10 Sparc:
- Building against APR trunk with reallyall failed because of missing
ldap support in apr trunk. Building against with all and disabled ldap
works
- For static builds it seems mod_watchdog and mod_proxy_fdpass are still
build as dynamic
Hi Kaspar,
On 31.07.2011 09:38, Kaspar Brand wrote:
I'm considering cleaning up some of the cert revocation checking code in
mod_ssl, in particular ssl_callback_SSLVerify_CRL(), which currently has
the following comment:
* OpenSSL provides the general mechanism to deal with CRLs but does
On 31.07.2011 11:17, Kaspar Brand wrote:
Hi Rainer,
There was a similar discussion RFC: drop support for OpenSSL 1.0 in
trunk/2.3? on this list in May/June 2010.
Thanks for the pointer! (Too long ago for me to remember, but should
have searched the archives, that's true.)
No problem at
Hi Eric,
On 02.08.2011 04:40, Eric Covener wrote:
I'm setting up a new system to test httpd releases, with a crufty OS
that doesn't have good packaged prereqs and doesn't have years of my
own kludges giving me anything for free.
I've built and installed zlib into a random directory. I
Hi Eric,
On 02.08.2011 04:51, cove...@apache.org wrote:
Author: covener
Date: Tue Aug 2 02:51:19 2011
New Revision: 1153004
URL: http://svn.apache.org/viewvc?rev=1153004view=rev
Log:
whitespace change only to indent the block wrapped in a new ifModule in
r1153003
Modified:
On 02.08.2011 13:00, Eric Covener wrote:
Line 48 is surrounded by
if test x$ap_zlib_base = x; then
and ap_zlib_base ist set when using --with-z. So in this case the
automatic detection part should be skipped.
What problem do you actually observe?
Can't get it to misbehave at all this
On 01.08.2011 18:58, Jim Jagielski wrote:
The tarballs for httpd-2.3.14 are available at:
http://httpd.apache.org/dev/dist/
Please VOTE on whether to release these as Apache httpd-2.3.14,
beta.
+1 to 2.3.14-beta.
- Sigs and hashes OK
- contents of tarballs identical
- contents of
On 08.08.2011 10:55, Stefan Fritsch wrote:
On Monday 08 August 2011, Rainer Jung wrote:
- I can't run test test suite for Solaris on the statically linked
reallyall, since then also mod_privileges in included and I have
problems running the test suite with it.
r1154875 should allow
On 09.08.2011 08:49, Greg Wilkins wrote:
Is there any plans to implement websocket support in mod_proxy. I
would think that it could be done pretty simply as a variation of
mod_proxy_connect, as once the HTTP upgrade is done mod_proxy can
treat the connection as a simple byte tunnel.
I
On 17.08.2011 23:34, William A. Rowe Jr. wrote:
I'd like to thank and welcome Eric Covener as our new HTTP Server
project chair, as confirmed today by the ASF Board of Directors!
It's been a pleasure serving as your chair these past two years,
and I know that Eric will do a great job as
On 01.09.2011 19:18, William A. Rowe Jr. wrote:
On 9/1/2011 2:41 AM, Plüm, Rüdiger, VF-Group wrote:
Ideally can you provide me the -verbose output (offlist or to your
people.a.o/ space if it's lengthy)?
Sorry for kicking in late. I was on holidays until Sunday and was a bit
overwhelmed by
On 03.09.2011 21:49, Jeff Trawick wrote:
On Wed, Aug 31, 2011 at 9:51 PM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
On 8/31/2011 4:16 PM, William A. Rowe Jr. wrote:
I've attempted to simply substitute the 2.2.19 filter code into the
2.0.64 http_protocol.c sources, and am unsure how far
Hi Bill,
can you please add your key 60C5442D to the KEYS file at
//www.apache.org/dist/httpd/KEYS?
Do you plan to provide the two symbols files for Windows?
Regards,
Rainer
On 10.09.2011 13:46, William A. Rowe Jr. wrote:
On 9/10/2011 5:10 AM, Rainer Jung wrote:
Hi Bill,
can you please add your key 60C5442D to the KEYS file at
//www.apache.org/dist/httpd/KEYS?
You mean
pub 4096R/B55D9977 2008-04-09 [expires: 2018-07-07]
Key fingerprint = B1B9 6F45
On 09.09.2011 18:10, William A. Rowe Jr. wrote:
Candidate binaries are available from http://httpd.apache.org/dev/dist/
which do not yet constitute ASF releases. win32-x86 binary distribution
will follow shortly.
This will be a 72 hour vote, which ends no later than Noon ET Monday
+/-1
On 16.09.2011 17:59, William A. Rowe Jr. wrote:
On 9/16/2011 12:51 AM, Issac Goldstand wrote:
IIRC, we talked about making 2.0 EOL when we make the next release, but
I don't think we ever formalized the decision.
Does anyone have comments for or against announcing 2.0 End-Of-Life at a
set
On 19.09.2011 00:17, Rich Bowen wrote:
My current list is:
- mod_serf
mod_serf likely to get dropped for 2.4, see our main STATUS file
- mod_watchdog
Mainly written by Mladen, so maybe he can provide a few pointers
- mod_heartbeat
- mod_heartmonitor
On 19.09.2011 01:37, Rich Bowen wrote:
On Sep 18, 2011, at 7:16 PM, Nick Kew wrote:
- mod_socache_dbm
- mod_socache_memcache
- mod_socache_shmcb
Not sure about socache, but docs are definitely needed, because you need
socache for mod_ssl session cache (which we
On 26.09.2011 17:35, Jim Jagielski wrote:
All looks good… testing passes w/ no regressions so I'll
likely tag and roll tomorrow AM.
Is there consensus how to handle the range 0- returns 200 problem? It
looks like the discussion for 2.2 is still open, but I haven't checked
whether that
On 26.09.2011 19:07, Jim Jagielski wrote:
On Sep 26, 2011, at 12:58 PM, Stefan Fritsch wrote:
But we are breaking quite a few popular clients here: VLC, everything
based on lavf, firefox (the ogg media support).
And httpd violates a SHOULD with the current form of RFC 2616 14.35.1:
On 29.09.2011 00:38, William A. Rowe Jr. wrote:
On 9/28/2011 4:48 PM, s...@apache.org wrote:
-*- coding: utf-8
-*-
Changes with Apache 2.2.22
-
+ *) Fix a regression introduced by the CVE-2011-3192 byterange fix in
2.2.20:
+
On 29.09.2011 13:09, Plüm, Rüdiger, VF-Group wrote:
Anyone time for remote eyes if my findings are correct or wrong?
I did only locally check the scratch and fbytes stuff, but I agree, it
must be
Index: modules/filters/mod_substitute.c
In light of the TLS 1.0 CBC attack (aka BEAST, CVE-2011-3389) I suggest
we update our SSL configuration analogous to what's in trunk.
- Choose a better default SSLCipherSuite
- Add SSLHonorCipherOrder
- restrict MSIE exceptions to MSIE 2-5
The patch looks like this:
svn diff
Hi Paul,
On 30.09.2011 08:08, Paul Querna wrote:
Hiya,
Attached is a patch
http://people.apache.org/~pquerna/tls_session_ticket_support.patch
to add support for setting SSL_CTX_set_tlsext_ticket_keys.
Unfortunately I don't have answers to your questions, but I'm a bit
curious about the
On 30.09.2011 14:33, Paul Querna wrote:
On Fri, Sep 30, 2011 at 12:38 AM, Rainer Jung rainer.j...@kippdata.de wrote:
On 30.09.2011 08:08, Paul Querna wrote:
Hiya,
So do we actually need to worry about the keys?
If you don't set anything, OpenSSL randomly generates a key
per-SSL_CTX
On 05.10.2011 02:38, William A. Rowe Jr. wrote:
On 10/4/2011 1:00 PM, Stefan Fritsch wrote:
I think this one has been controversial in the past, therefore I thought I'd
ask for
comments before making this change:
I believe you are right, but I don't see a reason for the extra directive...
On 06.10.2011 01:07, Daniel Ruggeri wrote:
On 10/5/2011 4:18 PM, Stefan Fritsch wrote:
True. But a generic apparatus for even more fine-grained log
configuration won't happen in time for 2.4.
I have toyed with the idea of this... do you have suggestions on how
this might be implemented? One
Hi Bill,
On 02.10.2011 09:07, William A. Rowe Jr. wrote:
On 9/29/2011 9:31 AM, Rainer Jung wrote:
In light of the TLS 1.0 CBC attack (aka BEAST, CVE-2011-3389) I suggest
we update our SSL configuration analogous to what's in trunk.
- Choose a better default SSLCipherSuite
- Add
On 06.10.2011 10:58, Rainer Jung wrote:
Hi Bill,
On 02.10.2011 09:07, William A. Rowe Jr. wrote:
On 9/29/2011 9:31 AM, Rainer Jung wrote:
In light of the TLS 1.0 CBC attack (aka BEAST, CVE-2011-3389) I suggest
we update our SSL configuration analogous to what's in trunk.
- Choose a better
On 12.10.2011 23:56, Nick Kew wrote:
On 10 Oct 2011, at 23:02, Nick Kew wrote:
Any interest?
Looks like a lazy consensus in favour!
If you ant it a bit less lazy: +1 from me also.
Regarding IP, it's mine to sign over, so that's straightforward.
So I guess it's just a matter of going
After Stefan's change r1199027 we no longer load all built modules by
default. The new behaviour is (citing Stefan):
By default, only load those modules that are either required
or explicitly selected by a configure --enable-foo argument. The
LoadModule statements for modules enabled by
On 08.11.2011 10:03, William A. Rowe Jr. wrote:
On 11/8/2011 11:53 AM, Rainer Jung wrote:
After Stefan's change r1199027 we no longer load all built modules by
default. The new behaviour is (citing Stefan):
By default, only load those modules that are either required
or explicitly selected
+1
On 08.11.2011 14:47, Jim Jagielski wrote:
So far 3 +1s and counting…
On Nov 8, 2011, at 12:49 PM, Jim Jagielski wrote:
OK… let's polish this… gem.
I'd really like to TR 2.3.15-dev, get some feedback quickly and
let's push on for a quick 2.4.0 release!
Hi Jim,
it looks like your key expired last Friday?
% gpg --verify ../incoming/httpd/trunk/2.3.15/httpd-2.3.15-beta.tar.gz.asc
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: Signature made November 9, 2011 3:20:26 PM CET using RSA
On 08.11.2011 13:57, Stefan Fritsch wrote:
On Tue, 8 Nov 2011, Rainer Jung wrote:
After Stefan's change r1199027 we no longer load all built modules by
default. The new behaviour is (citing Stefan):
By default, only load those modules that are either required
or explicitly selected
On 09.11.2011 07:43, Rainer Jung wrote:
Hi Jim,
it looks like your key expired last Friday?
Oups, was so convinced it is new, that I didn't see it already expired a
year ago. Maybe you should sign 2.4.0 with a new one?
Rainer
% gpg --verify ../incoming/httpd/trunk/2.3.15/httpd-2.3.15
On 09.11.2011 11:12, Jim Jagielski wrote:
2010-11-04 is the day I created the new key… it's unexpired
(at least from what I can see ;) )
Sorry for the noise, false alarm :(
Regards,
Rainer
On Nov 9, 2011, at 7:52 AM, Rainer Jung wrote:
On 09.11.2011 07:43, Rainer Jung wrote:
Hi Jim
On 09.11.2011 13:53, Stefan Fritsch wrote:
Hi,
On Wed, 9 Nov 2011, William A. Rowe Jr. wrote:
This one in from the users@ list. It sounds vaguely familiar
to the issue previously mentioned about win32 defaults and some
strange dependency failure between proxy_balancer and slotmem
providers.
On 08.11.2011 13:10, Stefan Fritsch wrote:
- Rainer wanted to check some pcre linking issues, but I don't remember
the exact details
The problem is mainly gone with trunk. It concerns dependency libs,
which are likely used by 3rd-party modules as well. Until 2.2 PCRE was
such a library
On 09.11.2011 14:48, William A. Rowe Jr. wrote:
On 11/9/2011 3:53 PM, Stefan Fritsch wrote:
Hi,
On Wed, 9 Nov 2011, William A. Rowe Jr. wrote:
This one in from the users@ list. It sounds vaguely familiar
to the issue previously mentioned about win32 defaults and some
strange dependency
On 09.11.2011 21:20, William A. Rowe Jr. wrote:
On 11/9/2011 4:53 PM, Jim Jagielski wrote:
Isn't the point different? If someone enables mod_proxy then the
configure script needs to ensure that mod_slotmem is also built…
Reporter suggests that *NOT* loading mod_slotmem_shm caused the server
I did a few lua tests and currently the reuse of lua states does not
work. Unfortunately I don't yet see the root cause.
We are constantly creating new lua states, saving them to the pool and
on the next request retrieve null and create a new state. When the
server is shutdown, all of the
On 11.11.2011 02:16, Rainer Jung wrote:
I did a few lua tests and currently the reuse of lua states does not
work. Unfortunately I don't yet see the root cause.
We are constantly creating new lua states, saving them to the pool and
on the next request retrieve null and create a new state. When
On 11.11.2011 09:42, Jim Jagielski wrote:
The 2.4.x httpd branch was created from the r1200449 point of
trunk… I've tried to backport pretty much all non-apreq patches
from trunk.
I guess we are still on CTR on that branch?
Rainer
On 08.11.2011 15:16, Jim Jagielski wrote:
The 2.3.15-dev (prerelease) tarballs are available for download at test:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as 2.3.15-dev BETA and,
with luck, this will be our last beta and the next release in ~2weeks
or
On 11.11.2011 13:04, André Malo wrote:
* William A. Rowe Jr. wrote:
So isn't it enough to say that The project will choose to publish
further releases only for significant security fixes, or will choose
instead to publish patches for less significant security fixes for
12 months from the date
Hello,
On 14.11.2011 05:59, Moran Jacuel wrote:
Hello,
Our company is an HSM manufacturer (See link for
http://www.arx.com/products/private-server-hsm PrivateServer product)
We wanted to connect apache server with SSL using our HSM to hold the
Private RSA and Certificate.
We downloaded
Hello Moran,
On 15.11.2011 14:54, Moran Jacuel wrote:
Hello Rainer,
I found out that the patch that I used in order to connect apache server with
SSL using our HSM to hold the Private RSA and Certificate already exists in
bugzilla at:
https://issues.apache.org/bugzilla/show_bug.cgi?id=42687
On 15.11.2011 17:06, Paul Querna wrote:
So, I was looking at all the system calls we make in a single request,
and comparing it to nginx.
We were actually pretty close, baring supporting our features like
htaccess, there was only one thing that stood out.
Glibc is opening, calling fstat twice,
On 15.11.2011 20:57, Jeff Trawick wrote:
On Tue, Nov 15, 2011 at 2:32 PM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
On 11/15/2011 12:33 PM, Stefan Fritsch wrote:
On Tuesday 15 November 2011, Paul Querna wrote:
On Tue, Nov 15, 2011 at 9:17 AM, Stefan Fritschs...@sfritsch.de
wrote:
On 18.11.2011 06:32, Kaspar Brand wrote:
As I can't think of any good reason why a new major version of an HTTPS
server released in late 2011 should still support insecure SSL protocol
cruft from the 1990s (v2 was superseded about 15 years ago, when SSLv3
was introduced), I went for the first
On 18.11.2011 18:20, Kaspar Brand wrote:
On 18.11.2011 13:09, Rainer Jung wrote:
You might want to drop the -SSLv2 from our SSLCipherSuite in
docs/conf/extra/httpd-ssl.conf.in then as well.
You're right, yes. As there were no objections to the changes I proposed
on the list a few days ago, I
On 21.11.2011 11:59, Plüm, Rüdiger, VF-Group wrote:
-Original Message-
From: Steffen [mailto:i...@apachelounge.com]
Sent: Montag, 21. November 2011 11:50
To: dev@httpd.apache.org
Subject: Win 2.3.15 :: The timeout specified has expired
Observing that the error.log is filling with
On 22.11.2011 10:28, Steffen wrote:
Seeing a huge number of hanging entries in the Server Status,
already for 20 hours and looks they are staying there forever.
The requests are invalid, not sure since I do not keep the raw logs.
...
...
0-0 3800 0/177/177 _ 64980 1 0.0 0.09 0.09 94.76.244.212
On 30.03.2014 20:29, Eric Covener wrote:
On Sun, Mar 30, 2014 at 2:20 PM, rj...@apache.org wrote:
Author: rjung
Date: Sun Mar 30 18:20:09 2014
New Revision: 1583175
URL: http://svn.apache.org/r1583175
Log:
Fix segfault in mod_alias introduced in r1132494.
AliasMatch does not append
On 30.03.2014 22:52, Eric Covener wrote:
On Sun, Mar 30, 2014 at 4:13 PM, Rainer Jung rainer.j...@kippdata.de wrote:
AFAICT {
In as much that it was ever useful, this breaks people relying on the
context info for aliasmatches structured the way this code was
originally biased to expecting
On 09.04.2014 18:05, Reindl Harald wrote:
Am 09.04.2014 17:41, schrieb William A. Rowe Jr.:
Combined with typical ssl session shmcb ... That single process still has
session keys of other prefork processes,
as well as the common ssl session ticket key and ssl cert keys. In practice
the
On 09.04.2014 21:42, Rainer Jung wrote:
On 09.04.2014 18:05, Reindl Harald wrote:
Am 09.04.2014 17:41, schrieb William A. Rowe Jr.:
Combined with typical ssl session shmcb ... That single process still has
session keys of other prefork processes,
as well as the common ssl session ticket
On 11.04.2014 18:05, Jeff Trawick wrote:
On Fri, Apr 11, 2014 at 10:18 AM, Jeff Trawick traw...@gmail.com
mailto:traw...@gmail.com wrote:
On Fri, Apr 11, 2014 at 8:56 AM, Rainer M. Canavan
rainer.cana...@sevenval.com mailto:rainer.cana...@sevenval.com
wrote:
On Apr
Hi Jeff,
On 14.04.2014 13:08, Jeff Trawick wrote:
(not to say there aren't complications, like trying to keep system
directories out of rpath)
See a related discussion from 2011 RUNPATH for module dependencies on
Unix/Linux e.g. here:
http://markmail.org/message/guastewy5uvn36s7
Joe had some
On 14.04.2014 13:08, Jeff Trawick wrote:
(not to say there aren't complications, like trying to keep system
directories out of rpath)
Adding my current workarounds for 2.4 here for reference.
Here openssl_libs is either -ldl -lz (Linux) or -lz -ldl -lsocket
-lnsl (Solaris). The value of
CCing Mark our Bugzilla (and much more) champion, hoping he knows more
or at least needs the info.
@Mark: I think the transform svn revision to link feature is a
Bugzilla global one, not specific to httpd. It seems partially broken
after the recent update, see below for details.
Regards,
Rainer
On 21.04.2014 23:15, Mark Thomas wrote:
On 20/04/2014 20:11, Mark Thomas wrote:
On 20/04/2014 18:51, Rainer Jung wrote:
CCing Mark our Bugzilla (and much more) champion, hoping he knows more
or at least needs the info.
@Mark: I think the transform svn revision to link feature is a
Bugzilla
On 05.05.2014 15:34, Eric Covener wrote:
I don't want to churn in SVN too much, does anyone have an issue with
dropping the context info stuff for the regex case completely?
Thanks for asking again and agreed here.
Regards,
Rainer
On Mon, Mar 31, 2014 at 1:49 PM, Eric Covener
While doing some customization of mod_ssl I checked for memory leaks on
Solaris using libumem and found 5 allocations that happen for each
handshake and do not seem to get freed.
Versions: httpd 2.4 head plus OpenSSL 1.0.1g
::findleaks
...
000b9688 85 002779c8
Traditionally mod_ssl allows reuse of SSL sessions by its SSL session
cache on the server side. One can control via SSLSessionCacheTimeout how
long a session is kept in the cache (if the cache is big enough).
Now since a long time most clients do no longer rely on the server
caching the sessions.
On 14.06.2014 10:23, Kaspar Brand wrote:
On 13.06.2014 16:55, Rainer Jung wrote:
Now since a long time most clients do no longer rely on the server
caching the sessions. Instead they use TLS session resumption (RFC
5077).
without server-side state/stateless is actually the important term
On 14.06.2014 11:44, Rainer Jung wrote:
On 14.06.2014 10:23, Kaspar Brand wrote:
On 13.06.2014 16:55, Rainer Jung wrote:
Now since a long time most clients do no longer rely on the server
caching the sessions. Instead they use TLS session resumption (RFC
5077).
without server-side state
On 15.06.2014 09:51, Kaspar Brand wrote:
On 14.06.2014 12:53, Rainer Jung wrote:
I'm slightly in favor of the latter, i.e. something like
SSL_CTX_set_timeout(sc-server-ssl_ctx,
sc-session_cache_timeout == UNSET
On 15.07.2014 19:20, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.10 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.10 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will
On 15.07.2014 19:20, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.10 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.10 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will
On 22.07.2014 22:20, Christophe JAILLET wrote:
Hi,
shouldn't the #error just a few lines below be updated as well, to be
more explicit than too old ?
You are right. But what about instead changing the configure pcre
version test:
Index: configure.in
On 23.07.2014 02:25, Guenter Knauf wrote:
Hi Rainer,
On 22.07.2014 23:01, Rainer Jung wrote:
documenting the requirement PCRE = 6.7 and dropping the check (and
error message) for PCRE_DUPNAMES from server/util_pcre.c.
-1.
Please think of non-configure builds;
it doesnt hurt if the code errors
Am 24.07.2014 um 02:39 schrieb Takashi Sato:
--- httpd/httpd/trunk/configure.in (original)
+++ httpd/httpd/trunk/configure.in Wed Jul 23 19:01:45 2014
@@ -236,7 +236,9 @@ if test $PCRE_CONFIG != false; then
fi
case `$PCRE_CONFIG --version` in
[[1-5].*])
-AC_MSG_ERROR([Need at
Am 24.07.2014 um 11:56 schrieb Takashi Sato:
--- httpd/httpd/trunk/include/ap_regex.h (original)
+++ httpd/httpd/trunk/include/ap_regex.h Wed Jul 23 20:27:32 2014
@@ -79,6 +79,12 @@ extern C {
#define AP_REG_MATCH MATCH_ /** suggested prefix for ap_regname */
+/* Arguments for
I investigated PR53420
(https://issues.apache.org/bugzilla/show_bug.cgi?id=53420), see my last
reply there.
Using proxy in combination with ProxyErrorOverride shows a hang until
the proxy timeout fires.
The hang happens, when the proxy calls ap_discard_request_body to
discard the origin
Am 01.08.2014 um 18:44 schrieb Eric Covener:
On Fri, Aug 1, 2014 at 12:35 PM, Michael Felt mamf...@gmail.com wrote:
btw: I ran (as best I could) ApacheTest against 2.4.10. On the one hand, all
tests it did passed, but it skipped several, which surprises me somewhat -
because I thought I had all
Am 21.08.2014 um 14:57 schrieb Yann Ylavic:
On Sat, Aug 2, 2014 at 10:24 AM, rj...@apache.org wrote:
Author: rjung
Date: Sat Aug 2 08:24:35 2014
New Revision: 1615289
URL: http://svn.apache.org/r1615289
Log:
PR53420: Proxy responses with error status and
ProxyErrorOverride On hang until
Am 22.08.2014 um 19:59 schrieb William A. Rowe Jr.:
The pre-release candidate Apache httpd 2.2.29 - with simply a rebuild
of the docs/manual/ since 2.2.28, can be found in;
http://httpd.apache.org/dev/dist/
+/-1
[ X] Release 2.2.29 (apr 1.5.1, apr-util 1.5.3)
+1 to release,
Am 26.08.2014 um 17:02 schrieb Eric Covener:
On Tue, Aug 26, 2014 at 10:51 AM, Jim Jagielski j...@jagunet.com wrote:
Anyone else seeing this with HEAD of 2.4?
# testing : trailer (pid)
# expected: '67568'
# received: 'No chunked trailer available!'
not ok 3
# Failed test 3 in
Am 04.09.2014 um 12:13 schrieb Ruediger Pluem:
Can we really backport this?
We are increasing the size of proxy_worker_shared and changing offsets inside
the struct.
Bummer, I guess you are right. mod_proxy.h seems to be part of the
public API so we can't backport like this. Will revoke the
Am 04.09.2014 um 12:13 schrieb Ruediger Pluem:
Can we really backport this?
We are increasing the size of proxy_worker_shared and changing offsets inside
the struct.
I documented a woraround for the problem of short proxy URLs in BZ53218.
It should be applicable in many cases.
It is based
Am 24.09.2014 um 20:20 schrieb Eric Covener:
On Wed, Sep 24, 2014 at 1:48 PM, Paul Querna p...@querna.org
mailto:p...@querna.org wrote:
Thoughts? Is it reasonable to do something in mod_cgi{d} to improve
the situation?
I don't think so, even if we tried to figure out the
Am 24.09.2014 um 22:15 schrieb Rainer Jung:
Am 24.09.2014 um 20:20 schrieb Eric Covener:
On Wed, Sep 24, 2014 at 1:48 PM, Paul Querna p...@querna.org
mailto:p...@querna.org wrote:
Thoughts? Is it reasonable to do something in mod_cgi{d} to improve
the situation?
I don't think so
Am 24.09.2014 um 22:21 schrieb Rainer Jung:
Am 24.09.2014 um 22:15 schrieb Rainer Jung:
Am 24.09.2014 um 20:20 schrieb Eric Covener:
On Wed, Sep 24, 2014 at 1:48 PM, Paul Querna p...@querna.org
mailto:p...@querna.org wrote:
Thoughts? Is it reasonable to do something in mod_cgi{d
Am 24.09.2014 um 23:29 schrieb Yann Ylavic:
On Wed, Sep 24, 2014 at 11:15 PM, Rainer Jung rainer.j...@kippdata.de wrote:
A workaround like
--- server/util_script.c.orig 2013-09-14 14:12:54.0 +
+++ server/util_script.c2014-09-24 20:35:54.952054361 +
@@ -128,6 +128,12
Am 24.09.2014 um 23:15 schrieb Rainer Jung:
Am 24.09.2014 um 22:21 schrieb Rainer Jung:
Am 24.09.2014 um 22:15 schrieb Rainer Jung:
Am 24.09.2014 um 20:20 schrieb Eric Covener:
On Wed, Sep 24, 2014 at 1:48 PM, Paul Querna p...@querna.org
mailto:p...@querna.org wrote:
Thoughts
the
availability of the first official OS patches for bash.
Regards,
Rainer
On 9/25/14 12:55 AM, Rainer Jung wrote:
Am 24.09.2014 um 23:15 schrieb Rainer Jung:
Am 24.09.2014 um 22:21 schrieb Rainer Jung:
Am 24.09.2014 um 22:15 schrieb Rainer Jung:
Am 24.09.2014 um 20:20 schrieb Eric Covener:
On Wed
Am 26.09.2014 um 16:41 schrieb Nick Kew:
I've revisited mod_taint this morning, and made some updates:
a bugfix, a new option to apply an untainting rule to all headers.
But topically, a canned configuration option to protect
against shell-shock patterns:
LoadModule modules/mod_taint.so
Am 29.09.2014 um 09:56 schrieb Issac Goldstand:
On 29/09/2014 00:00, Rainer Jung wrote:
Am 28.09.2014 um 09:07 schrieb Issac Goldstand:
-0
While I love the code that's been come up with, this would be akin to
trying to have patched httpd to deal with Heartbleed.
I can't see any real use-case
Am 05.10.2014 um 22:08 schrieb Marion Christophe JAILLET:
Hi,
apparently this add a new build warning:
mod_cache_socache.c:1425:6: warning: no previous prototype for
'socache_status_register' [-Wmissing-prototypes]
Adding static fixes it.
Yes, thanks, added in 1629652.
Regards,
Rainer
Am 05.10.2014 um 22:13 schrieb Marion Christophe JAILLET:
Hi,
is it related to PR57023 ?
Maybe, but that wasn't the reason for me to commit this.
I had a look at mod_cache_socache some weeks ago and stumbled over this
probably pastecopy variant of hints and just now remembered that I
Am 14.10.2014 um 14:22 schrieb Christophe JAILLET:
Hi,
this patch is in the backport proposal for 2.4.x.
See my remarks below.
The only one that worse it is the one for comparison on new varbuf
length either with or with =
Best regards,
CJ
Le 02/10/2014 11:50, rj...@apache.org a écrit :
The following commit emails are currently missing for the httpd project:
r1643034
r1643035
r1643036
r1643037
r1643094
r1643118
r1643271
The list was created by comparing the mails that I received with the svn
log of the main project directory.
I wrote a simple perl script that gets the log
Am 26.01.2015 um 14:14 schrieb Eric Covener:
On Mon, Jan 26, 2015 at 8:08 AM, Jim Jagielski j...@jagunet.com wrote:
svn diff https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.11
https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.12 | cdiff
first one should be 2.4.10 (not that it
Hi,
Am 08.02.2015 um 01:48 schrieb Davis:
Is backporting of configuration parameters SSLSessionTicketKeyFile and
SSLSessionTickets to 2.2 branch welcome?
SSLSessionTickets for 2.2 has already been backported by Yann:
http://people.apache.org/~ylavic/httpd-2.2.x-SSLSessionTickets.patch
It is
Am 17.01.2015 um 03:58 schrieb rj...@apache.org:
Author: rjung
Date: Sat Jan 17 02:58:24 2015
New Revision: 1652559
URL: http://svn.apache.org/r1652559
Log:
Fix failing test.
After r1651085 for mod_cgi we log cgi script
stderr to ScriptLog. Two of our test scripts
write 8KB to STDERR,
Hi Jan,
Am 23.09.2014 um 13:14 schrieb jkal...@apache.org:
Author: jkaluza
Date: Tue Sep 23 11:14:09 2014
New Revision: 1626978
URL: http://svn.apache.org/r1626978
Log:
mod_cgi: log cgi script stderr to ScriptLog, use APLOGNO for log_scripterror
errors.
Modified:
Am 17.01.2015 um 05:45 schrieb Rainer Jung:
Hi Jan,
Am 23.09.2014 um 13:14 schrieb jkal...@apache.org:
Author: jkaluza
Date: Tue Sep 23 11:14:09 2014
New Revision: 1626978
URL: http://svn.apache.org/r1626978
Log:
mod_cgi: log cgi script stderr to ScriptLog, use APLOGNO for
log_scripterror
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to MaxConnectionsPerChild get cleaned up
after some time but this one doesn't. It now hangs for more than an
hour. I'll let it hang. In case
701 - 800 of 1303 matches
Mail list logo
