> Am 18.08.2025 um 09:39 schrieb Ruediger Pluem <[email protected]>:
>
>
>
> On 8/15/25 1:23 PM, [email protected] wrote:
>> Author: icing
>> Date: Fri Aug 15 11:23:29 2025
>> New Revision: 1927807
>>
>> Log:
>> *) mod_md: update to version 2.6.1
>> - Increasing default `MDRetryDelay` to 30 seconds to generate less bursty
>> traffic on errored renewals for the ACME CA. This leads to error
>> retries
>> of 30s, 1 minute, 2, 4, etc. up to daily attempts.
>> - Checking that configuring `MDRetryDelay` will result in a positive
>> duration. A delay of 0 is not accepted.
>> - Fix a bug in checking Content-Type of responses from the ACME server.
>> - Added ACME ARI support (rfc9773) to the module. Enabled by default. New
>> directive "MDRenewViaARI on|off" for controlling this.
>> - Removing tailscale support. It has not been working for a long time
>> as the company decided to change their APIs. Away with the dead code,
>> documentation and tests.
>> - Fixed a compilation issue with pre-industrial versions of libcurl.
>>
>> Added:
>> httpd/httpd/trunk/changes-entries/md_v2.6.1.txt
>> Deleted:
>> httpd/httpd/trunk/modules/md/md_tailscale.c
>> httpd/httpd/trunk/modules/md/md_tailscale.h
>> httpd/httpd/trunk/test/modules/md/test_780_tailscale.py
>> Modified:
>> httpd/httpd/trunk/docs/manual/mod/mod_md.xml
>> httpd/httpd/trunk/modules/md/config2.m4
>> httpd/httpd/trunk/modules/md/md.h
>> httpd/httpd/trunk/modules/md/md_acme.c
>> httpd/httpd/trunk/modules/md/md_acme.h
>> httpd/httpd/trunk/modules/md/md_acme_authz.c
>> httpd/httpd/trunk/modules/md/md_acme_drive.c
>> httpd/httpd/trunk/modules/md/md_acme_order.c
>> httpd/httpd/trunk/modules/md/md_acme_order.h
>> httpd/httpd/trunk/modules/md/md_acmev2_drive.c
>> httpd/httpd/trunk/modules/md/md_core.c
>> httpd/httpd/trunk/modules/md/md_crypt.c
>> httpd/httpd/trunk/modules/md/md_crypt.h
>> httpd/httpd/trunk/modules/md/md_http.c
>> httpd/httpd/trunk/modules/md/md_json.c
>> httpd/httpd/trunk/modules/md/md_reg.c
>> httpd/httpd/trunk/modules/md/md_reg.h
>> httpd/httpd/trunk/modules/md/md_status.c
>> httpd/httpd/trunk/modules/md/md_time.c
>> httpd/httpd/trunk/modules/md/md_time.h
>> httpd/httpd/trunk/modules/md/md_version.h
>> httpd/httpd/trunk/modules/md/mod_md.c
>> httpd/httpd/trunk/modules/md/mod_md.dsp
>> httpd/httpd/trunk/modules/md/mod_md_config.c
>> httpd/httpd/trunk/modules/md/mod_md_config.h
>> httpd/httpd/trunk/modules/md/mod_md_drive.c
>> httpd/httpd/trunk/modules/md/mod_md_status.c
>> httpd/httpd/trunk/test/modules/md/md_conf.py
>> httpd/httpd/trunk/test/modules/md/test_702_auto.py
>> httpd/httpd/trunk/test/modules/md/test_710_profiles.py
>> httpd/httpd/trunk/test/modules/md/test_730_static.py
>> httpd/httpd/trunk/test/modules/md/test_920_status.py
>>
>
>>
>> Modified: httpd/httpd/trunk/modules/md/md_status.c
>> ==============================================================================
>> --- httpd/httpd/trunk/modules/md/md_status.c Fri Aug 15 10:27:32 2025
>> (r1927806)
>> +++ httpd/httpd/trunk/modules/md/md_status.c Fri Aug 15 11:23:29 2025
>> (r1927807)
>
>> @@ -598,11 +612,19 @@ apr_time_t md_job_delay_on_errors(md_job
>> delay = max_delay;
>> }
>> else if (err_count > 0) {
>> - /* back off duration, depending on the errors we encounter in a row
>> */
>> - delay = job->min_delay << (err_count - 1);
>> - if (delay > max_delay) {
>> - delay = max_delay;
>> + /* back off duration, depending on the errors we encounter in a row.
>> + * As apr_time_t is signed, this might wrap around*/
>> + int i;
>> + delay = job->min_delay;
>> + for (i = 0; i < err_count; ++i) {
>> + delay <<= 1;
>> + if ((delay <= 0) || (delay > max_delay)) {
>> + delay = max_delay;
>> + break;
>> + }
>> }
>> + if (delay > max_delay)
>> + delay = max_delay;
>
> I don't think that delay can be > max_delay here.
I realized one mistake: the first error already triggers a doubling of the
delay. Will fix that.
Why do you think that the doubling could never reach the cap? I seem to be
unable to see that...
Cheers,
Stefan
>
>> }
>> if (delay > 0) {
>> /* jitter the delay by +/- 0-50%.
>>
>
> Regards
>
> RĂ¼diger
>
