Re: Moderations for modules.apache.org
On 11/9/2015, 1:54:59 PM, Graham Leggettwrote: > On 09 Nov 2015, at 2:41 PM, Daniel Gruno wrote: > > > You're welcome to try to clean it up ;) > > make a user account on the system and give me the UID of that user (the > > ID, not the username - there are tens of thousands of users, so I can't > > see them all in the admin interface anymore). > > :) > > > I am contemplating removing all users/mods and adding some recaptcha > > stuff to it soon, but enotime right now. > > Is there a way to leverage LDAP at all? (Or whatever backs the JIRA et al > instances) > JIRA isn't LDAP backed, FWIW. And no, we wanted it to be open to the larger public to submit modules, not just committers. But the rub is, we are being attacked manually by actual people sending in garbage stuff, bypassing the security checks. I'm not entirely sure how to combat this, but I do have a few ideas. They require something close to a complete wipe of the database , however. With regards, Daniel. > Regards, > Graham > â > > -- Sent via Pony Mail for dev@httpd.apache.org. View this email online at: https://pony-poc.apache.org/list.html?dev@httpd.apache.org
Re: [VOTE] Release Apache httpd 2.4.17 as GA
Am 11.10.2015 um 22:06 schrieb Rainer Jung: Am 11.10.2015 um 21:14 schrieb Reindl Harald: Am 11.10.2015 um 21:07 schrieb Yann Ylavic: On Sun, Oct 11, 2015 at 8:59 PM, Reindl Haraldwrote: Google only showed discussions, Bugzilla and so on and finding the new directive is hard - maybe the hint should made it into the changelog for GA release Yes you're right, I should have mentioned that directive in the CHANGES entry. Unfortunately I'm afraid it's too late now, the 2.4.17 tag is frozen. Hopefully the (new) documentation will quickly be indexed... no problem since it's diabled by default "ab -c 100 -n 5 http://small-image.gif; did not make me that happy after a short test on a quadcore machine, after some time httpd stopped to respond for a tinay statical image with a few bytes # SO_REUSEPORT support # = 2.4.17> # ListenCoresBucketsRatio 4 # You might run into problems if your server accumulates to many TIME_WAIT connections. Check their number in the "netstat -an" output. ab without "-k" does in connection per request and if those are only used very short and the server is fast you can end up with a couple of 10.000s of TIME_WAIT connections (independent of SO_REUSEPORT) sorry for the last reply no, it's only when "ListenCoresBucketsRatio 4" is used while otherwise a "ab -c 100 -n 500 http://small-image.gif; is no problem signature.asc Description: OpenPGP digital signature
Re: Moderations for modules.apache.org
I'm a bit slow this morning. I'm sitting here, using Pony Mail for replying, not realizing...we should use OAuth for this! It would still require a wipe of the current DB, but if we use the ASF OAuth plus maybe Google OAuth for non-committers, we should be able to allow only _actual people_ to contribute to this. :) Does this sound like a good idea, or complete overkill? With regards, Daniel. On 11/9/2015, 1:54:59 PM, Graham Leggettwrote: > On 09 Nov 2015, at 2:41 PM, Daniel Gruno wrote: > > > You're welcome to try to clean it up ;) > > make a user account on the system and give me the UID of that user (the > > ID, not the username - there are tens of thousands of users, so I can't > > see them all in the admin interface anymore). > > :) > > > I am contemplating removing all users/mods and adding some recaptcha > > stuff to it soon, but enotime right now. > > Is there a way to leverage LDAP at all? (Or whatever backs the JIRA et al > instances) > > Regards, > Graham > â > > -- Sent via Pony Mail for dev@httpd.apache.org. View this email online at: https://pony-poc.apache.org/list.html?dev@httpd.apache.org
Re: Moderations for modules.apache.org
On Wed, 2015-11-11 at 11:27 +, Daniel Gruno wrote: > Does this sound like a good idea, or complete overkill? I have long thought we might employ an alternative scheme akin to a "planet" aggregator. Make the module index an aggregator from module authors providing and maintaining their own descriptions as DOAP files. That way an author doesn't have to go through any manual process or moderation to update entries, and the admin burden is reduced. We still have to bootstrap new authors wanting us to aggregate their DOAP URLs. We could fully automate it for committers by auto-approving apache.org URLs, leaving a much reduced space for manual moderation and still vulnerable to spam attacks. Then we can reduce that further by requiring oauth as you suggest. And once the OpenMiracl podling has a TA up-and-running, we can deploy that to help open a wider circle of strong trust. Just a thought. -- Nick Kew
cppcheck warning with mod_http2
Hi, mod_http2 generates some new cppcheck warnings: modules/http2/h2_config.h 62unnecessaryForwardDeclarationstyleThe struct 'h2_config' forward declaration is unnecessary. Type struct is already declared earlier. modules/http2/h2_io_set.h 25unnecessaryForwardDeclarationstyleThe struct 'h2_io_set' forward declaration is unnecessary. Type struct is already declared earlier. modules/http2/h2_mplx.c 106redundantAssignmentstyleVariable 'status' is reassigned a value before the old one has been used. modules/http2/h2_request.c 87unsignedLessThanZerostyleChecking if unsigned variable 'nlen' is less than zero. modules/http2/h2_response.h 34unnecessaryForwardDeclarationstyleThe struct 'h2_response' forward declaration is unnecessary. Type struct is already declared earlier. modules/http2/h2_session.c 1150unusedStructMemberstylestruct or union member 'nvctx_t::offset' is never used. modules/http2/h2_task.c 211redundantAssignmentstyleVariable 'status' is reassigned a value before the old one has been used. modules/http2/h2_to_h1.c 284redundantAssignmentstyleVariable 'status' is reassigned a value before the old one has been used. At least this one is spurious: modules/http2/h2_session.c 1150unusedStructMemberstylestruct or union member 'nvctx_t::offset' is never used. nvctx_t is defined both in h2_session and in h2_response. Only the latter seems useful. I think that the one in h2_session could be completely dropped. Best regards, CJ