Re: Time for httpd 2.4.0-RC1 ??

[zhiguo zhao]

mod_lua document is not match with source code.
A lot of instruction removed or added.

2011/12/12 Eric Covener cove...@gmail.com

 On Mon, Dec 12, 2011 at 9:14 AM, zhiguo zhao zha...@gmail.com wrote:
  -1
 
  I think document is not finished.

 Which documents specifically?  I think we'll settle for a long way
 from finished for documentation, like adequate.

Re: Time for httpd 2.4.0-RC1 ??

[Eric Covener]

On Mon, Dec 12, 2011 at 5:00 PM, zhiguo zhao zha...@gmail.com wrote:
 mod_lua document is not match with source code.
 A lot of instruction removed or added.

I don't personally see this as a release blocker. The doc says it's
experimental, and what's there largely works (AFAIK)

Specific shortcomings in bugzilla would be helpful.

Re: Time for httpd 2.4.0-RC1 ??

[Jim Jagielski]

On Dec 12, 2011, at 4:23 AM, Eric Covener wrote:

 On Mon, Dec 12, 2011 at 5:00 PM, zhiguo zhao zha...@gmail.com wrote:
 mod_lua document is not match with source code.
 A lot of instruction removed or added.
 
 I don't personally see this as a release blocker. The doc says it's
 experimental, and what's there largely works (AFAIK)
 
 Specific shortcomings in bugzilla would be helpful.
 

+1… As RM I don't consider this a blocker.

Issue in building Apache 2.2.21 src in AIX 7.1 with GCC.

[rajasun]

I am a newbie to apache build process. I have tried to build the apache
v2.2.21 source on AIX 7.1 (with GNU compiler setup) with the following
configure options. The config.log is attached 
http://old.nabble.com/file/p32958809/config.log config.log .
./configure --prefix=/var/www/httpd --with-included-apr --enable-proxy
--enable-proxy-ajp --enable-proxy-balancer

The build process fails in the final step of creating the binary for httpd
with an undefined symbol error:
/var/www/src/httpd-2.2.21/srclib/apr/libtool --silent --mode=link
gcc -g -O2 -pthread -Wl,-brtl  -L/opt/freeware/lib -L/opt/pware64/lib -o
httpd  modules.lo buildmark.o -export-dynamic -Wl,-uXML_Parse
-Wl,-bE:/var/www/src/httpd-2.2.21/server/httpd.exp server/libmain.la 
modules/aaa/libmod_authn_file.la modules/aaa/libmod_authn_default.la
modules/aaa/libmod_authz_host.la modules/aaa/libmod_authz_groupfile.la
modules/aaa/libmod_authz_user.la modules/aaa/libmod_authz_default.la
modules/aaa/libmod_auth_basic.la modules/filters/libmod_include.la
modules/filters/libmod_filter.la modules/loggers/libmod_log_config.la
modules/metadata/libmod_env.la modules/metadata/libmod_setenvif.la
modules/metadata/libmod_version.la modules/proxy/libmod_proxy.la
modules/proxy/libmod_proxy_connect.la modules/proxy/libmod_proxy_ftp.la
modules/proxy/libmod_proxy_http.la modules/proxy/libmod_proxy_scgi.la
modules/proxy/libmod_proxy_ajp.la modules/proxy/libmod_proxy_balancer.la
modules/http/libmod_http.la modules/http/libmod_mime.la
modules/generators/libmod_status.la modules/generators/libmod_autoindex.la
modules/generators/libmod_asis.la modules/generators/libmod_cgi.la
modules/mappers/libmod_negotiation.la modules/mappers/libmod_dir.la
modules/mappers/libmod_actions.la modules/mappers/libmod_userdir.la
modules/mappers/libmod_alias.la modules/mappers/libmod_so.la 
server/mpm/prefork/libprefork.la  os/unix/libos.la -lm
/var/www/src/httpd-2.2.21/srclib/pcre/libpcre.la
/var/www/src/httpd-2.2.21/srclib/apr-util/libaprutil-1.la
/var/www/src/httpd-2.2.21/srclib/apr-util/xml/expat/libexpat.la
/var/www/src/httpd-2.2.21/srclib/apr/libapr-1.la -lpthread
ld: 0711-317 ERROR: Undefined symbol: .XML_StopParser
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more
information.
collect2: ld returned 8 exit status
make: The error code from the last command is 1.

Stop.
make: The error code from the last command is 1.


I need help on resolving this issue. What is the reason for this failure ??

Thanks,
Raja.
 

-- 
View this message in context: 
http://old.nabble.com/Issue-in-building-Apache-2.2.21-src-in-AIX-7.1-with-GCC.-tp32958809p32958809.html
Sent from the Apache HTTP Server - Dev mailing list archive at Nabble.com.

Re: Issue in building Apache 2.2.21 src in AIX 7.1 with GCC.

[Igor Galić]

- Original Message -

 I am a newbie to apache build process. I have tried to build the
 apache
 v2.2.21 source on AIX 7.1 (with GNU compiler setup) with the
 following
 configure options. The config.log is attached
 http://old.nabble.com/file/p32958809/config.log config.log .
 ./configure --prefix=/var/www/httpd --with-included-apr
 --enable-proxy
 --enable-proxy-ajp --enable-proxy-balancer

 The build process fails in the final step of creating the binary for
 httpd
 with an undefined symbol error:
 /var/www/src/httpd-2.2.21/srclib/apr/libtool --silent
 --mode=link
 gcc -g -O2 -pthread -Wl,-brtl  -L/opt/freeware/lib
 -L/opt/pware64/lib -o
 httpd  modules.lo buildmark.o -export-dynamic -Wl,-uXML_Parse

But seriously, what is this ^ -- What's -Wl,-uXML_Parse ?
Effectively this is an LDFLAG -uXML_Parse - but what's that do?
Why is it there?

According to:

  
http://publib.boulder.ibm.com/infocenter/aix/v7r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds3%2Fld.htm

  -uNamePrevents garbage collection of the external symbol Name.
If the specified symbol does not exist, a warning is
reported. You can repeat this flag.

Still doesn't quite make sense. This is C. The chances of something
being garbage collected are near to non-existent.


 -Wl,-bE:/var/www/src/httpd-2.2.21/server/httpd.exp server/libmain.la
 modules/aaa/libmod_authn_file.la modules/aaa/libmod_authn_default.la
 modules/aaa/libmod_authz_host.la
 modules/aaa/libmod_authz_groupfile.la
 modules/aaa/libmod_authz_user.la modules/aaa/libmod_authz_default.la
 modules/aaa/libmod_auth_basic.la modules/filters/libmod_include.la
 modules/filters/libmod_filter.la modules/loggers/libmod_log_config.la
 modules/metadata/libmod_env.la modules/metadata/libmod_setenvif.la
 modules/metadata/libmod_version.la modules/proxy/libmod_proxy.la
 modules/proxy/libmod_proxy_connect.la
 modules/proxy/libmod_proxy_ftp.la
 modules/proxy/libmod_proxy_http.la modules/proxy/libmod_proxy_scgi.la
 modules/proxy/libmod_proxy_ajp.la
 modules/proxy/libmod_proxy_balancer.la
 modules/http/libmod_http.la modules/http/libmod_mime.la
 modules/generators/libmod_status.la
 modules/generators/libmod_autoindex.la
 modules/generators/libmod_asis.la modules/generators/libmod_cgi.la
 modules/mappers/libmod_negotiation.la modules/mappers/libmod_dir.la
 modules/mappers/libmod_actions.la modules/mappers/libmod_userdir.la
 modules/mappers/libmod_alias.la modules/mappers/libmod_so.la
 server/mpm/prefork/libprefork.la  os/unix/libos.la -lm
 /var/www/src/httpd-2.2.21/srclib/pcre/libpcre.la
 /var/www/src/httpd-2.2.21/srclib/apr-util/libaprutil-1.la
 /var/www/src/httpd-2.2.21/srclib/apr-util/xml/expat/libexpat.la
 /var/www/src/httpd-2.2.21/srclib/apr/libapr-1.la -lpthread
 ld: 0711-317 ERROR: Undefined symbol: .XML_StopParser
 ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more
 information.

Why don't you add -bloadmap or -bnoquiet to LDFLAGS and see
what the linker suggests? - Maybe it already knows what's up

 collect2: ld returned 8 exit status
 make: The error code from the last command is 1.

 Stop.
 make: The error code from the last command is 1.


 I need help on resolving this issue. What is the reason for this
 failure ??

 Thanks,
 Raja.

So long,
i

--
Igor Galić

Tel: +43 (0) 664 886 22 883
Mail: i.ga...@brainsware.org
URL: http://brainsware.org/
GPG: 6880 4155 74BD FD7C B515  2EA5 4B1D 9E08 A097 C9AE

Re: Time for httpd 2.4.0-RC1 ??

[Stefan Fritsch]

On Sunday 11 December 2011, Graham Leggett wrote:
 On 11 Dec 2011, at 15:01, Jim Jagielski j...@jagunet.com wrote:
  Now that apu-1.4.1 is close to release, it looks like we are
  close to being able to have our 1st RC for 2.4.0...
  
  My plan is to TR sometime this week...
 
 +1.

BTW, is there any reason why r1210261 (mod_slotmem_shm conf syntax) 
has not been backported yet?

Apart from that, +1.

Re: [RFC] further proxy/rewrite URL validation security issue (CVE-2011-4317)

[Jeff Trawick]

On Mon, Nov 28, 2011 at 9:38 AM, Joe Orton jor...@redhat.com wrote:
 On Thu, Nov 24, 2011 at 11:37:34PM +0100, Rainer Jung wrote:
 Don't know whether that could happen here, but could OPTIONS * be
 a problem?

 Hmmm, another good question.

 What should mod_rewrite or mod_proxy's translate_name hook do for a
 request-URI of *?  2616 says:

         The asterisk * means that the request does not apply to a
   particular resource, but to the server itself

 ... so I would say they should return DECLINED for *?  It makes no
 sense to apply rewrite rules against *, nor can it be proxied.

 Index: modules/mappers/mod_rewrite.c
 ===
 --- modules/mappers/mod_rewrite.c       (revision 1203669)
 +++ modules/mappers/mod_rewrite.c       (working copy)
 @@ -4266,6 +4266,18 @@
         return DECLINED;
     }

 +    if (strcmp(r-unparsed_uri, *) == 0) {
 +        /* Don't apply rewrite rules to *. */
 +        return DECLINED;
 +    }
 +
 +    /* Check that the URI is valid. */
 +    if (!r-uri || r-uri[0] != '/') {
 +        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
 +                     Invalid URI in request %s, r-the_request);
 +        return HTTP_BAD_REQUEST;
 +    }
 +
     /*
      *  add the SCRIPT_URL variable to the env. this is a bit complicated
      *  due to the fact that apache uses subrequests and internal redirects
 Index: modules/proxy/mod_proxy.c
 ===
 --- modules/proxy/mod_proxy.c   (revision 1203669)
 +++ modules/proxy/mod_proxy.c   (working copy)
 @@ -566,6 +566,18 @@
         return OK;
     }

 +    if (strcmp(r-unparsed_uri, *) == 0) {
 +        /* * cannot be proxied. */
 +        return DECLINED;
 +    }
 +
 +    /* Check that the URI is valid. */
 +    if (!r-uri  || r-uri[0] != '/') {
 +        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
 +                     Invalid URI in request %s, r-the_request);
 +        return HTTP_BAD_REQUEST;
 +    }
 +
     /* XXX: since r-uri has been manipulated already we're not really
      * compliant with RFC1945 at this point.  But this probably isn't
      * an issue because this is a hybrid proxy/origin server.

The new code and the core translate name hook agree on something critical:

if it isn't * and it isn't a fully qualified path, return 400.

For proxy and rewrite to return 400 without knowing if these were
proxied or rewritten requests implies that it is never valid (as
returning 400 from those hooks will bypass other hooks that might be
able to handle that).

One of the following should be true:

a) (if always invalid) core should check the condition before running
translate name
b) (if not always invalid) proxy and rewrite should decline (like
alias) instead of returning 400, in case there is still another hook
that runs before core and needs to handle it

Make sense?

Re: Effective IP address / real IP address

[William A. Rowe Jr.]

I have a frustrating update, which we need to take into consideration for
the whole remote_ip-related resolution.  From the httpd-ng workgroup...

On 09/12/2011, at 9:27 AM, William A. Rowe Jr. wrote to http-ng;

 On 12/8/2011 12:33 PM, Karl Dubost wrote:
 Le 8 déc. 2011 à 14:55, Larry Masinter a écrit :
 I think Karl's rewording is worse. The point I really wanted to make was 
 that
documents that follow HTTP terminology often make the mistake of assuming a 
user agent
has a user.
 Ahah! I didn't have the initial context. :)

 But if client means the same thing as user agent, then why have a 
 separate term?

 I would rather prefer client everywhere too.

 What wikipedia says:

  In computing, a user agent is a client application
  implementing a network protocol used in communications
  within a client–server distributed computing system.
  — http://en.wikipedia.org/wiki/User_agent
 We just had this discussion at the ASF httpd project.

 In a proxy chain, each proxy server is a user agent itself reaching
 out to the next server in the chain.  It is possible to describe
 these each as clients, but when you start looking at end-to-end
 definitions, client suggests the originating user agent (app, or
 browser, or service).

 So UA and client do have distinct connotations.

Mark Nottingham m...@mnot.net response to my observation below;

That's exactly backwards from how we have always used the terms in HTTP -

1945:

client

An application program that establishes connections for the
purpose of sending requests.

user agent

The client which initiates a request. These are often browsers,
editors, spiders (web-traversing robots), or other end user
tools.

2068:

client
   A program that establishes connections for the purpose of sending
   requests.

user agent
   The client which initiates a request. These are often browsers,
   editors, spiders (web-traversing robots), or other end user tools.

2616:

client
   A program that establishes connections for the purpose of sending
   requests.

user agent
   The client which initiates a request. These are often browsers,
   editors, spiders (web-traversing robots), or other end user tools.

Re: svn commit: r1210378 - /httpd/httpd/trunk/server/util_expr_eval.c

[Guenter Knauf]

Hi Stefan,
Am 05.12.2011 10:38, schrieb s...@apache.org:

Author: sf
Date: Mon Dec  5 09:38:44 2011
New Revision: 1210378

URL: http://svn.apache.org/viewvc?rev=1210378view=rev
Log:
Fix a few compiler warning reported by Steffen:
- some signed/unsigned mismatches
- const for a function does not make sense

Modified:
 httpd/httpd/trunk/server/util_expr_eval.c

Modified: httpd/httpd/trunk/server/util_expr_eval.c
URL: 
http://svn.apache.org/viewvc/httpd/httpd/trunk/server/util_expr_eval.c?rev=1210378r1=1210377r2=1210378view=diff
==
--- httpd/httpd/trunk/server/util_expr_eval.c (original)
+++ httpd/httpd/trunk/server/util_expr_eval.c Mon Dec  5 09:38:44 2011
@@ -47,9 +47,10 @@ AP_IMPLEMENT_HOOK_RUN_FIRST(int, expr_lo
  static const char *ap_expr_eval_string_func(ap_expr_eval_ctx_t *ctx,
  const ap_expr_t *info,
  const ap_expr_t *args);
-static const char *ap_expr_eval_re_backref(ap_expr_eval_ctx_t *ctx, int n);
+static const char *ap_expr_eval_re_backref(ap_expr_eval_ctx_t *ctx,
+   unsigned int n);
  static const char *ap_expr_eval_var(ap_expr_eval_ctx_t *ctx,
-const ap_expr_var_func_t *func,
+ap_expr_var_func_t *func,
  const void *data);

  /* define AP_EXPR_DEBUG to log the parse tree when parsing an expression */
@@ -132,7 +133,7 @@ static const char *ap_expr_eval_word(ap_
  break;
  }
  case op_RegexBackref: {
-const int *np = node-node_arg1;
+const unsigned int *np = node-node_arg1;
  result = ap_expr_eval_re_backref(ctx, *np);
  break;
  }
@@ -147,7 +148,7 @@ static const char *ap_expr_eval_word(ap_
  }

  static const char *ap_expr_eval_var(ap_expr_eval_ctx_t *ctx,
-const ap_expr_var_func_t *func,
+ap_expr_var_func_t *func,
  const void *data)
  {
  AP_DEBUG_ASSERT(func != NULL);
@@ -155,7 +156,7 @@ static const char *ap_expr_eval_var(ap_e
  return (*func)(ctx, data);
  }

-static const char *ap_expr_eval_re_backref(ap_expr_eval_ctx_t *ctx, int n)
+static const char *ap_expr_eval_re_backref(ap_expr_eval_ctx_t *ctx, unsigned 
int n)
  {
  int len;

@@ -673,7 +674,7 @@ static void expr_dump_tree(const ap_expr
  static int ap_expr_eval_unary_op(ap_expr_eval_ctx_t *ctx, const ap_expr_t 
*info,
   const ap_expr_t *arg)
  {
-const ap_expr_op_unary_t *op_func = info-node_arg1;
+ap_expr_op_unary_t *op_func = info-node_arg1;
  const void *data = info-node_arg2;

  AP_DEBUG_ASSERT(info-node_op == op_UnaryOpInfo);
@@ -686,7 +687,7 @@ static int ap_expr_eval_binary_op(ap_exp
const ap_expr_t *info,
const ap_expr_t *args)
  {
-const ap_expr_op_binary_t *op_func = info-node_arg1;
+ap_expr_op_binary_t *op_func = info-node_arg1;
  const void *data = info-node_arg2;
  const ap_expr_t *a1 = args-node_arg1;
  const ap_expr_t *a2 = args-node_arg2;

I got reported that since this commit NetWare compilation breaks:

 CC   server/util_expr_eval.c
 ### mwccnlm Compiler:
 #File: server\util_expr_eval.c
 # 
 #  92:  result = ap_expr_eval_var(ctx, node-node_arg1, 
node-node_arg2);
 #   Error: 
  ^

 #   illegal implicit conversion from 'const void *const ' to
 #   'char * (*)(struct  *, const void *)'
 ### mwccnlm Compiler:
 # 677:  ap_expr_op_unary_t *op_func = info-node_arg1;
 #   Error:   ^
 #   illegal implicit conversion from 'const void *const ' to
 #   'int (*)(struct  *, const void *, const char *)'
 ### mwccnlm Compiler:
 # 690:  ap_expr_op_binary_t *op_func = info-node_arg1;
 #   Error:^
 #   illegal implicit conversion from 'const void *const ' to
 #   'int (*)(struct  *, const void *, const char *, const char *)'

sorry, but I only post due to RC1 plans in the hope you can take a look 
- I had absolutely no time yet to look at (and ATM still dont have) 


greets, Gün.

Re: svn commit: r1210378 - /httpd/httpd/trunk/server/util_expr_eval.c

[Stefan Fritsch]

On Tuesday 13 December 2011, Guenter Knauf wrote:
 Hi Stefan,
 
 Am 05.12.2011 10:38, schrieb s...@apache.org:
  Author: sf
  Date: Mon Dec  5 09:38:44 2011
  New Revision: 1210378
  
  URL: http://svn.apache.org/viewvc?rev=1210378view=rev
  Log:
  Fix a few compiler warning reported by Steffen:
  - some signed/unsigned mismatches
  - const for a function does not make sense
  
  Modified:
   httpd/httpd/trunk/server/util_expr_eval.c



 I got reported that since this commit NetWare compilation breaks:
   CC   server/util_expr_eval.c
   ### mwccnlm Compiler:
   #File: server\util_expr_eval.c
   # 
   #  92:  result = ap_expr_eval_var(ctx,
   node-node_arg1,
 
 node-node_arg2);
 
   #   Error:
^
 
   #   illegal implicit conversion from 'const void *const ' to
   #   'char * (*)(struct  *, const void *)'
   ### mwccnlm Compiler:
   # 677:  ap_expr_op_unary_t *op_func = info-node_arg1;
   #   Error:   ^
   #   illegal implicit conversion from 'const void *const ' to
   #   'int (*)(struct  *, const void *, const char *)'
   ### mwccnlm Compiler:
   # 690:  ap_expr_op_binary_t *op_func = info-node_arg1;
   #   Error:^
   #   illegal implicit conversion from 'const void *const ' to
   #   'int (*)(struct  *, const void *, const char *, const char
   *)'
 
 sorry, but I only post due to RC1 plans in the hope you can take a
 look - I had absolutely no time yet to look at (and ATM still dont
 have) 
 
 greets, Gün.

I think r1213567/r1213570 should fix it. Would be nice if you (or 
someone else) could check it, though.

Cheers,
Stefan

Re: Issue in building Apache 2.2.21 src in AIX 7.1 with GCC.

[rajasun]

 httpd  modules.lo buildmark.o -export-dynamic -Wl,-uXML_Parse
But seriously, what is this ^ -- What's -Wl,-uXML_Parse ?
Effectively this is an LDFLAG -uXML_Parse - but what's that do?
Why is it there?
According to:
 
 http://publib.boulder.ibm.com/infocenter/aix/v7r1/index.jsp?topic=%2Fcom.ibm.aix.cmds%2Fdoc%2Faixcmds3%2Fld.htm
  -uNamePrevents garbage collection of the external symbol Name.
If the specified symbol does not exist, a warning is
reported. You can repeat this flag.

Am not an expert in the AIX loader. So unable to answer to your query. 
These flags are automatically added by configure script  no special
settings is done in the build environment for them to appear. 

Why don't you add -bloadmap or -bnoquiet to LDFLAGS and see
what the linker suggests? - Maybe it already knows what's up
I did not add these flags.. But on further analysis it appears that there
was an expat header file in the include path which is of version 2.x.x. But
the expat library finally linked though was from Apache src (1.95.x). That
is why this mismatch had happened.  

After installing libexpat 2.x.x library separately, I am able to compile the
Apache src cleanly.
-- 
View this message in context: 
http://old.nabble.com/Issue-in-building-Apache-2.2.21-src-in-AIX-7.1-with-GCC.-tp32958809p32963974.html
Sent from the Apache HTTP Server - Dev mailing list archive at Nabble.com.