Re: mod_md backports and happy turkey day

2017-11-27 Thread Stefan Eissing
4.x. After that, the 2.4.x-mod_md branch moves into the attic. I hope this works well for people not that familiar with diff/patch. Cheers, Stefan > Am 25.11.2017 um 11:30 schrieb Stefan Eissing <stefan.eiss...@greenbytes.de>: > > > >> Am 24.11.2017 um 21:06 schrieb

http2 + websocket

2017-11-22 Thread Stefan Eissing
WebSocket fans, if you have not seen it, have a look at: https://tools.ietf.org/html/draft-mcmanus-httpbis-h2-websockets-02 If you develop on mod_proxy_wstunnel or have some other means, like Graham's mod_wsgi, to use websockets with Apache, I am all ears if you want to make your module do

Re: apache 2.4.29: mod_http2 stucks from time to time

2017-11-23 Thread Stefan Eissing
riebe - Profihost AG: >>> Hell Stefan, >>> >>> will send a log to you in a few seconds via private email. >>> >>> Greets, >>> Stefan >>> >>> Am 21.11.2017 um 23:18 schrieb Stefan Eissing: >>>> sorry for the late reply. for

mod_md backports and happy turkey day

2017-11-23 Thread Stefan Eissing
Happy Turkey everyone! Just added backport proposals and patches for mod_md to 2.4.x/STATUS. The mod_ssl patch proposed is the minimal one, without policy or other niceties. I hope I did get all Windows related changes, people might want to check this. Also, I think I just got the basics from

Re: apache 2.4.29: mod_http2 stucks from time to time

2017-11-23 Thread Stefan Eissing
2017 um 14:10 schrieb Stefan Eissing: >> Interesting. I assume that otherwise this host is the same (OS/CPU etc.) as >> others where it runs without probs? > > Yes and no i got some more reports by colleagues where they've disabled > http2 as the customers had unexpected long loadi

Re: mod_ssl and SSLPolicy

2017-11-29 Thread Stefan Eissing
Having slept a night over this and the mod_md config change request, I say this leaves me somewhat sour. A request for an unspecified change by someone important in this project is basically blocking any progress for me. I am sure that was not your intention, but I feel the current choice of

Re: directive to reject non-configured hostnames w/o needing catch-all virtual hosts?

2017-11-30 Thread Stefan Eissing
That sounds like a simple feat for mod_md, since it scans and collects that information already. > Am 30.11.2017 um 04:08 schrieb Eric Covener : > > At $dayjob I am seeing a lot of users running scans that flag any HTTP > response that incorporates the Host header into the

Re: mod_md backports and happy turkey day

2017-11-25 Thread Stefan Eissing
> Am 24.11.2017 um 21:06 schrieb Ruediger Pluem : > > > > On 11/24/2017 07:22 PM, Steffen wrote: >> -1 >> > >> >> >> *mod_ssl* >> --- >> mod-ssl, as pointed before is going to contain experimental code. Seen so >> far only patched mod-ssl tested with mod_md.

Re: mod_md backports and happy turkey day

2017-11-30 Thread Stefan Eissing
Before Xmas would be a good target date. Status: - The minimal mod_md changes for mod_ssl have the necessary votes. - mod_md is in renaming limbo - SSLPolicy is in renaming limbo and also stalled on the backport changes > Am 30.11.2017 um 15:08 schrieb Jim Jagielski : > >

Re: mod_md 1.1.0 repeating on error

2017-12-12 Thread Stefan Eissing
786> > > PS. > For windows there is still testing and work (like cmake) to be done. I did > not tested completely the .dsp/mak etc. I see in trunk there are still > changes on the way, so when voting starts for 2.4.30 then I shall test all > again. > > > Regards,

mod_md, le rename

2017-12-13 Thread Stefan Eissing
To all early adopters of mod_md: I just found out that my config rename in v1.1.0 is not backward compatible for several, valid configurations. If you deplay the new version (or get it now via PPAs), you most likely need to rename "

Re: 2.5 alpha proposal

2017-11-16 Thread Stefan Eissing
> Am 16.11.2017 um 14:03 schrieb William A Rowe Jr : > > So, we won't be able to ignore this for long... > > I'd propose we migrate dsp to the oldest supported vcproj format (my cvtdsp > can help get these flags right) for those who like the IDE, until we show > that cmake

Re: Serf support in trunk

2017-11-20 Thread Stefan Eissing
+1 for pulling it unless someone steps forward. > Am 19.11.2017 um 12:49 schrieb Rainer Jung : > > While testing the 2.5.0 alpha candidate I noticed, that our optional use of > serf in mod_proxy and mpm_event is pretty outdated (so unmaintained): > > - the serf API we

Re: Let's Encrypt Feature Release

2017-11-20 Thread Stefan Eissing
Disclaimer: Steffen and me got into each others hairs during the development and testing of mod_md. I often have difficulties understanding what he means. That led to frustrations on both sides, I suppose. In the comment below, I find several things factually wrong, so I need to answer. > Am

Re: apache 2.4.29: mod_http2 stucks from time to time

2017-11-21 Thread Stefan Eissing
21.11.2017 um 15:45 schrieb Stefan Eissing: >>> >>>> Am 21.11.2017 um 14:33 schrieb Stefan Priebe - Profihost AG >>>> <s.pri...@profihost.ag>: >>>> >>>> Hello Stefan, >>>> Hello Yann, >>>> >>>&

Re: apache 2.4.29: mod_http2 stucks from time to time

2017-11-21 Thread Stefan Eissing
> Am 21.11.2017 um 14:33 schrieb Stefan Priebe - Profihost AG > : > > Hello Stefan, > Hello Yann, > > me the http2 bug tester is calling again ;-) And the day was going so well... > We've the problem "most probably" since apadhe 2.4.29 that http2 stucks > from time to

Re: apache 2.4.29: mod_http2 stucks from time to time

2017-11-21 Thread Stefan Eissing
sorry for the late reply. for stucks trace2 is best. > Am 21.11.2017 um 19:35 schrieb Stefan Priebe - Profihost AG > <s.pri...@profihost.ag>: > > Hello Stefan, > > which loglevel do you need? trace2? > > Greets, > Stefan > >> Am 21.11.2017 um 1

Let's Encrypt Feature Release

2017-11-15 Thread Stefan Eissing
Now that Gregg has landed Windows build support in trunk (yay!), I would really like us to include the Let's Encrypt Support in the next 2.4 release as an experimental mod_md plus the required and recommended changes to mod_ssl. Atm there is one blocker that prevents me from proposing mod_ssl

windows building

2017-11-16 Thread Stefan Eissing
A big thanks to Steffen and Gregg for their inhuman efforts to get mod_md building on Windows. I think they are pretty close now, afaik, but if you build Apache on Windows, they sure can need another tester. Also many thanks to Rainer for cleaning up my .o/.slo mess. He fixed what I could not

Re: svn commit: r1813027 - /httpd/httpd/branches/2.4.x/STATUS

2017-11-03 Thread Stefan Eissing
Can we count that as a +1? > Am 01.11.2017 um 18:34 schrieb William A Rowe Jr : > > You are right, thanks. With the new _ex entry points the backport looks ABI > clean, nicely done Yann. > > On Nov 1, 2017 06:19, "Marion & Christophe JAILLET" >

Re: svn commit: r1811930 - in /httpd/httpd/branches/2.4.x: STATUS patches/backport-module-flags.diff

2017-11-06 Thread Stefan Eissing
Thanks for the review! Updated the patch. -Stefan > Am 06.11.2017 um 13:10 schrieb Yann Ylavic : > > On Thu, Oct 12, 2017 at 11:45 AM, wrote: >> Author: icing >> Date: Thu Oct 12 09:45:35 2017 >> New Revision: 1811930 >> >> URL:

Re: IncludeOptional: feature request to be less strict

2017-11-06 Thread Stefan Eissing
> Am 06.11.2017 um 12:25 schrieb Yann Ylavic : > > On Mon, Nov 6, 2017 at 9:21 AM, Joe Orton wrote: >> On Sat, Nov 04, 2017 at 01:15:07PM +0100, Luca Toscano wrote: >>> Hi everybody, >>> >>> in https://bz.apache.org/bugzilla/show_bug.cgi?id=57585 it

Re: We have soon 5 SVN repo's

2017-11-06 Thread Stefan Eissing
If we get a more automated release process and more frequent releases out of this, for all branches, I am happy. That is in no way to be understood as a critic on the many times Jim has done the RMing. I am curious to learn what will happen to trunk in regards to this and what ABI breaking

Re: apache 2.4.29: mod_http2 stucks from time to time

2017-12-02 Thread Stefan Eissing
my typo sent from my mobile phone. > > Am 23.11.2017 um 17:09 schrieb Stefan Eissing <stefan.eiss...@greenbytes.de>: > >> Hey, >> >> could you try the patch below and produce such a lovely log file again? >> H2MaxWorkers please back to before, unconfigured

Re: mod_ssl and SSLPolicy

2017-12-04 Thread Stefan Eissing
Thanks for all the input. What I see is consensus about the SSLPolicy change: 'SSLPolicy' -> stay as is ' '

mod_md and ManagedDomain

2017-12-04 Thread Stefan Eissing
Not much input regarding this naming change. Personally, I like to keep '

Re: [VOTE] Release httpd 2.5.0-alpha

2017-12-11 Thread Stefan Eissing
Daniel, I am very much interested in a smooth and more automated release process. However, I am very unfamiliar regarding what is all involved and cannot judge if it is complete. You'd probably want Jim's input on this. Cheers, Stefan > Am 09.12.2017 um 21:05 schrieb Daniel Ruggeri

Re: mod_md and ManagedDomain

2017-12-11 Thread Stefan Eissing
> Am 08.12.2017 um 19:35 schrieb William A Rowe Jr : > > On Tue, Dec 5, 2017 at 8:03 AM, Luca Toscano wrote: >> Maybe ManagedDomain and , as iiuc we are going to use >> for SSLPolicy? > > Just an observation, >

Re: mod_md and ManagedDomain

2017-12-11 Thread Stefan Eissing
> Am 11.12.2017 um 11:08 schrieb Stefan Eissing <stefan.eiss...@greenbytes.de>: > > >> Am 08.12.2017 um 19:35 schrieb William A Rowe Jr <wr...@rowe-clan.net>: >> >> On Tue, Dec 5, 2017 at 8:03 AM, Luca Toscano <toscano.l...@gmail.com> wrote: >&

Re: mod_md and ManagedDomain

2017-12-11 Thread Stefan Eissing
participated from the beginning. I do not > know how much is tested on other platforms by users. > > From now on I prefer to discuss issues/requests here at this list. And I like > to see test reports from non-windows platforms. > > @Jim In status I see you voted +1,

Re: mod_md 1.1.0 repeating on error

2017-12-12 Thread Stefan Eissing
verable, e.g. server/internet down. Your local certificate store not able to verify the LE server will not recover itself, however. > When does it happen, on what errors ? On any error where signup/renew is necessary and could not complete. > > > Steffen > > > On Tuesday

Re: mod_md 1.1.0 repeating on error

2017-12-12 Thread Stefan Eissing
And btw. what is the Windows OS version that your server runs on? And since you had mod_md running before, what did change in relation to Windows and the curl you use? > Am 12.12.2017 um 13:58 schrieb Stefan Eissing <stefan.eiss...@greenbytes.de>: > > > >> Am 12.

Re: mod_md 1.1.0 repeating on error

2017-12-12 Thread Stefan Eissing
documentation for now. If you want to add some Windows specific advice to the mod_md XML, please do so. Cheers, Stefan > Steffen > > On Tuesday 12/12/2017 at 14:21, Stefan Eissing wrote: >> *without* introducing new ones, I meant. Please provide a log. >> >>&g

Re: mod_md 1.1.0 repeating on error

2017-12-12 Thread Stefan Eissing
Can you switch to "LogLevel md:debug" for a while and send me the details? Did this start on the v1.1.0 or before that? > Am 11.12.2017 um 16:09 schrieb Steffen : > > > Running 1.1.0 with the new naming. > > When mod_md encounters an error it looks like it is going in a

2.4.x STATUS needs you!

2017-12-12 Thread Stefan Eissing
Fellow Apache developers: if we want to make an X-mas 2.4 release for the people on this planet, the backports in STATUS need your attention: B1: mod_proxy, mod_ssl: Handle SSLProxy* directives in sections, - needs 1 more vote! B2: mod_remoteip: Add PROXY protocol support - needs 1 more

Re: svn commit: r1817381 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_ssl.xml docs/manual/sections.xml modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_policies.h modules/

2017-12-12 Thread Stefan Eissing
Right, you are. Fixed in r1817894. Changes and Lookups happen now in the same main config pool, so the logic for subpools is no longer needed. Thanks for reviewing! -Stefan > Am 11.12.2017 um 21:08 schrieb Ruediger Pluem : > > > > On 12/07/2017 04:11 PM, ic...@apache.org

Re: mod_md 1.1.0 repeating on error

2017-12-12 Thread Stefan Eissing
> notify when there is some wrong. > > > On Tuesday 12/12/2017 at 13:58, Stefan Eissing wrote: >> >> >>> Am 12.12.2017 um 13:47 schrieb Steffen <i...@apachelounge.com>: >>> >>> It was happening before 1.1.0, but i did not give it atten

Re: mod_md 1.1.0 repeating on error

2017-12-12 Thread Stefan Eissing
*without* introducing new ones, I meant. Please provide a log. > Am 12.12.2017 um 14:21 schrieb Stefan Eissing <stefan.eiss...@greenbytes.de>: > > > >> Am 12.12.2017 um 14:17 schrieb Steffen <i...@apachelounge.com>: >> >> To be clear : As I said th

Re: mod_md and ManagedDomain

2017-12-05 Thread Stefan Eissing
user support. > > 2017-12-05 15:06 GMT+01:00 Stefan Eissing <stefan.eiss...@greenbytes.de>: >> ? >> >>> Am 05.12.2017 um 15:03 schrieb Luca Toscano <toscano.l...@gmail.com>: >>> >>> Maybe ManagedDomain and , as iiuc we are

Re: mod_md and ManagedDomain

2017-12-05 Thread Stefan Eissing
Totally agree with you. If you make a better proposal that avoids existing overlaps, I might just pick it up. -Stefan > Am 05.12.2017 um 14:40 schrieb Luca Toscano <toscano.l...@gmail.com>: > > Hi Stefan, > > 2017-12-04 14:16 GMT+01:00 Stefan Eissing <stefan.eiss...@gr

Re: mod_md and ManagedDomain

2017-12-05 Thread Stefan Eissing
? > Am 05.12.2017 um 15:03 schrieb Luca Toscano <toscano.l...@gmail.com>: > > Maybe ManagedDomain and , as iiuc we are going to use > for SSLPolicy? > > Luca > > 2017-12-05 14:47 GMT+01:00 Stefan Eissing <stefan.eiss...@greenbytes.de>: > Totally agree

Re: Pruning working branches (Was: Re: Why?)

2017-10-26 Thread Stefan Eissing
Thanks Greg. The proposed change is purely aestetic. You could make a dir /branches/attic" and move all candidates there. People wanting to "resurrect" them can simply move them back. This is not RCS. > Am 25.10.2017 um 20:21 schrieb Greg Stein : > > To be clear: "delete"

Re: slotmem + balancer

2018-05-09 Thread Stefan Eissing
I can confirm. This solves the problem in my setup. > Am 09.05.2018 um 03:25 schrieb Yann Ylavic : > > On Wed, May 9, 2018 at 1:25 AM, Yann Ylavic wrote: >> I can reproduce with global balancers (10 is your number of vhosts >> presumably, hence with

slotmem + balancer

2018-05-08 Thread Stefan Eissing
r1831192 on trunk. Every time I stop/start my test server, I get a new set of slotmem-shm-p*.sh m files and the log says 10 times: ... [Tue May 08 14:43:12.728333 2018] [proxy_balancer:emerg] [pid 49764:tid 140736151831424] AH01205: slotmem_attach failed There are 10 sets of files. I have 5

Re: slotmem + balancer

2018-05-08 Thread Stefan Eissing
Correction, the log seems to be filling with these entries every 1-2 seconds. The server does not progress further and does not answer to requests. Any idea? > Am 08.05.2018 um 16:50 schrieb Stefan Eissing <stefan.eiss...@greenbytes.de>: > > r1831192 on trunk. Every time I sto

Re: [VOTE] Allow for defect fix releases at httpd

2018-05-17 Thread Stefan Eissing
> Am 17.05.2018 um 15:13 schrieb Eric Covener : > > I tried to collect some bullets here: > https://wiki.apache.org/httpd/ReleaseStrategyProposal > > If anyone else has priorities/problems/proposals/refinements please have a > look. Thanks for putting in the effort. With

https vhosts

2018-05-24 Thread Stefan Eissing
Do we have a configuration option to allow https://hostname/ only to matching vhosts without any default fallback? Scenario: - a site with vhost A and B - vhost B is taken out, DNS still points there (for a while) - browsers opening https://B/ will get the certificate of A and complain I do

Re: https vhosts

2018-05-25 Thread Stefan Eissing
> Am 24.05.2018 um 14:22 schrieb Yann Ylavic : > > On Thu, May 24, 2018 at 2:09 PM, Eric Covener wrote: >> >> Thinking about base server and how scanners report it the "vulnerability"... >> >> AllowUnmatchedHost[name]? >> RejectUnknownHost[name]? > >

Re: https vhosts

2018-05-24 Thread Stefan Eissing
> Am 24.05.2018 um 14:07 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Thu, May 24, 2018 at 1:57 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >>> Am 24.05.2018 um 13:51 schrieb Yann Ylavic <ylavic@gmail.com>: >>>

Re: https vhosts

2018-05-24 Thread Stefan Eissing
> Am 24.05.2018 um 13:28 schrieb Eric Covener <cove...@gmail.com>: > > On Thu, May 24, 2018 at 7:23 AM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> Do we have a configuration option to allow https://hostname/ only to >> matching

Re: https vhosts

2018-05-24 Thread Stefan Eissing
gt; Comment inline. > > Am 24.05.2018 um 13:34 schrieb Stefan Eissing: >> So, we are lacking an option here to abort SSL connections without a vhost >> match, it seems. Something like >> >> SSLStrictSNIVHostCheck require-match > > No this will not solve the probl

Re: https vhosts

2018-05-24 Thread Stefan Eissing
l thread model, rest assured). -Stefan > Am 24.05.2018 um 13:50 schrieb Barry Pollard <barry_poll...@hotmail.com>: > > > >> On 24 May 2018, at 12:44, Eric Covener <cove...@gmail.com> wrote: >> >> On Thu, May 24, 2018 at 7:34 AM, Stefan Eissing >>

Re: https vhosts

2018-05-24 Thread Stefan Eissing
> Am 24.05.2018 um 13:51 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Thu, May 24, 2018 at 1:44 PM, Eric Covener <cove...@gmail.com> wrote: >> On Thu, May 24, 2018 at 7:34 AM, Stefan Eissing >> <stefan.eiss...@greenbytes.de> wrote: >>>

Re: slotmem + balancer

2018-05-22 Thread Stefan Eissing
Yann, thanks for your perseverance on this. Could you, just as a rough description, list which test cases would have prevented the bugs? Maybe someone would feel like implementing them (or in case of a future code change there, could at least manually find some instructions on what to test in the

Re: slotmem + balancer

2018-05-22 Thread Stefan Eissing
> Am 22.05.2018 um 10:16 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Tue, May 22, 2018 at 10:06 AM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >> Could you, just as a rough description, list which >> test cases would have preve

Re: SSLPolicy code questions/backport review

2018-06-06 Thread Stefan Eissing
Since parts of the changes in mod_ssl for SSLPolicy have now been affected by changes for TLSv1.3 and there has not been real interest in backporting SSLPolicy this year anyway, I withdraw the proposal. The TLSv1.3 changes are not fit for backport since I was unable to verify that my fixes to

Re: svn commit: r1805182 - in /httpd/httpd/trunk: CHANGES docs/conf/extra/httpd-ssl.conf.in docs/manual/mod/mod_ssl.xml modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_ini

2018-05-30 Thread Stefan Eissing
> Am 29.05.2018 um 23:54 schrieb Yann Ylavic : > > On Wed, Aug 16, 2017 at 2:22 PM, wrote: >> Author: icing >> Date: Wed Aug 16 12:22:28 2017 >> New Revision: 1805182 >> >> URL: http://svn.apache.org/viewvc?rev=1805182=rev >> Log: >> On the trunk: >> >> mod_ssl: adding SSLPolicy and

Re: mod_http2 1.10.20 in current branches differs from GIT

2018-06-04 Thread Stefan Eissing
I was not reading my mail in the last days, but you happily opened a github issue for this since I did not answer your question for 24 hours. That is good thinking. I hope I answered the ticket to your satisfaction. I also pushed the changes from Apache subversion to github that had not arrived

Re: mod_http2 1.10.20 in current branches differs from GIT

2018-06-04 Thread Stefan Eissing
You see correctly. > Am 04.06.2018 um 11:13 schrieb Steffen : > > After the push from svn to github: > > I see that version svn is 1.10.20 and github 1.10.21-git > > > On Monday 04/06/2018 at 10:37, Stefan Eissing wrote: >> I was not reading my mail in

Re: SSLPolicy code questions/backport review

2018-06-04 Thread Stefan Eissing
Thanks for the review! I will take this and clean up the code, mod_ssl certainly deserves it. > Am 23.05.2018 um 09:51 schrieb Joe Orton : > > Easier to do here than dump in STATUS; looking at reviewing the 2.4.x > backport: > >

Re: Brigade memory lifetime & leaks

2018-06-05 Thread Stefan Eissing
> Am 05.06.2018 um 10:46 schrieb Joe Orton : > > In 2.4's http_request.c there are two places doing: > >bb = apr_brigade_create(c->pool, c->bucket_alloc); > > to handle sending a FLUSH between requests and an EOR bucket which both > can't be done off r->pool. Because the brigade

Re: Brigade memory lifetime & leaks

2018-06-05 Thread Stefan Eissing
> Am 05.06.2018 um 13:50 schrieb Yann Ylavic : > > On Tue, Jun 5, 2018 at 1:26 PM, Stefan Eissing > wrote: >> >>> Am 05.06.2018 um 10:46 schrieb Joe Orton : >>> >>> Another choice is to allocate the brigade structure using the bucket &

Re: Brigade memory lifetime & leaks

2018-06-05 Thread Stefan Eissing
+1 > Am 05.06.2018 um 14:07 schrieb Plüm, Rüdiger, Vodafone Group > : > > > >> -Ursprüngliche Nachricht- >> Von: Stefan Eissing >> Gesendet: Dienstag, 5. Juni 2018 13:27 >> An: dev@httpd.apache.org >> Cc: d...@apr.apache.org &g

Re: svn commit: r1834671 - in /httpd/httpd/branches/2.4.x: CHANGES docs/manual/mod/mod_md.xml modules/md/md_crypt.c modules/md/md_json.c modules/md/md_version.h modules/md/mod_md.c modules/md/mod_md_c

2018-07-02 Thread Stefan Eissing
I thought experimental == CTR, but if this is separate then I‘ll go through the votes. Just let me know what you prefer. > Am 29.06.2018 um 21:31 schrieb Christophe Jaillet > : > >> Le 29/06/2018 à 13:53, ic...@apache.org a écrit : >> Author: icing >> Date: Fri Jun 29 11:53:50 2018 >> New

Re: time for 2.4.34?

2018-05-02 Thread Stefan Eissing
+1. Some h2 issues accumulated, just got confirmation on the keepalive fix and will propose for backport today. Nothing else in the pipe from me. > Am 01.05.2018 um 23:15 schrieb Jim Jagielski : > > Considering that we have some regressions in .33 which > will soon be fixed

http2 connection keepalive broken

2018-04-30 Thread Stefan Eissing
Yann, with the change http://svn.apache.org/r1819214 the keepalive handling in HTTP/2 was broken, as reported here https://github.com/icing/mod_h2/issues/160 If the mpm_event connection state handling is not suitable to honoring a keepalive setting, we need to fix this. Keeping idle

Re: http2 connection keepalive broken

2018-04-30 Thread Stefan Eissing
> Am 30.04.2018 um 12:15 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Mon, Apr 30, 2018 at 12:06 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >>> Am 30.04.2018 um 12:00 schrieb Yann Ylavic <ylavic@gmail.com>

Re: http2 connection keepalive broken

2018-04-30 Thread Stefan Eissing
> Am 30.04.2018 um 12:00 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Mon, Apr 30, 2018 at 9:28 AM, Stefan Eissing <stefan.eiss...@greenbytes.de >> wrote: >> >> with the change http://svn.apache.org/r1819214 the keepalive handling >> in HTTP/2

Re: Revisiting odd test framework servername behaviors

2017-10-19 Thread Stefan Eissing
I can see the failures when I pass in a t/TEST -servername localhost.localdomain as --- t/modules/access.t(Wstat: 0 Tests: 408 Failed: 31) Failed tests: 4, 20-21, 24, 26, 28, 30, 38, 55, 72, 89 106-107, 123-124, 141, 154, 168, 170, 175

Re: SSLProxy* in section

2017-10-23 Thread Stefan Eissing
> Am 23.10.2017 um 16:25 schrieb Yann Ylavic <ylavic@gmail.com>: > > Hi Stefan, > > On Mon, Oct 23, 2017 at 2:42 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >> Can you give me a sign if this will arrive soonish or need to be s

Re: SSLSrvConfigRec shared

2017-12-22 Thread Stefan Eissing
> Am 22.12.2017 um 23:31 schrieb Nick Kew : > > On Thu, 21 Sep 2017 08:11:17 -0400 > Eric Covener wrote: > >> IIUC it should be safe to extend module_struct with a minor bump to >> add 'int flags' to the bottom, but when you check the value you'd need >> to

Re: svn commit: r1818960 - /httpd/httpd/trunk/server/mpm/event/event.c

2017-12-24 Thread Stefan Eissing
That one works nicely in the test and load setups! +1 > Am 23.12.2017 um 17:37 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Fri, Dec 22, 2017 at 6:14 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >> The changes in h2_h2.c and h2_sw

Re: SSLSrvConfigRec shared

2017-12-23 Thread Stefan Eissing
> Am 23.12.2017 um 12:34 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Sat, Dec 23, 2017 at 9:00 AM, Nick Kew <n...@apache.org> wrote: >> On Sat, 2017-12-23 at 08:20 +0100, Stefan Eissing wrote: >> >>>> Ugh. Fine for trunk, but that's a lot o

Re: svn commit: r1820579 - /httpd/httpd/branches/2.4.x-mod_md/modules/ssl/ssl_engine_init.c

2018-01-08 Thread Stefan Eissing
> Am 08.01.2018 um 18:24 schrieb Yann Ylavic : > > On Mon, Jan 8, 2018 at 5:09 PM, ste...@eissing.org wrote: >> That what Yann adds, he will taketh away again. And all will be right. That >> is the way of things. It is known. > > I'm not sure to have

Re: Align worker's worker's fdqueue with event's?

2018-01-11 Thread Stefan Eissing
> Am 11.01.2018 um 13:02 schrieb Yann Ylavic : > > Hi, > > there a several optimizations and correctness fixes in event/fdqueue.c > that don't land in worker/fdqueue.c. > > The patch would look like the attached. > It also include some cosmectic changes in event (mainly

Re: svn commit: r1819969 - /httpd/httpd/trunk/modules/filters/mod_proxy_html.c

2018-01-11 Thread Stefan Eissing
You are right. The continue catches that case. Nice work! > Am 11.01.2018 um 11:18 schrieb Yann Ylavic : > > On Thu, Jan 11, 2018 at 10:55 AM, ste...@eissing.org > wrote: >> Hmm...lines 952+: if the first data bucket has length 0, will the >> parser

Re: svn commit: r1819217 - /httpd/httpd/branches/2.4.x/STATUS

2018-01-03 Thread Stefan Eissing
> Am 02.01.2018 um 18:54 schrieb Luca Toscano : > > > > 2017-12-24 13:18 GMT+01:00 : > Author: ylavic > Date: Sun Dec 24 12:18:57 2017 > New Revision: 1819217 > > URL: http://svn.apache.org/viewvc?rev=1819217=rev > Log: > Propose backport for PR

Re: Time for 2.4.30? (Was: Re: 2.4.x STATUS needs you!)

2018-01-04 Thread Stefan Eissing
+1 of course > Am 04.01.2018 um 13:43 schrieb Jim Jagielski : > > As we get settled into the new year, it seems a good time > to think about a 2.4.30 release in the coming week or > so. Lots of good stuff currently in 2.4.30-dev and even > more good stuff in STATUS awaiting a

signals for workers

2018-01-17 Thread Stefan Eissing
Hej Yann, could you briefly scan https://bz.apache.org/bugzilla/show_bug.cgi?id=62009 and let me know if the proposed workaround sounds reasonable? It sounds correct that h2 workers should mask these signals so that mpm threads can handle them properly. Thanks, Stefan

Re: svn commit: r1807709 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_ssl.xml modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_init.c modules/ssl/ssl_private.h

2018-01-22 Thread Stefan Eissing
;> @@ -1,6 +1,9 @@ >> -*- coding: utf-8 >> -*- >> Changes with Apache 2.5.0 >> + *) mod_ssl: Adding option to set a list of addr:port specs, as used in >> VirtualHosts >> + to enable SS

Re: can we haz backports?

2018-01-17 Thread Stefan Eissing
> Am 17.01.2018 um 10:45 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Wed, Jan 17, 2018 at 10:30 AM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >>> Am 16.01.2018 um 21:26 schrieb William A Rowe Jr <wr...@rowe-clan.net>:

Re: Status and vote mod_md

2018-01-13 Thread Stefan Eissing
Thanks a lot for the votes and the other backport merges! Will do the merge of mod_md tomorrow most likely. Cheers, Stefan > Am 13.01.2018 um 17:08 schrieb Yann Ylavic : > > On Sat, Jan 13, 2018 at 3:18 PM, Steffen wrote:> >> Tested today 1.1.8

can we haz backports?

2018-01-12 Thread Stefan Eissing
Team, the frequency that people keep on asking me when ACME support in Apache will be released is going up. For this to happen, two backports need 1(!) more vote: 1. core/mod_ssl: Add new flag int to module struct. existing votes: icing, ylavic 2. mod_md: backport of ACME (Let's Encrypt)

Re: can we haz backports?

2018-01-12 Thread Stefan Eissing
> Am 12.01.2018 um 13:07 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Fri, Jan 12, 2018 at 12:14 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >> Is anyone planning to review this in the next days? > > I plan to do so, is ther

Re: can we haz backports?

2018-01-12 Thread Stefan Eissing
wal/signup to continue working. If you want to improve any Apache functionality, provide code changes or, at least, constructive feedback. You are not here to sit on the fence and snipe at people's work. -Stefan > Op 12 jan. 2018 om 12:14 heeft Stefan Eissing <stefan.eiss...@greenbyt

event.c not building in some configurations

2018-01-24 Thread Stefan Eissing
Hi Yann, there seem to be some loopholes in our ever so flexible server configuration. If I configure the server with some minimal static setup for fuzzing, such as ./configure --prefix=/home/sei/projects/httpd/h2fuzz/gen/apache --enable-nghttp2-staticlib-deps

Re: event.c not building in some configurations

2018-01-24 Thread Stefan Eissing
> Am 24.01.2018 um 17:26 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Wed, Jan 24, 2018 at 5:21 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >> Hmm, I have not really crawled down that rabbit hole in our build system. >

Re: New ServerUID directive

2018-02-02 Thread Stefan Eissing
> Am 02.02.2018 um 15:42 schrieb Yann Ylavic : > > On Fri, Feb 2, 2018 at 3:25 PM, Plüm, Rüdiger, Vodafone Group > wrote:> >> >>> -Ursprüngliche Nachricht- Von: Jim Jagielski >>> [mailto:j...@jagunet.com] Gesendet: Freitag, 2. Februar

Re: New ServerUID directive

2018-02-02 Thread Stefan Eissing
> Am 02.02.2018 um 15:25 schrieb Plüm, Rüdiger, Vodafone Group > : > > > >> -Ursprüngliche Nachricht- >> Von: Jim Jagielski [mailto:j...@jagunet.com] >> Gesendet: Freitag, 2. Februar 2018 15:15 >> An: httpd >> Betreff: Re: New

Re: New ServerUID directive

2018-02-02 Thread Stefan Eissing
> Am 02.02.2018 um 15:50 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Fri, Feb 2, 2018 at 3:44 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >> >>> Am 02.02.2018 um 15:42 schrieb Yann Ylavic <ylavic@gmail.com>: >

Re: svn commit: r1807709 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_ssl.xml modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_init.c modules/ssl/ssl_private.h

2018-02-01 Thread Stefan Eissing
Should be fixed with r1822872. Sorry it took so long. > Am 22.01.2018 um 18:50 schrieb Gregg Smith <g...@gknw.net>: > > Stefan, > > Yes, that and vhost.c would. > > > Gregg > > On 1/22/2018 12:29 AM, Stefan Eissing wrote: >> Gregg, >> that'd me

Re: svn commit: r1822849 - /httpd/httpd/trunk/modules/proxy/proxy_util.c

2018-02-01 Thread Stefan Eissing
You beat me to it. Well done! :-) -Stefan > Am 01.02.2018 um 15:43 schrieb Yann Ylavic : > > On Thu, Feb 1, 2018 at 9:52 AM, Plüm, Rüdiger, Vodafone Group > wrote: >> >>> -Ursprüngliche Nachricht- >>> Von: Yann Ylavic

Re: New ServerUID directive

2018-02-02 Thread Stefan Eissing
> Am 02.02.2018 um 16:43 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Fri, Feb 2, 2018 at 4:28 PM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> >>> Am 02.02.2018 um 15:50 schrieb Yann Ylavic <ylavic@gmail.com>: >>>

Re: svn commit: r1822878 - in /httpd/httpd/trunk/modules: http2/h2_config.c http2/h2_config.h http2/h2_conn.c http2/mod_http2.c http2/mod_http2.h proxy/config.m4 proxy/proxy_util.c

2018-02-01 Thread Stefan Eissing
> Am 01.02.2018 um 16:23 schrieb Yann Ylavic <ylavic@gmail.com>: > > On Thu, Feb 1, 2018 at 4:21 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> On Thu, Feb 1, 2018 at 4:15 PM, Stefan Eissing >>> >>> Maybe I am confused, but I see the max at &g

Re: svn commit: r1822878 - in /httpd/httpd/trunk/modules: http2/h2_config.c http2/h2_config.h http2/h2_conn.c http2/mod_http2.c http2/mod_http2.h proxy/config.m4 proxy/proxy_util.c

2018-02-01 Thread Stefan Eissing
> Am 01.02.2018 um 16:11 schrieb Yann Ylavic : > > On Thu, Feb 1, 2018 at 3:58 PM, ste...@eissing.org wrote: >> Hmm... >> >>> Am 01.02.2018 um 15:42 schrieb yla...@apache.org: >>> >>> +/* >>> + * When mod_http2 is loaded we might have

Re: New ServerUID directive

2018-02-04 Thread Stefan Eissing
> Am 03.02.2018 um 02:05 schrieb Yann Ylavic : > > On Fri, Feb 2, 2018 at 5:52 PM, Jim Jagielski wrote: >> But we already have a unique ID in the form of >> the actual server struct itself, which contains >> all the data required to make a vhost "unique"

The Case for Managed Domains

2018-02-04 Thread Stefan Eissing
(Apart from my direct comments in my previous reply in the ServerUID discussion, I offer a little essay about my motivation in this topic for the interested, as it is related to the mod_md design I did. It is long. Please feel free to ignore it.) When thinking about adding ACME support to

Re: New ServerUID directive

2018-02-05 Thread Stefan Eissing
> Am 04.02.2018 um 15:32 schrieb Jim Jagielski : > > > >> On Feb 2, 2018, at 8:05 PM, Yann Ylavic wrote: >> >> That's a new directive too, very specialized (though it's your point). >> Wouldn't it end up being declined to other modules one day or the

Re: The Case for Managed Domains

2018-02-09 Thread Stefan Eissing
aring the same tls config. > > What this doesn't solve is a many:many mapping. I haven't come up with a good > answer to that puzzle without resorting to includes and macros, etc. > > > > On Feb 4, 2018 05:51, "Stefan Eissing" <stefan.eiss...@greenbytes.de> wrote: &g

Re: New ServerUID directive

2018-02-06 Thread Stefan Eissing
> Am 06.02.2018 um 11:45 schrieb Helmut K. C. Tessarek : > > On 2018-02-06 05:13, Yann Ylavic wrote: >> Sorry for what is probably (my) bad english, "fixed" meant "the same >> after restart (or stop/start)". > > Right, but isn't the virtual host's server name/port config

<    4   5   6   7   8   9   10   11   12   >