Re: MOD_PROXY and POST requests

Dear Ronen, I found your post while searching for an asnwer, I see your post is dated 2006, is the problem still exists.. regards Mark Ronen Yaari-2 wrote: > > > > All, > > > > I am using Apache 2.2.3 on Windows XP. I configured the mod_proxy to > forward requests to my application serv

Re: Using mod_fcgid without matching files (virtual)

On Fri, Sep 11, 2009 at 5:19 PM, Rainer Jung wrote: > On 12.09.2009 01:44, Rainer Jung wrote: >> On 11.09.2009 23:40, William A. Rowe, Jr. wrote: >>> Rainer Jung wrote: In r814006 and r814017 I added a feature similar to Action ... virtual in CGI to mod_fcgi: By default it is o

Re: Using mod_fcgid without matching files (virtual)

On 12.09.2009 01:44, Rainer Jung wrote: > On 11.09.2009 23:40, William A. Rowe, Jr. wrote: >> Rainer Jung wrote: >>> In r814006 and r814017 I added a feature similar to Action ... virtual >>> in CGI to mod_fcgi: >>> >>> By default it is off, but it allows to use FCGI processes in combination >>> wi

Re: svn commit: r814048 - /httpd/httpd/trunk/modules/http/http_protocol.c

Ruediger Pluem wrote: > On 09/11/2009 11:55 PM, wr...@apache.org wrote: >> Author: wrowe >> Date: Fri Sep 11 21:55:46 2009 >> New Revision: 814048 >> >> URL: http://svn.apache.org/viewvc?rev=814048&view=rev >> Log: >> Catch the somewhat absurd combination of a 417 error where no Expect header >> w

Re: Using mod_fcgid without matching files (virtual)

On 11.09.2009 23:40, William A. Rowe, Jr. wrote: > Rainer Jung wrote: >> In r814006 and r814017 I added a feature similar to Action ... virtual >> in CGI to mod_fcgi: >> >> By default it is off, but it allows to use FCGI processes in combination >> with purely virtual URLs, i.e. URLs not pointing t

Re: svn commit: r814048 - /httpd/httpd/trunk/modules/http/http_protocol.c

On 09/12/2009 12:13 AM, William A. Rowe, Jr. wrote: > William A. Rowe, Jr. wrote: >> Ruediger Pluem wrote: >>> Hm. Does it make sense to squeeze in the contents of the error-notes >>> between s1 >>> and "Only the 100-continue expectation is supported.\n"? >>> Why not just return apr_pstrcat(p, s

Re: svn commit: r814048 - /httpd/httpd/trunk/modules/http/http_protocol.c

On 09/12/2009 12:09 AM, William A. Rowe, Jr. wrote: > Ruediger Pluem wrote: >> On 09/11/2009 11:55 PM, wr...@apache.org wrote: >>> Author: wrowe >>> Date: Fri Sep 11 21:55:46 2009 >>> New Revision: 814048 >>> >>> URL: http://svn.apache.org/viewvc?rev=814048&view=rev >>> Log: >>> Catch the somewha

Re: svn commit: r814048 - /httpd/httpd/trunk/modules/http/http_protocol.c

William A. Rowe, Jr. wrote: > Ruediger Pluem wrote: >> Hm. Does it make sense to squeeze in the contents of the error-notes between >> s1 >> and "Only the 100-continue expectation is supported.\n"? >> Why not just return apr_pstrcat(p, s1, "Only the 100-continue expectation >> is supported.\n", N

Re: svn commit: r814048 - /httpd/httpd/trunk/modules/http/http_protocol.c

Ruediger Pluem wrote: > > On 09/11/2009 11:55 PM, wr...@apache.org wrote: >> Author: wrowe >> Date: Fri Sep 11 21:55:46 2009 >> New Revision: 814048 >> >> URL: http://svn.apache.org/viewvc?rev=814048&view=rev >> Log: >> Catch the somewhat absurd combination of a 417 error where no Expect header >>

Re: svn commit: r814048 - /httpd/httpd/trunk/modules/http/http_protocol.c

On 09/11/2009 11:55 PM, wr...@apache.org wrote: > Author: wrowe > Date: Fri Sep 11 21:55:46 2009 > New Revision: 814048 > > URL: http://svn.apache.org/viewvc?rev=814048&view=rev > Log: > Catch the somewhat absurd combination of a 417 error where no Expect header > was present. > > Modified: >

Re: Time for 2.3.3 alpha?

Jim Jagielski wrote: > > > Subj says it all... As a quick check to see where we are, so we > can determine where we need to go, is now a good time to release > a 2.3.3 alpha? I think that would be a terrific idea :) Presuming that you are happy to revert the open vetoes of your commits first?

Re: svn commit: r795451 - /httpd/httpd/branches/2.2.x/STATUS

*Rich*, Nick Kew wrote: > William A. Rowe, Jr. wrote: >> Nick... >> >> should we discuss an alternate name? Or should I simply revert the patch >> vetoed on trunk? > > I'm easy on the name. > > Let's ping DrBacchus - this was his feature request :-) > >> Can we compromise on the name NotFoundH

Re: Using mod_fcgid without matching files (virtual)

Rainer Jung wrote: > In r814006 and r814017 I added a feature similar to Action ... virtual > in CGI to mod_fcgi: > > By default it is off, but it allows to use FCGI processes in combination > with purely virtual URLs, i.e. URLs not pointing to physical files on > the server. > > The most basic F

Re: Build docs for mod_fcgid

Rainer Jung wrote: > After adding something to a docs xml file for mod_fcgid I wanted to > update the html transform. > > I guess the build system for the html docs is not yet in place, so I > copied the full docs/manual/build and docs/manual/style in from trunk > and ran build.sh. That's the tic

Re: CVE-2009-3094, CVE-2009-3095: mod_proxy_ftp issues

On Fri, Sep 11, 2009 at 10:51:11PM +0200, Ruediger Pluem wrote: > On 09/11/2009 04:52 PM, Joe Orton wrote: > > On Thu, Sep 10, 2009 at 07:02:01PM +0200, Stefan Fritsch wrote: > >> The (untested) patch below should fix CVE-2009-3094. For CVE-2009-3095 > >> there is only little information. But look

Re: CVE-2009-3094, CVE-2009-3095: mod_proxy_ftp issues

On 09/11/2009 04:52 PM, Joe Orton wrote: > On Thu, Sep 10, 2009 at 07:02:01PM +0200, Stefan Fritsch wrote: >> The (untested) patch below should fix CVE-2009-3094. For CVE-2009-3095 >> there is only little information. But looking at the code, it seems >> the username and password sent by the br

Using mod_fcgid without matching files (virtual)

In r814006 and r814017 I added a feature similar to Action ... virtual in CGI to mod_fcgi: By default it is off, but it allows to use FCGI processes in combination with purely virtual URLs, i.e. URLs not pointing to physical files on the server. The most basic FCGI configurations simply run the f

Re: Build docs for mod_fcgid

On 11.09.2009 22:21, Jeff Trawick wrote: > On Fri, Sep 11, 2009 at 3:36 PM, Rainer Jung > wrote: > > After adding something to a docs xml file for mod_fcgid I wanted to > update the html transform. > > > See README-FCGID which addresses that. > > (make g

Re: Build docs for mod_fcgid

On Fri, Sep 11, 2009 at 3:36 PM, Rainer Jung wrote: > After adding something to a docs xml file for mod_fcgid I wanted to > update the html transform. > See README-FCGID which addresses that. (make generate-docs or something like that)

Build docs for mod_fcgid

After adding something to a docs xml file for mod_fcgid I wanted to update the html transform. I guess the build system for the html docs is not yet in place, so I copied the full docs/manual/build and docs/manual/style in from trunk and ran build.sh. What's the best way to handle this? Should we

Re: [VOTE] release httpd mod_fcgid-2.3.1?

On 10.09.2009 03:51, William A. Rowe, Jr. wrote: > William A. Rowe, Jr. wrote: >> Rainer Jung wrote: >>> Signing good, hash files are in a format at least my md5sum and sha1sum >>> do not understand how to check. >> >> Can anyone point out what I'm doing wrong with 'gpg --print-md md5'? Am I >> mi

Re: AW: OCSP stapling in mod_ssl - use as OCSP cache for client authentication

Natanael Mignon - michael-wessel.de wrote: >> -Ursprüngliche Nachricht- >> Von: Dr Stephen Henson [mailto:shen...@oss-institute.org] >> >> If that's correct then you could reuse some of the OCSP response query >> and >> caching code in the stapling patch. It implements similar >> functional

Re: CVE-2009-3094, CVE-2009-3095: mod_proxy_ftp issues

On Thu, Sep 10, 2009 at 07:02:01PM +0200, Stefan Fritsch wrote: > The (untested) patch below should fix CVE-2009-3094. For CVE-2009-3095 > there is only little information. But looking at the code, it seems > the username and password sent by the browser are sent to the ftp > server without sani

Re: CVE-2009-3094, CVE-2009-3095: mod_proxy_ftp issues

On Thu, Sep 10, 2009 at 07:02:01PM +0200, Stefan Fritsch wrote: > in case you haven't noticed yet, some new mod_proxy_ftp issues have > been reported: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 > > The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the > mod_

Re: [VOTE] release httpd mod_fcgid-2.3.1?

On Tue, Sep 8, 2009 at 7:48 PM, William A. Rowe, Jr. wrote: > mod_fcgid freinds; > > Please fetch up the newly minted mod_fcgid-2.3.1.tar.gz (or bz2) > or the win32 suitable package mod_fcgid-2.3.1-crlf.zip from: > > http://httpd.apache.org/dev/dist/mod_fcgid/ > > review, take it for a spin, and

AW: OCSP stapling in mod_ssl - use as OCSP cache for client authentication

> -Ursprüngliche Nachricht- > Von: Dr Stephen Henson [mailto:shen...@oss-institute.org] > Gesendet: Freitag, 11. September 2009 11:46 > An: dev@httpd.apache.org > Betreff: Re: OCSP stapling in mod_ssl - use as OCSP cache for client > authentication > > Now to the actual query, if I under

Re: OCSP stapling in mod_ssl - use as OCSP cache for client authentication

Natanael Mignon - michael-wessel.de wrote: > Hello Steve, dear list, > > inspired by https://issues.apache.org/bugzilla/show_bug.cgi?id=43822 (OCSP > stapling support for mod_ssl) I dare asking, if this patch might solve a > requirement we face at the moment: > > We do client authentication with

OCSP stapling in mod_ssl - use as OCSP cache for client authentication

Hello Steve, dear list, inspired by https://issues.apache.org/bugzilla/show_bug.cgi?id=43822 (OCSP stapling support for mod_ssl) I dare asking, if this patch might solve a requirement we face at the moment: We do client authentication with certificates in Apache/mod_ssl (working as SSL-reverse

Re: [VOTE] release httpd mod_fcgid-2.3.1?

From the Windows Peanut Gallery, [ ] +1 to release as 2.3.1-beta [X] +1 to release as 2.3.1-GA Builds great (good Win32 build instructions), module loads quietly, works wonderfully with existing config and shaves an average of two seconds off a simple and straightforward "chew on this fo