Re: Fuzzing integration with oss-fuzz

Years ago I started hacking on an "mpm fuzz": https://github.com/pquerna/httpd/compare/trunk...pquerna:mpm_fuzz The idea was to make a "fake" MPM, which could feed data from AFL directly into the network filter stack, in a super efficient way. I don't know if it is really a great idea, since TLS

Re: [VOTE] Allow for defect fix releases at httpd

FTR I support moving to this versioning model. I tend to think the best way to accomplish it, is to "just start doing it". Tag 2.6.0. Then tag 2.7.0 when there are new features, etc. Of course, our versioning docs don't support this model, but the docs are a reflection of reality 15 years ago m

Re: A proposal...

On Mon, Apr 23, 2018 at 11:17 AM, Christophe Jaillet wrote: > Le 23/04/2018 à 16:00, Jim Jagielski a écrit : >> >> It seems that, IMO, if there was not so much concern about "regressions" >> in releases, this whole revisit-versioning debate would not have come up. >> This implies, to me at least,

Re: Start using RCs

On Mon, Apr 23, 2018 at 10:10 AM, Micha Lenk wrote: > On 04/23/2018 06:33 PM, William A Rowe Jr wrote: >> >> On Mon, Apr 23, 2018 at 11:12 AM, Micha Lenk wrote: >>> >>> On Fri, Apr 20, 2018 at 08:54:09AM -0400, Jim Jagielski wrote: We have a history, as well as a published "agreement" o

new module: mod_log_json

Morning dev@, I just committed mod_log_json to trunk in r1829898. Right now, to use it you need something like this: LogFormat "%^JS" json CustomLog "logs/access_log.json" json Currently it has a static format of the JSON, and example message is like this: { "log_id": null, "vhost"

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

I believe having more minor releases and less major backports to patch releases is a good thing. I believe we gave the even/odd, 2.1/2.3 "unstable", thing a long run. About 15 years of it. Since then the wider open source world has gone to a more canonical semver. I think we should generally ali

Re: Serf support in trunk

what the serf support adds to httpd, it seems mostly > some "SerfCluster" feature for mod_proxy. There's no docs and some comments > in the code indicate the impl is not complete. SVN logs point to the same > direction. > > Paul Querna wrote in his 2009 svn commit log

Too many knobs

Saw this today, and noticed they used httpd as one of the projects they collected data about: http://neverworkintheory.org/2016/06/09/too-many-knobs.html http://cseweb.ucsd.edu/~tixu/papers/fse15.pdf Hard to make a quick conclusion, but I do believe in the general statement of enumerations > nume

Re: TLS session ticket key (shared) renewal

On Tue, Mar 22, 2016 at 3:32 PM, Yann Ylavic wrote: > On Tue, Mar 22, 2016 at 4:18 PM, Paul Querna wrote: > > My thought was to add support for either multiple files, or multiple > values > > in the existing `SSLSessionTicketKeyFile`. Then add support to decrypt > from

Re: TLS session ticket key (shared) renewal

My thought was to add support for either multiple files, or multiple values in the existing `SSLSessionTicketKeyFile`. Then add support to decrypt from any of the known keys, and have a setting (or the first loaded key) would be used to encrypt all new keys. This would allow for rotation in a rea

Re: XSLT filter for httpd

On Mon, Oct 19, 2015 at 7:54 AM, Nick Kew wrote: > On Mon, 19 Oct 2015 15:39:06 +0200 > Graham Leggett wrote: > >> > Note, mod_transform is GPL. Originally my decision when I released >> > its earlier predecessor, before I was part of the dev@httpd team. >> > I'd be happy to re-license it as Apa

Re: svn commit: r1670397 - in /httpd/httpd/trunk/modules/ssl: mod_ssl.c mod_ssl.h ssl_engine_config.c ssl_engine_io.c ssl_private.h

It seems reasonable to focus on ALPN support, and generally dropping NPN from trunk. NPN is already on a decline, and won't be used going forward. On Thu, Apr 2, 2015 at 12:44 AM, Stefan Eissing wrote: > Any reason to differ from trunk in 2.4? > > The people using spdy already in a 2.4 will most

Re: apr_pollcb

right, libuv[1] is a good example of an IO completion API[2] that works across both epoll/kqueue and IOCP. There have been a couple offhand discussions about libuv on httpd-dev, but no one is clamoring for adoption. APR currently has no such abstraction. pollcb was added to provide a polling API

Re: apr_pollcb

Can you describe "lagging" in more detail? None of the poll related code has a high rate of change (except for the relatively new z/OS backend): https://github.com/apache/apr/tree/trunk/poll/unix Also are you looking specifically on Linux? (epoll backend?) or others On Mon, Mar 9, 2015 at 11:04

Re: What's need for http/2.0?

On Tue, Sep 23, 2014 at 12:45 PM, Jim Jagielski wrote: > APR: > Considering that before we know it, http/2.0 will > be here, and ignoring httpd for the time being, > what features/additions do we see as being needed > to support http/2.0 from an APR library level? How do > we compare w/ libuv, for

Re: What's need for http/2.0?

httpd side: serf to me is the wrong question. http/2.0 in the simplest implementation is just another protocol to httpd. We have the constructs to handle it, kinda. Improvements to async support in various bits will help. However our constructs about requests and connections (and their pools)

Bash CVE-2014-6271 and CGI / HTTPD

http://www.csoonline.com/article/2687265/application-security/remote-exploit-in-bash-cve-2014-6271.html https://news.ycombinator.com/item?id=8361574 I've seen a few mentions of CGI being vulnerable to attacks from this issue. An example from the HN threads: GET / HTTP/1.0 User-Agent: ()

Re: apr_skiplist (current) implementation wrt mpm_event (timers, keepalives?)

- I think it is good to fix this behavior, using only the global keepalive timeout was definitely a choice I (?) made when doing it. - Skiplists seem generally acceptable for storing this data. Alternatively a BTree with in order iteration would be competitive.. but, meh, either will be fine. - I

Re: mod_spdy

Right now it is a beast of C++ code. I'd vote separate repo, take learnings from it as a basis for HTTP/2.0. On Wed, Apr 30, 2014 at 9:51 AM, Jim Jagielski wrote: > I'm thinking... we should likely create a sep mod_spdy > repo (ala http://svn.apache.org/viewvc/httpd/mod_fcgid/) > instead of it b

Re: SSL and NPN

Tend to agree with the other comments, NPN by itself will be deprecated quickly, ALPN is the future. I'd vote for a series of back ports that include both NPN and ALPN together. On Mon, Apr 28, 2014 at 2:50 PM, Jim Jagielski wrote: > Any reason to NOT include > > http://svn.apache.org/vi

Re: breach attack

On Fri, Aug 9, 2013 at 12:11 AM, Ruediger Pluem wrote: > > > Stefan Fritsch wrote: >> Am Dienstag, 6. August 2013, 10:24:15 schrieb Paul Querna: >>> 1) Disabling HTTP compression >>> 2) Separating secrets from user input >>> 3) Randomizing secrets per r

Re: breach attack

d decrypting it later; the Breach attack stuff is about a chosen plaintext attack on compressed response bodies -- afaik they have not overlapping mitigations? But in general, we should rev our defaults in configuration to help with all of the above :) > > On Tuesday 06/08/2013 at 19:24,

Re: breach attack

On Tue, Aug 6, 2013 at 10:32 AM, Eric Covener wrote: > On Tue, Aug 6, 2013 at 1:24 PM, Paul Querna wrote: >> Hiya, >> >> Has anyone given much thought to changes in httpd to help mitigate the >> recently publicized breach attack: >> >> http://breachatta

breach attack

Hiya, Has anyone given much thought to changes in httpd to help mitigate the recently publicized breach attack: http://breachattack.com/ >From an httpd perspective, looking at the mitigations 1) Disabling HTTP compression 2) Separating secrets from user in

Re: [PATCH] systemd socket activation

Committed to trunk in r1511033. On Wed, Jul 24, 2013 at 12:00 AM, Jan Kaluža wrote: > On 07/21/2013 11:14 PM, Paul Querna wrote: >> >> Hiya Y'all, long time no patches :-) >> >> Attached is a patch that would let httpd use systemd's socket >> activat

[PATCH] systemd socket activation

Hiya Y'all, long time no patches :-) Attached is a patch that would let httpd use systemd's socket activation feature: Also online here: It isn't particularl

Re: [PATCH] Make error logging modular

Hello Jan, Is there any reason we shouldn't do this in trunk? The patches and features seem generally correct to me with a cursory review. Thanks, Paul On Mon, May 27, 2013 at 3:23 AM, Jan Kaluža wrote: > Hi, > > last week I was trying to write my own module to log error_log to > systemd-jour

c conf 2012

Heya, A friend of mine is helping organizing the first "C Conf": http://www.cconf.org/ I think it could be a very interesting conference for those of us that still enjoy coding C :-) I think it would be great if we could get a few talks submitted about APR and HTTPD too, two projects with a l

Re: svn commit: r1202255 - /httpd/httpd/trunk/modules/filters/mod_reqtimeout.c

On Wed, Nov 16, 2011 at 2:44 AM, Rainer Jung wrote: > On 15.11.2011 20:57, Jeff Trawick wrote: >> >> On Tue, Nov 15, 2011 at 2:32 PM, William A. Rowe Jr. >>  wrote: >>> >>> On 11/15/2011 12:33 PM, Stefan Fritsch wrote: >>>> >>>> On

Re: svn commit: r1202257 - in /httpd/httpd/trunk/server/mpm/event: config3.m4 equeue.c equeue.h event.c

On Wed, Nov 16, 2011 at 1:20 AM, Rüdiger Plüm wrote: > > > Original-Nachricht > Betreff: svn commit: r1202257 - in /httpd/httpd/trunk/server/mpm/event: > config3.m4 equeue.c equeue.h event.c > Datum: Tue, 15 Nov 2011 15:51:04 GMT > Von: pque...@apache.org > > Author: pquerna > D

Re: svn commit: r1202255 - /httpd/httpd/trunk/modules/filters/mod_reqtimeout.c

On Tue, Nov 15, 2011 at 9:17 AM, Stefan Fritsch wrote: > On Tue, 15 Nov 2011, pque...@apache.org wrote: > >> Author: pquerna >> Date: Tue Nov 15 15:49:19 2011 >> New Revision: 1202255 >> >> URL: http://svn.apache.org/viewvc?rev=1202255&view=rev >> Log: >> disable mod_reqtimeout if not configured >

Re: svn commit: r1202257 - in /httpd/httpd/trunk/server/mpm/event: config3.m4 equeue.c equeue.h event.c

On Tue, Nov 15, 2011 at 9:25 AM, Rüdiger Plüm wrote: > > > Original-Nachricht > Betreff: svn commit: r1202257 - in /httpd/httpd/trunk/server/mpm/event: > config3.m4 equeue.c equeue.h event.c > Datum: Tue, 15 Nov 2011 15:51:04 GMT > Von: pque...@apache.org > > Author: pquerna > D

Re: svn commit: r1200040 - in /httpd/httpd/trunk: CHANGES modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_init.c modules/ssl/ssl_engine_kernel.c modules/ssl/ssl_private.h

unk/CHANGES [utf-8] (original) >> +++ httpd/httpd/trunk/CHANGES [utf-8] Wed Nov  9 23:37:37 2011 >> @@ -1,6 +1,9 @@ >>                                                           -*- coding: utf-8 >> -*- >>  Changes with Apache 2.3.16 >> >> +  *) mod_ssl: Add support for RFC 5077 TLS Session tick

setting TZ env var

So, I was looking at all the system calls we make in a single request, and comparing it to nginx. We were actually pretty close, baring supporting our features like htaccess, there was only one thing that stood out. Glibc is opening, calling fstat twice, and then reading /etc/localtime for every

Re: timeout queues in event mpm

On Mon, Nov 14, 2011 at 7:47 AM, Greg Ames wrote: > > > On Fri, Nov 11, 2011 at 11:07 PM, Paul Querna wrote: >> >> 4) Have the single Event thread de-queue operations from all the worker >> threads. > > > Since the operations include Add and Remove, are you sa

Re: timeout queues in event mpm

wo. On Fri, Nov 11, 2011 at 8:07 PM, Paul Querna wrote: > hi, > > After r1201149, we now lock for lots of things, where in an ideal > case, we shouldn't need it. > > I'm toying around with ideas on how to eliminate the need for a mutex at all

timeout queues in event mpm

hi, After r1201149, we now lock for lots of things, where in an ideal case, we shouldn't need it. I'm toying around with ideas on how to eliminate the need for a mutex at all. My current 'best' idea I think: 1) Create a new struct, ap_pollset_operation_and_timeout_info_t, which contains a what

Re: [Discuss] [VOTE] Formal deprecation of 2.0.x branch

On Fri, Nov 11, 2011 at 12:34 PM, William A. Rowe Jr. wrote: > On 11/11/2011 1:47 PM, André Malo wrote: >> >> * William A. Rowe Jr. wrote: >> >>> Stealing a plan executed by Colm for 1.3, I'd like to propose that >>> we set a two week window following committers' return-from-ApacheCon >>> to execu

2.3.15: hung worker during gracefu childl shutdown

I noticed in www.apache.org/server-status that there was a worker with a single connection open, all the others had been gracefully closed. However, it'd been in that state for an hour. GDB attached to it, backtrace here: https://gist.github.com/be22714685f1e370f19e No really sure why this wo

Re: svn commit: r1200457 - /httpd/httpd/trunk/modules/apreq/

On Fri, Nov 11, 2011 at 7:36 AM, Stefan Fritsch wrote: > On Thu, 10 Nov 2011, Joe Orton wrote: > >> On Thu, Nov 10, 2011 at 06:28:00PM -0800, Jeff Trawick wrote: >>> >>> * There should have been a discussion on dev@ before promoting a >>> subproject to the main distribution. >>> * Two weeks before

Re: svn commit: r1200612 - in /httpd/httpd/branches/input-filter-dev: include/util_filter.h modules/debugging/mod_dumpio.c modules/filters/mod_reqtimeout.c modules/ssl/ssl_engine_io.c server/core_filt

On Thu, Nov 10, 2011 at 3:35 PM, William A. Rowe Jr. wrote: > On 11/10/2011 4:55 PM, pque...@apache.org wrote: >> >> URL: http://svn.apache.org/viewvc?rev=1200612&view=rev >> Log: >> Remove AP_MODE_INIT, it is a no-op, everywhere > > This was added in order to init ssl connections on protocols whi

rethinking connection input filter API

The input filter API function signature is the following: apr_status_t func( ap_filter_t *f, apr_bucket_brigade *b, ap_input_mode_t mode, apr_read_type_e block, apr_off_t readbytes); Problems: 1) This gives the caller of the API control over weith

Re: svn commit: r1200040 - in /httpd/httpd/trunk: CHANGES modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ssl_engine_init.c modules/ssl/ssl_engine_kernel.c modules/ssl/ssl_private.h

On Thu, Nov 10, 2011 at 12:14 AM, Rüdiger Plüm wrote: > Author: pquerna > Date: Wed Nov 9 23:37:37 2011 > New Revision: 1200040 > > URL: http://svn.apache.org/viewvc?rev=1200040&view=rev > Log: > Add support for RFC 5077 TLS Session tickets. This adds two new directives: > > * SSLTicketKeyF

Re: [PATCH] Support for TLS Session Tickets

On Sun, Oct 2, 2011 at 12:20 AM, Kaspar Brand wrote: > On 30.09.2011 08:08, Paul Querna wrote: >> Attached is a patch >> <http://people.apache.org/~pquerna/tls_session_ticket_support.patch> >>  to add support for setting SSL_CTX_set_tlsext_ticket_keys. >> >>

Re: Who's at the Hackathon?

Also around. On Mon, Nov 7, 2011 at 1:17 PM, Roy T. Fielding wrote: > On Nov 7, 2011, at 9:22 AM, Sander Temme wrote: > >> Folks, >> >> The httpd table now has: >> >> Jeff Trawick >> Jean-Frederic Leclere >> Stefan Fritsch >> Rainer Jung >> and myself >> >> Who else is at the conference?  Anybody

Re: [PATCH] Support for TLS Session Tickets

On Sat, Oct 1, 2011 at 9:48 AM, Stefan Fritsch wrote: > On Fri, 30 Sep 2011, Rainer Jung wrote: >> >> Thanks for the info. That would definitely be a nice feature. Would it >> be safe to use a statically defined key? Only as long as the config file >> is safe? > > As I understand it, knowledge of

Re: [PATCH] Support for TLS Session Tickets

On Fri, Sep 30, 2011 at 12:38 AM, Rainer Jung wrote: > Hi Paul, > > On 30.09.2011 08:08, Paul Querna wrote: >> Hiya, >> >> Attached is a patch >> <http://people.apache.org/~pquerna/tls_session_ticket_support.patch> >>  to add support for setting SSL_CT

[PATCH] Support for TLS Session Tickets

Hiya, Attached is a patch to add support for setting SSL_CTX_set_tlsext_ticket_keys. I have two questions: 1) What is the right ifdef to look for support of this feature? I was just using ifdef SSL_CTX_set_tlsext_ticket_keys

Re: www.apache.org upgraded to 2.3.15-dev-r116760

Oops, that would actually be r1167603, dropped off the last character somewhere. On Sun, Sep 11, 2011 at 12:10 PM, Paul Querna wrote: > Infra has upgraded eos, aka the main webserver for *.apache.org to > 2.3.15-dev-r116760 > > We started with going to 2.3.14-beta, but it was mis

www.apache.org upgraded to 2.3.15-dev-r116760

Infra has upgraded eos, aka the main webserver for *.apache.org to 2.3.15-dev-r116760 We started with going to 2.3.14-beta, but it was missing all the range-header changes, so we decided to pull up to trunk at the current time, which is r116760. We ran into a few small issues in upgrading from 2.

Re: 3.0, the 2011 thread.

2011/6/18 Igor Galić : > > > - Original Message - >> On Friday 17 June 2011, Graham Leggett wrote: >> > We used openssl to make our non blocking event driven stuff work, >> > and it works really well (once you've properly handled >> > SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE). There is

Re: 3.0, the 2011 thread.

2011/6/15 Colm MacCárthaigh : > On Wed, Jun 15, 2011 at 3:01 PM, Paul Querna wrote: >> I think we have all joked on and off about 3.0 for... well about 8 years now. > > At least! > >> I think there are exciting things happening in C however. > > I love C, but unless

Re: 3.0, the 2011 thread.

On Wed, Jun 15, 2011 at 4:33 PM, Graham Leggett wrote: > On 16 Jun 2011, at 12:01 AM, Paul Querna wrote: > >> I think we have all joked on and off about 3.0 for... well about 8 years >> now. >> >> I think we are nearing the point we might actually need to be serious

Re: 3.0, the 2011 thread.

On Wed, Jun 15, 2011 at 3:26 PM, Akins, Brian wrote: > On 6/15/11 6:01 PM, "Paul Querna" wrote: > >> pocore: For base OS portability and memory pooling system. >>   <http://code.google.com/p/pocore/> > > How does this compare to APR? It's like an A

3.0, the 2011 thread.

I think we have all joked on and off about 3.0 for... well about 8 years now. I think we are nearing the point we might actually need to be serious about it. The web is changed. SPDY is coming down the pipe pretty quickly. WebSockets might actually be standardized this year. Two protocols whic

Re: svn commit: r1133582 - in /httpd/httpd/trunk: CHANGES docs/manual/filter.xml docs/manual/mod/mod_data.xml docs/manual/mod/mod_data.xml.meta docs/manual/new_features_2_4.xml modules/filters/config.

On Thu, Jun 9, 2011 at 12:13 AM, wrote: > Author: minfrin > Date: Wed Jun  8 22:13:21 2011 > New Revision: 1133582 > > URL: http://svn.apache.org/viewvc?rev=1133582&view=rev > Log: > mod_data: Introduce a filter to support RFC2397 data URLs. Why is this in the core? The example in the documenta

Re: svn commit: r1070179 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_cache.xml modules/cache/cache_storage.c modules/cache/cache_storage.h modules/cache/mod_cache.c modules/cache/mod_cache.h

On Sun, Feb 13, 2011 at 4:00 PM, Graham Leggett wrote: > On 14 Feb 2011, at 1:56 AM, Paul Querna wrote: > >> Additionally, this should be a configurable behavior. >> >> Lets say you run a popular website that depends on mod_cache to >> protect backend systems from co

Re: svn commit: r1070179 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_cache.xml modules/cache/cache_storage.c modules/cache/cache_storage.h modules/cache/mod_cache.c modules/cache/mod_cache.h

On Sun, Feb 13, 2011 at 5:03 AM, Graham Leggett wrote: > On 13 Feb 2011, at 9:59 AM, Roy T. Fielding wrote: > >>> URL: http://svn.apache.org/viewvc?rev=1070179&view=rev >>> Log: >>> mod_cache: When a request other than GET or HEAD arrives, we must >>> invalidate existing cache entities as per RFC2

Re: mod_cache: disk layout for vary support

On Sun, Oct 10, 2010 at 8:56 AM, Graham Leggett wrote: > Hi all, > > One of the things that needs to be fixed with mod_cache is the support for > caching varying responses. In the current cache, we store it as below, as an > additional directory tree below the original URL's directory tree. This >

Re: Remove and ?

On Sun, Sep 19, 2010 at 8:40 AM, Ruediger Pluem wrote: > > > On 09/19/2010 12:45 AM, Stefan Fritsch wrote: >> This is from https://issues.apache.org/bugzilla/show_bug.cgi?id=49927 >> >> On Saturday 18 September 2010, bugzi...@apache.org wrote: >>> --- Comment #3 from Nick Kew 2010-09-18 >>> 06:38

Re: mod_cache: store_body() bites off more than it can chew

On Thu, Sep 2, 2010 at 10:16 AM, Graham Leggett wrote: > Hi all, > > An issue with mod_cache I would like to address this weekend is the > definition of the store_body() function in the cache implementation > provider: > >    apr_status_t (*store_body)(cache_handle_t *h, request_rec *r, > apr_buck

Re: HTTPD upgraded on eos -> 2.3.8

On Tue, Aug 24, 2010 at 10:59 PM, Ruediger Pluem wrote: > > > On 08/25/2010 02:10 AM, Tony Stevenson wrote: >> On Wed, Aug 25, 2010 at 01:04:01AM +0100, Tony Stevenson wrote: >> >>> Had to comment out an output filter line in the main httpd.conf (line 117) >> >> More specifically had to disable de

Re: [PRERELEASE TARBALLS] httpd-2.3.8

On Tue, Aug 24, 2010 at 3:04 PM, Guenter Knauf wrote: > Hi all, > Am 24.08.2010 18:42, schrieb Jim Jagielski: >> >> The pre-release test tarballs for httpd-2.3.8 (alpha) are >> available for download, test and fun: >> >>        http://httpd.apache.org/dev/dist/ >> >> Will call for a release vote i

Re: trunk "ping" for http proxy

er to the database) > W spends more than a minute and the proxy request times out > > The case of a dead connector things back out rather nicely and its > clearly distinguishable from a bad script. > > -Andy > > On Mon, Aug 16, 2010 at 2:52 PM, Jim Jagielski wrote: >&g

Re: trunk "ping" for http proxy

On Mon, Aug 16, 2010 at 8:30 AM, Jim Jagielski wrote: > > On Aug 16, 2010, at 10:56 AM, Plüm, Rüdiger, VF-Group wrote: >> >> This basicly sums up the downsides of this approach I see as well. >> >> IMHO to avoid a spec violation we can only add the Expect header to >> requests with request bodies.

Re: httpd 2.3.7 as beta?

On Tue, Aug 10, 2010 at 1:01 PM, Jim Jagielski wrote: > Subject for discussion...  Does truck look good enough > for Beta? > > In either case, as alpha or beta, I plan to RM this next week. It has been stable on www.apache.org once we turned off sendfile. There was some discussion about chaging t

Re: [VOTE] Release httpd 2.2.16

Plenty of +1s, one +0.9 and no -1s, so I'll start syncing the files out to the mirror network, and prep the announcement mail for tomorrow. Thanks everyone for voting and testing On Wed, Jul 21, 2010 at 11:45 AM, Paul Querna wrote: > Test tarballs for Apache httpd 2.2.16 are avai

Re: [VOTE] Release httpd 2.2.16

On Wed, Jul 21, 2010 at 11:45 AM, Paul Querna wrote: > Test tarballs for Apache httpd 2.2.16 are available at: >  <http://httpd.apache.org/dev/dist/> > > Your votes please; > >  +/- 1 >  [+1]  Release httpd-2.2.16 > > Vote closes at 02:00 UTC on Saturday July 24

Re: [VOTE] Release httpd 2.2.16

On Thu, Jul 22, 2010 at 12:23 AM, Rainer Jung wrote: > On 22.07.2010 07:46, Ruediger Pluem wrote: >> >> >> On 07/22/2010 06:10 AM, William A. Rowe Jr. wrote: >>> >>> On 7/21/2010 10:09 PM, Rainer Jung wrote: >>>> >>>> On 22.07.2010

Re: [VOTE] Release httpd 2.2.16

Ack-- I could re-tag with libtool 1.x, if we don't want to ship a modified apr-util. I always use an external expat it seems :( Thoughts? On Jul 21, 2010, at 7:42 PM, Rainer Jung wrote: > On 22.07.2010 04:17, Rainer Jung wrote: >> On 21.07.2010 20:45, Paul Querna wrote: >

[VOTE] Release httpd 2.2.16

Test tarballs for Apache httpd 2.2.16 are available at: Your votes please; +/- 1 [ ] Release httpd-2.2.16 Vote closes at 02:00 UTC on Saturday July 24 2010. Thanks, Paul

rolling 2.2.16 tomorrow

Hi, I'll start the tagging + voting on 2.2.16 tomorrow unless everyone starts screaming.. Thanks, Paul

Re: 2.3 upgrade on apache.org

ache.org/msg04928.html> I've started tuning up the FreeBSD sysctls for network buffers etc, but it didn't seem to have a significant effect. We have now disabled Sendfile on apache.org, and the load average dropped from ~80 to 0.35. On Sun, Jul 18, 2010 at 3:08 AM, Paul Querna wrote

2.3 upgrade on apache.org

www.apache.org is now running trunk @ r965127, using the Event MPM on FreeBSD 8.1, on a new x86 box. Previously it was running on Solaris 10, with 2.2.x on sparc t2000s. I have also enabled OCSP stapling on the SSL side: Anyways, I've made a list of the 2.3-ish issues

Re: A 2.3.7 this month?

On Wed, Jul 14, 2010 at 1:53 PM, Sander Temme wrote: > Would OSCON be a good moment to branch 2.4.x?  Or aren't we there yet?  Are > the issues between us and branching in STATUS? I don't think of any big ones, other than just the pain of back porting to another branch from trunk. I believe we a

Re: A 2.3.7 this month?

On Wed, Jul 14, 2010 at 1:51 PM, Jim Jagielski wrote: > On Wed, Jul 14, 2010 at 10:25:25PM +0200, Stefan Fritsch wrote: >> Hi, >> >> what do you think about releasing 2.3.7 in the next 2 weeks, and >> hopefully make it a beta? Are there any open issues that are not in >> STATUS? >> > > I'd be up f

ocsp stapling global mutex

Hi, I was playing with OCSP Stapling in 2.3.6-alpha tonight, and I noticed that in the common case path, we will always lock a global mutex. I don't see why this is needed for the cache hit case that uses non-SHM cache providers. In fact, modssl_dispatch_ocsp_request, which is called on a cache

Re: server-status and privacy

On Tue, Jun 22, 2010 at 6:23 PM, Nicholas Sherlock wrote: > On 22/06/2010 12:40 a.m., Jim Jagielski wrote: >> >> There have been a few reports regarding how server-status "leaks" >> info, mostly about our (the ASF's) open use of server-status and >> how IP addresses are exposed. >> >> I'm thinking

Re: mod_authn_cache

On Wed, Jun 16, 2010 at 3:29 PM, Nick Kew wrote: > I thought we had a mod_authn_cache, but it seems it only exists in the > old 2.1 authn stuff at sourceforge! > > Just thinking about hacking this up, and wondering how best to do it. > Basic shape seems straightforward enough: > > 1.  Make it a pr

Re: C as config

On Jun 4, 2010, at 4:32 PM, "Akins, Brian" wrote: On 6/4/10 7:30 PM, "Paul Querna" wrote: Are you using LuaJIT 2? The performance numbers its putting up seemed very impressive. Yes and meh... bummer. The most iteresting thing in this space since VC

Re: C as config

On Fri, Jun 4, 2010 at 3:21 PM, Akins, Brian wrote: > All of you folks who have to answer user questions, go ahead and ready your > hate mail :) > > I've been playing some with Varnish (long story) and lots of people seem to > like it.  The config "language" (VCL) is just a thin wrapper on top of

Re: What's next for 2.2 and 2.3/trunk?

On Tue, Jun 1, 2010 at 9:08 AM, Jim Jagielski wrote: > Considering that 2.3/trunk is back to limbo-land, I'd like > to propose that we be more "aggressive" is backporting some > items. Even if under experimental, it would be nice if slotmem > and socache were backported. I also like the refactorin

Re: pointer to info on GCD MPM

On Wed, May 12, 2010 at 1:30 PM, Jeff Trawick wrote: > (GCD as in Grand Central Dispatch) > > See http://lists.macosforge.org/pipermail/libdispatch-dev/2010-May/000352.html > I think its pretty cool that it works. I think it might be interesting to include in trunk, though I have no illusions ab

Re: IDE for Apache HTTP server development?

On Fri, Apr 30, 2010 at 6:43 AM, Dan Poirier wrote: > Does anyone have recommendations for an IDE they use for development on > the server?  Preferably that runs on Mac, or else Linux. > > I haven't been a big fan of IDEs, being happy with Emacs for years, but > I've found for Java development, I'

Re: Undocumented core directive: Protocol

On Thu, Feb 25, 2010 at 5:20 AM, Eric Covener wrote: > On Thu, Feb 25, 2010 at 8:03 AM, Dan Poirier wrote: > >> 1) When you use the Protocol directive, which listening ports is it >> applied to? >> >> 2) Why would you choose to use the Protocol directive, instead of adding >> the protocol to the

Re: unsupported compression issue seen in 2.3.5-alpha

On Sun, Feb 14, 2010 at 9:46 AM, Rainer Jung wrote: > On 14.02.2010 17:52, Stefan Fritsch wrote: >> >> On Saturday 13 February 2010, Paul Querna wrote: >>> >>> However, the newest reports have been about multiple browsers, >>> Firefox, Chrome, Safar

unsupported compression issue seen in 2.3.5-alpha

Hi, For www.apache.org (and all TLP websites), we have received increased reports about invalid compression issues. Previously, we have heard about sporadic issues with Firefox only, and these were always resolved by users by clearing their cache, this issue seems to be a good description of it:

Re: clogging filters and async MPMs

On Thu, Feb 4, 2010 at 6:14 AM, Bryan McQuade wrote: > Hi, > I'm reading through the httpd code and I notice that async MPMs will fall > back to sync mode in the presence of clogging input filters (at least I > think I've got that right). > I understand that mod_ssl is a clogging filter. Yep > Wh

Apache HTTP Server 2.3.5-alpha Released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Apache HTTP Server 2.3.5-alpha Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.3.5-alpha of the Apache HTTP Server ("Apache"). This version of Apache is principal

Re: [VOTE] Release httpd 2.3.5-alpha

On Tue, Jan 26, 2010 at 11:13 AM, Sander Temme wrote: > > On Jan 21, 2010, at 2:34 PM, Paul Querna wrote: > >> Test tarballs for Apache httpd 2.3.5-alpha are available at: >>  <http://httpd.apache.org/dev/dist/> >> >> Your votes please; >> >> +/-

Re: [VOTE] Release httpd 2.3.5-alpha

On Thu, Jan 21, 2010 at 2:34 PM, Paul Querna wrote: > Test tarballs for Apache httpd 2.3.5-alpha are available at: >  <http://httpd.apache.org/dev/dist/> > > Your votes please; > >  +/- 1 >  [+1]  Release httpd-2.3.5 as Alpha > > Vote closes at 18:00 UTC on M

Re: [VOTE] Release httpd 2.3.5-alpha

On Thu, Jan 21, 2010 at 2:34 PM, Paul Querna wrote: > Test tarballs for Apache httpd 2.3.5-alpha are available at: >  <http://httpd.apache.org/dev/dist/> > > Your votes please; > >  +/- 1 >  [  ]  Release httpd-2.3.5 as Alpha > > Vote closes at 18:00 UTC on

[VOTE] Release httpd 2.3.5-alpha

Test tarballs for Apache httpd 2.3.5-alpha are available at: Your votes please; +/- 1 [ ] Release httpd-2.3.5 as Alpha Vote closes at 18:00 UTC on Monday January 25 2010. This includes a bundle of APR 1.4.2, and APR-Util 1.3.9. Thanks, Paul

Re: next alpha, this Wednesday?

I think i'll take the 1.4.2 APR tag, and try to use APR-Util 1.3.9 On Wed, Jan 20, 2010 at 3:17 PM, William A. Rowe Jr. wrote: > On 1/20/2010 4:56 PM, Sander Temme wrote: >> >> On Jan 20, 2010, at 9:42 AM, William A. Rowe Jr. wrote: >> >>> On 1/20/2010 10:01 AM, Sander Temme wrote: And

Re: next alpha, this Wednesday?

On Tue, Jan 19, 2010 at 4:41 PM, Sander Temme wrote: > > On Jan 19, 2010, at 1:37 PM, Paul Querna wrote: > >> I'm planning roughly on doing another 2.3.x-alpha tag on this late >> Wednesday, January 20th.  Should give us enough time to vote on it >> over the we

next alpha, this Wednesday?

I'm planning roughly on doing another 2.3.x-alpha tag on this late Wednesday, January 20th. Should give us enough time to vote on it over the weekend, and ship it out on Monday/tuesday next week, during the hackathon at G. Objections? Thanks, Paul

Re: [PATCH] Allow AuthZ providers to supply group data to other modules

On Thu, Dec 31, 2009 at 9:06 AM, Christian Seiler wrote: > Hi, > >> My approach is thus to provide a simple mechanism within the Apache API >> which allows any authz module to export group information to other >> modules. With this mechanism in place, it is possible to change >> mod_authz_svn in a

Re: Per module LogLevel configuration

On Tue, Dec 29, 2009 at 1:30 AM, Ruediger Pluem wrote: > On 28.12.2009 18:28, Stefan Fritsch wrote: >> On Monday 28 December 2009, Paul Querna wrote: >>>> You describe the internal arg processing.  Keep in mind that fn >>>> args aren't conditionally

Re: Per module LogLevel configuration

On Sun, Dec 27, 2009 at 11:08 PM, William A. Rowe Jr. wrote: > Dan Poirier wrote: >> >> Looking at log_error_core(), it appears that if the logging level is set >> to disallow a particular message from being logged, that >> log_error_core() returns before doing any argument processing.  So the >>

Re: Per module LogLevel configuration

On Wed, Dec 23, 2009 at 4:14 AM, Stefan Fritsch wrote: > Hi, > > when debugging problems, one needs detailed debug logging of the > involved functions. Unfortunately, some modules (especially mod_ssl) > log so much that switching to LogLevel debug in a production > environment is often impractical

  1   2   3   4   5   6   7   8   9   10   >