Am 21.01.2016 um 18:59 schrieb Jim Jagielski:
BTW: that is so cool. No idea we could do that w/ ap_expr!
Don't know whether it is useful but you can now easily provide more
hcheck info to expr as long as there's code that returns that info and
using it in success formulas is helpful. Like suc
Am 21.01.2016 um 18:55 schrieb Jim Jagielski:
This implies that the kept_body() func added to ap_expr should
be removed, right?
At least it is no longer needed for proxy_hcheck. If we want to provide
the original kept_body as used by mod_request to expr we can keep it. I
don't know whether su
or
the new function hc().
Currently only HC_BODY and hc(body) are supported.
Both return the saved body of the health check
response to be used in an expr that decides about
success of a check.
Regards,
Rainer
On Jan 21, 2016, at 11:51 AM, Rainer Jung wrote:
Am 21.01.2016 um 17:03 schrieb Jim
er
On Jan 21, 2016, at 10:25 AM, Jim Jagielski wrote:
Sounds good to me!!
thx!
On Jan 21, 2016, at 10:23 AM, Rainer Jung wrote:
I should have asked earlier: wouldn't it be more suitable to implement to
response body as a variable instead of a function?
When looking at server
Am 21.01.2016 um 15:05 schrieb Jim Jagielski:
I think that we should always ensure that mod_status provides the info and
insight that our users want and need, so +1 on adding fields and columns
as required.
It *might* make sense to add them at the end, almost as if we were
adding additional fiel
I should have asked earlier: wouldn't it be more suitable to implement
to response body as a variable instead of a function?
When looking at server/util_expr_eval.c, I find request_var_names and
request_var_fn. The former is a list of variable names, and the latter
implements returning the val
Hi Jim,
Am 21.01.2016 um 15:35 schrieb Jim Jagielski:
BTW, do you have pointers on how to use your "new" Coccinelle/spatch
script to assign AH log numbers?
first I had to build OCAML and coccinelle (which provides spatch) on
Solaris. As usual not much fun. I assume, you can find ready-to-go
Am 21.01.2016 um 01:33 schrieb Yann Ylavic:
On Thu, Jan 21, 2016 at 12:35 AM, Rainer Jung wrote:
Am 21.01.2016 um 00:17 schrieb Yann Ylavic:
On Tue, Jan 19, 2016 at 4:45 PM, wrote:
Author: rjung
Date: Tue Jan 19 15:45:44 2016
New Revision: 1725551
URL: http://svn.apache.org/viewvc?rev
Am 21.01.2016 um 00:17 schrieb Yann Ylavic:
On Tue, Jan 19, 2016 at 4:45 PM, wrote:
Author: rjung
Date: Tue Jan 19 15:45:44 2016
New Revision: 1725551
URL: http://svn.apache.org/viewvc?rev=1725551&view=rev
Log:
Improve spatch for APLOGNO a bit.
Modified:
httpd/httpd/trunk/docs/log-messa
rom people who's 1st and last names have the
same letters :)
On Jan 20, 2016, at 8:08 AM, Jim Jagielski wrote:
On Jan 20, 2016, at 7:59 AM, Jim Jagielski wrote:
On Jan 20, 2016, at 3:34 AM, Rainer Jung wrote:
Am 20.01.2016 um 01:57 schrieb Jim Jagielski:
Right now GET and CPING (
Am 20.01.2016 um 01:57 schrieb Jim Jagielski:
Right now GET and CPING (as well as provider) is on my
TODO, in fact, they are currently set as "unimplemented"
although the hooks are there.
The main issue is that we need to worry about a (possibly)
large response body and some method of checking a
Am 19.01.2016 um 20:02 schrieb Jim Jagielski:
Ahhh... yeah, I guess updating all the usages to do
that makes sense.
Done in r1725602.
On Jan 19, 2016, at 1:59 PM, Ruediger Pluem wrote:
On 01/19/2016 06:45 PM, Jim Jagielski wrote:
On Jan 19, 2016, at 11:09 AM, Ruediger Pluem wrote:
+
It looks like the announcement never made it to the ASF accouncement
list? The same was true for 2.4.17 but 2.4.16 was announced on that list
too.
Does it make sense to send the announcement there. Of course it has a
unusual delay now but some people might rely on that channel for the info.
Done, thanks for the reminder.
Rainer
Am 08.12.2015 um 21:38 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.18 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.18 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Rob
I did a 2.2 to 2.4 migration today. The old 2.2 server was using a
certificate file, which was DER encoded and the new 2.4 one didn't like it.
It seems support for DER encoded certs was removed in 2.4.8 as a side
effect of r1573360 (bckport of r1553824). The certificate in 2.2 is read
using SS
Am 26.10.2015 um 10:11 schrieb Graham Leggett:
On 26 Oct 2015, at 9:05 AM, Christophe JAILLET
wrote:
in modules/cache/cache_util.h, CACHE_SEPARATOR is defined as:
#define CACHE_SEPARATOR ", "
I don't see any reason to have 3 spaces here.
It is only used within calls to 'cache_strqto
Am 20.10.2015 um 11:38 schrieb Plüm, Rüdiger, Vodafone Group:
-Original Message-
From: Yann Ylavic [mailto:ylavic@gmail.com]
Sent: Dienstag, 20. Oktober 2015 10:54
To: dev@httpd.apache.org
Subject: Re: [users@httpd] Chunked transfer delay with httpd 2.4 on
Windows.
On Tue, Oct 20,
.17: Regression with mod_autoindex (in
combination with Phusion Passenger)
To: b...@httpd.apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=58498
--- Comment #2 from Rainer Jung ---
I'm not an expert on passenger, but one can see the hook registration at
https://github.com/phusion/p
Am 16.10.2015 um 14:56 schrieb Yann Ylavic:
On Fri, Oct 16, 2015 at 2:48 PM, Yann Ylavic wrote:
On Fri, Oct 16, 2015 at 2:35 PM, Rainer Jung wrote:
I didn't yet have the time to reproduce and test your patch, but the
APR_ALIGN((size),sizeof(void *)) align approach would not work
Am 16.10.2015 um 13:54 schrieb Yann Ylavic:
On Fri, Oct 16, 2015 at 10:02 AM, Yann Ylavic wrote:
We should do something like the following patch:
Index: server/scoreboard.c
===
--- server/scoreboard.c(revision 1708095)
+++ se
Am 16.10.2015 um 08:25 schrieb Jacob Champion:
On 10/15/2015 11:18 PM, Jacob Champion wrote:
it looks like ap_init_scoreboard() doesn't try to maintain any
particular alignment when it's assigning pointers from more_storage.
Though one would think your compiler would be padding out the struct
Am 14.10.2015 um 14:37 schrieb Stefan Eissing:
Need some advice on how to expand our test framework. We had the problem that
current test on 421 return codes failed as the current setup makes that depend
on vhosts/other config interference. Undesirable.
Also, I am adding more RFC 7540 complian
Am 14.10.2015 um 14:58 schrieb Jim Jagielski:
The ASF is all about recognizing and rewarding merit. The whole
"Apache Way" started here, with this project, and httpd has always
been the sort of "guiding light" and example of how Apache projects
(should) work.
Inclusion of the HTTP/2 implementati
Am 09.10.2015 um 19:40 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.17 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.17 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Rob
Am 12.10.2015 um 11:09 schrieb Stefan Eissing:
I plan to change it to only happen for servers, where h2/h2c is among
configured protocols.
Am 12.10.2015 um 11:07 schrieb Yann Ylavic :
On Sun, Oct 11, 2015 at 7:15 PM, Yann Ylavic wrote:
On Sun, Oct 11, 2015 at 7:11 PM, Stefan Eissing
wrote:
Am 11.10.2015 um 21:14 schrieb Reindl Harald:
Am 11.10.2015 um 21:07 schrieb Yann Ylavic:
On Sun, Oct 11, 2015 at 8:59 PM, Reindl Harald
wrote:
Google only showed discussions, Bugzilla and so on and finding the new
directive is hard - maybe the hint should made it into the changelog
for GA
Am 11.10.2015 um 19:08 schrieb Yann Ylavic:
On Sun, Oct 11, 2015 at 7:00 PM, Stefan Eissing
wrote:
Ok, analyzed the code. Here is what seems to be happening:
- mod_http2, in the connection hook, does a blocking, speculative read to
a) make sure the ALPN has been triggered
b) check for th
Am 11.10.2015 um 16:04 schrieb Rainer Jung:
# testing : GET https://localhost:8532/misdirected
# expected: 421
# received: '404'
not ok 30
# Failed test 30 in t/modules/http2.t at line 129 fail #6
# testing : GET https://localhost:8532/misdirected
# expected: 421
# received: '404
Am 11.10.2015 um 16:08 schrieb Eric Covener:
I am trying to run the test framework with ssl and http2 on AIX.
There is no system openssl 1.0.2, and the system perl is 32-bit and
also rather old.
I have a 32-bit and 64-bit openssl squirreld away in ~. I initially
had some problems with httpd und
# testing : GET https://localhost:8532/misdirected
# expected: 421
# received: '404'
not ok 30
# Failed test 30 in t/modules/http2.t at line 129 fail #6
# testing : GET https://localhost:8532/misdirected
# expected: 421
# received: '404'
not ok 31
Is this expected for 2.4? I didn't find anything
I get a test failure for 2.4.17 in the mod_nntp_like_ssl part. Te
failure happens on Solaris. Note that the nntp tests are disabled by
default on Linux because of problems with the kernel accept filter, so
that many of you wont run this test and thus not observe the problem.
The problems is th
Am 10.10.2015 um 20:14 schrieb Stefan Eissing:
Testing 2.4.17 release tar ball on OS X 10.11 (event/worker/prefork, openssl
1.0.2d):
t/ssl/varlookup.t ... 1/81 # Failed test 55 in
t/ssl/varlookup.t at line 105 fail #55
# Failed test 56 in t/ssl/varlookup.t at line 105 fail #56
Am 09.10.2015 um 12:00 schrieb Nick Kew:
On Fri, 2015-10-09 at 11:12 +0200, Yann Ylavic wrote:
Could they somehow be sent to dev@, or is there legal issues?
Bugzilla activity doesn't get sent to dev@, even when
it involves PatchAvailable (kind-of equivalent to a
Pull Request, yesno)?
If we we
Am 07.10.2015 um 13:03 schrieb yla...@apache.org:
Author: ylavic
Date: Wed Oct 7 11:03:22 2015
New Revision: 1707241
URL: http://svn.apache.org/viewvc?rev=1707241&view=rev
Log:
Fix commit revision of Rainer's proposal.
Thanks, I wonder where I got the wrong one from. I usually do copy and
pa
@gmail.com]
Sent: Dienstag, 6. Oktober 2015 12:07
To: dev@httpd.apache.org
Subject: Re: Supporting "SSL:" in the expression parser via mod_ssl
On Tue, Oct 6, 2015 at 11:55 AM, Rainer Jung
wrote:
I will commit 3) but are very open to other opinions before suggesting a
backport.
+1
Regards,
Yann.
Am 06.10.2015 um 00:44 schrieb Stefan Fritsch:
On Wednesday 30 September 2015 23:26:30, Rainer Jung wrote:
I noticed that currently the expression parser in 2.4/trunk does not
support the SSL:VARIABLE lookups that mod_rewrite supports.
The expression parser uses ":" as an alternativ
Am 04.10.2015 um 10:23 schrieb Stefan Fritsch:
On Thursday 01 October 2015 13:55:40, Rainer Jung wrote:
Am 01.10.2015 um 12:31 schrieb Graham Leggett:
On 01 Oct 2015, at 12:26 PM, Rainer Jung
wrote:
Since it gets more common to use the expression parser for string
operations and not only
s for
expr could be better (have that on my list), especially concerning the
different syntaxes in boolean and string mode.
On Oct 1, 2015, at 8:51 AM, Rainer Jung wrote:
Am 01.10.2015 um 14:32 schrieb Nick Kew:
On Thu, 2015-10-01 at 12:26 +0200, Rainer Jung wrote:
Since it gets more common t
Am 01.10.2015 um 14:32 schrieb Nick Kew:
On Thu, 2015-10-01 at 12:26 +0200, Rainer Jung wrote:
Since it gets more common to use the expression parser for string
operations and not only for boolean checks, I think it would be useful
(and powerful) to support
s/PATTERN/REPLACEMENT/FLAGS
and
Am 01.10.2015 um 14:33 schrieb Eric Covener:
On Thu, Oct 1, 2015 at 6:26 AM, Rainer Jung wrote:
Since it gets more common to use the expression parser for string operations
and not only for boolean checks, I think it would be useful (and powerful)
to support
s/PATTERN/REPLACEMENT/FLAGS
and
Am 01.10.2015 um 12:31 schrieb Graham Leggett:
On 01 Oct 2015, at 12:26 PM, Rainer Jung wrote:
Since it gets more common to use the expression parser for string operations
and not only for boolean checks, I think it would be useful (and powerful) to
support
s/PATTERN/REPLACEMENT/FLAGS
and
Since it gets more common to use the expression parser for string
operations and not only for boolean checks, I think it would be useful
(and powerful) to support
s/PATTERN/REPLACEMENT/FLAGS
and allow back references in REPLACEMENT. The operation would not try to
do the replacement in place b
I noticed that currently the expression parser in 2.4/trunk does not
support the SSL:VARIABLE lookups that mod_rewrite supports.
The expression parser uses ":" as an alternative function call syntax,
so HTTP:VARIABLE is the same as HTTP(VARIABLE) which in turn executes
http(VARIABLE). The same
Am 25.09.2015 um 17:56 schrieb Plüm, Rüdiger, Vodafone Group:
-Ursprüngliche Nachricht-
Von: Plüm, Rüdiger, Vodafone Group
Gesendet: Freitag, 25. September 2015 17:51
An: dev@httpd.apache.org
Betreff: AW: mod_h2 CTR (Was: Re: svn commit: r1705257 -
/httpd/httpd/trunk/modules/http2/config.
Am 24.08.2015 um 13:40 schrieb Nick Gearls:
This is definitely a bug as we have a major incompatibility between two
features.
Remark: although mod_macro can use $ and % for unescaped characters,
${x} is used by Define and %{x} by mod_rewrite :-(
Shooting from the hip:
&{x}
Haven't checked
Docs say: "Disabling ProxyPassInherit also disables BalancerInherit."
Code (2.4) says:
if (ps->inherit || ps->ppinherit) {
ps->workers = apr_array_append(p, base->workers, overrides->workers);
ps->balancers = apr_array_append(p, base->balancers,
overrides->balancers);
}
and both inher
Am 21.07.2015 um 23:14 schrieb Kevin A. McGrail:
On 7/21/2015 4:57 PM, Jim Jagielski wrote:
Hmmm Wondering if this is due to:
Test::LeakTrace [build_requires]
Test::TCP [build_requires]
Anyway, this is on OSX, fwiw.
This seems dependent on the Macports port(s) of perl...
Using the syste
Am 20.07.2015 um 18:29 schrieb Jim Jagielski:
Someone reported that 2.2.31 (w/ mod_ssl) doesn't build under FreeBSD 10:
https://feld.me/freebsd/apache22-2.2.31.log
I will try it out and see.
It seems
http://svnweb.freebsd.org/ports/head/www/apache22/
is still at 2.2.29 and people are w
Am 16.07.2015 um 17:26 schrieb Yann Ylavic:
Yes, and with --enable-load-all-modules (not so common, I think, when
not testing with the framework...).
Exactly, thats mostly a flag to produce non-production bus test ready
configs. Not so nice that it doesn't startup, but I would be astonished
i
Am 11.07.2015 um 16:29 schrieb William A Rowe Jr:
The pre-release candidate tarballs of Apache httpd 2.2.30, can be found in;
http://httpd.apache.org/dev/dist/
+/-1
[+1] Release 2.2.30 GA (apr 1.5.2, apr-util 1.5.4)
Win32 src to follow shortly, vote to run through 14:30 GMT Tuesday.
+
Am 13.07.2015 um 17:34 schrieb Stefan Eissing:
Ok, narrowing it down, but not done yet. Problem is as follows:
1 with 'localhost' as servername, tests were failing with "waiting for server to
warm up", although server was reachable as http://localhost:8529/
strange.
2 with 'test.example.org'
Am 10.07.2015 um 22:33 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.16 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.16 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Rob
Hi Stefan,
Am 09.07.2015 um 13:46 schrieb Stefan Eissing:
I need some help with establishing a test baseline. I checked out the test
framework from https://svn.apache.org/repos/asf/httpd/test/framework/trunk,
followed the README and ran the tests against a freshly installed 2.4.x in
/opt/htt
Am 23.06.2015 um 11:34 schrieb Stefan Eissing:
Sorry to bother the list, but I am banging my head against the wall trying to
build mod_ssl linked statically with openssl on Ubuntu.
Is there something obvious that I miss in my
configure --enable-ssl=shared --with-ssl=$(BLD_PREFIX)
--enabl
Am 22.06.2015 um 14:04 schrieb Jeff Trawick:
On Mon, Jun 22, 2015 at 8:02 AM, Jim Jagielski mailto:j...@jagunet.com>> wrote:
Seems that 3rd time was NOT the charm.
Due to the regression I am canceling this VOTE.
Let's patch 2.4.16-dev ASAP to handle this and I will T&R 2.4.16
f
Am 18.06.2015 um 21:54 schrieb Jeff Trawick:
On Thu, Jun 18, 2015 at 3:03 PM, olli hauer mailto:oha...@gmx.de>> wrote:
On 2015-06-18 19:08, Jim Jagielski wrote:
> Subj sez it all.
>
I don't know if it is worth to report this, but the on 2.4.12. I
don't see the following warn
Am 14.06.2015 um 19:17 schrieb Rainer Jung:
[X] -1: Danger Will Robinson. And why.
Not an easy call.
-1 but even more thanks for RMing.
Negative vote due to:
- chance of breaking chunked encoding due to spec intolerance.
s/spec/space/ - Sorry.
Proxy example reported by Steffen plus
Am 11.06.2015 um 16:08 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.14 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[ ] +1: Good to go
[ ] +0: meh
[X] -1: Danger Will Rob
eps are only there for convenience.
Thx!
--
Born in Roswell... married an alien...
http://emptyhammock.com/
--
kippdata
informationstechnologie GmbH Tel: 0228 98549 -0
Bornheimer Str. 33aFax: 0228 98549 -50
53111 Bonn www.kippdata.de
HRB 8018 Amtsgericht Bonn / USt.-IdNr. DE 196 457 417
Geschäftsführer: Dr. Thomas Höfer, Rainer Jung, Sven Maurmann
Am 13.06.2015 um 12:23 schrieb Rainer Jung:
Hi Michael,
Am 13.06.2015 um 12:10 schrieb Michael Felt:
Just a link to the "Howto setup Apache::Test" would be sufficient. The
README in the project sends me to mod_perl info, not a list of perl mods
needed to be added -- and unfortu
Hi Michael,
Am 13.06.2015 um 12:10 schrieb Michael Felt:
Just a link to the "Howto setup Apache::Test" would be sufficient. The
README in the project sends me to mod_perl info, not a list of perl mods
needed to be added -- and unfortunately the Apache::Test does not
"include" a dependency list e
Am 12.06.2015 um 19:12 schrieb William A Rowe Jr:
Revision 1678233 - (view) (download) (annotate) - [select for diffs]
Modified Thu May 7 16:26:43 2015 UTC (5 weeks, 1 day ago) by jim
File length: 57106 byte(s)
Diff to previous 1674655 (colored)
Merge r1676085 from trunk:
consistently output SSL
Am 12.06.2015 um 18:48 schrieb Jeff Trawick:
On Fri, Jun 12, 2015 at 12:35 PM, Jacob Perkins
mailto:jacob.perk...@cpanel.net>> wrote:
+1 to Noels comments. We have a ton of servers running Apache 2.4
with our control panel. Doing this in a point release will cause us
to have to cha
Am 12.06.2015 um 13:49 schrieb Yann Ylavic:
Hi Christophe,
On Fri, Jun 12, 2015 at 1:26 PM, Christophe JAILLET
wrote:
should this warning at startup be an issue, why not just remove it in 2.4.x
and keep it in trunk?
Having the depreciation written in doc (and in migration note for 2.4 ->
2.6/
Am 08.06.2015 um 03:34 schrieb Jeff Trawick:
On Sun, Jun 7, 2015 at 1:20 PM, Rainer Jung mailto:rainer.j...@kippdata.de>> wrote:
...
On FreeBSD I see the following failures:
t/apache/limits.t (Wstat: 0 Tests: 12 Failed: 1)
Failed test: 8
10.1: limits.t
Am 04.06.2015 um 18:33 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.13 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.13 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Ro
Am 27.05.2015 um 09:33 schrieb Rainer Jung:
Am 27.05.2015 um 08:40 schrieb Kaspar Brand:
On 26.05.2015 10:33, Rainer Jung wrote:
I find it questionable. I would find it more natural to embed the params
in the cert files they apply to, so e.g. the DH params in the RSA cert
file and the EC
Am 01.06.2015 um 13:36 schrieb Yann Ylavic:
Hi Rainer,
On Mon, Jun 1, 2015 at 1:06 PM, wrote:
@@ -232,14 +238,14 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
trunk patch: http://svn.apache.org/r1681694
2.4.x patch: trunk works (modulo CHANGES)
+1: ylavic
+ rjung: Would
Am 29.04.2015 um 13:05 schrieb Kaspar Brand:
I did some formatting cleanup in r1676709 and put a patch for 2.4.x
online under
https://people.apache.org/~kbrand/mod_ssl-2.4.x-alpn_2015-04-29.diff.
This should hopefully make it easier for people to test and review (it's
an amalgamation of ten revis
Am 29.05.2015 um 18:36 schrieb Wang, Andy:
It didn't break api compatibly but it sure did break backwards compatibility.
I'm pretty sure if you link against 1.0.2 you can't run with an older 1.0.x
library. Which is what appears to happen in Mario's case.
That's correct. If the app or lib you
Am 29.05.2015 um 18:30 schrieb William A Rowe Jr:
Don't be fooled.
OpenSSL 1.0.1 did not break binary compatibility, the lib designation
remains .so.1.0.0. Can someone confirm whether this was changed in 1.0.2?
As I already wrote it didn't.
Rainer
Am 29.05.2015 um 15:16 schrieb Wang, Andy:
You might want to reconsider that unless you really really are sure you know
what you're doing.
On a linux distro, the system installed openssl is considered a fundamental
platform infrastructure library. I.e. many many things rely on it. openssl
ve
Am 27.05.2015 um 08:40 schrieb Kaspar Brand:
On 26.05.2015 10:33, Rainer Jung wrote:
I find it questionable. I would find it more natural to embed the params
in the cert files they apply to, so e.g. the DH params in the RSA cert
file and the EC params in the ECDH cert file and also to not
Am 26.05.2015 um 11:07 schrieb Yann Ylavic:
Oups, several simultaneous responses...
That shows how much we like him (his work) :)
Am 26.05.2015 um 11:00 schrieb Tim Bannister:
On 26 May 2015, at 09:37, Reindl Harald wrote:
Am 26.05.2015 um 10:33 schrieb Rainer Jung:
Current mod_ssl code tries to read embedded DH and ECC parameters only from the
first certificate file. Although this is documented
"DH and
Hi Stefan,
Am 26.05.2015 um 10:37 schrieb Stefan Eissing:
Sorry, if this question has an obvious answer which I was unable to find: where
would I find a list of the changes that will be backported to the 2.4.13
release in order to see if a change has received enough votes?
The backports that
Current mod_ssl code tries to read embedded DH and ECC parameters only
from the first certificate file. Although this is documented
"DH and ECDH parameters, however, are only read from the first
SSLCertificateFile directive, as they are applied independently of the
authentication algorithm typ
Am 22.05.2015 um 18:35 schrieb Yann Ylavic:
On Fri, May 22, 2015 at 6:29 PM, Rainer Jung wrote:
1) In other code I see
EC_KEY_free(ecdh);
after
EC_KEY *ecdh = EC_KEY_new_by_curve_name(...)
and using ecdh, e.g. in
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
Should we add the f
Am 24.05.2015 um 23:08 schrieb olli hauer:
Hi,
is there a chance to get the following revisions merged to 2.2.x
- r1551685, r1652929 (fix IPv4 mapping on FreeBSD)
In ssl_engine_dh.c there are calls to generate dh512 and dh1012,
perhaps it is also an idea to drop dh512 and add dh2048 or higher.
Am 23.05.2015 um 11:28 schrieb Yann Ylavic:
On Sat, May 23, 2015 at 11:23 AM, wrote:
Author: ylavic
Date: Sat May 23 09:23:13 2015
New Revision: 1681297
URL: http://svn.apache.org/r1681297
Log:
Merged r979120 from trunk.
[]
Modified: httpd/httpd/branches/2.2.x/STATUS
[]
- * mod_log_con
1) In other code I see
EC_KEY_free(ecdh);
after
EC_KEY *ecdh = EC_KEY_new_by_curve_name(...)
and using ecdh, e.g. in
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
Should we add the free? Or is it not needed? Anyone knows why?
This was added in r1666363:
* mod_ssl: fix small memory lea
1) In other code I see
EC_KEY_free(ecdh);
after
EC_KEY *ecdh = EC_KEY_new_by_curve_name(...)
and using ecdh, e.g. in
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
Should we add the free? Or is it not needed? Anyone knows why?
2) In modules/ssl/ssl_private.h I see
/**
* The following
Am 21.05.2015 um 20:57 schrieb Eric Covener:
On Thu, May 21, 2015 at 2:54 PM, Jeff Trawick wrote:
This is a very nice improvement over introducing "M", and Yann's suggestion
to expand "T" instead of "D" is an increment above that.
Any concerns if I switch them out?
+1 here
No concern. I'm
Am 23.04.2015 um 06:56 schrieb Kaspar Brand:
On 22.04.2015 21:30, Rainer Jung wrote:
Am 22.04.2015 um 17:49 schrieb Kaspar Brand:
Thanks. In the patch for ssl_private.h, the complete NPN block should
actually be dropped - the same block is are already part of
ssl_private.h, just 10 lines above
Am 22.04.2015 um 17:49 schrieb Kaspar Brand:
On 22.04.2015 10:52, Stefan Eissing wrote:
I made two small patches based on the feedback from Kaspar. One for
the code and one for the documentation.
Thanks. In the patch for ssl_private.h, the complete NPN block should
actually be dropped - the sa
Am 15.04.2015 um 21:49 schrieb cove...@apache.org:
Author: covener
Date: Wed Apr 15 19:49:31 2015
New Revision: 1673940
URL: http://svn.apache.org/r1673940
Log:
Merge r1666297 from trunk:
ssl_util: Fix possible crash (free => OPENSSL_free) and error path leaks when
checking the server certifica
Am 15.04.2015 um 00:14 schrieb Rainer Jung:
Am 14.04.2015 um 19:06 schrieb rbo...@apache.org:
Author: rbowen
Date: Tue Apr 14 17:06:10 2015
New Revision: 1673470
URL: http://svn.apache.org/r1673470
Log:
Add "pre-compressed content" recipe, as per
https://bz.apache.org/bugzilla/show_
Am 14.04.2015 um 19:06 schrieb rbo...@apache.org:
Author: rbowen
Date: Tue Apr 14 17:06:10 2015
New Revision: 1673470
URL: http://svn.apache.org/r1673470
Log:
Add "pre-compressed content" recipe, as per
https://bz.apache.org/bugzilla/show_bug.cgi?id=51336
Modified:
httpd/httpd/trunk/docs/m
Hi Stefan,
Am 01.04.2015 um 18:22 schrieb Stefan Eissing:
Jim,
today I converted your commit to a path on 2.4.12 and tested it with mod_h2.
All fine!
Then I got a trouble report that alpn negotiation always selected "http/1.1" unless SSLAlpnPreference
configured something else. This is due t
Am 23.01.2015 um 11:09 schrieb Yann Ylavic:
On Mon, Oct 27, 2014 at 1:40 PM, wrote:
Author: jim
Date: Mon Oct 27 12:40:34 2014
New Revision: 1634520
URL: http://svn.apache.org/r1634520
Log:
Merge r1621367, r1621372, r1625952 from trunk:
PR53218
Allow for longer worker names and make truncati
Hi Yann,
Am 24.02.2015 um 12:51 schrieb Yann Ylavic:
Hi,
On Thu, Feb 5, 2015 at 9:33 PM, wrote:
Author: rjung
Date: Thu Feb 5 20:33:59 2015
New Revision: 1657685
URL: http://svn.apache.org/r1657685
[...]
Modified:
httpd/httpd/trunk/server/util_expr_eval.c
Modified: httpd/httpd/tru
Hi,
Am 08.02.2015 um 01:48 schrieb Davis:
Is backporting of configuration parameters SSLSessionTicketKeyFile and
SSLSessionTickets to 2.2 branch welcome?
SSLSessionTickets for 2.2 has already been backported by Yann:
http://people.apache.org/~ylavic/httpd-2.2.x-SSLSessionTickets.patch
It is
Am 28.01.2015 um 23:01 schrieb William A. Rowe Jr.:
On Wed, 28 Jan 2015 12:02:32 +0100
Rainer Jung wrote:
Am 27.01.2015 um 21:41 schrieb William A. Rowe Jr.:
I'd agree. My thoughts on OP's posts, that their specific PHP
scripts are modifying the global timezone locale, notably
Am 27.01.2015 um 21:41 schrieb William A. Rowe Jr.:
I'd agree. My thoughts on OP's posts, that their specific PHP scripts
are modifying the global timezone locale, notably process-by-process,
and these are not reset at the end of processing. In the case of the
event or worker MPM it's impossibl
Am 22.01.2015 um 19:54 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.12 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.12 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Rob
Am 26.01.2015 um 14:14 schrieb Eric Covener:
On Mon, Jan 26, 2015 at 8:08 AM, Jim Jagielski wrote:
svn diff https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.11
https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.12 | cdiff
first one should be 2.4.10 (not that it turns up anythin
uem wrote:
On 01/19/2015 11:40 PM, Rainer Jung wrote:
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to MaxConnectionsPerChild get cleaned up after some
time but this one doesn't. I
Am 20.01.2015 um 10:15 schrieb Rainer Jung:
Am 20.01.2015 um 08:45 schrieb Ruediger Pluem:
On 01/19/2015 11:40 PM, Rainer Jung wrote:
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to
Am 20.01.2015 um 08:45 schrieb Ruediger Pluem:
On 01/19/2015 11:40 PM, Rainer Jung wrote:
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to MaxConnectionsPerChild get cleaned up after some
401 - 500 of 1325 matches
Mail list logo