Re: default conf and ScriptAlias

operators headaches as the one outlined by Noel - more so as this setting is there for way longer than 2.4 and therefore -1. Alex > On Oct 9, 2021, at 20:30, Noel Butler wrote: > >  >> >> On 10/10/2021 03:39, Eric Covener wrote: >> >> Relative to the recent CV

Re: [VOTE] Release httpd-2.4.51-rc1 as httpd-2.4.51

+1 on Slackware64 -current Alex > On Oct 7, 2021, at 09:17, ste...@eissing.org wrote: > > Hi all, > > due to found security weaknesses in our 2.4.50 release, the security team > feels it is necessary to do a new release on very short notice. We will skip > the usua

Re: [VOTE] Release httpd-2.4.46

. Alex > On Aug 8, 2020, at 08:27, Daniel Ruggeri wrote: > > Hi, Bill; > I wondered about this myself. I agree that we allow for ambiguity > when we say an issue is fixed in 2.4.44 and 2.4.45 (which weren't > released). Perhaps we should just bump the 'fixed' version up

iOS 14 / macOS 11 and HTTP/3 support

From Apple’s developer beta release notes, the newest Apple code is now shipping with HTTP/3 support. Disabled by default, but can be enabled by users. As of today, HTTP/3 Draft 29 isn’t yet supported. Alex

SSLStrictSNIVHostCheck not being enforced by mod_ssl

evel debug”, not seeing *anything* SNI related in the logs. Ideas? -- Alex

Support for RFC7627 (Extended Master Secret) on mod_ssl

eb.com/ <https://www.immuniweb.com/> — Alex

Re: svn commit: r1875349 - /httpd/site/trunk/tools/roll.sh

to openly support a discouraged code. Previous OpenSSL versions were fun, but it is time to move on. Just my $.02. Alex > On Mar 18, 2020, at 09:44, jean-frederic clere wrote: > > On 18/03/2020 11:09, Ruediger Pluem wrote: >>> On 3/18/20 9:36 AM, jfcl...@apache.org wrote: &

Re: Opt in(/out?) for TLS protocol per vhost (was: svn commit: r1868645)

IMHO, it *is* intuitive. If you want no default configuration, do not set one by default, otherwise inheritance applies - just as everything else in this daemon. Or are you all planning to opt in/out every other settings as well, to make a standard "intuitive-driven” configuration approach? >

Re: Cloudflare, Google Chrome, and Firefox Add HTTP/3 Support

but not least, thanks Stefan for your h2 work. Alex > On Sep 27, 2019, at 17:12, Helmut K. C. Tessarek wrote: > > On 2019-09-27 11:47, Eric Covener wrote: >> I don't think market share is a big motivating factor for active >> contributors. > > Maybe not, but I remembe

Cloudflare, Google Chrome, and Firefox Add HTTP/3 Support

https://news.slashdot.org/story/19/09/26/1710239/cloudflare-google-chrome-and-firefox-add-http3-support With that, the obvious question: what about Apache?

Re: Default log file locations

, it would be a less dramatic change, but hey, caveats are starting to appear, as Eric just pointed one out. Alex > On Jun 27, 2019, at 17:24, Eric Covener wrote: > >  >> >> From my perspective it would be advantageous to have Apache write to >> the terminal by def

Re: Plan to add sandbox branch

and if so, for how long? When I read your message, in particular the STATUS info statement, this plan of yours looked to me like how a regular load balancer product works, and if that is the intent, how different from and/or how integrated to ATS is this going to be? Alex On 2018/11/27 11:23

Server Token: None

and the general consensus was to leave the bare minimum to Prod: if so, people that want to keep low would find their ways anyway, but giving us choice is not unusual from the spirit of FOSS. Alex httpd-server-header-none.diff.gz Description: GNU Zip compressed data smime.p7s Description: S

Fw: new message

Hey! New message, please read a...@imaginers.org --- Phần mềm Avast antivirus đã kiểm tra virus cho email này. https://www.avast.com/antivirus

Re: mod_websocket ownership (and fixes)

On 11 Sep 2015, at 23:49, Jacob Champion <champio...@gmail.com> wrote: > Hi Alex, > > On 09/11/2015 10:02 AM, Alex Bligh wrote: >> mod_proxy_wstunnel forwards the websocket connection without >> interpreting the protocol (i.e. needs to be directed at a websocket &

Re: mod_websocket ownership (and fixes)

On 10 Sep 2015, at 23:26, Jacob Champion <champio...@gmail.com> wrote: > On 09/10/2015 02:50 PM, Alex Bligh wrote: >> Here: https://github.com/abligh/apache-websocket >> >> in the vncproxy directory you will find a vncproxy (which is actually >> a generic

Re: mod_websocket ownership (and fixes)

processing / bucket brigade runs now. Crucially you've put all the bucket brigade handling into a single thread (I think) which I take it is the same thread as apache itself uses - that's what I reckoned I needed to do to get it to work reliably with SSL. -- Alex Bligh

Re: [PATCH 0/5] Fix mod_websocket segfaults under load

On 30 Apr 2015, at 19:19, Jacob Champion jacob.champ...@ni.com wrote: Quick bump to this thread. Have any interested parties (Alex?) been able to give these patches a try? Not yet - sorry. -- Alex Bligh

Re: [PATCH 0/5] Fix mod_websocket segfaults under load

for these. I'll try to find some time to look through them. Note mod_websocket is not (currently) in the list of apache supported modules, though for one would love it to be. So for most people they can't see what you are patching against. Do you have this in git somewhere (e.g. github?) -- Alex

Re: Debugging mod_websocket -- any others out there?

able to remove the extra pool and bucket allocator that Alex added, since reading and writing are now done using only a single thread. I'm waiting on internal approval to post the five-patch set here (unless of course there is any objection from the mailing list; I don't see a lot of patch

Re: Debugging mod_websocket -- any others out there?

the above bug. The other thing I was planning to look at was how modproxy-wstunnel and friends work - they must face a similar problem. -- Alex Bligh

Re: Debugging mod_websocket -- any others out there?

On 25 Feb 2015, at 22:40, Jacob Champion jacob.champ...@ni.com wrote: Maybe APR has an abstraction for socketpair()? 2 x apr_file_pipe_create ? -- Alex Bligh

Re: Debugging mod_websocket -- any others out there?

create an issue. TBH I never had any issues with the actual encode/decode code. -- Alex Bligh

Re: Mod_proxy is truncating Response Header size

that header before forward back the response to the initial caller. Did somebody face that kind of problem? Does increasing ProxyIOBufferSize help? -- Alex Bligh

Re: tcp/ip sockets in apache module

of this or am I just way off base in using TCP/IP for external communication to a module. Thanks. Not that small, but: https://github.com/abligh/apache-websocket -- Alex Bligh

Re: problem with different version of openssl in Apache and apache module

of openssl. But if Apache was built with openssl 0.9.8x, segfault occurred. Is there anything I can do for my built so it also works in the Apache which was built with older version of openssl? Static link to openssl? -- Alex Bligh

Threaded vs non-threaded dev package

I am compiling a module I have written on Ubuntu Precise. The module will always be run on apache-mpm-prefork (i.e. the non-threaded mpm), but the module itself uses threads (apr_thread*). Should I be compiling against apache2-threaded-dev or apache2-prefork-dev? Or doesn't it matter? -- Alex

Mutex protection of output bucket brigade

? -- Alex Bligh

Re: Mutex protection of output bucket brigade

brigade is only actually written to the client during an ap_fwrite()? In which case are all the filters (primarily mod_ssl) guaranteed to be thread safe if a different thread is doing input from that doing output? -- Alex Bligh

Re: Mutex protection of output bucket brigade

ap_core_output_filter that is confused). I suspect I may need to compile with DEBUG_BRIGADES or whatever it's called and see if I can get it to fail more often than once every 5 days on a torture test :-/ -- Alex Bligh (gdb) bt #0 0x7f4f2bf082b0 in apr_bucket_destroy_noop () from /usr/lib/libaprutil-1.so

thread safety and mpm-prefork

actually do anything in mpm-prefork? I'm using apr_thread_create to create a thread, then providing a separate allocator, mutex, pool and similar (all as recommended). But if the mutex stuff is 'optimised out' of my apr library - specifically the pool stuff - all this will be in vain. -- Alex Bligh

Re: thread safety and mpm-prefork

. -- Alex Bligh

Re: thread safety and mpm-prefork

) /* WARNING: pool has no parent */ ( NULL != (obucketallocator = apr_bucket_alloc_create(opool))) ( NULL != (obb = apr_brigade_create(opool, obucketallocator))) ) { -- Alex Bligh

Bucket brigade filter thread safety

see how to use the non-blocking version without spinning). [apologies for the partial dupe on the apache-users mailing list - I think I've got nearer the problem since then and this list seems more appropriate] -- Alex Bligh

Re: Question about APR SHM

Hi Igor, Thanks for the suggestion. I have meanwhile informed the APR developers via the appropriate list. Cheers, Alex Op 08-08-10 21:47, Igor Galić schreef: - Alex Wulms alex.wu...@scarlet.be wrote: Op 31-07-10 18:07, Alex Wulms schreef: Hi, Hi Alex, despite

Re: Question about APR SHM

Op 31-07-10 18:07, Alex Wulms schreef: Hi, I have got a question about APR SHM. The comments of the function apr_shm_baseaddr_get(const apr_shm_t *m) indicate that the resulting address is only valid in the callers address space, since the API does not guarantee that other attaching

Question about APR SHM

ignore it when it concerns an implicit attachment (inherited) by the child process? And is it like that on all supported platforms and not only on Unix (I know for a fact that it is indeed like this on Unix)? Thanks and kind regards, Alex

Re: Error log format configuration syntax

Op 28-07-10 15:41, Rainer Jung schreef: On 28.07.2010 13:44, Dan Poirier wrote: On 2010-07-28 at 03:51, Alex Wulmsalex.wu...@scarlet.be wrote: Hi, While adding some debug log statements to a module I'm working on, I ran into the problem that ap_log_error (in apache 2.2) does not support

Re: Error log format configuration syntax

, status, s, %s, msg); } Cheers, Alex Op 27-07-10 23:11, Stefan Fritsch schreef: On Wednesday 21 July 2010, William A. Rowe Jr. wrote: On 7/21/2010 4:35 PM, Stefan Fritsch wrote: And I agree that a unified logging formatter would be nice, but this is not something

Re: Apache devs attending FOSDEM 2010?

. The protocol may also be useful for mobile internet, as long as 4G is not yet widespread. See http://wiki.laptop.org/go/Apache_Proxy_CRCsync for more details. Cheers, Alex

Re: Apache devs attending FOSDEM 2010?

that very night), but Saturday afternoon or Sunday anytime we can stage a get together. I'll be the guy running around with laptops with green ears ;-) Hi, I prefer Saturday afternoon or evening. Kind regards, Alex

Re: mod_ssl and Transfer-Encoding: chunked wastes ~58 bytes per chunk.

2009/8/20 Roy T. Fielding field...@gbiv.com: On Aug 20, 2009, at 2:01 AM, Alex Stapleton wrote: 2009/8/19 Roy T. Fielding field...@gbiv.com: On Aug 19, 2009, at 9:53 AM, Alex Stapleton wrote: (This has been cross posted to us...@. I apologise if this mail isn't relevant to the dev list

Re: mod_ssl and Transfer-Encoding: chunked wastes ~58 bytes per chunk.

2009/8/21 Alex Stapleton alex.staple...@gmail.com: 2009/8/20 Roy T. Fielding field...@gbiv.com: On Aug 20, 2009, at 2:01 AM, Alex Stapleton wrote: 2009/8/19 Roy T. Fielding field...@gbiv.com: On Aug 19, 2009, at 9:53 AM, Alex Stapleton wrote: (This has been cross posted to us...@. I

Re: mod_ssl and Transfer-Encoding: chunked wastes ~58 bytes per chunk.

2009/8/19 Roy T. Fielding field...@gbiv.com: On Aug 19, 2009, at 9:53 AM, Alex Stapleton wrote: (This has been cross posted to us...@. I apologise if this mail isn't relevant to the dev list.) First some background. We use Apache HTTPD 2.0 over a high-latency, high packet loss GPRS WAN

mod_ssl and Transfer-Encoding: chunked wastes ~58 bytes per chunk.

an actual source code level problem rather than a configuration one, hence why this is posted to users for now. I can provide text dumps from tshark if that would be more illuminating of the patterns I'm seeing. Alex Stapleton

Apache 2.2.0 support?

Hello all--I'm sure this has been a subject of ongoing discussion; but could someone perhaps fill me in on the timeline for adding mod_python support for Apache 2.2.0? I just put together mod_python 3.2.7 and Apache 2.2.0 with Python 2.4.2, and it doesn't really work. Any clues why not, or ideas

2.0.53 on Windows

Forgive me if this has already been mentioned, but I can't find anything in the archives. Is anybody planning on packaging a Windows version of the source files? Thanks, Alex.

Message: winnt_accept: Asynchronous AcceptEx failed.

to me - why log WARNING ? Is it OK to turn it off? Thanks, Alex

RE: Memory leak on Windows [Bugzilla #11427]

anything. Thanks, Alex. Index: server/mpm/winnt/child.c === RCS file: /home/cvspublic/httpd-2.0/server/mpm/winnt/child.c,v retrieving revision 1.9 diff -u -u -r1.9 child.c --- server/mpm/winnt/child.c14 Oct 2002 14:54:45 - 1.9

RE: Memory leak on Windows [Bugzilla #11427]

the memory allocations in the call stack in the hopes that I find something using a pool that doesn't get released. I'm definitely not looking forward to this. Thanks, Alex. On Tue, 17 Dec 2002, Bill Stoddard wrote: I am running 2.0.44-dev (latest snapshot in CVS from just a few minutes ago) and I'm

Memory leak on Windows [Bugzilla #11427]

built that does not end up loading the non-debug msvcrt.dll. Has anybody successfully run the Windows version inside Purify? If so, are there any magic tricks that you could share with me? Thanks, Alex

Re: Vote: mod_jk connector in /experimental

repositories/collections for that sort of thing would best be done on an as-needed, per-platform basis. -alex

Re: [VOTE] Location of aaa rewrite

talking about general principles that I think people should keep in mind.) -alex

Shared memory questions

is finished using it. What is the correct way to go about this? Is it safe/effective to call apr_shm_destroy when other processes may still be using the memory segment? if not, is there some way to tell whether the segment is still in use or not? -alex

Re: 2.0/2.1 split?

this situation is fixed. Until then, 1.3 is still the only Apache server there is. I really hope this situation changes because I really would like to start using 2.0 more. -alex

Questions about filter placement

to that filtering? Thanks, -alex PS: As this subject seems to be a hotbutton for some people (at least it was the last time I brought it up on this list), please don't just respond to this by saying why would you want to do that? or bandwidth limiting doesn't belong in the httpd server! or people have already

Re: Questions about filter placement

together, you will get the rate limit of the 2nd one. As long as they're small, I don't think anybody will care that much, so I can live with that. Thanks a lot for the help, -alex

Re: Questions about filter placement

people know when I have something people might actually want to use :) -alex On Thu, Aug 29, 2002 at 08:06:45AM -0700, Ian Holsman wrote: your trying to limit traffic based on what kind of request/request path it has ? Yes, actually based on vhost, URI, directory, file type, size, user

Re: Questions about filter placement

that at least compiles.. Most of this code isn't even out of my head yet, give me a chance to scribble some of it down before you all try to test it! :) -alex

Re: Questions about filter placement

, tho, because theoretically a client could hold a keepalive connection open long after the last request has finished, and bandwidth would still be being allocated for it.. hmph. -alex

Re: Questions about filter placement

is done, too.. thanks for the suggestion, I'll look into this too. -alex

Re: cvs commit: httpd-2.0/server/mpm/worker worker.c

behind apache-mbox (I take it this is mod_mbox?) might want to take note that it's spitting out invalid URLs.. -alex

Re: Q1: Rollup Release Format - Score So Far...

Graham Leggett wrote: Alex Stewart wrote: There seems to be a big assumption here that release is the same as version, which seems like an unnecessary restriction. Frankly, if these are separate subprojects we're talking about (which it seems pretty clear they're going to be evolving

Re: another map_to_storage gotcha.

not be possible for Directory to override Location with looser permissions. In both cases, access should be determined by the most restrictive specification for a given resource. Doing anything else opens up lots of opportunities for accidental security holes and is just bad design. -alex

Re: [PATCH] performance patch for mod_log_config

if there are long periods without a call, but in that situation it's arguable that the speed of this function probably isn't the largest concern anyway. Just a thought.. -alex

Bandwidth control

there might have before proceeding, so if anybody's got any thoughts on this, please let me know.. -alex