Works with 2.4.x patch:
http://people.apache.org/~ylavic/httpd-2.4.x-ap_http_filter_chunked.patch
-Original Message-
From: Yann Ylavic
Sent: Sunday, June 14, 2015 3:27 AM Newsgroups: gmane.comp.apache.devel
To: dev@httpd.apache.org
Subject: Re: * Re: [VOTE] Release Apache
On Jun 14, 2015, at 8:37 PM, William A Rowe Jr wr...@rowe-clan.net wrote:
On Jun 14, 2015 12:45 PM, Jim Jagielski j...@jagunet.com wrote:
I am canceling this vote... The breakage due to the chunked
stuff is the reason.
THIS is the reason I don't like last-minute changes that
(1)
On Sun, Jun 14, 2015 at 11:09 AM, olli hauer oha...@gmx.de wrote:
On 2015-06-14 02:46, Jeff Trawick wrote:
On Sat, Jun 13, 2015 at 7:42 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sun, Jun 14, 2015 at 1:18 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 6:06 PM, Yann
On 2015-06-14 02:46, Jeff Trawick wrote:
On Sat, Jun 13, 2015 at 7:42 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sun, Jun 14, 2015 at 1:18 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 6:06 PM, Yann Ylavic ylavic@gmail.com
wrote:
I did not look at pr12355.t and
Am 14.06.2015 um 19:17 schrieb Rainer Jung:
[X] -1: Danger Will Robinson. And why.
Not an easy call.
-1 but even more thanks for RMing.
Negative vote due to:
- chance of breaking chunked encoding due to spec intolerance.
s/spec/space/ - Sorry.
Proxy example reported by Steffen plus
Am 11.06.2015 um 16:08 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.14 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[ ] +1: Good to go
[ ] +0: meh
[X] -1: Danger Will
I am canceling this vote... The breakage due to the chunked
stuff is the reason.
THIS is the reason I don't like last-minute changes that
(1) touch a LOT of code or a major code path and (2) has an
extremely limited QA history. We should also patch the test
framework to test for this.
Let's
On Sun, Jun 14, 2015 at 10:08 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sun, Jun 14, 2015 at 7:43 PM, Jim Jagielski j...@jagunet.com wrote:
We should also patch the test
framework to test for this.
It seems that I can't commit on ^/httpd/test/framework, test patch attached...
Applied in
On Jun 14, 2015 12:45 PM, Jim Jagielski j...@jagunet.com wrote:
I am canceling this vote... The breakage due to the chunked
stuff is the reason.
THIS is the reason I don't like last-minute changes that
(1) touch a LOT of code or a major code path and (2) has an
extremely limited QA history.
On Sun, Jun 14, 2015 at 7:43 PM, Jim Jagielski j...@jagunet.com wrote:
We should also patch the test
framework to test for this.
It seems that I can't commit on ^/httpd/test/framework, test patch attached...
framework-chunk_trailing_spaces.patch
Description: application/download
On Sat, Jun 13, 2015 at 7:42 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sun, Jun 14, 2015 at 1:18 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 6:06 PM, Yann Ylavic ylavic@gmail.com
wrote:
I did not look at pr12355.t and pr43738.t yet, however those passed in
On Sat, Jun 13, 2015 at 8:25 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sun, Jun 14, 2015 at 2:18 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 7:52 PM, Yann Ylavic ylavic@gmail.com
wrote:
On Sat, Jun 13, 2015 at 8:49 PM, Jeff Trawick traw...@gmail.com
wrote:
On Sat, Jun 13, 2015 at 7:52 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sat, Jun 13, 2015 at 8:49 PM, Jeff Trawick traw...@gmail.com wrote:
Those that know the original patch would presumably have a better way to
code this.
I recall that httpd 1.3 generally added whitespace after
On Sun, Jun 14, 2015 at 2:18 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 7:52 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sat, Jun 13, 2015 at 8:49 PM, Jeff Trawick traw...@gmail.com wrote:
Those that know the original patch would presumably have a better way to
On Sun, Jun 14, 2015 at 1:18 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 6:06 PM, Yann Ylavic ylavic@gmail.com wrote:
I did not look at pr12355.t and pr43738.t yet, however those passed in
my tests, so it's probably something different.
Just in case it wasn't
On Sat, Jun 13, 2015 at 8:49 PM, Jeff Trawick traw...@gmail.com wrote:
Those that know the original patch would presumably have a better way to
code this.
I recall that httpd 1.3 generally added whitespace after the chunk size as
an optimization (pre-allocating space in BUFF for the largest
On Sun, Jun 14, 2015 at 2:43 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 8:25 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sun, Jun 14, 2015 at 2:18 AM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Jun 13, 2015 at 7:52 PM, Yann Ylavic ylavic@gmail.com
wrote:
On Sat, Jun 13, 2015 at 6:06 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sat, Jun 13, 2015 at 6:51 PM, Rainer Jung rainer.j...@kippdata.de
wrote:
any chance you can reproduce the problem with a slightly patched 2.4.14
to
get additional log output around the suspect code?
The patch
PM
Newsgroups: gmane.comp.apache.devel
To: Apache HTTP Server Development List
Subject: Re: [VOTE] Release Apache httpd 2.4.14 as GA
On Sat, Jun 13, 2015 at 8:31 AM, Steffen i...@apachelounge.com wrote:
Tested with 2.4.13 tarball, then no error.
Wow...
Is anything written to the error log
) to see all the relevant messages.
-Original Message- From: Steffen
Sent: Saturday, June 13, 2015 1:33 PM Newsgroups: gmane.comp.apache.devel
To: dev@httpd.apache.org
Subject: Re: [VOTE] Release Apache httpd 2.4.14 as GA
Regression: All works fine except a Proxy Pass to Sambar
On Thu, Jun 11, 2015 at 10:08 AM, Jim Jagielski j...@jagunet.com wrote:
The pre-release test tarballs for Apache httpd 2.4.14 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[ ] +1: Good to go
[ ]
(or debug or trace) to see all the relevant messages.
-Original Message- From: Steffen
Sent: Saturday, June 13, 2015 1:33 PM Newsgroups: gmane.comp.apache.devel
To: dev@httpd.apache.org
Subject: Re: [VOTE] Release Apache httpd 2.4.14 as GA
Regression: All works fine except
On Thu, Jun 11, 2015 at 4:08 PM, Jim Jagielski j...@jagunet.com wrote:
[X] +1: Good to go
No regression with event and worker, included apr-1.5.2 and apr-util-1.5.4.
Tested systems:
* Debian 8 - amd64
* Debian 7 - amd64
* Debian 6 - amd64
* Debian 6 - amd64 - mixed 32/64bit system/kernel:
:* gmane.comp.apache.devel
*To:* Apache HTTP Server Development List mailto:dev@httpd.apache.org
*Subject:* Re: [VOTE] Release Apache httpd 2.4.14 as GA
On Sat, Jun 13, 2015 at 8:31 AM, Steffen i...@apachelounge.com
mailto:i...@apachelounge.com wrote:
Tested with 2.4.13 tarball, then no error
:* gmane.comp.apache.devel
*To:* Apache HTTP Server Development List
mailto:dev@httpd.apache.org
*Subject:* Re: [VOTE] Release Apache httpd 2.4.14 as GA
On Sat, Jun 13, 2015 at 8:31 AM, Steffen i...@apachelounge.com
mailto:i...@apachelounge.com wrote:
Tested with 2.4.13 tarball, then no error
] Release Apache httpd 2.4.14 as GA
The pre-release test tarballs for Apache httpd 2.4.14 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Robinson. And why.
Vote
Tested with 2.4.13 tarball, then no error.
-Original Message-
From: Steffen
Sent: Saturday, June 13, 2015 1:33 PM Newsgroups: gmane.comp.apache.devel
To: dev@httpd.apache.org
Subject: Re: [VOTE] Release Apache httpd 2.4.14 as GA
Regression: All works fine except a Proxy Pass
When I disable compression in Sambar then it is fine, like with 2.4.13 and
below.
-Original Message-
From: Steffen
Sent: Saturday, June 13, 2015 7:35 PM Newsgroups: gmane.comp.apache.devel
To: dev@httpd.apache.org
Subject: Re: * Re: [VOTE] Release Apache httpd 2.4.14 as GA
:* gmane.comp.apache.devel
*To:* Apache HTTP Server Development List mailto:dev@httpd.apache.org
*Subject:* Re: [VOTE] Release Apache httpd 2.4.14 as GA
On Sat, Jun 13, 2015 at 8:31 AM, Steffen i...@apachelounge.com
mailto:i...@apachelounge.com wrote:
Tested with 2.4.13 tarball, then no error.
Wow
, June 13, 2015 8:16 PM Newsgroups: gmane.comp.apache.devel
To: dev@httpd.apache.org
Subject: Re: * Re: [VOTE] Release Apache httpd 2.4.14 as GA
When I disable compression in Sambar then it is fine, like with 2.4.13 and
below.
-Original Message-
From: Steffen
Sent: Saturday, June
On Sat, Jun 13, 2015 at 9:24 AM, Jeff Trawick traw...@gmail.com wrote:
On Thu, Jun 11, 2015 at 10:08 AM, Jim Jagielski j...@jagunet.com wrote:
The pre-release test tarballs for Apache httpd 2.4.14 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a
On Sat, Jun 13, 2015 at 6:51 PM, Rainer Jung rainer.j...@kippdata.de wrote:
any chance you can reproduce the problem with a slightly patched 2.4.14 to
get additional log output around the suspect code?
The patch would be
Index: modules/http/http_filters.c
On Jun 11, 2015, at 10:08 AM, Jim Jagielski j...@jagunet.com wrote:
The pre-release test tarballs for Apache httpd 2.4.14 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[X] +1: Good to go
Go
+1 to Noels comments. We have a ton of servers running Apache 2.4 with our
control panel. Doing this in a point release will cause us to have to change
our product instead of doing a regular Apache release.
When you have a server with 10k+ SSL vhosts, this can cause massive, unexpected
It doesn't make sense for us to hold up a release when that change has
been in the last several releases however. (That's a high barrier for
making progress.)
There seems to be a 2.4.8 component and an actual 2.4.13 component. Did the
2.4.13 fix make it more frequent.
(fixing my top-post)
On Fri, Jun 12, 2015 at 1:35 PM, Jeff Trawick traw...@gmail.com wrote:
On Fri, Jun 12, 2015 at 1:31 PM, Jeff Trawick traw...@gmail.com wrote:
On Fri, Jun 12, 2015 at 1:25 PM, Rainer Jung rainer.j...@kippdata.de
wrote:
Am 12.06.2015 um 19:12 schrieb William A Rowe Jr:
Revision 1678233 -
Hi Jeff,
Thanks for the response. You’re right, this does look to be in Apache 2.2.12
at this time. I was taking this from CHANGES, and it states:
Changes with Apache 2.4.13
*) mod_ssl: make sure to consistently output SSLCertificateChainFile
deprecation warnings, when encountered in a
Revision 1678233 - (view) (download) (annotate) - [select for diffs]
Modified Thu May 7 16:26:43 2015 UTC (5 weeks, 1 day ago) by jim
File length: 57106 byte(s)
Diff to previous 1674655 (colored)
Merge r1676085 from trunk:
consistently output SSLCertificateChainFile deprecation warnings
Submitted
Am 12.06.2015 um 19:12 schrieb William A Rowe Jr:
Revision 1678233 - (view) (download) (annotate) - [select for diffs]
Modified Thu May 7 16:26:43 2015 UTC (5 weeks, 1 day ago) by jim
File length: 57106 byte(s)
Diff to previous 1674655 (colored)
Merge r1676085 from trunk:
consistently output
On Fri, Jun 12, 2015 at 12:58 PM, Eric Covener cove...@gmail.com wrote:
It doesn't make sense for us to hold up a release when that change has
been in the last several releases however. (That's a high barrier for
making progress.)
There seems to be a 2.4.8 component and an actual 2.4.13
On Fri, Jun 12, 2015 at 12:35 PM, Jacob Perkins jacob.perk...@cpanel.net
wrote:
+1 to Noels comments. We have a ton of servers running Apache 2.4 with
our control panel. Doing this in a point release will cause us to have to
change our product instead of doing a regular Apache release.
There seems to be a 2.4.8 component and an actual 2.4.13 component. Did the
2.4.13 fix make it more frequent?
On Fri, Jun 12, 2015 at 12:49 PM Jeff Trawick traw...@gmail.com wrote:
On Fri, Jun 12, 2015 at 12:35 PM, Jacob Perkins jacob.perk...@cpanel.net
wrote:
+1 to Noels comments. We have
Am 12.06.2015 um 18:48 schrieb Jeff Trawick:
On Fri, Jun 12, 2015 at 12:35 PM, Jacob Perkins
jacob.perk...@cpanel.net mailto:jacob.perk...@cpanel.net wrote:
+1 to Noels comments. We have a ton of servers running Apache 2.4
with our control panel. Doing this in a point release will
On Fri, Jun 12, 2015 at 1:25 PM, Rainer Jung rainer.j...@kippdata.de
wrote:
Am 12.06.2015 um 19:12 schrieb William A Rowe Jr:
Revision 1678233 - (view) (download) (annotate) - [select for diffs]
Modified Thu May 7 16:26:43 2015 UTC (5 weeks, 1 day ago) by jim
File length: 57106 byte(s)
Diff
On Fri, Jun 12, 2015 at 1:31 PM, Jeff Trawick traw...@gmail.com wrote:
On Fri, Jun 12, 2015 at 1:25 PM, Rainer Jung rainer.j...@kippdata.de
wrote:
Am 12.06.2015 um 19:12 schrieb William A Rowe Jr:
Revision 1678233 - (view) (download) (annotate) - [select for diffs]
Modified Thu May 7
Hi,
is the commit message incorrect or the CHANGES file concerning CVE-2015-3183?
The commit message at
https://github.com/apache/httpd/commit/cd2b7a26c776b0754fb98426a67804fd48118708
uses CVE-2015-3183 for the Replacement of ap_some_auth_required,
while the CHANGES uses it for Remove
This is corrected in SVN, see
http://svn.apache.org/viewvc/httpd/httpd/trunk/server/request.c?view=log
Unsure why this edit didn't carry on to the github mirror.
On Thu, Jun 11, 2015 at 11:50 AM, Rainer Canavan
rainer.cana...@sevenval.com wrote:
Hi,
is the commit message incorrect or the
On 12/06/2015 00:08, Jim Jagielski wrote:
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Robinson. And why.
-1
The SSLCertificateChainFile directive () is deprecated,
SSLCertificateFile should be used instead
The
48 matches
Mail list logo