Re: svn commit: r1585609 - /httpd/httpd/trunk/modules/aaa/mod_authz_core.c
I have checked all the calls to ap_expr_parse_cmd() and it seems that
the change in the parser itself is not expected/needed.
Either ap_getword_conf() is implicit (parser called from an AP_TAKEn
or AP_TAKE_ARGV directive), or the caller (AP_RAW_ARGS directive) uses
it explicitly.
Hence that would cause a double unquoting...
There are some special cases though:
- ap_authz_providers as per this commit.
- mod_log_config, mod_log_debug, mod_headers have the expr=... syntax
which does not handle quoted strings;
- mod_rewrite has a special handling of quoted strings, including
RewriteCond expr ... (but it is consistent with all RewriteCond, so
guess it should be kept as is);
The patch proposed in [1] is I think the simplest way to handle the
case for *all* the ap_authz_providers.
Otherwise, we could introduce a new ap_expr_parse_cmd_conf() which
would handle quoted strings and advance the word pointer to the next
one (à la ap_getword_conf() where the word is an expression, either
quoted or until the end of line).
It would then be used by each ap_authz_provider's parser
implementation, and also by mod_{log_config,log_debug,headers} above
for the expr= case.
Something like:
Index: server/util_expr_eval.c
===
--- server/util_expr_eval.c(revision 1674695)
+++ server/util_expr_eval.c(working copy)
@@ -443,20 +443,31 @@ AP_DECLARE(const char *) ap_expr_parse(apr_pool_t
return NULL;
}
-AP_DECLARE(ap_expr_info_t*) ap_expr_parse_cmd_mi(const cmd_parms *cmd,
- const char *expr,
- unsigned int flags,
- const char **err,
- ap_expr_lookup_fn_t
*lookup_fn,
- int module_index)
+AP_DECLARE(ap_expr_info_t*) ap_expr_parse_cmd_conf(const cmd_parms *cmd,
+const char **line,
+unsigned int flags,
+const char **err,
+ap_expr_lookup_fn_t *lookup_fn,
+int module_index)
{
+const char *expr = *line;
+apr_size_t len = strlen(expr);
ap_expr_info_t *info = apr_pcalloc(cmd-pool, sizeof(ap_expr_info_t));
+
info-filename = cmd-directive-filename;
info-line_number = cmd-directive-line_num;
info-flags = flags;
info-module_index = module_index;
+
+if (len 1 (expr[0] == '' || expr[0] == '\'')
+ (expr[len - 1] == expr[0])) {
+expr = ap_getword_conf(cmd-temp_pool, line);
+}
+else {
+*line = expr + len;
+}
+
*err = ap_expr_parse(cmd-pool, cmd-temp_pool, info, expr, lookup_fn);
-
if (*err)
return NULL;
@@ -463,6 +474,17 @@ AP_DECLARE(const char *) ap_expr_parse(apr_pool_t
return info;
}
+AP_DECLARE(ap_expr_info_t*) ap_expr_parse_cmd_mi(const cmd_parms *cmd,
+ const char *expr,
+ unsigned int flags,
+ const char **err,
+ ap_expr_lookup_fn_t
*lookup_fn,
+ int module_index)
+{
+return ap_expr_parse_cmd_conf(cmd, expr, flags, err,
+ lookup_fn, module_index);
+}
+
ap_expr_t *ap_expr_make(ap_expr_node_op_e op, const void *a1, const void *a2,
ap_expr_parse_ctx_t *ctx)
{
--
I prefer the patch from [1] though, because it is simpler and more
centralized for the ap_authz_providers case.
We could likewise use ap_getword_conf() explicitely for the expr=
cases, but they do not look critical to me, and expr=... (with
quotes around the whole) can still be used.
The only advantage I see for the new function would be if we have more
(and more) needs for it...
[1]
http://mail-archives.apache.org/mod_mbox/httpd-dev/201504.mbox/%3ccakq1svpnujfyccuk1qkcaqx6y50qjey-37kdqtkrruzb5hh...@mail.gmail.com%3E
On Fri, Apr 17, 2015 at 10:45 PM, Christophe JAILLET
christophe.jail...@wanadoo.fr wrote:
Hi,
I would +1 for this solution which is, IMHO, much better.
However, changing the parser itself would require checking the potential
impact as it is used in many places.
CJ
Le 17/04/2015 13:15, Yann Ylavic a écrit :
On Fri, Apr 17, 2015 at 11:54 AM, Yann Ylavic ylavic@gmail.com
wrote:
How about handling the case in the Require directive parser itself
(add_authz_provider)?
Or even maybe in the expr parser itself:
Index: server/util_expr_eval.c
===
--- server/util_expr_eval.c(revision 1674046)
+++ server/util_expr_eval.c(working
Re: svn commit: r1585609 - /httpd/httpd/trunk/modules/aaa/mod_authz_core.c
Should I go with this ?
On Fri, Apr 17, 2015 at 11:54 AM, Yann Ylavic ylavic@gmail.com wrote:
How about handling the case in the Require directive parser itself
(add_authz_provider)?
Something like:
Index: modules/aaa/mod_authz_core.c
===
--- modules/aaa/mod_authz_core.c(revision 1674046)
+++ modules/aaa/mod_authz_core.c(working copy)
@@ -393,7 +393,13 @@ static const char *add_authz_provider(cmd_parms *c
section-negate = 1;
}
-section-provider_args = args;
+if (args (args[0] == '' || args[0] == '\'')
+ (args[strlen(args) - 1] == args[0])) {
+section-provider_args = ap_getword_conf(cmd-pool, args);
+}
+else {
+section-provider_args = args;
+}
/* lookup and cache the actual provider now */
section-provider = ap_lookup_provider(AUTHZ_PROVIDER_GROUP,
@@ -425,7 +431,7 @@ static const char *add_authz_provider(cmd_parms *c
AUTHZ_PROVIDER_NAME_NOTE,
apr_pool_cleanup_null,
cmd-temp_pool);
-err = section-provider-parse_require_line(cmd, args,
+err = section-provider-parse_require_line(cmd,
section-provider_args,
section-provider_parsed_args);
if (err)
@@ -1069,16 +1075,6 @@ static const char *expr_parse_config(cmd_parms *cm
const char *expr_err = NULL;
struct require_expr_info *info = apr_pcalloc(cmd-pool, sizeof(*info));
-/* if the expression happens to be surrounded by quotes, skip them */
-if (require_line[0] == '') {
-apr_size_t len = strlen(require_line);
-
-if (require_line[len-1] == '')
-require_line = apr_pstrndup(cmd-temp_pool,
-require_line + 1,
-len - 2);
-}
-
apr_pool_userdata_setn(info, REQUIRE_EXPR_NOTE, apr_pool_cleanup_null,
cmd-temp_pool);
info-expr = ap_expr_parse_cmd(cmd, require_line, 0, expr_err,
--
(the second hunk is a revert of this commit).
Re: ALPN patch comments
On 22.04.2015 18:54, Jim Jagielski wrote: For me the time seems right to rip NPN out of trunk and only backport the ALPN code to 2.4. I'd be +1 for that. So, to get one step further, and since there were no explicit objections to removing NPN support so far (or arguments for keeping it, FWIW), I went ahead and took a stab at this with r1676004. Only tested in terms of compiles both w/ and w/o HAVE_TLS_ALPN, so it certainly needs more eyes before a backport proposal could be made. There's also a TODO: we should have a mod_ssl configuration parameter in ssl_engine_kernel.c which I'm unsure to what it refers. Kaspar
ATS: [VOTE] Release APR 1.5.2
Si Best regards, Martynas Bendorius Jeff Trawick rašė Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing!
ATS: [VOTE] Release APR 1.5.2
Rarr Best regards, Martynas Bendorius Jeff Trawick rašė Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing!
ATS: [VOTE] Release APR 1.5.2
:$ :-SS ,bbbhjb 098!('':- c
Best regards,
Martynas Bendorius
Jeff Trawick rašė
Tarballs/zipfiles are at http://apr.apache.org/dev/dist/
Shortcut to CHANGES:
http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2
autoconf version: 2.69 (same as apr 1.5.1)
libtool version: 2.4.2 (same as apr 1.5.1)
+/-1
[ ] Release APR 1.5.2 as GA
I'll hold the vote open for 72 hours unless something out of the ordinary
occurs.
Thanks in advance for testing!
Re: [VOTE] Release APR 1.5.2
On Sat, Apr 25, 2015 at 9:37 AM, Yann Ylavic ylavic@gmail.com wrote: Hi Jeff, shouldn't this be addressed to dev@apr instead? yes, of course :) On Sat, Apr 25, 2015 at 2:13 PM, Jeff Trawick traw...@gmail.com wrote: Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing! -- Born in Roswell... married an alien... http://emptyhammock.com/
ATS: [VOTE] Release APR 1.5.2
Ef Best regards,Na:- Martynas Bendorius Jeff Trawick rašė Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing!
Re: [VOTE] Release APR 1.5.2
Hi Jeff, shouldn't this be addressed to dev@apr instead? On Sat, Apr 25, 2015 at 2:13 PM, Jeff Trawick traw...@gmail.com wrote: Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing!
Re: ATS: [VOTE] Release APR 1.5.2
I'm very sorry, that was sent from my phone, which was in my pocket... Turning the auto-unlock feature off right now. Thank you. Best regards, Martynas Bendorius On 4/25/15 4:22 PM, Martynas Bendorius wrote: Rarr Best regards, Martynas Bendorius Rarr Best regards, Martynas Bendorius Jeff Trawick rašė Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing! smime.p7s Description: S/MIME Cryptographic Signature
[VOTE] Release APR 1.5.2
Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing!
ATS: [VOTE] Release APR 1.5.2
Best regards, Martynas Bendorius Jeff Trawick rašė Tarballs/zipfiles are at http://apr.apache.org/dev/dist/ Shortcut to CHANGES: http://apr.apache.org/dev/dist/CHANGES-APR-1.5.2 autoconf version: 2.69 (same as apr 1.5.1) libtool version: 2.4.2 (same as apr 1.5.1) +/-1 [ ] Release APR 1.5.2 as GA I'll hold the vote open for 72 hours unless something out of the ordinary occurs. Thanks in advance for testing!
Re: Balancer manager
+1 There are also some neat-o features I added in my notes during ACNA to stick into the balancer manager, too... I plan to get around to them in vague, noncommittal reference to free time as it permits days. -- Daniel Ruggeri On 4/24/2015 7:52 AM, Jim Jagielski wrote: Right now, the balancer manager allows for a member to be disabled/stopped, but it cannot *remove* that member... Seems to me that that would be good, especially since we could always re-use that slot. Comments?
