flood STATUS: -*-text-*-
Last modified at [$Date: 2002/09/06 10:24:42 $]
Release:
1.0: Released July 23, 2002
milestone-03: Tagged January 16, 2002
ASF-transfer: Released July 17, 2001
milestone-02: Tagged August 13,
httpd-test/perl-framework STATUS: -*-text-*-
Last modified at [$Date: 2002/03/09 05:22:48 $]
Stuff to do:
* finish the t/TEST exit code issue (ORed with 0x2C if
framework failed)
* change existing tests that frob the DocumentRoot (e.g.,
Hi,
The following is the tusc output of httpd (2.0.43) + mod_specweb99.c
on HP-UX.. Almost every single request has a gettimeofday system call - is
there any way to avoid it ?. I haven't searched the archives if this
question has already been asked several times - so, please excuse me
MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
The following is the tusc output of httpd (2.0.43) + mod_specweb99.c
on HP-UX.. Almost every single request has a gettimeofday system call - is
there any way to avoid it ?.
The GET /file_set/* requests are just plain ol' static files served by the
I would think that using the http request time would meet the spec and
be easier than your alternatives...
Dave
- Original Message -
From: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, January 23, 2003 4:05 PM
Subject: RE: gettimeofday
I tried that, and I got back error from specweb99 stating that the responses
were not conforming. (or something like that)..
Now, I have a global time variable, that I set once in
specweb99_quick_handler(), and the other two instances, try to use it,
rather than compute again.. The third time()
Graham Leggett wrote:
Hi all,
While testing mod_ldap, I noticed it was creating a shared memory file
like so:
[minfrin@jessica httpd-2.0]$ ls -al /tmp/mod_ldap_cache
-rw-r--r--1 nobody 42949672954 Jan 22 14:09
/tmp/mod_ldap_cache
As others mentioned, that big number has the
Can Trace be disabled im looking through the source and not seeing a flag to
disable this?
Thanks
-MJ
On Thu, Jan 23, 2003 at 09:59:53AM -0500, Johnson, Michael wrote:
Can Trace be disabled im looking through the source and not seeing a flag to
disable this?
Let the over-reacting begin. :-P
(In case someone missed it, the whitepaper for what he's reacting to is
available at
* Johnson, Michael wrote:
Can Trace be disabled im looking through the source and not seeing a flag to
disable this?
per configuration - no.
But a trace request is mostly fulfilled, if there comes *any* answer. So
what should happen? Close the connection? Not very polite ;-)
nd
--
my @japh
Moving to closure on the decision - my sense is that this plan is
acceptable.
Now we can transition to doing the deed. Anybody got enough of an itch
around that code to rescue it?
I'll advocate retiring it otherwise. - ben
On Tuesday, January 21, 2003, at 10:10 AM, Ben Hyde wrote:
Some
Correct this is from that article. Though similar attacks in the past were
done like this with the echo service. I don't think its overreacting
especially with this article out now im sure a number of people will be
playing with this.
Limit Trace did not work hence myself starting to hack into
I would guess some error message should be displayed. Forbidden/ Method not
allowed?
-Original Message-
From: André Malo [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 23, 2003 10:18 AM
To: [EMAIL PROTECTED]
Subject: Re: RFC TRACE
* Johnson, Michael wrote:
Can Trace be
* Johnson, Michael wrote:
I would guess some error message should be displayed. Forbidden/ Method not
allowed?
By the nature of TRACE I don't see that it would make much sense for an
origin server.
For a (mod_)proxy a 405 may be useful for security reasons.
YMMV.
nd
--
my @japh =
On Thu, Jan 23, 2003 at 10:22:16AM -0500, Ben Hyde wrote:
Moving to closure on the decision - my sense is that this plan is
acceptable.
Now we can transition to doing the deed. Anybody got enough of an itch
around that code to rescue it?
I'll advocate retiring it otherwise. - ben
Say you have a reverse proxy server in front of your web server. If you do a
trace to the reverse proxy server that would execute the trace on the web
server revealing that information.
-MJ
-Original Message-
From: André Malo [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 23,
I'd like to integrate it. I guess the best location for now is experimental/ ?
Moving to closure on the decision - my sense is that this plan is
acceptable.
Now we can transition to doing the deed. Anybody got enough of an itch
around that code to rescue it?
I'll advocate retiring it
I think this covers most of the points...
---BeginMessage---
I just finished reading this so-called whitepaper and the press release, and
all I can say is hyped, sensationalised snakeoil.
The HttpOnly cookie feature, a proprietary Microsoft extension designed to
mitigate a single aspect of XSS,
Just to keep people posted. I checked with Ryan and:
1. The code is most assuredly under the Apache License.
2. Ryan is fine with it being merged into httpd
3. The code is 100% assigned to the ASF.
Daniel Lopez wrote:
I'd like to integrate it. I guess the best location for now is
This patch fixes a segfault I see serving files cached by MMapFile.
First request is okay, subsequent request segfaults in an mmap ring
macro during apr_brigade_destroy because the next pointer is null.. I
did not spend time trying to figure out exactly why the next pointer was
null, but
Thomas Eibner wrote:
On Thu, Jan 23, 2003 at 10:22:16AM -0500, Ben Hyde wrote:
Moving to closure on the decision - my sense is that this plan is
acceptable.
Now we can transition to doing the deed. Anybody got enough of an itch
around that code to rescue it?
I'll advocate retiring it
On Thu, Jan 23, 2003 at 11:10:11AM -0500, Bill Stoddard wrote:
Thomas Eibner wrote:
On Thu, Jan 23, 2003 at 10:22:16AM -0500, Ben Hyde wrote:
Moving to closure on the decision - my sense is that this plan is
acceptable.
Now we can transition to doing the deed. Anybody got enough
On Thu, 23 Jan 2003, Bill Stoddard wrote:
This patch fixes a segfault I see serving files cached by MMapFile.
First request is okay, subsequent request segfaults in an mmap ring
macro during apr_brigade_destroy because the next pointer is null.. I
Ahh... right you are. I can explain
What adverse behavior if any will I see on linux if I have a module that forks, and
immediately calls signal(SIGHUP, SIG_IGN) and signal(SIGCLD, SIG_IGN) when using the
worker MPM?
Torin Ford
Venturi Technology Partners
--
__
What adverse behavior if any will I see on linux if I have a module that forks,
and immediately calls signal(SIGHUP, SIG_IGN) and signal(SIGCLD, SIG_IGN) when using
the worker MPM?
It will be propagated to everything you spawn off.
Most programs presume that they can catch children
with
Bill Stoddard wrote:
I am -0 for including it in the httpd repository.
An opinion not without merit. Do other folks feel similarly? (or maybe
Bill want's to put more words into the negative space).
Thomas Eibner wrote:
Why would you want to retire it?
I don't, but repositories with no
* [EMAIL PROTECTED] wrote:
Index: ap_mmn.h
===
RCS file: /home/cvs/httpd-2.0/include/ap_mmn.h,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -u -r1.52 -r1.53
--- ap_mmn.h3 Sep 2002 23:39:43
* Justin Erenkrantz wrote:
--On Friday, January 24, 2003 00:11:22 +0100 André Malo [EMAIL PROTECTED]
wrote:
+ * 20020903.1 (2.0.44-dev) allow_encoded_slashes added to
core_dir_config
This should now be 2.0.45-dev, shouldn't it?
2.1.0-dev. -- justin
*err* yes ...
nd
--
die (eval
Jeff Trawick wrote:
As others mentioned, that big number has the same representation as 32-bit
-1. I checked a couple of systems and gid_t is unsigned 32-bit there,
and Apache treats the number as gid_t internally. The user can code that
big unsigned number for group if they want to.
29 matches
Mail list logo
