The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.3.9 of mod_fcgid, a
FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and
2.4. This version of mod_fcgid is a security release, resolving a
defect that could
Hi Yann,
Am 03.10.2013 15:33, schrieb Yann Ylavic:
On Thu, Oct 3, 2013 at 2:07 PM, Micha Lenk mi...@lenk.info wrote:
Independent from how the HRS issue (CVE-2005-2088) was fixed at that
time, I still believe that it is a bad idea in terms of security to
flush the buffer and forward
On Tue, Oct 8, 2013 at 10:19 AM, j...@apache.org wrote:
Author: jim
Date: Tue Oct 8 14:19:55 2013
New Revision: 1530281
URL: http://svn.apache.org/r1530281
Log:
Merge r1529014 from trunk:
core: Add missing Reason-Phrase in HTTP response headers.
PR 54946.
Submitted by: rjung
Hi,
Some code in trunk still only check for ping_timeout_set without
ping_timeout positive value to handle the heavy ping (CPING/Expect:
100-continue), see patch below.
Regards,
Yann.
Index: modules/proxy/mod_proxy_ajp.c
===
---
The log message was wrong, but the commit was right :)
On Oct 8, 2013, at 10:32 AM, Eric Covener cove...@gmail.com wrote:
On Tue, Oct 8, 2013 at 10:19 AM, j...@apache.org wrote:
Author: jim
Date: Tue Oct 8 14:19:55 2013
New Revision: 1530281
URL: http://svn.apache.org/r1530281
Log:
Does it matter whether or not it's a heavy ping or not?
It doesn't matter what sort of test was used, the socket is down.
On Oct 8, 2013, at 11:53 AM, Yann Ylavic ylavic@gmail.com wrote:
Hi,
Some code in trunk still only check for ping_timeout_set without ping_timeout
positive value to
On Tue, Oct 8, 2013 at 6:26 PM, Jim Jagielski j...@jagunet.com wrote:
Does it matter whether or not it's a heavy ping or not?
It doesn't matter what sort of test was used, the socket is down.
Yes it is down, but for the ajp case for example, that determines the
return value GATEWAY_TIMEOUT vs
Helo,
in the case where a ping is configured in a worker to check backend's
connection (re)usability, ap_proxy_create_hdrbrgd will force
r-expecting_100 (r1516930).
As I understand it, r-expecting_100 relates to the client's connection,
and is used by ap_http_filter to deal with client's
On Tue, Oct 8, 2013 at 7:25 PM, Yann Ylavic ylavic@gmail.com wrote:
Helo,
in the case where a ping is configured in a worker to check backend's
connection (re)usability, ap_proxy_create_hdrbrgd will force
r-expecting_100 (r1516930).
The original commit for is not r1516930 but r986090.
OK, I gotcha now...
Do you have a patch file? tia!
On Oct 8, 2013, at 12:56 PM, Yann Ylavic ylavic@gmail.com wrote:
On Tue, Oct 8, 2013 at 6:26 PM, Jim Jagielski j...@jagunet.com wrote:
Does it matter whether or not it's a heavy ping or not?
It doesn't matter what sort of test was used,
Does the current code *break* anything or is the setting simply redundant?
From what I can see, the setting may not be needed, but it
doesn't cause a bad code path or incorrect behavior.
On Oct 8, 2013, at 1:37 PM, Yann Ylavic ylavic@gmail.com wrote:
On Tue, Oct 8, 2013 at 7:25 PM, Yann
On Oct 8, 2013, at 1:25 PM, Yann Ylavic ylavic@gmail.com wrote:
Helo,
in the case where a ping is configured in a worker to check backend's
connection (re)usability, ap_proxy_create_hdrbrgd will force r-expecting_100
(r1516930).
As I understand it, r-expecting_100 relates to the
I tried the configuration below with httpd trunk:
RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule . - [E=protocol:http]
RewriteCond %{HTTPS} =on
RewriteRule . - [E=protocol:https]
RewriteRule ^/my_app/(.*) %{protocol}://1.2.3.4/my_app/$1 [P]
Sorry.
I got carried away with the generic translation.
I was instead browsing to http://localhost:8080/my_app/
With the results indicated below.
Thanks,
Mike Rumph
On 10/8/2013 1:09 PM, Mike Rumph wrote:
I tried the configuration below with httpd trunk:
RewriteEngine On
Sure, here it is.
Please note 2 chances compared to the previous patch (pasted) :
- the slow path ap_request_has_body used last to compute do_100_continue,
- step Three-and-a-Half moved into step 3, with the associated comment
updated.
For the latter change, it avoids the systematic double-check
Hi Kaspar, Stephen,
So I think where things stand is that the OpenSSL 1.0.2 branch is
capable of handling ServerInfo on a per-algorithm basis, but it's not
clear how to expose this through Apache.
(My previous email was naive, I was thinking maybe Stephen was saying
the current certificate /
16 matches
Mail list logo
