Re: svn commit: r1599625 - /httpd/httpd/trunk/server/mpm/event/event.c

[Christophe JAILLET]

Hi,

now that SO_REUSEPORT has landed on 2.4.x, it is easier to try to synch 
2.4.x and trunk a bit more.


I looked at r1599625 + r1599641, which set the TZ environment variable, 
if unset, in order to have a small performance boost.



First, I've not been able to reproduce the 2% performance boost 
described in the patch.

My system is Ubuntu 15.04 and $TZ is apparently empty.


Second, I don't think that this patch should be backported as-is because 
it may change the timestamp in the log file.



However, I was wondering if we could call tzset() and use tzname[0] or 
tzname[1] instead of the hard coded "UTC+0". According to [1], tzset() 
first looks at TZ, but, if not set, then at the /localtime/ file.
This way, we could define TZ if it can be a performance boost in some 
cases and avoid the change of behavior on existing systems.



However,
  - I don't know if this is portable
  - I'm unsure about how daylight saving time will be handled


Any thought ?

Best regards,
CJ



[1]: http://linux.die.net/man/3/tzset

Le 03/06/2014 17:49, j...@apache.org a écrit :

Author: jim
Date: Tue Jun  3 15:49:25 2014
New Revision: 1599625

URL:http://svn.apache.org/r1599625
Log:
fold in performance hack from eventopt

Modified:
 httpd/httpd/trunk/server/mpm/event/event.c

Modified: httpd/httpd/trunk/server/mpm/event/event.c
URL:http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/event/event.c?rev=1599625=1599624=1599625=diff
==
--- httpd/httpd/trunk/server/mpm/event/event.c (original)
+++ httpd/httpd/trunk/server/mpm/event/event.c Tue Jun  3 15:49:25 2014
@@ -57,6 +57,8 @@
  #include "apr_atomic.h"
  #define APR_WANT_STRFUNC
  #include "apr_want.h"
+#include "apr_env.h"
+
  #include "apr_version.h"
  
  #include 

@@ -2418,6 +2420,25 @@ static void join_start_thread(apr_thread
  }
  }
  
+static void force_set_tz(apr_pool_t *p) {

+/* If the TZ variable is unset, many operationg systems,
+ * such as Linux, will at runtime read from /etc/localtime
+ * and call fstat on it.
+ *
+ * By forcing the time zone to UTC if it is unset, we gain
+ * about 2% in raw requests/second (since we format log files
+ * in the local time, if present)
+ *
+ * For more info, see:
+ *
+ */
+char *v = NULL;
+
+if (apr_env_get(, "TZ", p) != APR_SUCCESS) {
+apr_env_set("TZ", "UTC+0", p);
+}
+}
+
  static void child_main(int child_num_arg)
  {
  apr_thread_t **threads;
@@ -3566,6 +3587,7 @@ static void event_hooks(apr_pool_t * p)
   */
  static const char *const aszSucc[] = { "core.c", NULL };
  one_process = 0;
+force_set_tz(p);
  
  ap_hook_open_logs(event_open_logs, NULL, aszSucc, APR_HOOK_REALLY_FIRST);

  /* we need to set the MPM state before other pre-config hooks use MPM 
query

Re: svn commit: r1705492 - in /httpd/httpd/branches/2.4.x: ./ docs/manual/mod/ include/ server/ server/mpm/event/ server/mpm/netware/ server/mpm/prefork/ server/mpm/winnt/ server/mpm/worker/

[Ruediger Pluem]

On 09/27/2015 12:20 AM, minf...@apache.org wrote:
> Author: minfrin
> Date: Sat Sep 26 22:20:14 2015
> New Revision: 1705492
> 
> URL: http://svn.apache.org/viewvc?rev=1705492=rev
> Log:
> MPMs: Support SO_REUSEPORT to create multiple duplicated listener
> records for scalability.
> 
> Submitted by: Yingqi Lu , Jeff Trawick,
>   Jim Jagielski, Yann Ylavic
> 
> Reviewed by: ylavic, jim, minfrin
> 
> Modified:
> httpd/httpd/branches/2.4.x/CHANGES
> httpd/httpd/branches/2.4.x/STATUS
> httpd/httpd/branches/2.4.x/docs/manual/mod/mpm_common.xml
> httpd/httpd/branches/2.4.x/include/ap_listen.h
> httpd/httpd/branches/2.4.x/include/ap_mmn.h
> httpd/httpd/branches/2.4.x/include/http_log.h
> httpd/httpd/branches/2.4.x/include/scoreboard.h
> httpd/httpd/branches/2.4.x/server/listen.c
> httpd/httpd/branches/2.4.x/server/log.c
> httpd/httpd/branches/2.4.x/server/mpm/event/event.c
> httpd/httpd/branches/2.4.x/server/mpm/netware/mpm_netware.c
> httpd/httpd/branches/2.4.x/server/mpm/prefork/prefork.c
> httpd/httpd/branches/2.4.x/server/mpm/winnt/mpm_winnt.c
> httpd/httpd/branches/2.4.x/server/mpm/worker/worker.c
> 

> Modified: httpd/httpd/branches/2.4.x/include/ap_mmn.h
> URL: 
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/include/ap_mmn.h?rev=1705492=1705491=1705492=diff
> ==
> --- httpd/httpd/branches/2.4.x/include/ap_mmn.h (original)
> +++ httpd/httpd/branches/2.4.x/include/ap_mmn.h Sat Sep 26 22:20:14 2015
> @@ -445,6 +445,11 @@
>   * 20120211.46 (2.4.13-dev) Add ap_map_http_request_error()
>   * 20120211.47 (2.4.13-dev) Add ap_some_authn_required, ap_force_authn hook.
>   *  Deprecate broken ap_some_auth_required.
> + * 20120211.48 (2.4.13-dev) Added ap_log_mpm_common().
> + * 20120211.49 (2.4.13-dev) Add listener bucket in scoreboard.h's 
> process_score.
> + * 20120211.50 (2.4.13-dev) Add ap_set_listencbratio(), 
> ap_close_listeners_ex(),
> + *  ap_duplicate_listeners(), ap_num_listen_buckets 
> and
> + *  ap_have_so_reuseport to ap_listen.h.
>   */


Shouldn't this be 2.4.17-dev instead of 1.4.13-dev?

Regards

Rüdiger

Re: http/2 in 2.4.x

[William A Rowe Jr]

On Mon, Sep 28, 2015 at 8:46 AM, Jim Jagielski  wrote:

Unless someone beats me to it, I'll work on that later on today.
>


> > On Sep 28, 2015, at 9:43 AM, Graham Leggett  wrote:
> >
> > On 28 Sep 2015, at 3:38 PM, Mads Toftum  wrote:
> >
> >> I wish you'd go with mod_http2 both to make it obvious what the module
> >> does (avoid confusion with H2 database) and because that's how other
> >> protocol modules like mod_http and mod_ftp are named.
> >
> > +1.
>

+0.9, I found the mod_h2 module name really charming, but this is more
descriptive.

Re: http/2 in 2.4.x

[Jim Jagielski]

All done locally... waiting for SVN to come back up.

Re: svn commit: r1705492 - in /httpd/httpd/branches/2.4.x: ./ docs/manual/mod/ include/ server/ server/mpm/event/ server/mpm/netware/ server/mpm/prefork/ server/mpm/winnt/ server/mpm/worker/

[Yann Ylavic]

On Mon, Sep 28, 2015 at 9:54 PM, Ruediger Pluem  wrote:
>
>
> On 09/27/2015 12:20 AM, minf...@apache.org wrote:
>> Author: minfrin
>> Date: Sat Sep 26 22:20:14 2015
>> New Revision: 1705492
>>
>> URL: http://svn.apache.org/viewvc?rev=1705492=rev
>> Log:
>> MPMs: Support SO_REUSEPORT to create multiple duplicated listener
>> records for scalability.
>>
>> Submitted by: Yingqi Lu , Jeff Trawick,
>>   Jim Jagielski, Yann Ylavic
>>
>> Reviewed by: ylavic, jim, minfrin
>>
>> Modified:
>> httpd/httpd/branches/2.4.x/CHANGES
>> httpd/httpd/branches/2.4.x/STATUS
>> httpd/httpd/branches/2.4.x/docs/manual/mod/mpm_common.xml
>> httpd/httpd/branches/2.4.x/include/ap_listen.h
>> httpd/httpd/branches/2.4.x/include/ap_mmn.h
>> httpd/httpd/branches/2.4.x/include/http_log.h
>> httpd/httpd/branches/2.4.x/include/scoreboard.h
>> httpd/httpd/branches/2.4.x/server/listen.c
>> httpd/httpd/branches/2.4.x/server/log.c
>> httpd/httpd/branches/2.4.x/server/mpm/event/event.c
>> httpd/httpd/branches/2.4.x/server/mpm/netware/mpm_netware.c
>> httpd/httpd/branches/2.4.x/server/mpm/prefork/prefork.c
>> httpd/httpd/branches/2.4.x/server/mpm/winnt/mpm_winnt.c
>> httpd/httpd/branches/2.4.x/server/mpm/worker/worker.c
>>
>
>> Modified: httpd/httpd/branches/2.4.x/include/ap_mmn.h
>> URL: 
>> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/include/ap_mmn.h?rev=1705492=1705491=1705492=diff
>> ==
>> --- httpd/httpd/branches/2.4.x/include/ap_mmn.h (original)
>> +++ httpd/httpd/branches/2.4.x/include/ap_mmn.h Sat Sep 26 22:20:14 2015
>> @@ -445,6 +445,11 @@
>>   * 20120211.46 (2.4.13-dev) Add ap_map_http_request_error()
>>   * 20120211.47 (2.4.13-dev) Add ap_some_authn_required, ap_force_authn hook.
>>   *  Deprecate broken ap_some_auth_required.
>> + * 20120211.48 (2.4.13-dev) Added ap_log_mpm_common().
>> + * 20120211.49 (2.4.13-dev) Add listener bucket in scoreboard.h's 
>> process_score.
>> + * 20120211.50 (2.4.13-dev) Add ap_set_listencbratio(), 
>> ap_close_listeners_ex(),
>> + *  ap_duplicate_listeners(), ap_num_listen_buckets 
>> and
>> + *  ap_have_so_reuseport to ap_listen.h.
>>   */
>
>
> Shouldn't this be 2.4.17-dev instead of 1.4.13-dev?

Right, fixed in r1705759.

Thanks,
Yann.

Re: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS

[William A Rowe Jr]

On Mon, Sep 28, 2015 at 7:53 AM, Graham Leggett  wrote:

> On 28 Sep 2015, at 2:46 PM, Eric Covener  wrote:
>
> >> + ylavic: Should we really change the (implicit) default in 2.4.x at
> >> + this stage (and potentially break existing configuratios
> w/o
> >> + SSLProtocol which used to work with SSLv3 only capable
> clients)?
> >
> > I think the right thing to do here is to break them.
>
> There are two ways to look at this:
>
> - The existence of SSLv3 is a security hole, and for the security hole to
> be fixed, it must be removed from httpd.
>
> - The existence of SSLv3 is a security hole, but the fix may DoS people.
> Emit loud warnings on startup that SSLv3 should be removed from the config
> (and possibly that SSLv3 will be removed completely in future patch release
> Y).
>

By which we mean TTLv1.0/SSLv3 because there is so little technical
difference between them.

Strongly -1 to "fixing" SSLv3 unless we apply the identical change to
TLSv1.0.

I am so strongly torn in both directions that I'm unable to offer a single
opinion.  My only thought is that if updating to 2.4.18 "breaks things" -
that tarnishes our reputation, leaving an unwise protocol enabled "by
default" - also tarnishes our reputation.  The only thing that bends my
opinion slightly is that - if we discourage users to move to 2.4.18 by
making it harder to keep their entire systems operational - we grow another
stagnant pool of "httpd 1.3"-style users out there in perpetuity.

AW: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS

[Plüm , Rüdiger , Vodafone Group]

> -Ursprüngliche Nachricht-
> Von: Eric Covener [mailto:cove...@gmail.com]
> Gesendet: Montag, 28. September 2015 19:00
> An: Apache HTTP Server Development List 
> Betreff: Re: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS
> 
> On Mon, Sep 28, 2015 at 12:33 PM, William A Rowe Jr  clan.net> wrote:
> > By which we mean TTLv1.0/SSLv3 because there is so little technical
> > difference between them.
> 
> AORN {
> I think there is enough difference to disable one by default and not
> the other.  The final straw for SSLv3 was POODLE. But POODLE on TLS
> 1.0 was fixable/fixed. The qualsys TLS best practice doc
> differentiates them, and the scanner dings you seriously for SSLv3 and
> not at all for TLS1.0.   From my own support work, anecdotally,
> commercial scan tools seem to treat things the same as qualsys.
> }
> 

+1. SSLv3 and TLS 1.0 are close, but there are some differences and the ability 
to prevent POODLE is (an important) one of them.

Regards

Rüdiger

Re: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS

[Eric Covener]

On Mon, Sep 28, 2015 at 12:33 PM, William A Rowe Jr  wrote:
> By which we mean TTLv1.0/SSLv3 because there is so little technical
> difference between them.

AORN {
I think there is enough difference to disable one by default and not
the other.  The final straw for SSLv3 was POODLE. But POODLE on TLS
1.0 was fixable/fixed. The qualsys TLS best practice doc
differentiates them, and the scanner dings you seriously for SSLv3 and
not at all for TLS1.0.   From my own support work, anecdotally,
commercial scan tools seem to treat things the same as qualsys.
}

-- 
Eric Covener
cove...@gmail.com

Re: svn commit: r1705492 - in /httpd/httpd/branches/2.4.x: ./ docs/manual/mod/ include/ server/ server/mpm/event/ server/mpm/netware/ server/mpm/prefork/ server/mpm/winnt/ server/mpm/worker/

[Marion & Christophe JAILLET]

Le 28/09/2015 21:54, Ruediger Pluem a écrit :

Modified: httpd/httpd/branches/2.4.x/include/ap_mmn.h
URL: 
http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/include/ap_mmn.h?rev=1705492=1705491=1705492=diff
==
--- httpd/httpd/branches/2.4.x/include/ap_mmn.h (original)
+++ httpd/httpd/branches/2.4.x/include/ap_mmn.h Sat Sep 26 22:20:14 2015
@@ -445,6 +445,11 @@
   * 20120211.46 (2.4.13-dev) Add ap_map_http_request_error()
   * 20120211.47 (2.4.13-dev) Add ap_some_authn_required, ap_force_authn hook.
   *  Deprecate broken ap_some_auth_required.
+ * 20120211.48 (2.4.13-dev) Added ap_log_mpm_common().
+ * 20120211.49 (2.4.13-dev) Add listener bucket in scoreboard.h's 
process_score.
+ * 20120211.50 (2.4.13-dev) Add ap_set_listencbratio(), 
ap_close_listeners_ex(),
+ *  ap_duplicate_listeners(), ap_num_listen_buckets and
+ *  ap_have_so_reuseport to ap_listen.h.
   */
Shouldn't this be 2.4.17-dev instead of 1.4.13-dev?

Regards

Rüdiger


+1

I also spotted it yesterday while looking at potential backport proposal 
for 2.4.x

BTW, 20120211.47 should be 2.4.14-dev

CJ

Errors on trunk

[Jim Jagielski]

mod_proxy_balancer.c:1260:30: error: address of array 'balancer->s->sticky' 
will always evaluate to 'true'
  [-Werror,-Wpointer-bool-conversion]
if (balancer->s->sticky) {
~~  ~^~
mod_proxy_balancer.c:1277:30: error: address of array 'balancer->s->sticky' 
will always evaluate to 'true'
  [-Werror,-Wpointer-bool-conversion]
if (balancer->s->sticky) {
~~  ~^~
mod_proxy_balancer.c:1514:30: error: address of array 'balancer->s->vhost' will 
always evaluate to 'true'
  [-Werror,-Wpointer-bool-conversion]
if (balancer->s->vhost && *(balancer->s->vhost)) {
~^ ~~
3 errors generated.

Re: AW: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS

[William A Rowe Jr]

On Sep 28, 2015 1:08 PM, "Plüm, Rüdiger, Vodafone Group" <
ruediger.pl...@vodafone.com> wrote:
>
>
>
> > -Ursprüngliche Nachricht-
> > Von: Eric Covener [mailto:cove...@gmail.com]
> > Gesendet: Montag, 28. September 2015 19:00
> > An: Apache HTTP Server Development List 
> > Betreff: Re: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS
> >
> > On Mon, Sep 28, 2015 at 12:33 PM, William A Rowe Jr  > clan.net> wrote:
> > > By which we mean TTLv1.0/SSLv3 because there is so little technical
> > > difference between them.
> >
> > AORN {
> > I think there is enough difference to disable one by default and not
> > the other.  The final straw for SSLv3 was POODLE. But POODLE on TLS
> > 1.0 was fixable/fixed. The qualsys TLS best practice doc
> > differentiates them, and the scanner dings you seriously for SSLv3 and
> > not at all for TLS1.0.   From my own support work, anecdotally,
> > commercial scan tools seem to treat things the same as qualsys.
> > }
> >
>
> +1. SSLv3 and TLS 1.0 are close, but there are some differences and the
ability to prevent POODLE is (an important) one of them.

Agreed that the padding issue was the most critical.

If folks really want to support TLS 1.0 and not SSLv3 as a default, I'm not
going to stand in the way, but am still -0.5 on the inconsistency.

Re: svn commit: r1705695 - /httpd/httpd/trunk/docs/manual/mod/mod_h2.xml

[Eric Covener]

please revise as desired, just wanted to get something started

On Mon, Sep 28, 2015 at 10:03 AM,   wrote:
> Author: covener
> Date: Mon Sep 28 14:03:27 2015
> New Revision: 1705695
>
> URL: http://svn.apache.org/viewvc?rev=1705695=rev
> Log:
> add an experimental warning to h2 docs
>
>
>
> Modified:
> httpd/httpd/trunk/docs/manual/mod/mod_h2.xml
>
> Modified: httpd/httpd/trunk/docs/manual/mod/mod_h2.xml
> URL: 
> http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_h2.xml?rev=1705695=1705694=1705695=diff
> ==
> --- httpd/httpd/trunk/docs/manual/mod/mod_h2.xml (original)
> +++ httpd/httpd/trunk/docs/manual/mod/mod_h2.xml Mon Sep 28 14:03:27 2015
> @@ -35,6 +35,12 @@
>  This module relies on http://nghttp2.org/;>libnghttp2
>  to provide the core http/2 engine.
>
> +Warning
> +  This module is experimental. Its behaviors, directives, and
> +  defaults are subject to more frequent and change from release to
> +  release relative to other standard modules. Users are encouraged to
> +  consult the "CHANGES" file for potential updates.
> +
>  
>
>  
>
>



-- 
Eric Covener
cove...@gmail.com

Re: [Patch] Async write completion for the full connection filter stack

[Jim Jagielski]

This is super cool magic mojo.

> On Sep 27, 2015, at 2:41 PM, Graham Leggett  wrote:
> 
> Hi all,
> 
> I think I have cracked the async problem for both request and connection 
> output filters with this patch.
> 
> It provides three new functions:
> 
> - ap_filter_reinstate_brigade() - Used at the start of a filter, brigades 
> that were set aside earlier are reinstated for sending.
> 
> - ap_filter_should_yield() - Returns true if downstream filters have set 
> aside data. A filter would typically respond by setting aside the data it is 
> working with and returning in the expectation of being called again.
> 
> - ap_filter_setaside_brigade() - Used at the end of a filter, any brigades 
> that were not processed can be set aside to continue the job when called 
> later.
> 
> The magic happens in the MPM itself. The first time 
> ap_filter_setaside_brigade() is called the filter is added to a hashtable and 
> a cleanup is registered to have the filter removed when the request and/or 
> connection is cleared. The MPM iterates through this hashtable, and sends 
> empty brigades to any filter with setaside data.
> 
> Key to this technique is that existing filters remain unaffected - in the 
> absence of any changes to a filter the whole brigade will be processed and 
> sent downstream, and existing behaviour is maintained. Same with FLUSH 
> buckets - as expected, flush behaviour remains unchanged.
> 
> If however the filters in the chain are able to setaside buckets, they can 
> defer themselves to the write completion phase which in turn can take full 
> advantage of the event MPM. These filters will be expected to handle an empty 
> brigade to “kick” them back into life and continue the writing of their 
> setaside data. As soon as their setaside brigade becomes empty the kicks then 
> stop. All filters with setaside data get kicked exactly once, so none of the 
> filters should get starved. Filters that are removed from the stack get their 
> setaside emptied, and so become ineligible for kicks. When the pool cleanup 
> gets triggered, the filter is permanently removed from the connection and 
> disappears.
> 
> Over and above the network filter the first filter to be modified is mod_ssl, 
> and this will allow files served over SSL to take advantage of write 
> completion. Another filter that will benefit from using the above calls is 
> mod_deflate.
> 
> I have an additional goal of adding an ap_filter_suspend() method that will 
> allow us to suspend a filter for a given period of time or until some 
> callback is triggered, but that will be a separate patch.
> 
> Regards,
> Graham
> --
> 

Re: svn commit: r1705571 - /httpd/httpd/branches/2.4.x/STATUS

[Stefan Eissing]

Adding comment 
"Added ap_parse_token_list_strict() to httpd.h"
and applied patch to http/branches/2.4.17-protocols-http2

//Stefan

> Am 27.09.2015 um 22:36 schrieb j...@apache.org:
> 
> Author: jim
> Date: Sun Sep 27 20:36:10 2015
> New Revision: 1705571
> 
> URL: http://svn.apache.org/viewvc?rev=1705571=rev
> Log:
> OK
> 
> 
> Modified:
>httpd/httpd/branches/2.4.x/STATUS
> 
> Modified: httpd/httpd/branches/2.4.x/STATUS
> URL: 
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1705571=1705570=1705571=diff
> ==
> --- httpd/httpd/branches/2.4.x/STATUS (original)
> +++ httpd/httpd/branches/2.4.x/STATUS Sun Sep 27 20:36:10 2015
> @@ -204,6 +204,7 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
>  2.4.x patch: 
> https://raw.githubusercontent.com/icing/mod_h2/master/sandbox/httpd/patches/core-protocols-v4.patch
>  +1: icing, jim
>  minfrin: +1 with proposed MMN bump at 
> https://people.apache.org/~minfrin/core-protocols-mmn.patch
> +   +1: jim
> 
>   *) mod_h2: add HTTP/2 support to httpd, depends on core/mod_ssl changes 
> above
>  2.4.x branch for this and core/mod_ssl: 
> https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.17-protocols-http2
> 
> 

Re: svn commit: r1705492 - in /httpd/httpd/branches/2.4.x: ./ docs/manual/mod/ include/ server/ server/mpm/event/ server/mpm/netware/ server/mpm/prefork/ server/mpm/winnt/ server/mpm/worker/

[Yann Ylavic]

On Sun, Sep 27, 2015 at 8:20 AM, Marion & Christophe JAILLET
 wrote:
>
> should r1629916 also be included?
> The changelog says that it is a follow up to r1629909, which is included in
> the patch below.

My bad, I forgot to include it in the backport proposal/patch (this is
harmless though).
Follow up proposed in r1705614.

Re: [Patch] Async write completion for the full connection filter stack

[Graham Leggett]

On 27 Sep 2015, at 8:41 PM, Graham Leggett  wrote:

> I think I have cracked the async problem for both request and connection 
> output filters with this patch.

Well, cracked the async problem for all file buckets and non-morphing buckets, 
morphing buckets will currently still be flushed.

The solution to that seems to be to try keep a morphing bucket from reaching 
the connection filters. A morphing bucket can safely be set aside in a request 
filter without any problems with pools. If a filter existed at the end of the 
request filters that detected morphing buckets and read them before sending 
them downstream, that filter could safely set aside the rest of the morphing 
bucket without being forced to read the whole thing in (and thus block). If the 
filter received a flush the whole thing gets sent and we block, but that’s what 
flush means so that’s fine.

Patch to follow.

Regards,
Graham
—

Re: svn commit: r1705695 - /httpd/httpd/trunk/docs/manual/mod/mod_h2.xml

[Mike Rumph]

See below:

On 9/28/2015 7:03 AM, Eric Covener wrote:

Modified: httpd/httpd/trunk/docs/manual/mod/mod_h2.xml
URL: 
http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_h2.xml?rev=1705695=1705694=1705695=diff
==
--- httpd/httpd/trunk/docs/manual/mod/mod_h2.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_h2.xml Mon Sep 28 14:03:27 2015
@@ -35,6 +35,12 @@
  This module relies on http://nghttp2.org/;>libnghttp2
  to provide the core http/2 engine.

+Warning
+  This module is experimental. Its behaviors, directives, and
+  defaults are subject to more frequent and change from release to

more frequent what?

+  release relative to other standard modules. Users are encouraged to
+  consult the "CHANGES" file for potential updates.
+
  

http/2 in 2.4.x

[Jim Jagielski]

I have folded the mod_h2-http/2 stuff into 2.4.x... Right now
we are in that middle state where we were trying to figure out
whether it's mod_h2 or http2, and hence _h2_module or _http2_module.

Currently, both trunk and 2.4.x are broken when building w/ h2
since it tries to include *both* _h2_module AND _http2_module.

Recall that h2 is CTR on 2.4.x

Re: http/2 in 2.4.x

[Stefan Eissing]

Jim,

woot! Thx for backporting!

> Am 28.09.2015 um 15:27 schrieb Jim Jagielski :
> 
> I have folded the mod_h2-http/2 stuff into 2.4.x... Right now
> we are in that middle state where we were trying to figure out
> whether it's mod_h2 or http2, and hence _h2_module or _http2_module.
> 
> Currently, both trunk and 2.4.x are broken when building w/ h2
> since it tries to include *both* _h2_module AND _http2_module.
> 
> Recall that h2 is CTR on 2.4.x

bytes GmbH
Hafenweg 16, 48155 Münster, Germany
Phone: +49 251 2807760. Amtsgericht Münster: HRB5782

Re: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS

[Eric Covener]

On Mon, Sep 28, 2015 at 4:50 AM,   wrote:
> Author: ylavic
> Date: Mon Sep 28 08:50:46 2015
> New Revision: 1705618
>
> URL: http://svn.apache.org/viewvc?rev=1705618=rev
> Log:
> Compatibility issue?
>
> Modified:
> httpd/httpd/branches/2.4.x/STATUS
>
> Modified: httpd/httpd/branches/2.4.x/STATUS
> URL: 
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1705618=1705617=1705618=diff
> ==
> --- httpd/httpd/branches/2.4.x/STATUS (original)
> +++ httpd/httpd/branches/2.4.x/STATUS Mon Sep 28 08:50:46 2015
> @@ -281,6 +281,9 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
>   trunk patch: https://svn.apache.org/r1703952
>   2.4.x patch: 
> https://people.apache.org/~kbrand/mod_ssl-2.4.x-disable-sslv3.diff
>   +1: kbrand
> + ylavic: Should we really change the (implicit) default in 2.4.x at
> + this stage (and potentially break existing configuratios w/o
> + SSLProtocol which used to work with SSLv3 only capable clients)?
>
>*) mod_alias: Introduce expression parser support for Alias, ScriptAlias
>   and Redirect. Limit Redirect expressions to directory (Location) context


I think the right thing to do here is to break them.

Re: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS

[Graham Leggett]

On 28 Sep 2015, at 2:46 PM, Eric Covener  wrote:

>> + ylavic: Should we really change the (implicit) default in 2.4.x at
>> + this stage (and potentially break existing configuratios w/o
>> + SSLProtocol which used to work with SSLv3 only capable 
>> clients)?
> 
> I think the right thing to do here is to break them.

There are two ways to look at this:

- The existence of SSLv3 is a security hole, and for the security hole to be 
fixed, it must be removed from httpd.

- The existence of SSLv3 is a security hole, but the fix may DoS people. Emit 
loud warnings on startup that SSLv3 should be removed from the config (and 
possibly that SSLv3 will be removed completely in future patch release Y).

Regards,
Graham
—

Re: http/2 in 2.4.x

[Mads Toftum]

On Mon, Sep 28, 2015 at 09:27:55AM -0400, Jim Jagielski wrote:
> I have folded the mod_h2-http/2 stuff into 2.4.x... Right now
> we are in that middle state where we were trying to figure out
> whether it's mod_h2 or http2, and hence _h2_module or _http2_module.
> 
> Currently, both trunk and 2.4.x are broken when building w/ h2
> since it tries to include *both* _h2_module AND _http2_module.
> 
I wish you'd go with mod_http2 both to make it obvious what the module
does (avoid confusion with H2 database) and because that's how other
protocol modules like mod_http and mod_ftp are named.

vh

Mads Toftum
-- 
http://flickr.com/photos/q42/

Re: http/2 in 2.4.x

[Graham Leggett]

On 28 Sep 2015, at 3:38 PM, Mads Toftum  wrote:

> I wish you'd go with mod_http2 both to make it obvious what the module
> does (avoid confusion with H2 database) and because that's how other
> protocol modules like mod_http and mod_ftp are named.

+1.

Regards,
Graham
—

AW: http/2 in 2.4.x

[Plüm , Rüdiger , Vodafone Group]

+1 

Regards

Rüdiger

> -Ursprüngliche Nachricht-
> Von: Graham Leggett [mailto:minf...@sharp.fm]
> Gesendet: Montag, 28. September 2015 15:44
> An: dev@httpd.apache.org
> Betreff: Re: http/2 in 2.4.x
> 
> On 28 Sep 2015, at 3:38 PM, Mads Toftum  wrote:
> 
> > I wish you'd go with mod_http2 both to make it obvious what the module
> > does (avoid confusion with H2 database) and because that's how other
> > protocol modules like mod_http and mod_ftp are named.
> 
> +1.
> 
> Regards,
> Graham
> —

Re: http/2 in 2.4.x

[Jim Jagielski]

Unless someone beats me to it, I'll work on that later on today.
> On Sep 28, 2015, at 9:43 AM, Graham Leggett  wrote:
> 
> On 28 Sep 2015, at 3:38 PM, Mads Toftum  wrote:
> 
>> I wish you'd go with mod_http2 both to make it obvious what the module
>> does (avoid confusion with H2 database) and because that's how other
>> protocol modules like mod_http and mod_ftp are named.
> 
> +1.
> 
> Regards,
> Graham
> —
>