Re: svn commit: r930125 - in /httpd/httpd/trunk: CHANGES modules/proxy/mod_proxy.c modules/proxy/mod_proxy.h modules/proxy/mod_proxy_balancer.c

On 8/19/2010 7:57 PM, Jeff Trawick wrote: On Tue, Jul 20, 2010 at 10:59 AM, Daniel Ruggeri drugg...@primary.net mailto:drugg...@primary.net wrote: On 7/16/2010 10:37 AM, Jeff Trawick wrote: On Fri, Jul 16, 2010 at 11:27 AM, William A. Rowe Jr. wr...@rowe-clan.net

Trying to drum up interest in this patch

to this again in hopes of making the 2.2.17 release. P.S. I would love to include details of this patch in my ApacheConNA 2010 session as it helps address some of the shortfalls the intelligence shortfalls. -- -- Daniel Ruggeri

Re: Trying to drum up interest in this patch

On 10/5/2010 8:56 PM, William A. Rowe Jr. wrote: On 10/5/2010 5:41 PM, Daniel Ruggeri wrote: All; With the talk about a 2.2.17 coming soon, I would very much like to get the remaining requisite votes and implementation of the patch (48939 - in STATUS currently) I had submitted

Re: mod_proxy: optimising ProxyPass per directory

simpler to handle. Regards, Graham -- I like this idea quite a bit. I am not able to look at the codebase right now, but could this work the same for ProxyPassReverse? -- Daniel Ruggeri

Re: mod_ssl's proxy support: make it per directory

third party proxy modules for httpd. -- Daniel Ruggeri

Re: Proposed: PKI Authentication for secure web access

a leap of faith at some point to trust that the user sitting at the keyboard is who they say they are. -- Daniel Ruggeri

Removing passwords from the conf file

before I put together a bug report and send in a patch? P.S. I am opposed to mod_ssl's check that the argument to SSLPassPhraseDialog exec:blah is a file. This prevents calling an arbitrary executable with parameters. Thoughts? -- -- Daniel Ruggeri

Re: Removing passwords from the conf file

On 11/21/2010 2:38 AM, Stefan Fritsch wrote: On Sat, 20 Nov 2010, Daniel Ruggeri wrote: In mod_ssl there is a very handy option of making an exec callout for SSLPassPhraseDialog rather than to put a password for your private key in the conf file. The obvious benefit here is that one can

Making mod_proxy_http more aware of SSL

and file components of A tag in CHANGES would be appreciated: *) Proxy: Detect SSL handshake failures during proxy pass attempts and place backend in error state. PR 50332. [Daniel Ruggeri DRuggeri primary.net] -- -- Daniel Ruggeri Index: httpd-trunk/modules/proxy/mod_proxy_http.c

Re: Making mod_proxy_http more aware of SSL

your suggested message after marking the workers to be in error state. -- Daniel Ruggeri Index: httpd-2.2.x/STATUS === --- httpd-2.2.x/STATUS (revision 1037345) +++ httpd-2.2.x/STATUS (working copy) @@ -184,6 +184,14

Re: Making mod_proxy_http more aware of SSL

expired and the first backend is retried. IMO, SSL handshake failures should be detected during connection so we could attempt another backend but I am not sure that's possible. -- Daniel Ruggeri

Re: Making mod_proxy_http more aware of SSL

ap_proxy_http_process_response would definitely be redundant! Thank you very much for catching it (and explaining this to me). I have updated the patches and bug report and attached the updates for reference. -- Daniel Ruggeri Index: httpd-2.2.x/STATUS

STATUS proposal for 2.2.x

Good day, all; I would appreciate it if a committer could spare a moment to patch the 2.2 STATUS file to include this as a proposal (a +1 would be really great, too). For reference, the patch is also attached. The trunk patch was applied in r1039304. -- -- Daniel Ruggeri Index: httpd-2.2

Re: Flip default of Header directive to always from onsuccess

this is a holdover from older releases where some of these directives had Error* equivalents. I fully support this! -- Daniel Ruggeri

Some love for balancer manager?

During Rich's ApacheCon presentation he mentioned that some much needed love for the balancer manager was on its way... is anyone working on this currently? I'm not seeing anything in the released alphas and would be happy to be a guinea pig to do some testing/give thoughts. -- -- Daniel

Re: millisecond timeouts in mod_proxy mod_proxy_http

rule if timeout occurs FWIW, Jim, I'm a big fan of this part. -- Daniel Ruggeri

Re: balancer worker status

in the long run, but rather as direct HTTP GET requests (need to make it more REST though)... +1 on the checkbox idea for the exact reason you mentioned. -- Daniel Ruggeri

Re: mod_reqtimeout logging

a 'LogTimeoutErrors' (or something to that effect) directive be The Right Thing to do in this case? -- Daniel Ruggeri

Re: stalled backport proposals...

to the backend failed such that mod_proxy can put the worker in error state. PR: 50332 Submitted by: Daniel Ruggeri DRuggeri primary.net Reviewed by: rpluem * Fix r1039304 and make the patch similar to the one proposed for 2.2.x: If the SSL handshake to the backend fails we cannot even sent

2.2 crash on startup with SSLProxyMachineCertificateFile at server level?

of CGI squirreled away in htdocs directory Only two of those points seem worth noting for this particular issue. I'll try to get a test case with a throw-away cert/key combo for folks to try and generate a formal bug today, but has anyone heard of/seen this behavior before? -- -- Daniel

Re: 2.2 crash on startup with SSLProxyMachineCertificateFile at server level?

On 3/11/2011 8:55 AM, Joe Orton wrote: Hi Daniel - On Fri, Mar 11, 2011 at 05:47:15AM -0600, Daniel Ruggeri wrote: Some high-level settings for the httpd configuration are bulleted below, but otherwise this happens on an httpd 2.2.15 build for Probably https://issues.apache.org/bugzilla

Re: new ProxyPass/ProxyPassReverse feature for 2.4??

, to handle such cases as: ProxyPass / ajp://localhost:8009/jsp/ ProxyPassReverse / http://www.example.com/jsp/ but shouldn't we automagically handle the common case?? Big +1 here. -- -- Daniel Ruggeri

Re: SSL related DoS

start to correct the issues you call out. -- -- Daniel Ruggeri

Re: mod_proxy headers

project... -- -- Daniel Ruggeri

Re: id=51247 Enhance mod_proxy and _balancer with worker status flag to only accept sticky session routes

the effort to adjust my patch or at least take care of that bug that's out there still. -- -- Daniel Ruggeri Only in httpd-2.2.15-patched: httpd2.2.15.EnableZeroLbfactor.patch Only in httpd-2.2.15-patched/modules/proxy: httpd2.2.15.EnableZeroLbfactor.patch diff -ru httpd-2.2.15/modules/proxy

Re: id=51247 Enhance mod_proxy and _balancer with worker status flag to only accept sticky session routes

On 5/25/2011 5:41 AM, Mladen Turk wrote: On 05/25/2011 02:27 AM, Daniel Ruggeri wrote: I attached the patch to a bug opened by Cameron Stokes https://issues.apache.org/bugzilla/show_bug.cgi?id=48841 Just a quick note on the first thing I saw: + //worker-lbfactor = atoi(val); + worker

Re: MPM-Event, renaming MaxClients, etc.

admin needs constant reminders while they are running 2.2 and 2.4 from a single config. +1... warning seems a bit dire for the circumstances. -- -- Daniel Ruggeri

Re: MPM-Event, renaming MaxClients, etc.

). Roy +1 Sorry, I didn't catch that - good point. -- -- Daniel Ruggeri

Re: RUNPATH for module dependencies on Unix/Linux

this problem goes away :) Yup - also consider that a lot of folks build the software on different machines (and potentially different environments/layouts) than the ones the software runs on. -- -- Daniel Ruggeri

Re: reallyall vs. all vs. most

about mod_lua since it is also one of the mentioned experimental modules. I would also see a case for mod_log_debug to be in MOST. It's one of those modules that one wouldn't care too much about until it's needed. -- -- Daniel Ruggeri

Re: [vote] mod_ldap

to maintain the functionality for httpd. -- -- Daniel Ruggeri

Question and request for comments on patch

a wrapper as ap_parse_htaccess? I would foresee that such a wrapper would issue a deprecation warning when called, but will call ap_parse_htaccess with a NULL in place of the (new) override_list. cheers! -- -- Daniel Ruggeri diff -ru httpd-2.3.12-beta/include/http_config.h httpd-2.3.12

Re: Question and request for comments on patch

On 7/21/2011 3:32 AM, Igor Galić wrote: I think you're missing an MMN bump, regarding backporting - or API in general, the wrapper is the right way to go. Also: Why not patch against trunk? i Daniel Ruggeri drugg...@primary.net wrote: All; I am attaching a patch that will allow

Re: Question and request for comments on patch

On 7/24/2011 2:12 AM, Stefan Fritsch wrote: On Friday 22 July 2011, Daniel Ruggeri wrote: Attached is the final cut of the patch including doco and MMN bump as you brought up. I plan to commit this on Monday, time permitting (and of course in the absence of objections). I'll cobble something

Re: Question and request for comments on patch

fine so I suspect there's more to the equation. -- -- Daniel Ruggeri

Re: Question and request for comments on patch

On 7/26/2011 6:29 PM, Daniel Ruggeri wrote: Both points taken and implemented. Regarding invalid directives, I set it as a warning informing that the directive is being discarded. I never actually tested apr_tables to see if they were case sensitive but had assumed they were. The offending

Re: id=51247 Enhance mod_proxy and _balancer with worker status flag to only accept sticky session routes

in the code to recognize the change -- -- Daniel Ruggeri

Re: CVE-2003-1418 - still affects apache 2 current

to the problem. I've been asking why this is a vulnerability for years and have yet to receive an answer... Maybe I haven't asked the right people. -- -- Daniel Ruggeri

Re: svn commit: r1160863 - in /httpd/httpd/trunk: docs/manual/mod/modules/ssl/

! I'll definitely update the patch with this because the method I'm using is certainly a sticks-and-stones approach. -- -- Daniel Ruggeri

Re: svn commit: r1160863 - in /httpd/httpd/trunk: docs/manual/mod/ modules/ssl/

=X509_STORE_CTX_get1_chain(ctx); for(i = sk_X509_num(tmp_stack) - 1; i = 0; i--) { sk_X509_push(chain, sk_X509_value(tmp_stack, i)); } X509_STORE_CTX_free(ctx); return sk_X509_num(chain); } -- -- Daniel Ruggeri

Re: CVE-2003-1418 - still affects apache 2 current

. Regards, Joe If we are taking score, count me as a +1. -- -- Daniel Ruggeri

Re: svn commit: r1160863 - in /httpd/httpd/trunk: docs/manual/mod/ modules/ssl/

; X509_STORE_CTX_cleanup(sctx); ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, client certificate %i has loaded %i intermediate CA%s, n, i, i == 1 ? : s); } X509_STORE_CTX_free(sctx); } -- -- Daniel Ruggeri

Re: svn commit: r1160863 - in /httpd/httpd/trunk: docs/manual/mod/ modules/ssl/

(sk_X509_value(chain, j)); X509_NAME_oneline(ca_name, ca_cn, sizeof(ca_cn)); ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, %i: %s, j, ca_cn); } } } X509_STORE_CTX_free(sctx); ... -- Daniel Ruggeri

Re: svn commit: r1172010 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

); +} +} } X509_STORE_CTX_free(sctx); Regards Rüdiger Thank you. Fixed in r1172562. -- Daniel Ruggeri

Re: Pushing for httpd 2.4.0 GA

in that bug report. The patch provides for a 'drain' setting which should do the trick. -- Daniel Ruggeri

Re: svn commit: r1172010 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

); ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, %i: %s, j, ca_dn); } } } X509_STORE_CTX_free(sctx); -- Daniel Ruggeri

Re: svn commit: r1172010 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

); } } } /* get ready for next X509_STORE_CTX_init */ X509_STORE_CTX_cleanup(sctx); } X509_STORE_CTX_free(sctx); -- Daniel Ruggeri

Re: svn commit: r1172010 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

On 9/23/2011 10:07 AM, Kaspar Brand wrote: On 22.09.2011 22:25, Daniel Ruggeri wrote: trunk suggestion - if this jives, I'll commit later when I have a bit Looks good, just some nits: for (n = 0; n ncerts; n++) { int i, res; res is no longer used, AFAICT Correct - removed

Re: svn commit: r1172010 - /httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

- could you re-add that? It makes sure we also capture the OpenSSL error in the log, before aborting. Kaspar All set - the suggestions you made have been added and the results committed to trunk. STATUS and the 2.2 patch have been updated as well. Thanks again - cheers! -- Daniel Ruggeri

Re: svn commit: r1176749 - /httpd/httpd/branches/2.2.x/STATUS

has been updated today to reflect this. Please have a look when you can. -- Daniel Ruggeri

Re: Make loglevel of File does not exist configurable

on achieving this objective. One question, though, about moving the handler into http... Does that also imply adjusting the logging level by using http:crit? Wouldn't we swallow several other important messages by changing logging levels there? -- Daniel Ruggeri

Re: Change loglevel of File does not exist messages

that after waiting a bit more for possible objections. BTW, debug would be fine for me, too. +1 for info level -- Daniel Ruggeri

Re: mod_proxy_html

of the other tasks of integrating it into the code base. BTW, Nick, I think this is a really good idea - thank you for bringing it up. -- Daniel Ruggeri

Re: mod_proxy_html

, packagers, and end-users who build from source rather than packages! Awesome :) -- Daniel Ruggeri

Trolling for votes

into compliance. More back and forth at https://issues.apache.org/bugzilla/show_bug.cgi?id=50812. P.S. Have fun at ACNA2011 - wish I could be there! -- Daniel Ruggeri

Re: Small things to do

this one... does anyone have the history to elaborate? -- Daniel Ruggeri

Re: Small things to do

you are doing? If not, can you email me directly or share a bit more of a complete example configuration? I have a few test CA's I stood up for the patch mentioned above that I wouldn't mind taking a crack at this one. FWIW, In all of my test cases I used ProxyPass to balancers. -- Daniel Ruggeri

Re: [VOTE] Formal deprecation of 2.0.x branch

. -- Daniel Ruggeri

Re: [DRAFT] Wanted: Patch Manager

would be pretty great. I'm more than happy to help in this role, but don't always consistently have the time available to keep as sharp an eye on the tracker as I would like. -- Daniel Ruggeri

Zombies from rotatelogs

until next one! -- Daniel Ruggeri

Re: Zombies from rotatelogs

On 4/14/2014 11:41 AM, Joe Orton wrote: It's free... dunno why I didn't think of this before. http://svn.apache.org/viewvc?view=revisionrevision=1587255 Regards, Joe Awesome - proposed for backport in 2.4. Thanks! -- Daniel Ruggeri

Re: svn commit: r1587650 - /httpd/httpd/branches/2.4.x/STATUS

On 4/15/2014 2:21 PM, Jim Jagielski wrote: I can't recall... isn't the issue still being worked an additional aspect of mod_rewrite and UDS; that is, a new behavior to be added (or handled) rather than a broken behavior. That was my understanding, too -- Daniel Ruggeri

Re: failonstatus only works on backend provided status codes

). Is this intentional? Hi, Ruediger; Yes, that was the original goal. The use case I was tackling was a case where a backend application server started accepting HTTP requests before the Servlets had all completed init(). In that case, the backend returns a 503. -- Daniel Ruggeri

Re: ApacheCon Austin, httpd track

? -- Daniel Ruggeri

Re: [for beginners] How to have a patch validated?

Bruno; You did everything right. I have committed this to trunk in r1648201 and proposed for 2.4 backport in STATUS. Thanks for the patch. -- Daniel Ruggeri On 12/28/2014 6:28 AM, Bruno Raoult wrote: Hi, I am really sorry for this stupid question. I did send a bug report, with a patch

Re: [APACHECON] Proposed httpd (and related) track

of this discussion). Also, don't hesitate to reach out if I can help out with any of the regular or extracurricular activities during/after/around the conference. -- Daniel Ruggeri On 2/10/2015 1:36 PM, Rich Bowen wrote: Here's my proposed httpd (and related) track. If anyone has any objections

Re: Balancer manager

+1 There are also some neat-o features I added in my notes during ACNA to stick into the balancer manager, too... I plan to get around to them in vague, noncommittal reference to free time as it permits days. -- Daniel Ruggeri On 4/24/2015 7:52 AM, Jim Jagielski wrote: Right now, the balancer

Re: *Match, RewriteRule POLA violation?

link could circumvent if an admin isn't using the appropriate regex. -- Daniel Ruggeri On 4/30/2015 8:16 AM, Yann Ylavic wrote: On Thu, Apr 30, 2015 at 2:57 PM, Jim Riggs apache-li...@riggs.me wrote: Thanks, Yann. I remember looking at this code before. The question remains, though

Re: Proposal/RFC: informed load balancing

other than me actually cares, I wish you all well today/tonight! - Jim All in all, man, this is solid. I like what you've done here. -- Daniel Ruggeri

Re: Balancer manager

that were missing) *Add ability to reset the stats captured *Set or adjust min/max for the connection pooling *Send what httpd thinks the worker status is (useful for backends that would like to know about drain, etc) to the backend in a header -- Daniel Ruggeri On 4/27/2015 9:43 AM, Jim Jagielski

Re: cPanel Apache 2.4

Nice! -- Daniel Ruggeri Original Message From: Jacob Perkins jacob.perk...@cpanel.net Sent: May 15, 2015 10:18:08 AM CDT To: dev@httpd.apache.org Subject: cPanel Apache 2.4 Good afternoon, As some of you may be aware, cPanel is a leader in the hosting industry as we

Re: silly ab patch for SNI and OCSP stapling

Yep, my mistake. I thought there was a command line switch to change the host header. You're correct - it wouldn't make much sense to override one and not the other. -- Daniel Ruggeri On 5/16/2015 11:25 AM, Jeff Trawick wrote: in that case shouldn't you also be overriding Host:, so the SNI

Re: silly ab patch for SNI and OCSP stapling

+1, but I would also propose a command line flag to override the SNI host name supplied in case one is testing directly by IP address. -- Daniel Ruggeri Original Message From: Jeff Trawick traw...@gmail.com Sent: May 12, 2015 2:31:37 PM CDT To: Apache HTTP Server Development

Style checker?

-like systems, but was wondering if you folks use any other tools to help along that path? -- Daniel Ruggeri

Re: [VOTE] Release Apache httpd 2.4.13 as GA

. +1 FWIW, I think Kaspar had a driving technical reason for its deprecation, but I can't seem to find the original email talking about it. -- Daniel Ruggeri

Re: Additional LB providers

Additional providers is cool... but what do you mean by fold in? Add them as additional modules? (Sorry for top-post... mobile email client) -- Daniel Ruggeri Original Message From: Jim Jagielski j...@jagunet.com Sent: June 18, 2015 11:52:12 AM CDT To: httpd dev

Re: Proxy balancer providers and aging

through the cognitive dissonance I'd be +1 for adding this to trunk but -1 for 2.4 unless we can find a way to avoid the dependency unless the lbmethod really needs it (I don't see how, but please do enlighten me if this is possible). -- Daniel Ruggeri

Re: PMC Reporting [Was: Re: 2.2 and 2.4 and 2.6/3.0]

as easy to pull up the minutes each month by hand, too. -- Daniel Ruggeri

Re: 2.2 and 2.4 and 2.6/3.0

On 5/30/2015 1:47 PM, Daniel Ruggeri wrote: Thinking about this more, what are the things preventing people from an _easy_ upgrade path configuration-wise? A lot of this conversation surrounded users and the impact of an upgrade to them. The interface for the users' to the server

Re: 2.2 and 2.4 and 2.6/3.0

the aforementioned authz directives. -- Daniel Ruggeri

Re: svn commit: r1696960 - in /httpd/httpd/trunk: CHANGES docs/log-message-tags/next-number modules/proxy/mod_proxy_balancer.c

space to add stuff via conf+graceful restart should be avoided. -- Daniel Ruggeri

Re: Work in progress: mod_proxy Health Check module

to come into play that might be handy like disabling based on status code). I haven't seen the code, but your previous email said you were thinking of the former case. P.S. Thanks for taking this on. It's been on my own todo list for a long time. -- Daniel Ruggeri On 1/8/2016 1:09 PM, Jim

Re: [POLL] Commitment to 2.2.x lifecycle? (Was: End of the road of 2.2.x maintenance?)

*) I intend to help maintain/test 2.2.x releases over the next [_12___] mos *) I intend to backport/review 2.2.x security patches over the next [_18___] mos -- Daniel Ruggeri

Re: [Patch] mod_tcp / mod_proxy_tcp / mod_ssl_tcp

+1 Really nice work -- Daniel Ruggeri On 3/13/2016 10:45 AM, Jim Jagielski wrote: > I've given it a quick look-thru and I. Am. Impressed. > > This is more Super Cool Mojo!

Re: Status for 2.4.20

ile we do it. -- Daniel Ruggeri

Re: [users@httpd] Strange with AllowOverrideList Directive

I'm assuming that compiler optimizations would make both patches "six to one, half dozen to the other" as far as code path followed during the request cycle... but I agree. Fixed in trunk in r1737114 and proposed for backport in 2.4 in STATUS. -- Daniel Ruggeri On 3/30/2016 8:0

Re: mod_proxy_hcheck backport

" or "fail", but it's probably not worth monkeying with. -- Daniel Ruggeri

Re: Allow SSLProxy* config in context?

o see what it would take to collapse this down to a per proxy/worker/etc, but it doesn't seem like terrible endeavor. -- Daniel Ruggeri

Re: Autobuild Progress (was Re: Automated tests)

On 1/31/2017 4:30 PM, Jacob Champion wrote: > On 01/30/2017 05:39 PM, Daniel Ruggeri wrote: >> I'm tremendously inspired by this work. What are your thoughts on the >> idea of having a series of docker container builds that compile and run >> the test suite on variou

Re: AW: svn commit: r1776575 - in /httpd/httpd/trunk: docs/log-message-tags/next-number docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

DR_LEN is read and we know if a header is there or not we can discard ctx->bb, reinitialize ctx and move to READBYTES mode. -- Daniel Ruggeri

Re: svn commit: r1776575 - in /httpd/httpd/trunk: docs/log-message-tags/next-number docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

em)->addr, addr->host_addr)) >> { >> +remoteip_warn_enable_conflict(*rem, cmd->server, arg); >> +*rem = (*rem)->next; >> + } >> +else { >> +for (list = *rem; list->next; list = list->next) { >> +if (remoteip_sockaddr_equal(list->next->addr, >> addr->host_addr)) { >> +remoteip_warn_enable_conflict(list->next, >> cmd->server, arg); >> +list->next = list->next->next; >> +break; >> +} >> +} >> +} >> +} >> +} >> + >> +/* add address to desired list */ >> +if (!remoteip_addr_in_list(*add, addr->host_addr)) { >> +remoteip_addr_info *info = apr_palloc(global_conf->pool, >> sizeof(*info)); > Could cmd->pool be used here, instead? This came from the original authors of the code, but I think it's correct. This is the only place remoteip_config_t->pool is allocated into. A collection of all enabled, disabled and optional remoteip_addr_info structs is kept and examined pre-connection to determine if the filter should be inserted for the connection. Since the server is not known pre-connection, this must be stored in the global server. The lifetime of cmd->pool would prevent using it here. > >> . . . >> static const command_rec remoteip_cmds[] = >> { >> AP_INIT_TAKE1("RemoteIPHeader", header_name_set, NULL, RSRC_CONF, >> @@ -450,11 +1211,21 @@ static const command_rec remoteip_cmds[] >> RSRC_CONF | EXEC_ON_READ, >> "The filename to read the list of internal proxies, " >> "see the RemoteIPInternalProxy directive"), >> +AP_INIT_TAKE1("RemoteIPProxyProtocolEnable", >> remoteip_enable_proxy_protocol, NULL, >> + RSRC_CONF, "Enable proxy-protocol handling (`on', >> `off')"), > `optional' is missing Fixed - thanks! > >> { NULL } >> }; >> >> static void register_hooks(apr_pool_t *p) >> { >> +/* mod_ssl is CONNECTION + 5, so we want something higher (earlier); >> + * mod_reqtimeout is CONNECTION + 8, so we want something lower (later) >> */ >> +ap_register_input_filter(remoteip_filter_name, remoteip_input_filter, >> NULL, >> + AP_FTYPE_CONNECTION + 7); >> + >> +ap_hook_pre_config(remoteip_hook_pre_config, NULL, NULL, >> APR_HOOK_MIDDLE); >> +ap_hook_post_config(remoteip_hook_post_config, NULL, NULL, >> APR_HOOK_MIDDLE); >> +ap_hook_pre_connection(remoteip_hook_pre_connection, NULL, NULL, >> APR_HOOK_MIDDLE); >> ap_hook_post_read_request(remoteip_modify_request, NULL, NULL, >> APR_HOOK_FIRST); >> } >> -- Daniel Ruggeri

Re: Autobuild Progress (was Re: Automated tests)

a backport. P.S. I'm also a big fan of backports requiring tests, but am honestly intimidated by the testing framework... -- Daniel Ruggeri On 1/30/2017 2:02 PM, Jacob Champion wrote: > On 01/02/2017 07:53 AM, Daniel Shahaf wrote: >> Setting this up isn't a lot more complicated th

Re: AW: svn commit: r1776575 - in /httpd/httpd/trunk: docs/log-message-tags/next-number docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

On 1/25/2017 9:02 PM, Daniel Ruggeri wrote: > On 1/25/2017 6:53 PM, Daniel Ruggeri wrote: >> I'd say that not returning until ctx->bb has enough information to >> determine if the header is present or not would be sufficient. Isn't >> this already done in the po

Re: svn commit: r1776575 - in /httpd/httpd/trunk: docs/log-message-tags/next-number docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

s is equal to returning EAGAIN. > +return APR_EOF; > +} Coming back to this one after correcting the setaside stuff... Is this what you have in mind or should we actually return APR_EAGAIN? return block == APR_NONBLOCK_READ ? APR_SUCCESS : APR_EOF; -- Daniel Ruggeri

Re: svn commit: r1776575 - in /httpd/httpd/trunk: docs/log-message-tags/next-number docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

ers under certain circumstances. What I'm particularly unclear about is what those circumstances would be. I'll try to reply to the other thread to provide more clarity. -- Daniel Ruggeri On 1/24/2017 8:36 AM, Jim Jagielski wrote: > ++1. I know that Daniel is out of pocket for a little bit

Re: AW: svn commit: r1776575 - in /httpd/httpd/trunk: docs/log-message-tags/next-number docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

First, my apologies, but it looks like line wrapping is going to exceed the usual number of columns so formatting may get wonky in this reply. On 1/17/2017 3:48 AM, Plüm, Rüdiger, Vodafone Group wrote: > >> -Ursprüngliche Nachricht- >> Von: Daniel Ruggeri [mailto:drugg

Re: AW: svn commit: r1776575 - in /httpd/httpd/trunk: docs/log-message-tags/next-number docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

On 1/25/2017 6:53 PM, Daniel Ruggeri wrote: > I'd say that not returning until ctx->bb has enough information to > determine if the header is present or not would be sufficient. Isn't > this already done in the potentially repeated calls to ap_get_brigade on > line no 1056

Re: mod_remoteip and mod_http2 combined

On 2017-02-15 09:07 (-0600), William A Rowe Jr wrote: > On Wed, Feb 15, 2017 at 9:02 AM, Sander Hoentjen wrote: > > > > mod_remote ip has: > > /* mod_proxy creates outgoing connections - we don't want those */ > > if

Re: svn commit: r1781701 - in /httpd/httpd/trunk: docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

ctx after the outer loop's ap_get_brigade call would satisfy both cases mentioned above since the filter would then just fill ctx->header from 0 index and continue asking for a full header's worth of data. > If not and you are in non blocking mode no new data was available

Re: svn commit: r1783256 - /httpd/httpd/branches/2.4.x/STATUS

ogle/brotli stable > release) > jailletc36: doc should also be back-ported (r1779091 + r1779699) > >*) mod_ssl: work around leaks on (graceful) restart. > > -- Daniel Ruggeri

<    1   2   3   4   5   >