Nick Kew wrote:
Installed it on OpenSolaris, tried the test framework.
Seems most of the latter made no attempt to run.
I have yet to find time to investigate why - hence no
vote yet.
I have the test framework running now: seems what I
had before was incomplete.
I got a bunch of failures in
).
Hrm... Just 2 binding +1 votes, Rüdiger and myself... Can I get
another Amen?!
Installed it on OpenSolaris, tried the test framework.
Seems most of the latter made no attempt to run.
I have yet to find time to investigate why - hence no
vote yet.
--
Nick Kew
r
your reaction, and anyone else (Graham - is
your +1 affected by the change in r795642?)
--
Nick Kew
strmemdup(ctx->dpool, re->source + re->match[idx].rm_so,
re->match[idx].rm_eo - re->match[idx].rm_so);
As apr_pstrmemdup does return '\0' instead of NULL when re->match[idx].rm_so ==
re->match[idx].rm_eo
we change the behaviour by doing the re->match[idx].rm_so ==
re->match[idx].rm_eo check above.
Fair point. Again, side-effects. Let's reverse that change for 2.2
(and in trunk if you're unhappy with it).
--
Nick Kew
Nick Kew wrote:
Patching trunk based on the above. Will propose for backport
if noone disputes my amendment to the patch.
Done in r795445.
--
Nick Kew
27;t a better test be rm_eo == rm_so, meaning null match?
Patching trunk based on the above. Will propose for backport
if noone disputes my amendment to the patch.
--
Nick Kew
(see attachment).
Heh. Missed the attachment earlier.
I've a faint recollection of someone raising this issue,
but a quick google didn't find it. Do you have a test-case
that provokes the bug you're fixing?
--
Nick Kew
Plüm, Rüdiger, VF-Group wrote:
If you have time (fix in trunk, backport proposal) I will have a look
at the proposal and vote on it to get it in.
+1. Segfault sounds serious enough to prioritise!
--
Nick Kew
William A. Rowe, Jr. wrote:
So +1 to the proposed patch; in fact, +1 on unsetting C-L and treating
HEAD to the same processing as 304.
+1. Since it's a SHOULD not a MUST, we can be pragmatic
with the headers.
That's back to Eric's original patch, isn't it?
--
Nick Kew
Nick Kew wrote:
The content-length could've been set anyway - the simplest case being
a static file that's been "stat"ed. Have we definitely unset it?
D'oh. Of course we have.
Is this really an optimization? Sounds like correctness :) And do we
want
to
sop - c.f. my previous
mail on the subject.
--
Nick Kew
) it's an option for the admin, rather than enforced
(b) it's documented
(c) the headers are correct: either Content-Encoding is
unset (uncompressed response) or Content-Length is
unset. Probably the former.
--
Nick Kew
On 7 Jul 2009, at 02:11, Guenter Knauf wrote:
from where come these? In which C file are these imlemented?
modules/core/mod_watchdog.c
(hmmm, does this belong in core?)
--
Nick Kew
mset(shm_rec, NULL, shm_size);
+memset(shm_rec, 0, shm_size);
You're right of course.
Thanks for the fixes.
--
Nick Kew
and will do so if it just
doesn't add more s.
--
Nick Kew
. [Nick Kew, Joe Orton]
I thought in this instance, the original reporter's diagnostic
work contributed more to the patch than we did. I think he
should be credited in the changelog here.
--
Nick Kew
Nick Kew wrote:
rpl...@apache.org wrote:
@@ -157,17 +157,21 @@
PR 44729
patch: http://svn.apache.org/viewvc?view=rev&revision=778942
+1: niq
+ -0.5: rpluem: There are further revisons in trunk that make this
much more
+ complete and sane:
http://svn.apache.org/viewvc/h
2.2.x patch: http://people.apache.org/~niq/patches/46942.patch
+1: niq
+ rpluem says:
+ http://people.apache.org/~niq/patches/46942.patch returns a 404
Oops, sorry, typo in uploading. Fixed.
(it's essentially identical to the trunk patch, but fails because the
immediate context is different).
--
Nick Kew
oncerned right now about slowloris has
iptables at their disposal.
--
Nick Kew
Ruediger Pluem wrote:
+ * The major difference is that mod_antiloris checks the scoreboard
+ * on every request. This implies a per-request overhead that grows
+ * with the scoreboard, and gets very expensive on a big server.
+ * On the other hand, this module (mod_noloris) may be slower to
+ *
r instance).
You don't have anything as specific as a file in a slowloris-type
attack. You appear to be envisaging something much closer to
various (existing, third-party) bandwidth-management modules.
--
Nick Kew
Nick Kew wrote:
I've actually hacked up mod_noloris to do exactly that. Was planning to
test-drive then post, but since you bring the matter up, I'll attach it
here and now.
Having already fixed a couple of typos in the attachment,
I've uploaded to http://people.apache.org/~ni
Jeff Trawick wrote:
On Wed, Jul 1, 2009 at 5:12 AM, Nick Kew <mailto:n...@webthing.com>> wrote:
fredk2 wrote:
Hi Nick,
I looked at the code (I am not a coder) and wondered what made
you say "it's
geared clearly to the very small server. &
with anything but a very small scoreboard.
--
Nick Kew
Stefan Fritsch wrote:
Nick Kew wrote:
Is this worth hacking up, or more trouble than it saves?
It seems it already exists (I haven't tested it, though):
ftp://ftp.monshouwer.eu/pub/linux/mod_antiloris/mod_antiloris-0.3.tar.bz2
Looks almost what I had in mind. But it's geared clea
On 25 Jun 2009, at 16:12, William A. Rowe, Jr. wrote:
Nick Kew wrote:
Is this worth hacking up, or more trouble than it saves?
It already lives in /repos/asf/httpd/mod_ftp/trunk/modules/ftp/ ...
see the http://httpd.apache.org/mod_ftp/mod/
mod_ftp.html#ftplimitloginip
docs. It would be
oesn't help" on users@, and that'll be why.
I'm not sure whether any of the traffic-management modules
work on connections (anyone know)? If so, then yes, we could
just point to them as a fix until we produce something better
than mod_noloris.
--
Nick Kew
return OK;
* }
return DECLINED;
}
static void noloris_hooks(apr_pool_t *p)
{
ap_hook_process_connection(noloris_conn, NULL, NULL, APR_HOOK_FIRST);
}
Is this worth hacking up, or more trouble than it saves?
--
Nick Kew
gt; associate a specific cgi-script to a handler.
>
> DefaultMapping /index.php
> AddHandler php_handler .php
+1
Makes sense to me. DefaultHandler was from an earlier idea
on implementation, but test-driving that revealed a bunch of
gotchas that would've confused the hell out of users - hence
the switch to a clone of Directory index handling.
--
Nick Kew
DECLINED are mutually
exclusive.
I haven't thought through why fixup_dir runs when it does, but I'm
reasonably confident that what works for DirectoryIndex will work fine
for its young cousin DefaultHandler (or whatever Bill changes that to).
--
Nick Kew
evaluated just 'cos noone has found a round tuit.
For some bugs like these, a great exercise might be to restructure
them, perhaps with use of meta-bugs like PR 43454. That makes
things easier as and when someone does find time to hack it.
--
Nick Kew
Application Development with Apache -
osed to be destroyed.
It's recycled within the server.
mod_sed is now the state-of-the-art. Perhaps a visit to
http://httpd.apache.org/docs/2.3/mod/mod_sed.html
would be in order.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
ser should see BLA_BLA_HTTP_ERROR, when there
are 999 workers in good shape.
How is the balancer supposed to know that one valid HTTP response
is an error while another is correct? A 404 or other error response
doesn't mean there's a problem with the server!
--
Nick Kew
half, but it looks similar).
If noone shouts, I might just hack that. Bug me if I drop it.
--
Nick Kew
important changes in r771144/771145!
--
Nick Kew
On Mon, 18 May 2009 12:23:38 -0700
"Roy T. Fielding" wrote:
> On May 18, 2009, at 11:53 AM, Nick Kew wrote:
> > The case under discussion was errors generated by a script and
> > propagated by the server without reference to
> > ap_send_error_response.
>
>
se point it out.
The case under discussion was errors generated by a script and
propagated by the server without reference to ap_send_error_response.
Hence the fix was in util_script.c where it reacts to HTTP
status codes.
That is, assuming the reference is to
http://marc.info/?t=12384462701&r=1&w=2
--
Nick Kew
), which is
a fixups hook, and unconditionally overrides anything set by
mod_mime or other module. The semantics are "ForceType".
Why?
Does something bad happen if we check r->handler for what
some-other-module may have set before overriding it?
--
Nick Kew
2.4 without causing instability.
Would Step 1 here be to list what trunk needs over and above
what 2.2 (cleanly) provides?
--
Nick Kew
On 27 Apr 2009, at 08:11, Kevac Marko wrote:
Anything new?
What, since http://svn.apache.org/viewvc?view=rev&revision=766938 ?
--
Nick Kew
idate for an operational MPM, there are many
who'll be interested. Good luck!
--
Nick Kew
oints:
1. You've exposed dbd_cfg_t in mod_dbd.h - why?
2.
+DBD_DECLARE_NONSTD(void) ap_dbd_sql_init(server_rec *s, const char
*query)
That looks like an export for the API, but you haven't exposed it!
Is that an
oversight, or am I missing something?
--
Nick Kew
re what threat model that addresses at all.
That's untrusted, privileges-aware code.
Use case: mod_php, whose safe_mode prevents loading such code.
--
Nick Kew
with mod_privileges?
--
Nick Kew
version. Maybe ap_mpm_require(...) for modules,
and the core can then query the MPM and exit with a decent
error report if something is unsatisfied.
--
Nick Kew
On 7 Apr 2009, at 00:14, William A. Rowe, Jr. wrote:
Nick Kew wrote:
As a matter of curiosity, why do we have two separate hooks with
identical signatures running consecutively? AFAIK it's not
historic -
it goes right back to 2.0-early-dev in 1999.
The MPMs use open_log to open list
hould be a post_config ... but need
to come earlier". Wouldn't it make sense in this instance just to
migrate everything to post_config?
--
Nick Kew
but you can't jump from that to a
deterministic order. For a very brief overview:
http://www.apachetutor.org/dev/request
(Are you chinese? Perhaps I should mention there's a
chinese translation of my book :-)
--
Nick Kew
Application Development with Apache - the Apache
ves the same purpose?
- introduce a whole new fix that serves the same purpose?
204 and 304 are already
handled elsewhere (or, if not, they should be handled elsewhere).
That's precisely what PR 40953 is about.
--
Nick Kew
ecoding
of the regular Web image formats (gif/jpeg/png, and svg
using xmlns dispatch). A similar approach might apply
more widely to other media.
I can contribute some of this from my existing work,
including relicensing where necessary. That is,
if there's interest in adding some of these things
as standard in 2.4.
--
Nick Kew
On 26 Mar 2009, at 08:18, Ruediger Pluem wrote:
We should axe
leader
perchild
threadpool
Criterion: those MPMs that pre-date 2.2 but are not included in it
need to be shoved away in a dusty attic.
Looks like the above list.
--
Nick Kew
indeed a need for it.
--
Nick Kew
ught me out on MacOS. I had the library,
but
no pcre-config, which was required for build. However, in the Mac case,
installing fink's current pcre fixed it.
--
Nick Kew
t body. The second
> will try to read something but the client has already sent all it can.
You'd want something like mod_request or mod_form to parse the data
and make them available to other modules in a convenient form.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
atible pointer
> type
Could it be that you have different compiler flags, a stricter
gcc version, or perhaps a different architecture (like 32 vs 64-bit
compile)?
If not, a code sample that demonstrates what you're talking
about would help.
--
Nick Kew
Application Development with Apa
On Wed, 18 Mar 2009 08:44:12 -0400
Jim Jagielski wrote:
> doesn't mod_proxy_html do it's own substitutions :/
Only in a URL context.
Being markup-aware is what distinguishes it from the various
sed-like filter modules.
--
Nick Kew
Application Development with Apache - the A
examples amongst my modules at apache.webthing.com.
The use of an ifdef in mod_proxy_html is probably fairly typical
of the sort of thing you might need to do. That is, provided
you don't hit an API that's changed significantly.
--
Nick Kew
On 13 Mar 2009, at 10:21, Kevac Marko wrote:
https://issues.apache.org/bugzilla/show_bug.cgi?id=46827
Implemented. Patch added.
Comments?
Thanks. I'll test-drive today.
--
Nick Kew
n always
try to work around its shortcomings (as I did at the time).
--
Nick Kew
t, because even if it's already under the Apache
license,
we don't really want to fork someone else's project in competition with
the original developers. That leads to maintenance nightmares, and
confusion for end-users.
--
Nick Kew
Nick Kew wrote:
Kevac Marko wrote:
Ok, here is sql init statement only patch against trunk:
https://issues.apache.org/bugzilla/show_bug.cgi?id=46827
Thanks for the patch!
Can I throw an alternative suggestion into the ring.
[ ... ]
Thoughts?
A further thought. I had in mind PR#45407
it would seem like a good
opportunity to rectify all that!
Thoughts?
--
Nick Kew
t if I deal with that one.
Fixed in r750620.
--
Nick Kew
ck that up earlier in your hacked mod_dumpio.
A function on the fixups hook, for instance.
BTW, this should really be on the modules list rather than here.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
On Thu, 26 Feb 2009 18:30:03 -0600
David Martínez Albiter wrote:
> request_rec *r = f->r;
Dumpio is a connection-level filter. There is no request.
(and why do you suppose there'd be a cookie in r->notes?)
--
Nick Kew
Application Development with Apache - the Apache Mod
't want to reinvent the wheel. I
> > couldn't find any that existed. Thanks!
>
> One of these should do the trick:
Alternatively, look in apr_uri. An apache module has access to
everything in apr and apr-util.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
a memory
leak and not
thread-safe. Likewise setting cfg->hash there is not thread-safe.
Would this be a good time to mention that my book has a Chinese
translation?
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
ate from is it?
Even if you fix that, you'll leak anything you allocate from it.
--
Nick Kew
ready, but it needs some testing before posting.
Sounds OK in principle for trunk. If you want to post a patch
against trunk, I'll try and find the time to review it.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
cheduled task.
Disagree. You might export hooks, but let's have proper modularity
in the implementation.
> The Simple MPM has the ability to do this.
Examples?
--
Nick Kew
Paul Querna wrote:
imo, no one uses these mpms, we should delete them.
ISTR having this conversation ahead of 2.2. We deleted
them from 2.2 but left them in trunk for posterity,
and in case anyone felt like picking it up.
They look like obvious candidates for an attic now.
--
Nick Kew
release it.
We aren't going to release leader/perchild/threadpool.
If that ever changes, it has to be because at least one
committer is doing real work on it. Including sorting
out issues like dropping privileges.
--
Nick Kew
amp;revision=730296
http://svn.apache.org/viewvc?view=rev&revision=732583
and see how trunk changes ABI (but preserves API) while 2.2.x
preserves the ABI too.
--
Nick Kew
On Wed, 28 Jan 2009 12:21:09 +0100
Nick Gearls wrote:
> Couldn't we just move the "error_override_set" & "error_override" to
> the "proxy_dir_conf" struct ?
There's more than that in mod_proxy that would be better on the
dir_conf. Patches welcome.
--
Nick Kew
traw...@gmail.com wrote:
On Jan 15, 2009 11:16am, Nick Kew wrote:
> How do you propose to deal with configuration? Specifically,
>
> the interaction with enable-exception-hook, which means that
>
> a server built without it breaks the expectation that new
>
> modul
be affected and misleading?
--
Nick Kew
n.apache.org/viewvc?rev=733219&view=rev
-2.2.x:
- trunk works
-+1: covener, niq, rpluem
--
Nick Kew
traw...@gmail.com wrote:
[+1] Accept mod_fcgid into httpd
+1
And "Thanks!" to the mod_fcgid author and contributors!
+1 to that, too.
--
Nick Kew
nal Server Error. But a script
that generates
garbage is an External Server Error, and a 502 response would be in
order.
It would be no bad thing to point the finger of blame at broken scripts
rather than confuse the authors with "internal" errors.
--
Nick Kew
m the upstream server or application."
r732504
--
Nick Kew
rpose.
Sorry, yes, Jeff was right. Looking at what gets passed to the
vararg-consuming function, that's apr_size_t.
Jeff, you have my +1 to add r731965 to my backport proposal in STATUS.
--
Nick Kew
struct iovec
{
char *iov_base;
size_t iov_len;
};
#endif
--
Nick Kew
Ruediger Pluem wrote:
On 01/05/2009 02:16 PM, Nick Kew wrote:
Ruediger Pluem wrote:
Hm. I am slightly confused here. The documentation states that "abort"
should be
the default behaviour (that is the else branch), but if nothing is set
in the config
onfail defaults to -1 which woul
ntation or the code is wrong.
Fixed in r731388, which is included in the backport proposal.
Thanks for reviewing.
--
Nick Kew
a CLA or software grant.
+1. This is in the same ballpark as third-party patches we routinely
accept, e.g. from reports in bugzilla.
--
Nick Kew
some users,
then on balance it's a Good Thing.
--
Nick Kew
nal
one, and managed to commit the wrong one in r729438 (I
blame the lurgy - just on the mend). Fixed in r729439.
mod_sed is shaping up to be one of the best new goodies
in 2.4!
--
Nick Kew
ile to show every modification to
> > every ChangeLog entry. (If anyone think any change is major, please
> > let me know)
>
>On a quick skim-through, what looks like the only large patch here
> belongs to Nick Kew, who's also an active httpd committer.
Hmmm, I know I'
}_core.
> - rename mod_wombat to mod_luau
> - more documentation :)
>
> Anything else anyone thinks would be good to get in?
Ensure non-*X platforms not only compile, but stand some
chance of running. As noted in
http://marc.info/?l=apache-httpd-dev&m=122878524712562&w=2
--
Nick Kew
On Tue, 9 Dec 2008 21:56:43 +
Nick Kew <[EMAIL PROTECTED]> wrote:
> Does anyone have a complete list of people who have made nontrivial
> contributions, such that their IP might be affected?
Ignore that - I meant to chop those lines when I read (as opposed
to skimmed) t
with him?
Contact other contributors as a courtesy, but not let it worry us if
some of them prove uncontactable, only if someone actually objects?
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
*plog,
apr_pool_t *ptemp)
{
win_nt = (osver.dwPlatformId != VER_PLATFORM_WIN32_WINDOWS);
+ap_sys_privileges_handlers(1);
return OK;
}
--
Nick Kew
, as a complete
replacement for mod_unixd.
Seems like they would be good general statically linked defaults.
It needs to know there is *some* system privileges scheme in
operation and isn't running as unprotected root. But that's all.
--
Nick Kew
bout some ballpark figures for the footprint - both disc and
memory - of this proposal? That is, mod_wombat taken together with
lua and any other dependencies like apreq if used.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
raising it.
--
Nick Kew
nk I've
figured out more in trying to reply than I had before :-)
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
On 1 Dec 2008, at 10:19, Ruediger Pluem wrote:
if (eb) {
-ap_die(eb->status, r);
+int status;
+
+status = eb->status;
+apr_brigade_cleanup(b);
+ap_die(status, r);
return AP_FILTER_ERROR;
}
Good call. +1 to that.
--
Nick Kew
apr_bucket_delete(e);
continue;
}
/*
--
Nick Kew
On 1 Dec 2008, at 08:17, Paul Querna wrote:
I've committed a few new modules to trunk tonight:
Interesting.
Are we expecting docs anytime soon?
--
Nick Kew
chain] {
log this
type = HTTP_INTERNAL_SERVER_ERROR;
}
else {
return;
}
}
That looks good, too.
But do you see any objection to the (IMHO simpler) fix of
removing error buckets as we detect them?
--
Nick Kew
401 - 500 of 1350 matches
Mail list logo
