Small typo below ...
Am 08.02.2022 um 12:04 schrieb yla...@apache.org:
Author: ylavic
Date: Tue Feb 8 11:04:49 2022
New Revision: 1897858
URL: http://svn.apache.org/viewvc?rev=1897858&view=rev
Log:
Sync CHANGES entries. [skip ci]
Removed:
httpd/httpd/trunk/changes-entries/CoreDumpDirecto
Am 07.03.2022 um 16:55 schrieb Stefan Eissing:
Hi all,
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev/httpd/
I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.53-rc1 as 2.4.53:
[ ] +1: It's no
Am 08.03.2022 um 16:33 schrieb Rainer Jung:
Am 07.03.2022 um 16:55 schrieb Stefan Eissing:
Hi all,
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev/httpd/
I would like to call a VOTE over the next few days to release
this candidate
Am 08.03.2022 um 17:06 schrieb Ruediger Pluem:
On 3/8/22 4:38 PM, Rainer Jung wrote:
Am 08.03.2022 um 16:33 schrieb Rainer Jung:
Am 07.03.2022 um 16:55 schrieb Stefan Eissing:
Hi all,
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev
Am 08.03.2022 um 18:22 schrieb Rainer Jung:
Am 08.03.2022 um 17:06 schrieb Ruediger Pluem:
On 3/8/22 4:38 PM, Rainer Jung wrote:
Am 08.03.2022 um 16:33 schrieb Rainer Jung:
Am 07.03.2022 um 16:55 schrieb Stefan Eissing:
Hi all,
Please find below the proposed release tarball and
Am 09.03.2022 um 08:37 schrieb Ruediger Pluem:
On 3/8/22 10:09 PM, Rainer Jung wrote:
You gcc 4.8 workaround for _Thread_local still looks good.
Solaris builds and all unit tests not yet done but compiles fine for all my
Linuxes.
Thanks!
Thanks for testing. I committed to trunk as
Am 09.03.2022 um 13:58 schrieb Ruediger Pluem:
On 3/9/22 11:34 AM, Rainer Jung wrote:
Am 09.03.2022 um 08:37 schrieb Ruediger Pluem:
On 3/8/22 10:09 PM, Rainer Jung wrote:
You gcc 4.8 workaround for _Thread_local still looks good.
Solaris builds and all unit tests not yet done but
First thanks to Stefan for downgrading his release system. It is a good
workaround for the observed problems.
Since downgrades are not a long term solution, here's the status info to
avoid confusion.
We observed two problems that had to do with using a recent autoconf
version (2.70 an above)
I am thinking about adding a JSON output format to mod_status and
mod_info as an option controlled by a query string parameter.
Since writing simple data structures from these modules is much simpler
than parsing and processing a JSON structure, I would expect it to be
based on simple ap_rp
Am 28.03.2022 um 15:24 schrieb Stefan Eissing:
Am 28.03.2022 um 14:28 schrieb Rainer Jung :
I am thinking about adding a JSON output format to mod_status and mod_info as
an option controlled by a query string parameter.
Since writing simple data structures from these modules is much
I try to make the mod_h2 test suite run for me. Some difficulties are
expected due to my non-standard setup, but the first test that seems to
fail in a way I am not directly blaming myself is
fuzz header
* on http://test.example.org:12345: super-long...--- gen/expect_431
2022-04-05 13:25:40.0
.x release (candidate)?
Thanks and regards,
Rainer
Am 05.04.2022 um 13:47 schrieb Rainer Jung :
I try to make the mod_h2 test suite run for me. Some difficulties are expected
due to my non-standard setup, but the first test that seems to fail in a way I
am not directly blaming myself is
fuzz
Thaks, will switch to that one. Should have reembered it ...
Am 05.04.2022 um 14:04 schrieb Stefan Eissing:
Am 05.04.2022 um 14:01 schrieb Rainer Jung :
Hi Stefan,
Am 05.04.2022 um 13:49 schrieb Stefan Eissing:
Which test suite, the one in trunk or the one from github? Both work best
Hi there,
during my experiments with the nice pytest based test suite against
2.4.x I noticed, that many mod_md tests need "a2md". The sources for
this commandline tool ar in Stefan's GitHub repos for mod_md, but not
inside the httpd 2.4.x source tree.
I have not really checked, what a2md ex
geschreven:
Am 07.04.2022 um 13:04 schrieb Rainer Jung :
Hi there,
during my experiments with the nice pytest based test suite against 2.4.x I noticed, that
many mod_md tests need "a2md". The sources for this commandline tool ar in
Stefan's GitHub repos for mod_md, but not insid
Hi all,
at the end of the test runs in the pytest suite,
TestBuffering.test_h2_712_03 checks for warnings or errors logged in the
httpd error log. None are allowed, but test
test_101_ssl_reneg.py
[ssl:error] [pid 15298:tid 140040420189952] SSL Library Error:
error:0AC1:SSL routines::no
them there. Could you
give this a shot?
Kind Regards,
Stefan
Am 24.04.2022 um 22:03 schrieb Rainer Jung :
Hi all,
at the end of the test runs in the pytest suite, TestBuffering.test_h2_712_03
checks for warnings or errors logged in the httpd error log. None are allowed,
but test
Am 10.05.2022 um 16:23 schrieb Eric Covener:
I was looking at making some tests run more quietly, but mod_dumpio
uses ap_log_cerror even though it always has a ap_filter_t when it's
doing its real work.
While this would still leave some early logging (pre-location walk)
w/o the per-dir loglevel
Not yet a full explanation but:
- the build fails due to "The job exceeded the maximum log length, and
has been terminated." shortly before line 30.000
- the difference to the succeeeding "Linux Ubuntu Focal, ASan" is, that
the ErrorLog of the run is not part of this log output handled by Tra
)
Result: FAIL
Failed 1/141 test programs. 1/7232 subtests failed.
...
Am 17.05.2022 um 15:24 schrieb Rainer Jung:
Not yet a full explanation but:
- the build fails due to "The job exceeded the maximum log length, and
has been terminated." shortly before line 30.000
- the differe
Hi Jim,
it looks like the unrelated file
changes-entries/mod_proxy_log_backend_port.txt was removed by accident
during this commit? I don't see its contents already in CHANGES.
I had not yet used the make target "update-changes" when applying the
backend port patch, so the changes-entries
Am 25.05.2022 um 14:15 schrieb Stefan Eissing:
Anyone feeling release vibes in the air?
it's been a good 2.5 months and some things have accumulated.
Maybe the start of June would be a good target?
+1 and thanks!
Rainer
Am 06.06.2022 um 16:25 schrieb Stefan Eissing:
Here we go again! Sorry for the repeats, but that is why we build candidates,
right?
Hi all,
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev/httpd/
I would like to call a VOTE over the next
I wonder, what the following test is expected to test? I can't really
make it work reliably here. Sometimes I get an ENOMEM on the server,
sometimes it takes a long time and much CPU, sometimes the client gets a
596 AnyEvent::HTTP error and sometimes it runs ok.
Am 01.06.2022 um 15:03 schrieb
Am 21.06.2022 um 07:38 schrieb Ruediger Pluem:
On 6/20/22 10:54 PM, rj...@apache.org wrote:
Author: rjung
Date: Mon Jun 20 20:54:14 2022
New Revision: 1902117
URL: http://svn.apache.org/viewvc?rev=1902117&view=rev
Log:
*) mod_heartmonitor: Allow "HeartbeatMaxServers 0"
to use file based s
Hi there,
I ran the pytest suite on SLES 12+15 and RHEL 7+8 for 2.4.54 plus
OpenSSL 1.1.1p. Ran it for event, worker and prefork and with OpenSSL
1.1.1 and 3.0 in the client.
I observe sporadic segmentation faults on all of those platforms and for
all MPMs and all OpenSSL versions in the cli
Hi all,
today I stumbled into an unexpected request denial by a rule in the
mod_security Core Rule Set 3. It denies requests without body, that have
Transfer-Encoding chunked set.
When I send a normal GET request, without body, no Transfer-Encoding and
no Content-Length, to httpd and proxy i
Hi Stefan,
the PR is:
https://bz.apache.org/bugzilla/show_bug.cgi?id=66282
Let me know, in case you can not reproduce it, or I should test something!
Best regards,
Rainer
Hi there,
I looked at our escaping functions for logs due to the need of doing
JSON logging. In principle one can output JSON by using appropriate log
format definitions in the httpd config. Most special characters in JSON
are already properly escaped in our output.
But there is one importan
Not a showstopper, but: srclib/apr/configure was again generated with
autoconf 2.70+ (2.71). This triggers a bug which is fixed in APR 1.7.x
head, but the fix has not been released as there was not APR release vor
almost 4 years now.
Since the bundled APR/APU are not actually part of the relea
Hi there,
I currently get three consistent pytest failures:
A) FAILED modules/http2/test_202_trailer.py::TestTrailers::test_h2_202_03b
Response code is 500 and trace 8 server log shows:
- we see the right request
[Wed Mar 08 22:03:35.699234 2023] [aptest:info] [pid 4606:tid
140645737559808]
Thanks for the tip. I already did the "run only one test case" and I
fixed the LogLevel in test.conf to include trace8. So I guess there will
not be any additional CGI logging available. But good to know the "-vvv".
Thanks and regards,
Rainer
Am 09.03.23 um 09:33 schrieb Stefan Eissing via de
.
Thanks and regards,
Rainer
Am 09.03.23 um 09:19 schrieb Ruediger Pluem:
On 3/8/23 10:44 PM, Rainer Jung wrote:
Hi there,
I currently get three consistent pytest failures:
Do A) and B) work if you do the requests via HTTP/1.1?
Regards
Rüdiger
OK, I can test in a standalone situation now.
The problem goes away, once I use curl, even with h2.
The problem also goes away, once I disable deflate compression for the
response. But curl and nghttp behave different: nghttp hangs after
receiving the response body (no deflate), curl normally
nghttp or http, so I am still not sure, whether the odd behavior without
the header is a bug.
Am 09.03.23 um 11:03 schrieb Rainer Jung:
OK, I can test in a standalone situation now.
The problem goes away, once I use curl, even with h2.
The problem also goes away, once I disable deflate comp
Am 09.03.23 um 11:29 schrieb Stefan Eissing via dev:
Am 09.03.2023 um 11:22 schrieb Rainer Jung :
Puzzle partially solved: once I add "--header 'content-type:
application/x-www-form-urlencoded'" to the nghttp call, the problem seems fixed -
with and without deflate. N
Am 04.05.23 um 10:34 schrieb Ruediger Pluem:
This is a formal vote on whether we should move our read/write repository from
Subversion to Git.
This means that our latest read/write repository will be no longer available
via svn.apache.org. It
will be available via Git at https://gitbox.apache.o
Oups and thanks!
Am 04.05.23 um 12:30 schrieb yla...@apache.org:
Author: ylavic
Date: Thu May 4 10:30:25 2023
New Revision: 1909606
URL: http://svn.apache.org/viewvc?rev=1909606&view=rev
Log:
Follow up to r1909429: Fix scope/block syntax.
Modified:
httpd/httpd/trunk/modules/generators/mo
Hi there,
OpenSSL 3 flags some abortive shutdowns as an error different to what
1.1.1 did. This results in info log output in httpd:
[Tue Aug 29 12:33:06.787210 2023] [ssl:info] [pid 1994673:tid 1994737]
SSL Library Error: error:0A000126:SSL routines::unexpected eof while reading
[Tue Aug 29
Am 30.08.23 um 13:50 schrieb Stefan Eissing via dev:
Am 30.08.2023 um 13:21 schrieb Rainer Jung :
Hi there,
OpenSSL 3 flags some abortive shutdowns as an error different to what 1.1.1
did. This results in info log output in httpd:
[Tue Aug 29 12:33:06.787210 2023] [ssl:info] [pid 1994673
Hi JFC,
I have not checked ur current code, but the topic reminds me of our
history in mod_jk land. There we switched the counters to atomics were
available. The other problematic part could be how to handle process
local counters versus global counters.
Busyness was especially problematic f
Hi there,
mod_jk for example uses such aging, but only for the non busyness case.
busyness is meant to show the number of currently in-flight requests, so
aging isn't a good fit there. Old load numbers are never part of
busyness. But busyness is the mode that is most sensitive to the numer
sk
Am 07.09.23 um 14:58 schrieb Joe Orton:
On Wed, Aug 30, 2023 at 01:21:11PM +0200, Rainer Jung wrote:
Hi there,
OpenSSL 3 flags some abortive shutdowns as an error different to what 1.1.1
did. This results in info log output in httpd:
[Tue Aug 29 12:33:06.787210 2023] [ssl:info] [pid 1994673
Hi all,
when running the current pytest, I see a gap between two specific test
outputs of more than three minutes:
...
13.09.2023 21:47:46.220943
modules/http2/test_712_buffering.py::TestBuffering::test_h2_712_03
PASSED [ 39%]
13.09.2023 21:50:55.456457
modules/md/test_001_store.py::TestSto
Am 14.09.23 um 07:44 schrieb Stefan Eissing via dev:
Am 13.09.2023 um 22:14 schrieb Rainer Jung :
Hi all,
when running the current pytest, I see a gap between two specific test outputs
of more than three minutes:
...
13.09.2023 21:47:46.220943
modules/http2/test_712_buffering.py
://svn.apache.org/viewvc?rev=1913010&view=rev
Log:
Merge r1912015 from trunk:
mod_ssl: Silence info log message "SSL Library Error: error:0A000126:
SSL routines::unexpected eof while reading" when using
OpenSSL 3 by setting SSL_OP_IGNORE_UNEXPECTED_EOF if
available
Am 16.10.23 um 17:08 schrieb Stefan Eissing via dev:
Hi all,
after fixing my merge mistake in rc2 (sorry!), we go again:
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev/httpd/
I would like to call a VOTE over the next few days to release
t
FYI: here's a list of symbols for which I get deprecation warnings when
compiling httpd 2.4.58 (plus bundled APU) against current OpenSSL 3.1.3.
or 3.0.11:
srclib/apr-util/crypto/apr_crypto_openssl.c:141:5: warning:
'ENGINE_load_builtin_engines' is deprecated (declared at
include/openssl/engi
I guess it could be like this: when Mladen originally implemented the by
requests load balancing method in mod_jk he used the count and subtract
method for the counters. He then ported this to mod_proxy_balancer and I
think it is still, how by requests counting woorks there.
There are pros and
Am 17.01.2015 um 03:58 schrieb rj...@apache.org:
> Author: rjung
> Date: Sat Jan 17 02:58:24 2015
> New Revision: 1652559
>
> URL: http://svn.apache.org/r1652559
> Log:
> Fix failing test.
>
> After r1651085 for mod_cgi we log cgi script
> stderr to ScriptLog. Two of our test scripts
> write 8KB t
Hi Jan,
Am 23.09.2014 um 13:14 schrieb jkal...@apache.org:
Author: jkaluza
Date: Tue Sep 23 11:14:09 2014
New Revision: 1626978
URL: http://svn.apache.org/r1626978
Log:
mod_cgi: log cgi script stderr to ScriptLog, use APLOGNO for log_scripterror
errors.
Modified:
httpd/httpd/trunk/docs/lo
Am 17.01.2015 um 05:45 schrieb Rainer Jung:
Hi Jan,
Am 23.09.2014 um 13:14 schrieb jkal...@apache.org:
Author: jkaluza
Date: Tue Sep 23 11:14:09 2014
New Revision: 1626978
URL: http://svn.apache.org/r1626978
Log:
mod_cgi: log cgi script stderr to ScriptLog, use APLOGNO for
log_scripterror
Am 15.01.2015 um 21:10 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.11 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.11 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Rob
Am 19.01.2015 um 13:25 schrieb Yann Ylavic:
Hi Rainer,
On Mon, Jan 19, 2015 at 11:32 AM, wrote:
Author: rjung
Date: Mon Jan 19 10:32:51 2015
New Revision: 1652955
URL: http://svn.apache.org/r1652955
Log:
PR 57379: If mod_cgi and mod_cgid get installed,
use IfModule for MPM to choose mod_cgi
Am 19.01.2015 um 14:16 schrieb Jim Jagielski:
Thx for the catch!! Looks like we need to add some additional
tests to the perl test framework :)
I'll keep the VOTE open, to encourage others to continue to
test, but I consider 2.4.11 DOA.
I took the opportunity to put 2.4.11 plus the one after-t
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to MaxConnectionsPerChild get cleaned up
after some time but this one doesn't. It now hangs for more than an
hour. I'll let it hang. In case a
Am 20.01.2015 um 00:33 schrieb Eric Covener:
On Mon, Jan 19, 2015 at 5:40 PM, Rainer Jung wrote:
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Was it 2.4.10 previously, or earlier?
2.4.10. But since it is automatically restarted each night, I can not
say for sure
Am 20.01.2015 um 08:45 schrieb Ruediger Pluem:
On 01/19/2015 11:40 PM, Rainer Jung wrote:
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to MaxConnectionsPerChild get cleaned up after some
Am 20.01.2015 um 10:15 schrieb Rainer Jung:
Am 20.01.2015 um 08:45 schrieb Ruediger Pluem:
On 01/19/2015 11:40 PM, Rainer Jung wrote:
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to
uem wrote:
On 01/19/2015 11:40 PM, Rainer Jung wrote:
I noticed a hanging child process on our ASF server aurora.
It currently uses 2.4.11 (plus the post tag commit) and event MPM.
Most processes exiting due to MaxConnectionsPerChild get cleaned up after some
time but this one doesn't. I
Am 26.01.2015 um 14:14 schrieb Eric Covener:
On Mon, Jan 26, 2015 at 8:08 AM, Jim Jagielski wrote:
svn diff https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.11
https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.12 | cdiff
first one should be 2.4.10 (not that it turns up anythin
Am 22.01.2015 um 19:54 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.12 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.12 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Rob
Am 27.01.2015 um 21:41 schrieb William A. Rowe Jr.:
I'd agree. My thoughts on OP's posts, that their specific PHP scripts
are modifying the global timezone locale, notably process-by-process,
and these are not reset at the end of processing. In the case of the
event or worker MPM it's impossibl
Am 28.01.2015 um 23:01 schrieb William A. Rowe Jr.:
On Wed, 28 Jan 2015 12:02:32 +0100
Rainer Jung wrote:
Am 27.01.2015 um 21:41 schrieb William A. Rowe Jr.:
I'd agree. My thoughts on OP's posts, that their specific PHP
scripts are modifying the global timezone locale, notably
Hi,
Am 08.02.2015 um 01:48 schrieb Davis:
Is backporting of configuration parameters SSLSessionTicketKeyFile and
SSLSessionTickets to 2.2 branch welcome?
SSLSessionTickets for 2.2 has already been backported by Yann:
http://people.apache.org/~ylavic/httpd-2.2.x-SSLSessionTickets.patch
It is
Hi Yann,
Am 24.02.2015 um 12:51 schrieb Yann Ylavic:
Hi,
On Thu, Feb 5, 2015 at 9:33 PM, wrote:
Author: rjung
Date: Thu Feb 5 20:33:59 2015
New Revision: 1657685
URL: http://svn.apache.org/r1657685
[...]
Modified:
httpd/httpd/trunk/server/util_expr_eval.c
Modified: httpd/httpd/tru
Am 23.01.2015 um 11:09 schrieb Yann Ylavic:
On Mon, Oct 27, 2014 at 1:40 PM, wrote:
Author: jim
Date: Mon Oct 27 12:40:34 2014
New Revision: 1634520
URL: http://svn.apache.org/r1634520
Log:
Merge r1621367, r1621372, r1625952 from trunk:
PR53218
Allow for longer worker names and make truncati
Hi Stefan,
Am 01.04.2015 um 18:22 schrieb Stefan Eissing:
Jim,
today I converted your commit to a path on 2.4.12 and tested it with mod_h2.
All fine!
Then I got a trouble report that alpn negotiation always selected "http/1.1" unless SSLAlpnPreference
configured something else. This is due t
Am 14.04.2015 um 19:06 schrieb rbo...@apache.org:
Author: rbowen
Date: Tue Apr 14 17:06:10 2015
New Revision: 1673470
URL: http://svn.apache.org/r1673470
Log:
Add "pre-compressed content" recipe, as per
https://bz.apache.org/bugzilla/show_bug.cgi?id=51336
Modified:
httpd/httpd/trunk/docs/m
Am 15.04.2015 um 00:14 schrieb Rainer Jung:
Am 14.04.2015 um 19:06 schrieb rbo...@apache.org:
Author: rbowen
Date: Tue Apr 14 17:06:10 2015
New Revision: 1673470
URL: http://svn.apache.org/r1673470
Log:
Add "pre-compressed content" recipe, as per
https://bz.apache.org/bugzilla/show_
Am 15.04.2015 um 21:49 schrieb cove...@apache.org:
Author: covener
Date: Wed Apr 15 19:49:31 2015
New Revision: 1673940
URL: http://svn.apache.org/r1673940
Log:
Merge r1666297 from trunk:
ssl_util: Fix possible crash (free => OPENSSL_free) and error path leaks when
checking the server certifica
Am 22.04.2015 um 17:49 schrieb Kaspar Brand:
On 22.04.2015 10:52, Stefan Eissing wrote:
I made two small patches based on the feedback from Kaspar. One for
the code and one for the documentation.
Thanks. In the patch for ssl_private.h, the complete NPN block should
actually be dropped - the sa
Am 23.04.2015 um 06:56 schrieb Kaspar Brand:
On 22.04.2015 21:30, Rainer Jung wrote:
Am 22.04.2015 um 17:49 schrieb Kaspar Brand:
Thanks. In the patch for ssl_private.h, the complete NPN block should
actually be dropped - the same block is are already part of
ssl_private.h, just 10 lines above
Am 21.05.2015 um 20:57 schrieb Eric Covener:
On Thu, May 21, 2015 at 2:54 PM, Jeff Trawick wrote:
This is a very nice improvement over introducing "M", and Yann's suggestion
to expand "T" instead of "D" is an increment above that.
Any concerns if I switch them out?
+1 here
No concern. I'm
1) In other code I see
EC_KEY_free(ecdh);
after
EC_KEY *ecdh = EC_KEY_new_by_curve_name(...)
and using ecdh, e.g. in
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
Should we add the free? Or is it not needed? Anyone knows why?
2) In modules/ssl/ssl_private.h I see
/**
* The following
1) In other code I see
EC_KEY_free(ecdh);
after
EC_KEY *ecdh = EC_KEY_new_by_curve_name(...)
and using ecdh, e.g. in
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
Should we add the free? Or is it not needed? Anyone knows why?
This was added in r1666363:
* mod_ssl: fix small memory lea
Am 23.05.2015 um 11:28 schrieb Yann Ylavic:
On Sat, May 23, 2015 at 11:23 AM, wrote:
Author: ylavic
Date: Sat May 23 09:23:13 2015
New Revision: 1681297
URL: http://svn.apache.org/r1681297
Log:
Merged r979120 from trunk.
[]
Modified: httpd/httpd/branches/2.2.x/STATUS
[]
- * mod_log_con
Am 24.05.2015 um 23:08 schrieb olli hauer:
Hi,
is there a chance to get the following revisions merged to 2.2.x
- r1551685, r1652929 (fix IPv4 mapping on FreeBSD)
In ssl_engine_dh.c there are calls to generate dh512 and dh1012,
perhaps it is also an idea to drop dh512 and add dh2048 or higher.
Am 22.05.2015 um 18:35 schrieb Yann Ylavic:
On Fri, May 22, 2015 at 6:29 PM, Rainer Jung wrote:
1) In other code I see
EC_KEY_free(ecdh);
after
EC_KEY *ecdh = EC_KEY_new_by_curve_name(...)
and using ecdh, e.g. in
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
Should we add the f
Current mod_ssl code tries to read embedded DH and ECC parameters only
from the first certificate file. Although this is documented
"DH and ECDH parameters, however, are only read from the first
SSLCertificateFile directive, as they are applied independently of the
authentication algorithm typ
Hi Stefan,
Am 26.05.2015 um 10:37 schrieb Stefan Eissing:
Sorry, if this question has an obvious answer which I was unable to find: where
would I find a list of the changes that will be backported to the 2.4.13
release in order to see if a change has received enough votes?
The backports that
Am 26.05.2015 um 11:00 schrieb Tim Bannister:
On 26 May 2015, at 09:37, Reindl Harald wrote:
Am 26.05.2015 um 10:33 schrieb Rainer Jung:
Current mod_ssl code tries to read embedded DH and ECC parameters only from the
first certificate file. Although this is documented
"DH and
Am 26.05.2015 um 11:07 schrieb Yann Ylavic:
Oups, several simultaneous responses...
That shows how much we like him (his work) :)
Am 27.05.2015 um 08:40 schrieb Kaspar Brand:
On 26.05.2015 10:33, Rainer Jung wrote:
I find it questionable. I would find it more natural to embed the params
in the cert files they apply to, so e.g. the DH params in the RSA cert
file and the EC params in the ECDH cert file and also to not
Am 29.05.2015 um 15:16 schrieb Wang, Andy:
You might want to reconsider that unless you really really are sure you know
what you're doing.
On a linux distro, the system installed openssl is considered a fundamental
platform infrastructure library. I.e. many many things rely on it. openssl
ve
Am 29.05.2015 um 18:30 schrieb William A Rowe Jr:
Don't be fooled.
OpenSSL 1.0.1 did not break binary compatibility, the lib designation
remains .so.1.0.0. Can someone confirm whether this was changed in 1.0.2?
As I already wrote it didn't.
Rainer
Am 29.05.2015 um 18:36 schrieb Wang, Andy:
It didn't break api compatibly but it sure did break backwards compatibility.
I'm pretty sure if you link against 1.0.2 you can't run with an older 1.0.x
library. Which is what appears to happen in Mario's case.
That's correct. If the app or lib you
Am 29.04.2015 um 13:05 schrieb Kaspar Brand:
I did some formatting cleanup in r1676709 and put a patch for 2.4.x
online under
https://people.apache.org/~kbrand/mod_ssl-2.4.x-alpn_2015-04-29.diff.
This should hopefully make it easier for people to test and review (it's
an amalgamation of ten revis
Am 01.06.2015 um 13:36 schrieb Yann Ylavic:
Hi Rainer,
On Mon, Jun 1, 2015 at 1:06 PM, wrote:
@@ -232,14 +238,14 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
trunk patch: http://svn.apache.org/r1681694
2.4.x patch: trunk works (modulo CHANGES)
+1: ylavic
+ rjung: Would
Am 27.05.2015 um 09:33 schrieb Rainer Jung:
Am 27.05.2015 um 08:40 schrieb Kaspar Brand:
On 26.05.2015 10:33, Rainer Jung wrote:
I find it questionable. I would find it more natural to embed the params
in the cert files they apply to, so e.g. the DH params in the RSA cert
file and the EC
Am 04.06.2015 um 18:33 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.13 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.13 GA.
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Ro
Am 08.06.2015 um 03:34 schrieb Jeff Trawick:
On Sun, Jun 7, 2015 at 1:20 PM, Rainer Jung mailto:rainer.j...@kippdata.de>> wrote:
...
On FreeBSD I see the following failures:
t/apache/limits.t (Wstat: 0 Tests: 12 Failed: 1)
Failed test: 8
10.1: limits.t
Am 12.06.2015 um 13:49 schrieb Yann Ylavic:
Hi Christophe,
On Fri, Jun 12, 2015 at 1:26 PM, Christophe JAILLET
wrote:
should this warning at startup be an issue, why not just remove it in 2.4.x
and keep it in trunk?
Having the depreciation written in doc (and in migration note for 2.4 ->
2.6/
Am 12.06.2015 um 18:48 schrieb Jeff Trawick:
On Fri, Jun 12, 2015 at 12:35 PM, Jacob Perkins
mailto:jacob.perk...@cpanel.net>> wrote:
+1 to Noels comments. We have a ton of servers running Apache 2.4
with our control panel. Doing this in a point release will cause us
to have to cha
Am 12.06.2015 um 19:12 schrieb William A Rowe Jr:
Revision 1678233 - (view) (download) (annotate) - [select for diffs]
Modified Thu May 7 16:26:43 2015 UTC (5 weeks, 1 day ago) by jim
File length: 57106 byte(s)
Diff to previous 1674655 (colored)
Merge r1676085 from trunk:
consistently output SSL
Hi Michael,
Am 13.06.2015 um 12:10 schrieb Michael Felt:
Just a link to the "Howto setup Apache::Test" would be sufficient. The
README in the project sends me to mod_perl info, not a list of perl mods
needed to be added -- and unfortunately the Apache::Test does not
"include" a dependency list e
Am 13.06.2015 um 12:23 schrieb Rainer Jung:
Hi Michael,
Am 13.06.2015 um 12:10 schrieb Michael Felt:
Just a link to the "Howto setup Apache::Test" would be sufficient. The
README in the project sends me to mod_perl info, not a list of perl mods
needed to be added -- and unfortu
eps are only there for convenience.
Thx!
--
Born in Roswell... married an alien...
http://emptyhammock.com/
--
kippdata
informationstechnologie GmbH Tel: 0228 98549 -0
Bornheimer Str. 33aFax: 0228 98549 -50
53111 Bonn www.kippdata.de
HRB 8018 Amtsgericht Bonn / USt.-IdNr. DE 196 457 417
Geschäftsführer: Dr. Thomas Höfer, Rainer Jung, Sven Maurmann
Am 11.06.2015 um 16:08 schrieb Jim Jagielski:
The pre-release test tarballs for Apache httpd 2.4.14 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[ ] +1: Good to go
[ ] +0: meh
[X] -1: Danger Will Rob
Am 14.06.2015 um 19:17 schrieb Rainer Jung:
[X] -1: Danger Will Robinson. And why.
Not an easy call.
-1 but even more thanks for RMing.
Negative vote due to:
- chance of breaking chunked encoding due to spec intolerance.
s/spec/space/ - Sorry.
Proxy example reported by Steffen plus
1 - 100 of 1325 matches
Mail list logo