On Friday, 3 March 2017 22:59:10 CET Sam Tregar wrote:
> Hello all. I've been working on getting Apache::Test running on Debian and
> it's not going well. One problem seems to be that Debian's system Apache
> conf is not named what Apache::Test thinks it should be named (apache2.conf
> vs httpd.c
On Tuesday, 7 March 2017 11:17:57 CET Eric Covener wrote:
> On Tue, Mar 7, 2017 at 10:32 AM, William A Rowe Jr
wrote:
> > It seems we should have the framework process the bin/envvars (in the
> > normal path, or /etc/apache2 in this case)... but that should be based
> > on retrieving the
> > pat
On Tuesday, 7 March 2017 12:56:04 CET William A Rowe Jr wrote:
> My comment was that having an alternate target name, e.g. httpd.prefork
> or httpd.worker ends up resulting in $prefix/conf/httpd.prefork.conf as the
> derived config file name (although that file is actually httpd.conf). The
> fact t
On Tuesday, 11 July 2017 15:20:44 CEST Eric Covener wrote:
> Does anyone recall what kind of directives were misbehaving?
Sorry, I don't remember. But maybe all directives that expect useful
information in cmd_parms->path ? This is always "*If" in If-Sections.
Cheers,
Stefan
> It seems
> like m
On Friday 05 October 2007, Ruediger Pluem wrote:
> > Once APR is out, I'll plan on a httpd release too.
>
> There are several backport proposals in the STATUS file
> missing only one vote. So I guess it is voting time :-).
Maybe someone could also look at
http://issues.apache.org/bugzilla/show_bu
On Monday 08 October 2007, Jim Jagielski wrote:
> > On Oct 5, 2007, at 2:07 PM, Stefan Fritsch wrote:
> >> Maybe someone could also look at
> >>
> >> http://issues.apache.org/bugzilla/show_bug.cgi?id=42829
> A quick review seems to indicate that the sugges
Hi,
there is still the problem that during a request, many bucket brigades
being created which are only cleaned up after the request is
finished, see
http://issues.apache.org/bugzilla/show_bug.cgi?id=23567 . There was
some discussion about retaining ownership of a brigade when
ap_pass_brigade
Hi,
On Monday 03 December 2007, Stefan Fritsch wrote:
> But I found two locations where the creation of a new brigade could
> be avoided:
>
> - In buffer_output()/ap_old_write_filter(), it is possible to keep
> the brigade around and reuse it after the next flush.
>
> - In
On Sunday 09 December 2007, Ruediger Pluem wrote:
> But I think your patch to server/protocol.c can be done much
> simpler. Can you try the following and let us know if this helps as
> well:
>
>
> Index: server/protocol.c
> ===
> --- s
*) http_protocol: Escape request method in 413 error reporting.
Determined to be not generally exploitable, but a flaw in any case.
PR 44014 [Victor Stinner ]
This is CVE-2007-6203. Maybe you should add the reference to the CHANGES file?
Cheers,
Stefan
On Monday 17 December 2007, William A. Rowe, Jr. wrote:
> >> This is CVE-2007-6203. Maybe you should add the reference to the
> >> CHANGES file?
> >
> > I don't think that's a good idea since we don't want to mislead
> > users into thinking a security issue exists here.
>
> it potentially does, jus
Hi,
this bug can be quite annoying because of the resources used by the hung
processes. It happens e.g. under Linux when epoll is used.
The patch from http://issues.apache.org/bugzilla/show_bug.cgi?id=42829#c14
has been in Debian unstable/Ubuntu hardy for several weeks and there have
not been any
Joe Orton wrote:
> I mentioned in the bug that the signal handler could cause undefined
> behaviour, but I'm not sure now whether that is true. On Linux I can
> reproduce some cases where this will happen, which are all due to
> well-defined behaviour:
>
> 1) with some (default on Linux) accept mu
Hi,
On Wed, 6 Feb 2008, Boyle Owen wrote:
It is clear to me now that this is a storm in a teacup. I note also that
the "vulnerability" never made it to the CVE database so I think we can
decide on "no further action".
That's not true. CVE-2008-0455 and CVE-2008-0456 have been assigned to
thi
Hi,
for 2.2.9, it would be nice to fix the epoll issue PR 42829, IMHO. The
patch in the bug report works, even if it may not be the perfect
solution.
Cheers,
Stefan
On Thursday 29 May 2008, Jim Jagielski wrote:
> > for 2.2.9, it would be nice to fix the epoll issue PR 42829,
> > IMHO. The patch in the bug report works, even if it may not be
> > the perfect solution.
>
> From what I can see, there is no real patch available or fully
> tested enough to warrant
On Thursday 29 May 2008, Jim Jagielski wrote:
> > https://issues.apache.org/bugzilla/attachment.cgi?id=21137 has
> > been in Debian testing and unstable for about 6 months without
> > problems. It is not an elegant solution but it works. Considering
> > that is is not clear how an elegant solution
On Friday 30 May 2008, Paul Querna wrote:
> > https://issues.apache.org/bugzilla/attachment.cgi?id=21137 has
> > been in Debian testing and unstable for about 6 months without
> > problems. It is not an elegant solution but it works. Considering
> > that is is not clear how an elegant solution woul
On Friday 30 May 2008, Nick Kew wrote:
> I don't think I share your implied view about how grave this is.
I guess this is the main (or only?) problem with this patch/bug. I got
quite a few people complaining about it and therefore I wanted to fix
it.
> I respect your opinion, but when maintaini
Hi,
the list of Debian patches will come in two parts. Here are those that
were added since I took over the package about one year ago. It will
take me a bit longer to go through the older patches.
045_suexec_log_cloexec.dpatch
allow suexec to log after a cgi error, patch from
https://issues.a
Hi,
On Wednesday 23 July 2008, Joe Orton wrote:
> > when compiled with gcc 4.3 on Sparc under Linux, Apache 2.2.9
> > sometimes crashes with SIGBUS in the ssl shmcb code.
> >
> > Adding __attribute__((__noinline__)) (which is already present in
> > ssl_scache_shmcb.c for the memset call) to the me
Hi,
there is the problem that with prefork mpm, child processes can hang
in apr_pollset_poll() on graceful restarts or shutdowns
(https://issues.apache.org/bugzilla/show_bug.cgi?id=42829). This
happens under Linux with epoll, and there is now also a report that
the same problem exists with Sol
Hi,
for people who use a system wide mime.types as TypesConfig, it would
be nice if there was a way to remove some type associations in the
apache config. For example, nowadays .es seems to be ecmascript
(according to RFC 4329), but it is also often used for spanish
language encoding.
Current
Hi,
On Wed, 17 Dec 2008, Pranav Desai wrote:
I am trying to add tproxy4
(http://www.balabit.com/support/community/products/tproxy/) support to
the mod_proxy to achieve transparency. It basically involves a kernel
patch which allows binding of a socket to foreign address among other
things. At th
Hi,
thanks for following up on this and sorry for the late response.
On Wednesday 07 January 2009, Jeff Trawick wrote:
> Initial testing of your idea for a timeout was promising.
I couldn't reproduce any hangs under linux with the patch you commited
to trunk.
In my patch I tried to avoid that
Hi,
the epoll limit in new linux kernels can cause problems because of
insufficient error checking in httpd. The most obvious problem was fixed
in
https://issues.apache.org/bugzilla/show_bug.cgi?id=46467 in MPM prefork,
but mod_cgi, mod_proxy_connect, and the other MPMs should also check for
error
Hi,
is there any particular reason why httpd does not automatically fall
back to read/write if sendfile failed [1]? Or is the only problem
that nobody has written the code yet? I have googled a bit but have
not found any discussion about this.
Cheers,
Stefan
[1] The linux sendfile man page h
On Thursday 09 April 2009, Graham Dumpleton wrote:
> Only you would know that. But then, I could be pointing you at the
> wrong MPM. There is from memory another by another name developed
> outside of ASF which intends to do the same think. The way it is
> implemented is probably going to be differ
Hi,
when backporting the CVE-2009-1195 fix in r773881+r779472 from
branches/2.2.x to 2.2.9, I noticed that it causes a test failure when
compiling mod_perl 2.0.4. Since I am neither familiar with mod_perl nor
with the mod_include internals, maybe someone else can check if this is a
necessary
On Monday 01 June 2009, Jeff Trawick wrote:
> This patch works for me; please try it with the Perl suite.
That fixed it. Thanks
Stefan
On Saturday 20 December 2008, Stefan Fritsch wrote:
> for people who use a system wide mime.types as TypesConfig, it
> would be nice if there was a way to remove some type associations
> in the apache config. For example, nowadays .es seems to be
> ecmascript (according to RFC 4329
Nick Kew wrote:
> Is this worth hacking up, or more trouble than it saves?
It seems it already exists (I haven't tested it, though):
ftp://ftp.monshouwer.eu/pub/linux/mod_antiloris/mod_antiloris-0.3.tar.bz2
Hi,
we have received a bug report [1] that a DoS is possible with
mod_deflate since it does not stop to compress large files even after
the network connection has been closed. This allows to use large
amounts of CPU if there is a largish (>10 MB) file available that has
mod_deflate enabled.
A
Hi,
I have backported r791454 to 2.2.3 in Debian 4.0 and have received a
report [1] about segfaults with mod_deflate and mod_php (5.2.0). As
far as I understand it, the reason is that mod_php uses ap_rwrite
which creates transient buckets. When the connection is closed by the
client, these buckets
Ruediger Pluem wrote:
>> far as I understand it, the reason is that mod_php uses ap_rwrite
>> which creates transient buckets. When the connection is closed by the
>> client, these buckets sometimes stay in the bucket brigade when
>> ap_pass_brigade returns an error for the compressed data of an
>>
William A. Rowe, Jr. wrote:
> One helpful detail, Stefan, would be if this is worker-specific or can
> be reproduced with prefork. That helps narrow down the number of places
> to consider your question.
This happened with prefork, Debian supports mod_php only with prefork.
> As I recall, we ha
> Right, it is not really helpful, but as you seem to be able to reproduce
> the issue can you please create a backtrace on your own, preferably with
> an unstripped and -g compiled php (which doesn't seem to be the case in
> the
> current backtrace) .
Backtrace is attached. Looking at it again, t
Hi,
given that crypt() hashes can nowadays be brute-forced on commodity
hardware (especially since the password length is limited to 8
characters), wouldn't it make sense for htpasswd to use something stronger
by default?
Cheers,
Stefan
>> Right, it is not really helpful, but as you seem to be able to reproduce
>> the issue can you please create a backtrace on your own, preferably with
>> an unstripped and -g compiled php (which doesn't seem to be the case in
>> the
>> current backtrace) .
>
> Backtrace is attached.
I forgot to m
Hi,
since there was some doubt that the mod_antiloris and mod_noloris
modules use the correct approach against slowloris type attacks, I
hacked up something different. mod_reqtimeout allows to set timeouts
for the reading request and reading body phases. It is implemented as
an input connect
On Tuesday 01 September 2009, Nick Kew wrote:
> How does it relate to the Timeout directive?
The Timeout directive sets the maximum time between two packets.
mod_requtimeout will set the socket timeout to the minumum of
{Timeout, time left for the current request}. You can set
RequestTimeout to
On Tuesday 01 September 2009, Torsten Foertsch wrote:
> Just a few thoughts:
>
> - You use GLOBAL_ONLY in ap_check_cmd_context. That means the
> directive must not appear in vhost context. AFAIK,
> conn->base_server reflects the vhost in a pre connection hook if it
> is IP-based. So, why don't you
On Tuesday 01 September 2009, Ruediger Pluem wrote:
> On 09/01/2009 04:26 PM, Torsten Foertsch wrote:
> > On Tue 01 Sep 2009, Stefan Fritsch wrote:
> >> http://www.sfritsch.de/mod_reqtimeout/mod_reqtimeout.c
> >>
> >> Any comments are welcome.
> >
On Tuesday 01 September 2009, Ruediger Pluem wrote:
> >>> - Apache should respond with HTTP_REQUEST_TIME_OUT and not
> >>> HTTP_BAD_REQUEST when there is a timeout reading the request.
> >>
> >> In the slowloris case, it needs to time out before there's any
> >> such thing as an HTTP request, so it
Hi,
it seems there are a number of configurations that used ssl
name based virtual hosts with ssl that broke with 2.2.12. A
frequent problem seems to be missing sslcertificate(key)file
directives for some of the virtual hosts. The logged error
message is not too helpful (at least if all virtual ho
On Tuesday 01 September 2009, Ruediger Pluem wrote:
> I guess
>
> reqtimeout_after_body
>
> also needs to be updated to the assert / do nothing if not
> configured logic like reqtimeout_after_headers
>
Thanks, I missed that. I fixed it and also added support for minimum
upload rates:
This
R
Hi,
in case you haven't noticed yet, some new mod_proxy_ftp issues have
been reported:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the
mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13
allows remo
On Fri, 11 Sep 2009, Joe Orton wrote:
+char *p = ap_strchr(reply, '('), *ep, *term;
+long port;
+
+/* Reply syntax per RFC 2428: "229 blah blah (|||port|)" where '|'
+ * can be any character in ASCII from 33-126, obscurely. Verify
+ * the syntax. */
+if (p == NULL || p[1]
Hi,
http://httpd.apache.org/docs/trunk/developer/output-filters.html
recommends to reuse bucket brigades and to not use apr_brigade_destroy.
However, both in 2.2 and in trunk, the core output filter sometimes calls
apr_brigade_destroy on brigades that it has received down the chain from
earli
Shouldn't you also check for p[1] != 0 before p[1] != p[2], to catch the case
where reply ends after the opening bracket?
This should be p[1] == 0, of course.
Hi Rüdiger,
thanks for the response.
On Sunday 13 September 2009, Ruediger Pluem wrote:
> On 09/13/2009 01:11 PM, Stefan Fritsch wrote:
> > http://httpd.apache.org/docs/trunk/developer/output-filters.html
> > recommends to reuse bucket brigades and to not use
> > apr_bri
On Sun, 13 Sep 2009, Ruediger Pluem wrote:
But your patch is causing core dumps during the proxy tests when
running the test suite :-(.
I currently don't understand why.
Hmmm... either ctx->tmp_flush_bb is NULL or, since it was added in the
middle of the struct, you didn't do a make distclean
On Sunday 13 September 2009, Stefan Fritsch wrote:
> On Sunday 13 September 2009, Ruediger Pluem wrote:
> > On 09/13/2009 01:11 PM, Stefan Fritsch wrote:
> > > http://httpd.apache.org/docs/trunk/developer/output-filters.htm
> > >l recommends to reuse buc
On Monday 28 September 2009, Dan Poirier wrote:
> Is there some good reason not to log the 408's in this case?
I am +1 for logging the 408's. I also think in case of a timeout, 408
should be logged instead of 400. The attached patch does that.
--- protocol.c.orig 2009-09-05 00:36:31.448689825 +02
Thanks for your comments.
On Wednesday 23 September 2009, Ruediger Pluem wrote:
> --- modules/http/chunk_filter.c (Revision 818232)
> +++ modules/http/chunk_filter.c (Arbeitskopie)
> @@ -49,11 +49,11 @@
> #define ASCII_CRLF "\015\012"
> #define ASCII_ZERO "\060"
> conn_rec *c = f->r->conn
On Saturday 03 October 2009, Ruediger Pluem wrote:
> Shouldn't this depend on the existence of APR_HAVE_FCNTL_H?
>
Fixed in r821475
Hi,
I would like to add mod_reqtimeout [1,2] to trunk. Is this OK?
Considering the positive comments it received, may I put it into
modules/filter or should it go into modules/experimental first?
Cheers,
Stefan
[1] http://www.sfritsch.de/mod_reqtimeout/mod_reqtimeout.c
[2] http://mail-archi
On Sunday 04 October 2009, Paul Querna wrote:
> > URL: http://svn.apache.org/viewvc?rev=821477&view=rev
> > Log:
> > Make sure to not destroy bucket brigades that have been created
> > by earlier filters. Otherwise the pool cleanups would be removed
> > causing potential memory leaks later on.
>
>
On Sunday 04 October 2009, Ruediger Pluem wrote:
> To be on the safe side we should do apr_brigade_cleanup(b) here.
>
Thanks. Fixed in r821481
On Sunday 04 October 2009, Ruediger Pluem wrote:
> > --- httpd/httpd/trunk/server/core_filters.c (original)
> > +++ httpd/httpd/trunk/server/core_filters.c Sun Oct 4 08:08:50
> > 2009
> >
> > @@ -392,19 +392,21 @@
> > }
> > }
> >
> > +if (new_bb != NULL) {
> > +bb = new
On Sunday 04 October 2009, Jim Jagielski wrote:
> Personally, I'd like to see this as part of the actual
> code core, where we have several Timeouts, eg:
>
> Timeout 30 5 10 2
>
> which define timeout as now, timeout before 1st byte, timeout
> between bytes timeout after etc...
>
> We've
On Sunday 04 October 2009, Nick Kew wrote:
> > FWIW, IMO it should go in modules/filters not experimental.
>
> +1. trunk is, by definition, experimental. But when we
> float off 2.3/4-branch, we should perhaps do some documentation
> of stability levels of different features and modules for user
On Monday 05 October 2009, Jim Jagielski wrote:
> Thx... I'm updating it with an eye to making it core, and
> therefore having ReqTimeout headerinit=5 headermax=10
As we also have RequestHeaders, maybe RequestTimeout would be better?
> Let me know if I can help w/ the docs.
I have commited
On Sunday 04 October 2009, Nick Kew wrote:
> Good summary.
I have taken the absence of further replies as agreement and commited
the patch to util_filter.h.
On Wednesday 07 October 2009, Jim Jagielski wrote:
> Does this really require a CHANGES entry??
>
No. There is at least one other CHANGES entry about a changed comment,
though.
On Thursday 08 October 2009, s...@apache.org wrote:
> --- httpd/httpd/trunk/include/ap_mmn.h (original)
> +++ httpd/httpd/trunk/include/ap_mmn.h Thu Oct 8 21:42:13 2009
> @@ -198,15 +198,17 @@
> * 20090401.3 (2.3.3-dev) Added DAV options provider to mod_dav.h
> * 20090925.0 (2.3.3-dev) Added
On Friday 09 October 2009, William A. Rowe, Jr. wrote:
> >> * 20090925.0 (2.3.3-dev) Added server_rec::context and added *server_rec
> >> * param to ap_wait_or_timeout()
> >> + * 20090925.1 (2.3.3-dev) Add optional function
> >> ap_logio_get_last_bytes() to
> >> + *
On Sunday 18 October 2009, Bojan Smojver wrote:
> The idea here is that a busy server is highly unlikely to be stuck
> reading using all its children over a maintenance interval (i.e. we
> expect at least one of those readers to turn into something else
> during the interval).
An attacker can eas
On Sunday 18 October 2009, Bojan Smojver wrote:
> But the real deal is that there is a finite amount of resources we
> have (be that sockets, threads or processes) and we need to decide
> how we are willing to dole these out.
What about defining an API to determine if the server has resource
sh
On Thursday 15 October 2009, Dick Davies wrote:
> In any event, does it made sense to use something other than the
> inode as the key into the lockDB - the URI for example?
Is the performance improvement of inode keyed locking so large that it
is worth the hassle? If mod_dav_fs used filename keye
On Sunday 18 October 2009, Ruediger Pluem wrote:
> Don't we still have an overflow? If argv[3] and argv[4] are of size
> MAX_STRING_LEN (which is sizeof(user) and sizeof(realm) we still
> have a
>
> sprintf(string, "%s:%s:%s", user, realm, pw);
>
> in line 147 with string, user, realm and pw al
On Sunday 18 October 2009, Guenter Knauf wrote:
> Hi,
>
> Ruediger Pluem schrieb:
> > Why do you think that line should be also 3 * MAX_STRING_LEN?
> > I guess currently it can be MAX_STRING_LEN at max because of line
> > 256:
> >
> > while (!(get_line(line,
> > http://mail-archives.apache.org
On Sunday 18 October 2009, Ruediger Pluem wrote:
> Why do you think that line should be also 3 * MAX_STRING_LEN?
> I guess currently it can be MAX_STRING_LEN at max because of line
> 256:
>
> while (!(get_line(line, MAX_STRING_LEN, f))) {
>
> But maybe this should be changed to
>
> while (!(
On Sunday 18 October 2009, Bojan Smojver wrote:
> - a properly configured server will not be maxing out
> - if maxing out does happen, scoreboard is bound to change within
> some time period (which we can pick), or we are seeing an attack
>
> With this approach (i.e. the scoreboard checksum), it
On Tuesday 20 October 2009, William A. Rowe, Jr. wrote:
> >> Change the default algorithm for htpasswd to MD5 on all
> >> platforms. Crypt with its 8 character limit is not useful
> >> anymore.
> >
> >
> > I think it is odd that an interface change like this would
> > be made without discussion on
On Wednesday 21 October 2009, José Miguel Holguín Aparicio wrote:
> I have a question about htpasswd when creating password hashes for
> "Basic Authentication". Why there isn't any warning message
> regarding password truncate to 8 characters?
>
> As you can see at your own documentation
> (http:
On Thursday 22 October 2009, Joe Orton wrote:
> > Is the performance improvement of inode keyed locking so large
> > that it is worth the hassle? If mod_dav_fs used filename keyed
> > locking entirely, there would be an easy way to make file
> > replacement by PUT atomic (see PR 39815). The curren
On Friday 23 October 2009, William A. Rowe, Jr. wrote:
> Isn't this platform specific? Seems wrong. Why not test the pw
> and the pw+1 char to determine if this is, in fact, true.
Our documentation doesn't talk about the limit being platform
specific. But to be save, I have changed it in r8293
On Friday 23 October 2009, Ruediger Pluem wrote:
> > -cp = strchr(path, '(');
> > -if (cp) {
> > +cp = strrchr(path, '(');
> > +cp2 = path + strlen(path) - 1;
> > +if (cp && (*cp2 == ')')) {
> > *cp++ = '\0';
> > -
> > -if (!(cp2 = strchr(cp, ')'))) {
> > -
On Sat, 24 Oct 2009, Ruediger Pluem wrote:
I assume you want to do
crypt(truncpw, salt)
instead of
crypt(pw, salt)
Absolutely :-(
Thanks.
On Sat, 24 Oct 2009, Ruediger Pluem wrote:
Author: sf
Date: Sat Oct 24 13:29:03 2009
New Revision: 829362
URL: http://svn.apache.org/viewvc?rev=829362&view=rev
Log:
Only allow parens in filename if cachesize is given. Return error otherwise
to catch missing parens.
Modified:
httpd/httpd/tru
Hi,
consider this config:
===
Order deny,allow
Deny from all
Allow from 1.2.3.4
Order allow,deny
Deny from all
===
From the LimitExcept docs, I would expect that the block
does not affect GET/POST requests at all. But actually, it is allowing
access from
On Sunday 01 November 2009, Nick Kew wrote:
> On 31 Oct 2009, at 23:14, Stefan Fritsch wrote:
> > Hi,
> >
> > consider this config:
> > ===
> >
> > [chop]
> >
> > [chop]
> > ===
> >
> > From the
On Saturday 07 November 2009, Lars Eilebrecht wrote:
> Ruediger Pluem wrote on 2009-11-07 00:29:41:
> > > -BrowserMatch ".*MSIE.*" \
> > > - nokeepalive ssl-unclean-shutdown \
> > > - downgrade-1.0 force-response-1.0
> > > +BrowserMatch "MSIE [1-5]" nokeepalive ssl-unclean-shutdown
On Sunday 08 November 2009, Ruediger Pluem wrote:
> Just a random thought: Wouldn't it be possible to simply things
> even further with apr_strtok?
>
Yes. Done in r834006.
Hi,
with openssl 0.9.8k, I currently get a large number of test failures:
Test Summary Report
---
t/ssl/basicauth.t (Wstat: 0 Tests: 3 Failed: 2)
Failed tests: 2-3
t/ssl/env.t (Wstat: 0 Tests: 30 Failed: 15)
Failed tests: 16-30
t/ssl/extlookup.t
On Monday 09 November 2009, Ruediger Pluem wrote:
> On 11/09/2009 11:25 AM, Stefan Fritsch wrote:
> > Hi,
> >
> > with openssl 0.9.8k, I currently get a large number of test
> > failures:
> > Test Summary Report
> > ---
> > t/ssl/bas
On Friday 23 October 2009, Stefan Fritsch wrote:
> On Thursday 22 October 2009, Joe Orton wrote:
> > > Is the performance improvement of inode keyed locking so large
> > > that it is worth the hassle? If mod_dav_fs used filename keyed
> > > locking entirely, ther
with DAV_MODE_WRITE_TRUNC create a temporary file first
> > and, when the transfer has been completed successfully, move it
> > over the old file.
> >
> > Since this would break inode keyed locking, switch to filename
> > keyed locking exclusively.
> >
> > P
On Monday 09 November 2009, Ruediger Pluem wrote:
> This causes the following warning:
>
> repos.c: In function 'dav_fs_open_stream':
> repos.c:900: warning: passing argument 2 of 'apr_file_mktemp'
> discards qualifiers from pointer target type
>
Thanks. Fixed.
On Monday 09 November 2009, Sander Temme wrote:
> Hi Stefan,
>
> On Nov 9, 2009, at 2:25 AM, Stefan Fritsch wrote:
> > Hi,
> >
> > with openssl 0.9.8k, I currently get a large number of test
> > failures:
>
> These tests do not fail for me. Can you run
On Monday 09 November 2009, Jeff Trawick wrote:
> >> and see how they fail? Like:
> >>
> >> t/TEST ... -verbose t/ssl/basicauth.t
> >>
> >> should get you some more insight. Also, which platform?
> >
> > This is Debian unstable with the Debian openssl. It seems to
> > complain about an expired C
On Monday 09 November 2009, Greg Stein wrote:
> >> Why did you go with a format change of the DAVLockDB? It is
> >> quite possible that people will miss that step during an
> >> upgrade. You could just leave DAV_TYPE_FNAME in there.
> >
> > That wouldn't help because it would still break with
> > D
On Monday 09 November 2009, Jeff Trawick wrote:
> > leading WS */ +last = value + strlen(value);
>
> doesn't this expression set last to point to the trailing '\0'
> instead of the last character
>
> > +while (last >= value && apr_isspace(*last)) {
>
> such that
On Monday 09 November 2009, Greg Stein wrote:
> On Mon, Nov 9, 2009 at 14:46, Stefan Fritsch wrote:
> > On Monday 09 November 2009, Greg Stein wrote:
> >> >> Why did you go with a format change of the DAVLockDB? It is
> >> >> quite possible th
On Tue, 10 Nov 2009, scte...@apache.org wrote:
Author: sctemme
Date: Tue Nov 10 07:55:13 2009
New Revision: 834378
URL: http://svn.apache.org/viewvc?rev=834378&view=rev
Log:
enable support for ECC keys and ECDH ciphers. Tested against
OpenSSL 1.0.0b3. [Vipul Gupta vipul.gupta sun.com, Sander
Hi,
On Tuesday 10 November 2009, Jean-Marc Desperrier wrote:
> So when Apache is compiled with openssl 0.9.8l, TLS renegotiation
> will be fully disabled.
>
> But the problem with that if that some comments of the discussion
> inside https://issues.apache.org/bugzilla/show_bug.cgi?id=39243
> a
Hi,
mod_rewrite incorrectly omits the brackets around literal IPv6
addresses in redirects. Similar issues have been fixed at other places
in the code already. In server/core.c there is
get_server_name_for_url(), a wrapper around ap_get_server_name, which
adds the brackets.
I think making ap_g
Hi,
when debugging problems, one needs detailed debug logging of the
involved functions. Unfortunately, some modules (especially mod_ssl)
log so much that switching to LogLevel debug in a production
environment is often impractical. Therefore I think it would be very
useful if one could set th
On Thu, 24 Dec 2009, Paul Querna wrote:
On Wed, Dec 23, 2009 at 4:14 AM, Stefan Fritsch wrote:
An alternative implementation would be something along the lines of
how reconnoiter does logging:
<https://labs.omniti.com/trac/reconnoiter/browser/trunk/src/utils/noit_log.h>
This would defi
101 - 200 of 941 matches
Mail list logo