Re: svn commit: r1834497 - /httpd/httpd/trunk/acinclude.m4

Does it make sense to favor the lib/ over the lib64/ installation of this pkg? Is this consistent across all directory choices? It seems we are missing a level of abstraction and failing to utilize AC stock tools themselves... see my recent trunk/ work around PCRE for a significant

Re: Host header checking too strict?

e option we would offer instead? > El mar., 26 jun. 2018 a las 0:19, Roy T. Fielding > () escribió: > > > > On Jun 25, 2018, at 8:57 AM, William A Rowe Jr > wrote: > > > > On Mon, Jun 25, 2018 at 5:31 AM, Joe Orton wrote: > >> > >> On Fri, Jun 22,

Re: svn commit: r1828926 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_proxy.xml include/ap_mmn.h modules/proxy/mod_proxy.c modules/proxy/mod_proxy.h modules/proxy/mod_proxy_http.c

On Tue, Jun 26, 2018 at 8:21 AM, Eric Covener wrote: > On Tue, Jun 26, 2018 at 9:02 AM Yann Ylavic wrote: > > > > On Tue, Jun 26, 2018 at 2:48 PM, Eric Covener wrote: > > > On Tue, Jun 26, 2018 at 8:37 AM Yann Ylavic > wrote: > > >> > > >> On Mon, Jun 25, 2018 at 10:49 PM, Eric Covener >

Re: Host header checking too strict?

On Mon, Jun 25, 2018 at 5:31 AM, Joe Orton wrote: > On Fri, Jun 22, 2018 at 05:21:08PM -0400, Eric Covener wrote: > > After CVE-2016-8743 we only accept hostnames that are valid in DNS, > > which notably excludes underscores. But it seems like 7230 does not > > require HTTP Host: to use a DNS

Re: svn commit: r1834255 - /httpd/httpd/branches/2.4.x/STATUS

Provided we know they were made by a native or conversant writer, I agree with you. There is the question of reflexively trustring google translate (automated translate again translated automatically)... which would result in nonsense... But I believe we are safe in accepting these, knowing what

Re: Host header checking too strict?

On Fri, Jun 22, 2018 at 5:13 PM, William A Rowe Jr wrote: > On Fri, Jun 22, 2018 at 4:42 PM, Eric Covener wrote: > >> > should have broken IDN (punycode) international domain names. >> >> those are obviously dashes, not underscores, so not affected at all. >

Re: Host header checking too strict?

On Fri, Jun 22, 2018 at 4:42 PM, Eric Covener wrote: > > should have broken IDN (punycode) international domain names. > > those are obviously dashes, not underscores, so not affected at all. > That assertion was a bit extreme :) But on principal, underbars are not valid (internet) DNS, but

Re: svn commit: r1833827 - /httpd/httpd/trunk/server/log.c

On Wed, Jun 20, 2018 at 9:08 AM, Eric Covener wrote: > On Wed, Jun 20, 2018 at 10:04 AM William A Rowe Jr > wrote: > > > > Question, what is a server_conf, before httpd's argv[] array > > has even been processed? > > It's NULL, but these (log.c only) uses should b

Re: svn commit: r1833827 - /httpd/httpd/trunk/server/log.c

Question, what is a server_conf, before httpd's argv[] array has even been processed? On Tue, Jun 19, 2018 at 7:07 AM, wrote: > Author: covener > Date: Tue Jun 19 12:07:19 2018 > New Revision: 1833827 > > URL: http://svn.apache.org/viewvc?rev=1833827=rev > Log: > add server_rec to log.c fatal

Fwd: [Status] apreq-*@httpd.a.o mailing lists

Copying dev@httpd.a.o for completeness. -- Forwarded message -- From: William A Rowe Jr Date: Tue, Jun 5, 2018 at 10:13 AM Subject: [Status] apreq-*@httpd.a.o mailing lists To: apreq-...@httpd.apache.org Seven+ years ago, apreq released our most recent distribution

[Status] apreq-*@httpd.a.o mailing lists

Seven+ years ago, apreq released our most recent distribution, and the code was folded into httpd trunk. Since that time, contrast the apreq-dev and apreq-cvs list activity; https://lists.apache.org/list.html?apreq-dev@httpd.apache.org:lte=7y:

Re: svn commit: r1832716 - /httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.mak

Seems like another way to break the cmake build, this time, transitive of needing modules/httpd2 from modules/proxy (still, borked). Should we keep doing this, or move all of the includes into include/, or create some openssl include/ symlink monstrosity, or, do we even have a desire to fix this

Re: Experimental C unit test suite available for hacking

On Thu, May 31, 2018 at 10:07 AM, Yann Ylavic wrote: > On Thu, May 24, 2018 at 8:11 PM, William A Rowe Jr > wrote: > > > > On Thu, May 24, 2018, 06:34 Eric Covener wrote: > >> > >> Despite the directory structure, this was not part of a "module"

Re: mod_proxy_html and special characters

For clarity's sake, the spec defines these two entities as not-equal. Of course, %41 and 'A' are equivilant, so such a function might not be a bad thing to have in refactoring URI handling. On Mon, May 28, 2018, 04:10 Nick Kew wrote: > > >> ctx->buf = http://internal/!%22%23$/ > >> m->from.c

Re: mod_proxy_html and special characters

On Fri, May 25, 2018 at 11:57 AM, Eric Covener wrote: > > http://internal/!%22%23$/;>A link with special characters > > > ProxyHTMLURLMap "http://internal/!\"#$/; "http://external/!\"#$/; > > > Is it reasonable to expect mod_proxy_html to rewrite URL encoded URLs as > > well?

Re: https vhosts

First off, I need to call this out to point you to folks who have walked this path before; https://bz.apache.org/bugzilla/show_bug.cgi?id=56241 That said, our "radically pedantic" switch with HttpProtocolOptions Strict inflicts such changes on users. Some will be unhappy, but if they serve the

Re: Experimental C unit test suite available for hacking

On Thu, May 24, 2018, 06:34 Eric Covener wrote: > On Thu, May 24, 2018 at 7:23 AM, Micha Lenk wrote: > > Hi Yann, > > > > On 05/24/2018 12:31 PM, Yann Ylavic wrote: > >>> > >>> Well, first things first. Let's first fix trunk to be buildable again > on > >>>

Re: [VOTE] Allow for defect fix releases at httpd

On Tue, May 1, 2018 at 12:19 PM, Yann Ylavic wrote: > On Tue, May 1, 2018 at 2:08 PM, Nick Kew wrote: > > > >> That's not quite fair. > >> > >> For me, to be honest, I couldn't quite understand the question at > >> all... I had a real hard time parsing it.

Re: [VOTE] Allow for defect fix releases at httpd

On Thu, Apr 26, 2018 at 1:51 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > > [ ] The Apache HTTP Server project facilitates the release >of bug fixes to the current stable httpd release, correcting >defects to previously released code, excluding all new

[VOTE] Allow for defect fix releases at httpd

With discussion exchanged (across several years), and various arguments presented, we should be able to adopt or reject the first of several possible questions as a PMC. This is the meta- question, any versioning discussion is irrelevant without specific purpose or goal, and follow on questions

Re: A proposal...

On Thu, Apr 26, 2018 at 10:13 AM, Jim Jagielski <j...@jagunet.com> wrote: > >> On Apr 25, 2018, at 1:50 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: >> >> Because of our conflation of patch and enhancement, > > It is hardly just "our"..

Re: Expanding httpd adoption internationally - POC

On Tue, Apr 24, 2018 at 2:41 AM, Rainer Jung <rainer.j...@kippdata.de> wrote: > Am 24.04.2018 um 07:20 schrieb Marion et Christophe JAILLET: >> >> Le 24/04/2018 à 02:58, William A Rowe Jr a écrit : >>> >>> On Thu, Apr 19, 2018 at 12:20 AM, Marion et

Re: A proposal...

On Tue, Apr 24, 2018 at 3:46 PM, Eric Covener wrote: >>> One thing you mention above is "wait for a new minor release". I can >>> definitely see that being an issue for our current maj.minor layout given >>> that minor bumps are measured in years. In this proposal, unless

Re: A proposal...

At the pace of our (currently 'minor', contrast to 'patch') releases there are about 2-4 / year. I agree with the idea of monthly bug fix patch releases. Declaring the first minor of each year as LTS for 2 years, we could get security fixes into legacy users hands. It would be a good starting

Re: A proposal...

On Tue, Apr 24, 2018 at 8:37 AM, Plüm, Rüdiger, Vodafone Group wrote: > > If we switch the framework we need to consider that with all gaps we have, we > already have > a large amount of tests in the current framework that need to be ported over > time. The OpenSSL

Re: A proposal...

On Tue, Apr 24, 2018 at 8:27 AM, Eric Covener wrote: >> Yes, exactly correct. We have three "contracts" to keep that I think aligns >> very well with the following semver "contracts": >> Major => API/ABI compatibility for modules >> Minor => Feature and directives >> Patch =>

Re: Start using RCs (Was: Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)])

On Tue, Apr 24, 2018 at 6:36 AM, Daniel Ruggeri wrote: > > One more thing to point out that I didn't explicitly say in the previous > message is that this suggestion implies the release branch regularly gets cut > from trunk (rather than growing and diverging on its own).

Re: Expanding httpd adoption internationally - POC

On Thu, Apr 19, 2018 at 12:20 AM, Marion et Christophe JAILLET <christophe.jail...@wanadoo.fr> wrote: > Le 18/04/2018 à 22:12, William A Rowe Jr a écrit : >> >> On Wed, Apr 18, 2018 at 2:31 PM, Nick Kew <n...@apache.org> wrote: >>>> >>>> I sus

Re: A proposal...

On Mon, Apr 23, 2018 at 1:05 PM, Jim Jagielski <j...@jagunet.com> wrote: > >> On Apr 23, 2018, at 12:54 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: >> >> +1; I see any "patch" releases (semver definition) as adopting well-tested >> bug >

Re: A proposal...

On Mon, Apr 23, 2018 at 9:47 AM, Rainer Jung wrote: > Am 23.04.2018 um 16:00 schrieb Jim Jagielski: >> >> It seems that, IMO, if there was not so much concern about "regressions" >> in releases, this whole revisit-versioning debate would not have come up. Additional

Re: Start using RCs

On Mon, Apr 23, 2018 at 11:12 AM, Micha Lenk wrote: > Hi Jim, > > On Fri, Apr 20, 2018 at 08:54:09AM -0400, Jim Jagielski wrote: >> We have a history, as well as a published "agreement" on what minor >> version numbering means. > > Just to make sure I am on the same page, would

Re: Start using RCs (Was: Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)])

On Sun, Apr 22, 2018 at 11:34 AM, Daniel Ruggeri wrote: > > The more I think about it, the more I *really* like a semver-ish > approach where major represents the ABI that will not be broken, minor > represents the feature set (for backwards compatibility) and patch >

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Fri, Apr 20, 2018, 10:37 Paul Querna wrote: > > I believe having more minor releases and less major backports to patch > releases is a good thing. > > I believe we gave the even/odd, 2.1/2.3 "unstable", thing a long run. > About 15 years of it. > > Since then the wider open

Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)]

On Fri, Apr 20, 2018 at 2:36 AM, Rainer Jung wrote: > >> The necessity/evaluation of the dependency belongs >> here... we once could compile httpd 2.4 against APR 1.4 family and had >> agreement that this would continue through the lifecycle, but I seriously >> doubt that

Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)]

On Fri, Apr 20, 2018 at 2:15 AM, Rainer Jung wrote: > Do we need a quick APR 1.6.4 to pick up r1819938? From CHANGES: > > *) poll, port: re-add the wakeup pipe to the pollset after it triggered. >Not doing this occasionally lead to httpd event MPM processes hanging >

Re: Start using RCs (Was: Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)])

ranches. I'm fearful of a future where we may have five branches and a > bugfix applicable to all (or worse... a security fix that would dictate > all should be released/disclosed at the same time). > > -- > Daniel Ruggeri > > On 4/19/2018 7:17 PM, William A Rowe Jr wrote: > > I don'

Re: Start using RCs (Was: Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)])

ad. > > The changelogs are more readable as well, because it's obvious which > intermediary RC releases belong together. If you look at > https://archive.apache.org/dist/httpd/CHANGES_2.4, there is zero > indication that e.g. 2.4.31 was never released. > > > On Thu, Apr 19, 201

Re: Start using RCs (Was: Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)])

et <-> net, this is the status quo which failed us so badly this past winter (now with alphabetic characters!) On Thu, Apr 19, 2018 at 10:51 AM, Jim Jagielski <j...@jagunet.com> wrote: > The idea is encouraging and fostering a broader test audience. > > > On Apr 19, 2018,

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

All informative feedback is welcome on this /discussion/ thread. Jim, again, stop. Bullying list watchers with negative feedback into silence is a CoC violation. David, thank you for your detailed feedback. We are reading, whether the feedback is warmly received or not. On Thu, Apr 19, 2018

Re: Start using RCs (Was: Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)])

up the status quo with different labels. On Thu, Apr 19, 2018, 10:37 Jim Jagielski <j...@jagunet.com> wrote: > > > > On Apr 19, 2018, at 11:26 AM, William A Rowe Jr <wr...@rowe-clan.net> > wrote: > > > > On Thu, Apr 19, 2018 at 10:11 AM, Jim Jagiels

Re: Start using RCs (Was: Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)])

On Thu, Apr 19, 2018 at 10:11 AM, Jim Jagielski wrote: > With all this in mind, should we try to set things up so that the > next release cycle uses the concept of RCs? > > If so, and if people like, I can come up with a baseline > proposal on the process for us to debate and

Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)]

On Thu, Apr 19, 2018 at 10:08 AM, Jim Jagielski <j...@jagunet.com> wrote: > >> On Apr 19, 2018, at 10:47 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote: >> >> and BFDL/NIH-tier levels of "we don't do that, we do things this way... my >> way or the h

Re: So... when should we do 2.4.34? [WAS: Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)]

On Thu, Apr 19, 2018, 09:32 Jim Jagielski wrote: > > > > On Apr 19, 2018, at 10:20 AM, Stefan Eissing < > stefan.eiss...@greenbytes.de> wrote: > > > > Frankly, I think the current state of things does not work well. It > seems folly to say we should change nothing, only have

Re: cygwin-oriented scripts that grab deps, cmake, etc for win build?

On Thu, Apr 19, 2018 at 7:52 AM, Eric Covener wrote: > Hi All, sorry for the lazyness, but does anyone have even a partial > set of scripts to drive the windows cmake build including obtaining > common prereqs? > > I believe I have seen 1 or two batch oriented ones that I'd

Re: [Bug 62308] New: Apache crashes after graceful restart with AH02599: slotmem (failed size check)

Does the root of this issue go back to this backport? Author: minfrin Date: Tue Feb 13 22:11:47 2018 New Revision: 1824180 URL: http://svn.apache.org/viewvc?rev=1824180=rev Log: mod_proxy_balancer,mod_slotmem_shm: Rework SHM reuse/deletion to not depend on the number of restarts (non-Unix

Re: Expanding httpd adoption internationally

On Wed, Apr 18, 2018 at 2:31 PM, Nick Kew wrote: > >> I suspect the straightforward way to do this, in 2.6/3.0, will be to add an >> i18n table of the error log strings extracted from and indexed by those >> APLOGNO() entries. No match? Default English message. > > Please, not

Re: Expanding httpd adoption internationally

On Wed, Apr 18, 2018 at 1:53 PM, Marion et Christophe JAILLET <christophe.jail...@wanadoo.fr> wrote: > Le 18/04/2018 à 20:00, William A Rowe Jr a écrit : >> >> Localizing our error messages alone would go a long ways to being >> friendly to non-english speaking admin

Re: "Most Popular Web Server?"

On Wed, Apr 18, 2018 at 1:07 PM, Jim Jagielski <j...@jagunet.com> wrote: > >> On Apr 18, 2018, at 1:21 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: >> >> There we go again. Why do you and Graham have to make this about >> Bill vs. yourselves?

Re: Expanding httpd adoption internationally

to be further marginalized. On Wed, Apr 18, 2018 at 12:45 PM, Nick Kew <n...@apache.org> wrote: > >> On 18 Apr 2018, at 17:55, William A Rowe Jr <wr...@rowe-clan.net> wrote: >> >> So I'll start with this; > > Erm, would you like to cite a source for that claim? I

Re: "Most Popular Web Server?"

On Wed, Apr 18, 2018 at 11:46 AM, Jim Jagielski wrote: > IMO, this boils down to 2 things: > > 1. nginx, particularly, does a LOT of promoting, marketing, PR, etc... > We don't. They get to promote their FUD all the time and remain > pretty much unchallenged.

Expanding httpd adoption internationally

On Wed, Apr 18, 2018 at 11:46 AM, Jim Jagielski wrote: > > 1. nginx, particularly, does a LOT of promoting, marketing, PR, etc... > We don't. They get to promote their FUD all the time and remain > pretty much unchallenged. I'd like to break out and break down

/scheme/i sensitivity? (was: svn commit: r1829430 - /httpd/httpd/patches/2.4.x/core-check_errorlog_dir_syslog.patch)

On Wed, Apr 18, 2018 at 11:36 AM, Jim Riggs wrote: > Fair enough. I'm fine standardizing either way. strn?cmp() is probably more > "correct". As it stands, though, the check in core is not actually checking > everything that log.c will handle. There are a number of places where

"Most Popular Web Server?"

"Established in 1999, the all-volunteer Apache Software Foundation oversees more than 350 leading Open Source projects, including Apache HTTP Server --the world's most popular Web server software." How long will that last claim remain true? We can sum up the state of affairs from four

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Wed, Apr 18, 2018 at 10:57 AM, Rainer Jung wrote: > > Since this thread was triggered by the mod_ssl config merging problems: I > think that was a case where a new feature was really nice, but to implement > it the needed changes where not not easy to understand in

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Wed, Apr 18, 2018 at 1:01 AM, Stefan Eissing <stefan.eiss...@greenbytes.de> wrote: > >> Am 17.04.2018 um 19:18 schrieb William A Rowe Jr <wr...@rowe-clan.net>: >> >>> On Tue, Apr 17, 2018 at 11:17 AM, Graham Leggett <minf...@sharp.fm> wrote: >>

Re: [Bug 62308] New: Apache crashes after graceful restart with AH02599: slotmem (failed size check)

A shm destroy cannot remove an open shm (any more than rm will remove an open file - at least on windows). In a graceful, you have a lingering child holding on to that resource. The short term fix would be to rename the offending shm resource on each attempted graceful restart. It may be

Re: svn commit: r1829430 - /httpd/httpd/patches/2.4.x/core-check_errorlog_dir_syslog.patch

On Wed, Apr 18, 2018 at 7:17 AM, Jim Riggs wrote: > I didn't think of this before, but there is one edge case this would miss: if > someone (for whatever reason) wants a relative ErrorLog *file* named > `syslog*', for example `ErrorLog "syslog-httpd.log"' or `ErrorLog >

Re: Current trunk does not build on Win

On Mon, Apr 16, 2018 at 8:37 AM, Steffen wrote: > > I like to continue building/testing trunk. > > Is there a fix coming ? I guess not from the author. Try r1829381 now committed to trunk. If that doesn't work, we'll revert and start again, no cycles to check the fix

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

m Leggett <minf...@sharp.fm> wrote: > On 17 Apr 2018, at 6:08 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > >> No enhancement since 2011-12-19 has been presented for the collective >> community's scrutiny. > > Again, I’m not following. > > The architectu

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Tue, Apr 17, 2018 at 10:50 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > > No enhancement since 2011-12-19 has been subjected to any community > scrutiny. This was the date 2.3.16-beta for 2.4 was announced. Sorry that statement is somewhat unfair... * An

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Tue, Apr 17, 2018 at 9:47 AM, Graham Leggett <minf...@sharp.fm> wrote: > On 17 Apr 2018, at 4:41 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > >> We observe the "code freeze" effect (defined by three different >> distributors) coupled with di

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Tue, Apr 17, 2018 at 9:47 AM, Graham Leggett <minf...@sharp.fm> wrote: > On 17 Apr 2018, at 4:41 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > >> And everything contributed to 2.4.33 release? All in vain. None of >> that in this OS distribution,

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Sat, Apr 14, 2018 at 8:48 AM, Jim Jagielski wrote: > IMO, the below ignores the impacts on OS distributors who > provide httpd. We have seen how long it takes for them > to go from 2.2 to 2.4... They went to 2.4 once 2.4 was no longer beta. There is this concept called "code

Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

Terrific analysis! But on the meta-question... Instead of changing the behavior of httpd on each and every subversion bump, is it time to revisit our revisioning discipline and hygiene? I promise to stay out of such discussion provided that one equally stubborn and intractable PMC member agrees

Re: Current trunk does not build on Win

To thoroughly confuse... On Tue, Apr 10, 2018 at 10:49 AM, Eric Covener <cove...@gmail.com> wrote: > On Tue, Apr 10, 2018 at 11:40 AM, William A Rowe Jr <wr...@rowe-clan.net> > wrote: >> On Tue, Apr 10, 2018 at 7:41 AM, Steffen <i...@apachelounge.com> wrote: &g

Re: Current trunk does not build on Win

On Tue, Apr 10, 2018 at 7:41 AM, Steffen wrote: > > Get: > > Error C2440 'function': cannot convert from 'int (__stdcall *)(conn_rec *)' > to 'ap_HOOK_output_pending_t (__cdecl *)' libhttpd > ..\VC15\trunk\server\core.c 5724 '(__stdcall *)(conn_rec *)' != '(__cdecl *)

Re: TLSv1.3

On Sun, Apr 8, 2018 at 11:37 AM, Bernard Spil wrote: > Hi Stefan, Mario, > > I saw that 2.5.1-dev was tagged, is another release coming some time soon? Worried me enough to look; http://svn.apache.org/repos/asf/httpd/httpd/tags/ Thankfully nobody made such a tag. You'll note

Re: Question about RemoteIPInternalProxyList (PR 62220)

Asking me to ask myself why I did what I did 10 years ago :) Best explanation I have is that I'd envisioned that the internal and external trust lists would be universally accepted lists, and they are *very* slow to parse with DNS lookups. E.g. the wikipedia X-F-F whitelist. And a corporate

Re: TLSv1.3

SSLProtocol TLSv1.2 TLSv1.3 SSLProxyProtocol TLSv1.2 TLSv1.3 should be syntactically valid, no? [Wed Apr 04 18:21:11.465896 2018] [ssl:warn] [pid 2228052:tid 140031042861312] AH02532: SSLProtocol: Protocol 'TLSv1.3' overrides already set parameter(s). Check if a +/- prefix is missing. [Wed Apr

Re: TLSv1.3

Not sure if you are aware of the converse of our favorite site; https://www.ssllabs.com/ssltest/viewMyClient.html On Wed, Apr 4, 2018 at 7:52 AM, Stefan Eissing wrote: > :) I have that running for HOURS already! > > Results were from 1.1.1-pre4 > >> Am 04.04.2018

Re: Bugzilla open tasks by year

On Fri, Mar 30, 2018 at 11:50 AM, Luca Toscano wrote: > > 2018-03-26 11:35 GMT+02:00 Nick Kew : >> >> > As hackathon project it could be good to review some of those >> > older-than-2011 tasks and see which ones are good to keep and which ones >> > can >>

Re: [RESULT] [VOTE] Release httpd-2.4.33

On Fri, Mar 23, 2018 at 10:50 AM, Alain Toussaint wrote: > Le mercredi 21 mars 2018 à 15:38 +, Daniel Ruggeri a écrit : >> Hi, all; >>I am pleased to report that the vote to release httpd-2.4.33 has PASSED >> with 7 binding votes >> and 2 non-binding votes. I will

Re: [PATCH] ap_str[case]cmp_match() made tail-recursive

On Fri, Mar 23, 2018 at 10:39 AM, Yann Ylavic <ylavic@gmail.com> wrote: > On Fri, Mar 23, 2018 at 4:37 PM, William A Rowe Jr <wr...@rowe-clan.net> > wrote: >> On Fri, Mar 23, 2018 at 8:18 AM, Yann Ylavic <ylavic@gmail.com> wrote: >>> Not sure it

Re: [PATCH] ap_str[case]cmp_match() made tail-recursive

On Fri, Mar 23, 2018 at 8:18 AM, Yann Ylavic wrote: > Not sure it helps its readability (not worse though), at least it > helps performances. > > For now the patches uses a big "goto" to preserve code (AFAP), that > could easily be turned into a do {} while. > > WDYT? Did

Re: [VOTE] Release httpd-2.4.33

On Tue, Mar 20, 2018 at 1:39 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Sat, Mar 17, 2018 at 6:43 PM, Daniel Ruggeri <drugg...@primary.net> wrote: >> Hi, all; >>Please find below the proposed release tarball and signatures: >> https://dist.apache.

Re: svn commit: r1824221 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

On Tue, Mar 20, 2018 at 2:50 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > > Test Summary Report > --- > t/modules/remoteip.t (Wstat: 0 Tests: 12 Failed: 8) > Failed tests: 2-3, 5-6, 8-9, 11-12 Solved, simply needed extra.conf.in to match up wit

Re: New error log noise

On Tue, Mar 20, 2018 at 4:26 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Tue, Mar 20, 2018 at 8:58 PM, William A Rowe Jr <wr...@rowe-clan.net> > wrote: >> [Tue Mar 20 14:47:49.048998 2018] [proxy:error] [pid 291243:tid >> 139804071643008] AH02808: Alert! wo

New error log noise

[Tue Mar 20 14:47:49.048998 2018] [proxy:error] [pid 291243:tid 139804071643008] AH02808: Alert! worker name (fcgi://localhost:9001//home/build/dev/piv/oss-httpd-build/bld-candidate/httpdtest-trunk/t/htdocs/) too long; truncated to:

Re: svn commit: r1824221 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS docs/manual/mod/mod_remoteip.xml modules/metadata/mod_remoteip.c

On Wed, Feb 14, 2018 at 4:55 AM, wrote: > Author: minfrin > Date: Wed Feb 14 10:55:44 2018 > New Revision: 1824221 > > URL: http://svn.apache.org/viewvc?rev=1824221=rev > Log: > mod_remoteip: Add PROXY protocol support In backporting this, was there a reason that

Re: [VOTE] Release httpd-2.4.33

On Sat, Mar 17, 2018 at 6:43 PM, Daniel Ruggeri wrote: > Hi, all; >Please find below the proposed release tarball and signatures: > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this candidate > tarball as

Re: [RESULT] [VOTE] Release httpd-2.4.32

Reading backwards... +1 - deferring the announcement would be fine. We simply can't make 2.4.32 "disappear" as unreleased. On Fri, Mar 16, 2018 at 8:03 AM, Jim Jagielski wrote: > Just because it is released, doesn't mean we need to announce it. We > can easily release a quick

Re: Poll: increase OpenSSL version requirement for trunk?

For trunk/next only I support Yann's thoughts here. Within the ecosystem, do we actually worry about pairing 1.0.0 OpenSSL, pcre 6.x etc with 2.6.0 httpd? Is there any expectation that running SLES 11 will let you build modern packages? Or RHEL 5.x ... while in "extended" pseduo-support, RedHat

Re: [RESULT] [VOTE] Release httpd-2.4.32

That still leaves the headache of fallback-to-release when a candidate on these many projects isn't present (actually, the smart election between candidate and release if both exist!) But great pointer, TY! On Mar 15, 2018 21:46, "Jan Ehrhardt" <php...@ehrhardt.nl> wrote: >

Re: [RESULT] [VOTE] Release httpd-2.4.32

On Thu, Mar 15, 2018 at 4:43 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Thu, Mar 15, 2018 at 10:39 PM, William A Rowe Jr <wr...@rowe-clan.net> > wrote: >> On Thu, Mar 15, 2018 at 4:28 PM, Eric Covener <cove...@gmail.com> wrote: >>>> Th

Re: [RESULT] [VOTE] Release httpd-2.4.32

On Thu, Mar 15, 2018 at 4:28 PM, Eric Covener wrote: >> This looks sensible, or do we say that users of mod_proxy_balancer >> on Windows should defer their upgrade? A more limited audience? > > +1 Should we also mention the regression against mod_security on Windows? (Nobody

Re: [RESULT] [VOTE] Release httpd-2.4.32

On Thu, Mar 15, 2018 at 4:19 PM, Daniel Ruggeri wrote: > > *** Changes here >We consider this release to be the best version of Apache available for >non-Windows platforms, and encourage users of all prior versions to > upgrade. > >Please note, a bug after

Re: [RESULT] [VOTE] Release httpd-2.4.32

On Thu, Mar 15, 2018 at 3:59 PM, Jan Ehrhardt <php...@ehrhardt.nl> wrote: > William A Rowe Jr in gmane.comp.apache.devel (Thu, 15 Mar 2018 13:52:48 > -0500): >>The largest headache is provisioning the entire suite of non-default perl >>modules required. Running the framewo

Re: [RESULT] [VOTE] Release httpd-2.4.32

On Thu, Mar 15, 2018 at 12:15 PM, Rainer Jung wrote: > Am 15.03.2018 um 18:09 schrieb Eric Covener: >> >> On Thu, Mar 15, 2018 at 12:54 PM, Jan Ehrhardt wrote: >>> >>> Eric Covener in gmane.comp.apache.devel (Thu, 15 Mar 2018 12:35:38 >>> -0400):

Re: svn commit: r25693 - in /release/httpd: docs/ patches/apply_to_2.2.0/ patches/apply_to_2.2.11/ patches/apply_to_2.2.14/ patches/apply_to_2.2.15/ patches/apply_to_2.2.19/ patches/apply_to_2.2.21/ p

anything on that site that assists them in going against our guidance and better judgement probably doesn't belong. Cheers, Bill On Tue, Mar 13, 2018 at 4:32 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Tue, Mar 13, 2018 at 3:53 PM, Yann Ylavic <ylavic@gmail.com> wrote:

Re: svn commit: r25693 - in /release/httpd: docs/ patches/apply_to_2.2.0/ patches/apply_to_2.2.11/ patches/apply_to_2.2.14/ patches/apply_to_2.2.15/ patches/apply_to_2.2.19/ patches/apply_to_2.2.21/ p

On Tue, Mar 13, 2018 at 3:53 PM, Yann Ylavic wrote: > On Tue, Mar 13, 2018 at 9:34 PM, wrote: >> Author: wrowe >> Date: Tue Mar 13 20:34:36 2018 >> New Revision: 25693 >> >> Log: >> Drop unsupported files from the distribution site. >> >> These remain

Re: Vote 2.4.32 and mod_md no valid Certificate Agreement directive

On Mon, Mar 12, 2018 at 6:23 AM, Eric Covener wrote: > On Mon, Mar 12, 2018 at 6:33 AM, Stefan Eissing > wrote: >> >>> Am 12.03.2018 um 11:23 schrieb Daniel Gruno : >>> >>> Would it be possible to just have a link that always

Re: [VOTE] Release httpd-2.4.32

On Fri, Mar 9, 2018 at 8:49 PM, Daniel Ruggeri wrote: > Hi, all; > >Please find below the proposed release tarball and signatures: > > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this candidate > tarball

Re: svn commit: r1826279 - /httpd/httpd/branches/2.4.x/STATUS

Doesn't our crazy old unquoted ErrorDocument directive have this issue too? On Mar 8, 2018 16:05, "Yann Ylavic" wrote: > On Thu, Mar 8, 2018 at 11:00 PM, wrote: > > > >*) mod_access_compat, mod_authz_host: Prevent access control > misconfiguration

Re: [VOTE] Release httpd-2.4.31

On Sat, Mar 3, 2018 at 10:00 AM, Daniel Gruno wrote: > On 03/03/2018 04:56 PM, Daniel Ruggeri wrote: >> Hi, all; >> >>Please find below the proposed release tarball and signatures: >> >> https://dist.apache.org/repos/dist/dev/httpd/ > > I know this is a bit nitpicky, and

Re: One more make pain point

, William A Rowe Jr <wr...@rowe-clan.net> wrote: > No comment? > > Note that you won't see these artifacts on a same-tree build, but > will be confronted with a slew of them on any new vpath unix build. > > On Mon, Feb 26, 2018 at 2:58 PM, William A Rowe Jr <wr...@rowe

Re: One more make pain point

No comment? Note that you won't see these artifacts on a same-tree build, but will be confronted with a slew of them on any new vpath unix build. On Mon, Feb 26, 2018 at 2:58 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > Any objections to > > --- build/mkdir.sh (r

Re: 2.4.29 || mod_remoteip w/RemoteIPProxyProtocol

On Tue, Feb 27, 2018 at 8:57 AM, Graham Leggett wrote: > On 27 Feb 2018, at 4:44 PM, Jacob Perkins wrote: > > I have a customer who’s attempting to use RemoteIPProxyProtocol with > mod_remoteIP. Per 2.4 documentation, this directive should be available

Re: Fedora solved, Ubuntu still a problem?

On Mon, Feb 26, 2018 at 3:44 PM, Alain Toussaint <al...@vocatus.pub> wrote: > I've been registered to this mailing list for some time but this is my first > posting. > > Le lundi 26 février 2018 à 15:39 -0600, William A Rowe Jr a écrit : >> Somewhere along the way, this w

Re: svn commit: r1825219 - /httpd/site/trunk/tools/release.sh

My approach has been to skim the http://www.apache.org/dist/apr/ tree for the version-sorted latest number. Your solution also seems sound. But we should mention to dev@apr that we are counting on these behaviors :) On Sat, Feb 24, 2018 at 5:43 AM, Daniel Ruggeri wrote: >

Fedora solved, Ubuntu still a problem?

Somewhere along the way, this was fixed on Fedora; I don't know whether it was a fix to system packages or a patch we applied to apr/httpd; x86_64-linux-gnu-ar: `u' modifier ignored since `D' is the default (see `U') This error message is from Ubuntu 16.04-LTS, it appears we still have the same

<    1   2   3   4   5   6   7   8   9   10   >