Re: svn commit: r1742822 - /httpd/httpd/trunk/modules/http/http_core.c

On Fri, May 13, 2016 at 7:25 PM, Yann Ylavic <ylavic@gmail.com> wrote: > +if (r->the_request) { > +access_status = r->status; > +r->status = HTTP_OK; > +ap_update_child_status(conn

Re: svn commit: r1742822 - /httpd/httpd/trunk/modules/http/http_core.c

On Fri, May 13, 2016 at 7:25 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Fri, May 13, 2016 at 6:57 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> But for the above cases or an error while reading/validating the >> headers or running post_read_

Re: svn commit: r1742822 - /httpd/httpd/trunk/modules/http/http_core.c

On Fri, May 13, 2016 at 6:49 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Fri, May 13, 2016 at 11:41 AM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> On Thu, May 12, 2016 at 4:55 PM, William A Rowe Jr <wr...@rowe-clan.net> >> wrote: >> >

Re: svn commit: r1742822 - /httpd/httpd/trunk/modules/http/http_core.c

On Fri, May 13, 2016 at 6:57 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Fri, May 13, 2016 at 6:49 PM, William A Rowe Jr <wr...@rowe-clan.net> > wrote: >> On Fri, May 13, 2016 at 11:41 AM, Yann Ylavic <ylavic@gmail.com> wrote: >>> >>> On

Re: svn commit: r1742794 - /httpd/httpd/branches/2.4.x/STATUS

On Sun, May 8, 2016 at 12:30 PM, wrote: > > + * Don't globber scoreboard request info if read_request_line() fails with > + a timeout. In that case there's not yet any new useful request info > + available. > + Noticed via server-status showing request "NULL"

Re: svn commit: r1742794 - /httpd/httpd/branches/2.4.x/STATUS

[top posting reodered] On Sun, May 8, 2016 at 7:21 PM, Stefan Eissing wrote: > >> Am 08.05.2016 um 16:30 schrieb Rainer Jung : >> >> If that would be consensus, it would mean, we should only reset the request >> info at the start of a

Re: svn commit: r1732275 - in /httpd/httpd/branches/2.4.x: ./ include/ap_mmn.h include/http_connection.h include/scoreboard.h modules/generators/mod_status.c modules/ssl/ssl_engine_kernel.c server/con

On Thu, Apr 14, 2016 at 9:40 PM, olli hauer wrote: > I've done a quick test with > $ ab -n 1 -c 100 $host/$url > > During the test the count of idle worker are incrementing and decrementing > but it ab has finished the requests the count of idle workers stays on the > last

Re: svn commit: r1732275 - in /httpd/httpd/branches/2.4.x: ./ include/ap_mmn.h include/http_connection.h include/scoreboard.h modules/generators/mod_status.c modules/ssl/ssl_engine_kernel.c server/con

On Thu, Apr 14, 2016 at 10:05 PM, olli hauer <oha...@gmx.de> wrote: > On 2016-04-14 21:48, Yann Ylavic wrote: >> On Thu, Apr 14, 2016 at 9:40 PM, olli hauer <oha...@gmx.de> wrote: >>> I've done a quick test with >>> $ ab -n 1 -c 100 $host/$url >>&

Re: svn commit: r1732275 - in /httpd/httpd/branches/2.4.x: ./ include/ap_mmn.h include/http_connection.h include/scoreboard.h modules/generators/mod_status.c modules/ssl/ssl_engine_kernel.c server/con

On Thu, Apr 14, 2016 at 10:28 PM, olli hauer wrote: > > I've done some tests with 2.4.19 there is maybe an interesting detail. > With 2.4.19 the last request is empty for an idle worker, with 2.4.20 not > (shows the client, proto, Vhost and request) Sorry for the confusion,

Re: svn commit: r1732275 - in /httpd/httpd/branches/2.4.x: ./ include/ap_mmn.h include/http_connection.h include/scoreboard.h modules/generators/mod_status.c modules/ssl/ssl_engine_kernel.c server/con

On Thu, Apr 14, 2016 at 10:58 PM, olli hauer wrote: > > OK, I've attached the output from a 2.4.18 scoreboard some sec. after > ab -k -n 10 -c 100 -f TLS1.2 $host/$url > > the 2.4.18 scoreboard looks similar to 2.4.20 with your patch Thank you very much olli.

Re: Allow SSLProxy* config in context?

On Fri, Apr 15, 2016 at 1:30 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Thu, Apr 14, 2016 at 9:57 AM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> IIUC, the block is a per_dir context already, which can/could >> accept any directive provided th

Re: "Upgrade: h2" header for HTTP/1.1 via TLS (Bug 59311)

On Wed, Apr 20, 2016 at 1:09 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Wed, Apr 20, 2016 at 11:25 AM, Stefan Eissing > <stefan.eiss...@greenbytes.de> wrote: >> Done in r1740075. >> >> I was thinking of a nicer solution, but that involved inventing

Re: "Upgrade: h2" header for HTTP/1.1 via TLS (Bug 59311)

On Wed, Apr 20, 2016 at 11:25 AM, Stefan Eissing wrote: > Done in r1740075. > > I was thinking of a nicer solution, but that involved inventing new hooks > which seems not worth it. > > Since this area of protocol negotiation has already been talked about in >

Re: Allow SSLProxy* config in context?

On Wed, Apr 13, 2016 at 7:49 PM, Rainer Jung wrote: > Am 13.04.2016 um 17:04 schrieb Graham Leggett: >> >> The catch is that mod_ssl forces us to declare SSL certs and keys server >> wide, not per directory, loaded and parsed at startup. We however want to >> specify

Re: svn commit: r1732275 - in /httpd/httpd/branches/2.4.x: ./ include/ap_mmn.h include/http_connection.h include/scoreboard.h modules/generators/mod_status.c modules/ssl/ssl_engine_kernel.c server/con

On Thu, Apr 14, 2016 at 7:10 PM, olli hauer wrote: > I got this morning a request from a FreeBSD user to back-port r1739008, and > also already the feedback that scoreboard is usable again with the patch. > > Since I cannot find a reference in branches/2.4.x/STATUS for r1739008 I

Re: svn commit: r1732275 - in /httpd/httpd/branches/2.4.x: ./ include/ap_mmn.h include/http_connection.h include/scoreboard.h modules/generators/mod_status.c modules/ssl/ssl_engine_kernel.c server/con

On Thu, Feb 25, 2016 at 11:27 AM, wrote: > Author: icing > Date: Thu Feb 25 10:27:27 2016 > New Revision: 1732275 > > URL: http://svn.apache.org/viewvc?rev=1732275=rev > Log: > merging pre_close_connection hook, prep_lingering_close and ap_update_child() > additions from trunk

Re: Allow SSLProxy* config in context?

On Tue, Apr 19, 2016 at 9:36 PM, Yann Ylavic <ylavic@gmail.com> wrote: > > What changed is: > 1. SSLProxy* directives are now per directory (restricted to > Server/VirtualHost and ), so all the internal struct members > have been move from SSLSrvConfigRec to SSLDirConf

Re: allow newlines in T_ESCAPE_LOGITEM?

On Wed, Apr 13, 2016 at 11:08 PM, Eric Covener wrote: > On Wed, Apr 13, 2016 at 5:05 PM, Daniel Lescohier > wrote: >> Isn't T_ESCAPE_LOGITEM also used by mod_log_config's use of >> ap_escape_logitem? We rely on the API that data from HTTP requests

Re: Thundering herd and MPMs (for dummies)

Hi Luca, On Sat, Apr 16, 2016 at 12:07 PM, Luca Toscano wrote: > The sockets are non blocking and without any guard before the > apr_pollset_poll (between processes I mean) there might be the risk of > having two or more listener threads trying to accept the same new >

Re: Thundering herd and MPMs (for dummies)

On Sat, Apr 16, 2016 at 2:17 PM, Yann Ylavic <ylavic@gmail.com> wrote: > Hi Luca, > > On Sat, Apr 16, 2016 at 12:07 PM, Luca Toscano <toscano.l...@gmail.com> wrote: >> The sockets are non blocking and without any guard before the >> apr_pollset_poll (betw

Re: Allow SSLProxy* config in context?

On Thu, Apr 14, 2016 at 9:57 AM, Yann Ylavic <ylavic@gmail.com> wrote: > > IIUC, the block is a per_dir context already, which can/could > accept any directive provided their ap_check_cmd_context() allows it > (we may need to declare a new PROXY_CONF). > > So how about

Re: Error while compiling ssl_ct module

On Sat, May 7, 2016 at 4:20 AM, Ben Wang wrote: > > /usr/local/apache2/build/libtool --silent --mode=compile gcc -std=gnu99 > -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread > -I/usr/local/apache2/include -I/usr/local/apache2/include >

Re: svn commit: r1750953 - /httpd/httpd/trunk/server/util_script.c

On Fri, Jul 22, 2016 at 8:42 PM, Jacob Champion wrote: > On 07/22/2016 10:49 AM, William A Rowe Jr wrote: >> >> I'm -1 for interpretating invalid values. > > > By "invalid" do you mean any string that doesn't comply with 723x's > Last-Modified definition? Even if the only

Handle Upgrade forwarding (protocol switch) in mod_proxy_http

Hi, since Upgrade is an HTTP/1 feature, I don't find it too twisted... The primary goal would be to let the backend decide whether an Upgrade is to be done, or otherwise continue with HTTP (still parsing the response, filtering, caching, ...). Currently we handle WebSocket tunneling only (in

Re: Handle Upgrade forwarding (protocol switch) in mod_proxy_http

On Thu, Jul 28, 2016 at 2:33 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Jul 27, 2016 6:53 PM, "Yann Ylavic" <ylavic@gmail.com> wrote: >> >> On Wed, Jul 27, 2016 at 8:27 PM, William A Rowe Jr <wr...@rowe-clan.net> >> wrote: >&g

Re: EC to audit Apache HTTP Server

On Sat, Jul 23, 2016 at 11:01 AM, Nick Kew wrote: > On Fri, 2016-07-22 at 18:59 +0200, Steffen wrote: > > Could this be time to start inserting comments? > > /* Note to auditors: an EALLOC here is a crash, >* and error handling won't help. >*/ > foo = apr_palloc(pool,

Re: svn commit: r1678698 - in /httpd/httpd/branches/2.2.x: ./ STATUS modules/filters/mod_reqtimeout.c

On Fri, Jul 29, 2016 at 12:30 AM, Eric Covener wrote: > I think this backport isn't helping in 2.2.x. In 2.2 > check_pipeline_flush() doesn't use AP_MODE_SPECULATIVE :( > > I wonder what the risk is non-blocking mode-AP_MODE_EATCRLF to do the > same thing. Maybe a safer way

Re: svn commit: r1754579 - /httpd/httpd/trunk/server/gen_test_char.c

On Sat, Jul 30, 2016 at 5:15 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Sat, Jul 30, 2016 at 12:00 AM, <wr...@apache.org> wrote: >> >> Looking for someone with an EBCDIC environment to post the output of >> the test_char.

Re: svn commit: r1754579 - /httpd/httpd/trunk/server/gen_test_char.c

On Sat, Jul 30, 2016 at 6:35 PM, Eric Covener <cove...@gmail.com> wrote: > On Sat, Jul 30, 2016 at 12:28 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> On Sat, Jul 30, 2016 at 5:37 PM, Yann Ylavic <ylavic@gmail.com> wrote: >>> >>> (I'm a bi

Re: svn commit: r1754579 - /httpd/httpd/trunk/server/gen_test_char.c

On Sat, Jul 30, 2016 at 12:00 AM, wrote: > > Looking for someone with an EBCDIC environment to post the output of > the test_char.h generated file for verification. > [] > > +#if APR_CHARSET_EBCDIC > +/* See util.c for complete explanation of this table */ > +static const short

Re: svn commit: r1754579 - /httpd/httpd/trunk/server/gen_test_char.c

On Sat, Jul 30, 2016 at 5:37 PM, Yann Ylavic <ylavic@gmail.com> wrote: > > (I'm a bit lost on where are/aren't EBCDIC octets here). Mostly, I understand that T_HTTP_TOKEN_STOP and T_HTTP_CTRLS should be used with ascii chars because they come from test_isascii_equiv() (and due

Re: svn commit: r1754548 - /httpd/httpd/trunk/server/protocol.c

On Sat, Jul 30, 2016 at 11:22 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Fri, Jul 29, 2016 at 6:24 PM, <wr...@apache.org> wrote: >> Author: wrowe >> Date: Fri Jul 29 16:24:14 2016 >> New Revision: 1754548 >> >> URL: http://svn.apache.org/viewv

Re: svn commit: r1754548 - /httpd/httpd/trunk/server/protocol.c

On Fri, Jul 29, 2016 at 6:24 PM, wrote: > Author: wrowe > Date: Fri Jul 29 16:24:14 2016 > New Revision: 1754548 > > URL: http://svn.apache.org/viewvc?rev=1754548=rev > Log: > Strictly observe spec on obs-fold > > Modified: > httpd/httpd/trunk/server/protocol.c [] > >

Re: svn commit: r1754579 - /httpd/httpd/trunk/server/gen_test_char.c

On Sat, Jul 30, 2016 at 7:28 PM, Eric Covener <cove...@gmail.com> wrote: > On Sat, Jul 30, 2016 at 1:11 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> But I mean we pre-suppose in gen_test_char that for T_HTTP_TOKEN_STOP >> and T_HTTP_CTRLS, TEST_CHAR (in util.c

Re: svn commit: r1754548 - /httpd/httpd/trunk/server/protocol.c

On Sun, Jul 31, 2016 at 12:56 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Jul 30, 2016 4:36 PM, "Yann Ylavic" <ylavic@gmail.com> wrote: >> >> On Sat, Jul 30, 2016 at 11:22 PM, Yann Ylavic <ylavic@gmail.com> >> wrote: >>

Re: Handle Upgrade forwarding (protocol switch) in mod_proxy_http

On Wed, Jul 27, 2016 at 8:27 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > > On Wed, Jul 27, 2016 at 11:09 AM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> Hi, >> >> since Upgrade is an HTTP/1 feature, I don't find it too twisted... >>

Re: svn commit: r1754732 - /httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c

On Tue, Aug 2, 2016 at 2:59 PM, Luca Toscano <toscano.l...@gmail.com> wrote: > > 2016-08-02 10:48 GMT+02:00 Yann Ylavic <ylavic@gmail.com>: >> >> What I don't know is whether or not we need to read AP_FCGI_END_REQUEST >> anyway? >> If that's

Re: svn commit: r1754732 - /httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c

On Tue, Aug 2, 2016 at 4:07 PM, Luca Toscano <toscano.l...@gmail.com> wrote: > > 2016-08-02 15:23 GMT+02:00 Yann Ylavic <ylavic@gmail.com>: >> >> If that's correct, we indeed shouldn't break until we got >> AP_FCGI_END_REQUEST, so that we can reuse

Re: svn commit: r1754732 - /httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c

On Tue, Aug 2, 2016 at 6:58 PM, Luca Toscano <toscano.l...@gmail.com> wrote: > > 2016-08-02 17:54 GMT+02:00 Yann Ylavic <ylavic@gmail.com>: >> >> On Tue, Aug 2, 2016 at 5:05 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> Actually, u

Re: svn commit: r1754732 - /httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c

On Tue, Aug 2, 2016 at 5:05 PM, Yann Ylavic <ylavic@gmail.com> wrote: > > So we need to detect whether the 304 is a CGI Status or ours. > It seems that in the former case r->status is 304, whereas in the > latter case this is the local variable 'status' only. &g

Re: mod_remoteip DNS address resolution

On Thu, Aug 4, 2016 at 10:14 AM, Rainer Jung wrote: > > Something like "RemoteIPLookups (On|Off|NNN)". "On" would be current > behavior, "Off" would be "No DNS and use connection IP if address is > invalid", "NNN" would be "No DNS and return status NNN if address is >

Re: svn commit: r1756049 - /httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

On Thu, Aug 11, 2016 at 11:01 PM, wrote: > > +#if OPENSSL_VERSION_NUMBER >= 0x1000L > + > +static void ssl_util_thr_id(CRYPTO_THREADID *id) > +{ > +/* OpenSSL needs this to return an unsigned long. On OS/390, the pthread > + * id is a structure twice that big. Use

Re: HTTP/1.1 strict ruleset

On Thu, Aug 11, 2016 at 6:56 PM, William A Rowe Jr wrote: > > I haven't dug terribly deeply into the proxy mechanics yet, but the same > parser for headers is used for response header processing as well as the > request processing. They don't share the same code, though,

Re: svn commit: r1756186 - in /httpd/httpd/trunk: include/ modules/http/ modules/proxy/

On Sun, Aug 14, 2016 at 9:53 PM, Jim Jagielski wrote: > >> On Aug 12, 2016, at 9:58 AM, yla...@apache.org wrote: >> >> Modified: httpd/httpd/trunk/include/ap_mmn.h >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/include/ap_mmn.h?rev=1756186=1756185=1756186=diff >>

Re: svn commit: r1756049 - /httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

Hi Rainer, On Fri, Aug 12, 2016 at 1:27 PM, Rainer Jung <rainer.j...@kippdata.de> wrote: > > Am 11.08.2016 um 23:07 schrieb Yann Ylavic: >> >> You really mean to dereference NULL here? > > That was just a test if anyone is following. :) > > No, seriously:

Re: svn commit: r1750474 - in /httpd/httpd/trunk/modules/proxy: mod_proxy.h mod_proxy_ajp.c mod_proxy_fcgi.c mod_proxy_http.c proxy_util.c

On Tue, Jun 28, 2016 at 4:49 PM, Ruediger Pluem wrote: > > > On 06/28/2016 04:26 PM, Ruediger Pluem wrote: >> >> >> On 06/28/2016 01:19 PM, yla...@apache.org wrote: >>> Author: ylavic >>> Date: Tue Jun 28 11:19:36 2016 >>> New Revision: 1750474 >>> >>> URL:

Re: T 2.4.23 tomorrow (Thurs) ??

On Tue, Jun 28, 2016 at 5:04 PM, Yann Ylavic <ylavic@gmail.com> wrote: > > I don't see where lbmethod_heartbeat depends on mod_heartmonitor in > the code, but it seems to require mod_slotmem_shm though. My bad, mod_heartmonitor is required too.

Re: T 2.4.23 tomorrow (Thurs) ??

On Tue, Jun 28, 2016 at 4:15 PM, William A Rowe Jr wrote: > On Tue, Jun 28, 2016 at 8:46 AM, William A Rowe Jr > wrote: >> >> >> I suppose this would have been the more accurate toggle, in the first >> place? >> Any reason we would build lbmethods

Re: T 2.4.23 tomorrow (Thurs) ??

On Tue, Jun 28, 2016 at 5:06 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Tue, Jun 28, 2016 at 5:04 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> I don't see where lbmethod_heartbeat depends on mod_heartmonitor in >> the code, but it seems to require m

Re: T 2.4.23 tomorrow (Thurs) ??

On Tue, Jun 28, 2016 at 5:12 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Tue, Jun 28, 2016 at 10:10 AM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> On Tue, Jun 28, 2016 at 5:06 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> > On Tue, Ju

Re: svn commit: r1750301 - in /httpd/httpd/trunk/modules/proxy: mod_proxy.h proxy_util.c

On Mon, Jun 27, 2016 at 10:23 AM, Stefan Eissing wrote: > This looks nice for HTTP/1.1, but what about other protocols? Do I read it > correctly that any pending data downstream will reopen the connection? Hmm, I did not think about mod_proxy_h2, but correct (I'd rather say

Re: svn commit: r1754579 - /httpd/httpd/trunk/server/gen_test_char.c

On Thu, Aug 4, 2016 at 11:10 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Thu, Aug 4, 2016 at 3:52 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> On Thu, Aug 4, 2016 at 9:33 PM, William A Rowe Jr <wr...@rowe-clan.net> >> wrote: >> > &

Re: svn commit: r1754579 - /httpd/httpd/trunk/server/gen_test_char.c

On Thu, Aug 4, 2016 at 9:33 PM, William A Rowe Jr wrote: > > It seems correcting the table is the correct way to go, by direct > observation, and placing great faith that other than 0x15/0x37, > the discrepancies between ASCII <> EBCDIC C0 mappings do > not vary widely

Re: HTTP/1.1 strict ruleset

On Fri, Aug 5, 2016 at 12:02 AM, William A Rowe Jr wrote: > > It would be helpful if other PMC members would weigh in yea or nay on > dropping out-of-spec behaviors from 2.4 and 2.2 maintenance branches. IMHO we should keep an opt *out* strict mode for new errors 400 we

Re: svn commit: r1755263 - in /httpd/httpd/trunk: docs/log-message-tags/next-number server/protocol.c

On Fri, Aug 5, 2016 at 11:08 AM, wrote: > Author: wrowe > Date: Fri Aug 5 09:08:35 2016 > New Revision: 1755263 > > URL: http://svn.apache.org/viewvc?rev=1755263=rev > Log: > Treat an empty obs-fold line as abusive traffic > > Modified: >

Re: svn commit: r1755124 - /httpd/httpd/trunk/server/protocol.c

On Fri, Aug 5, 2016 at 7:33 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Fri, Aug 5, 2016 at 10:43 AM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> @@ -903,8 +903,16 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_ >>

Re: Frequent wake-ups for mpm_event

On Fri, Aug 5, 2016 at 3:19 PM, Yann Ylavic <ylavic@gmail.com> wrote: > Hi Luca, > > On Fri, Aug 5, 2016 at 2:58 PM, Luca Toscano <toscano.l...@gmail.com> wrote: >> >> 2016-08-04 17:56 GMT+02:00 Luca Toscano <toscano.l...@gmail.com>: >>&g

Re: svn commit: r1755263 - in /httpd/httpd/trunk: docs/log-message-tags/next-number server/protocol.c

On Fri, Aug 5, 2016 at 1:25 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Fri, Aug 5, 2016 at 11:08 AM, <wr...@apache.org> wrote: >> >> -if (field[1] != '\0') { >> -/* ...and leading whitespace on an obs-fold line can be >>

Re: Frequent wake-ups for mpm_event

Hi Luca, On Fri, Aug 5, 2016 at 2:58 PM, Luca Toscano wrote: > > 2016-08-04 17:56 GMT+02:00 Luca Toscano : >> >> Would it be possible to avoid them adding APR_POLLSET_WAKEABLE to the >> event_pollset flags and calling apr_pollset_wakeup right after

Re: svn commit: r1754732 - /httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c

On Mon, Aug 1, 2016 at 12:55 PM, wrote: > > Modified: httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c?rev=1754732=1754731=1754732=diff >

Re: svn commit: r1754732 - /httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c

On Tue, Aug 2, 2016 at 8:22 AM, Luca Toscano wrote: > > So IIUC you are saying to always done+break in the 304 use case (to avoid > reading from the connection again), and then detect the response in another > place. Yes, any following data is for the next request. >

Re: Mergine of Multiple Cookie Headers

On Thu, Jun 30, 2016 at 4:46 PM, Rainer Canavan <rainer.cana...@sevenval.com> wrote: > On Wed, Jun 29, 2016 at 10:27 AM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> RequestHeader edit* Cookie >> ([^=;,]++)(="(?:[^"].)*+[^"]*+"|[

Re: svn commit: r1750779 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_kernel.c

On Thu, Jun 30, 2016 at 5:05 PM, Ruediger Pluem wrote: > > Is there a reson why we use ssl_callback_SSLVerify instead of NULL like we do > in asimilar situation below? > IMHO we do not want to change the callback here to whatever it may set. > I agree that in practice there

Re: svn commit: r1750779 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_kernel.c

On Thu, Jun 30, 2016 at 5:26 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Thu, Jun 30, 2016 at 5:05 PM, Ruediger Pluem <rpl...@apache.org> wrote: >> >> Is there a reson why we use ssl_callback_SSLVerify instead of NULL like we >> do in asimilar situat

Re: svn commit: r1750779 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_kernel.c

On Thu, Jun 30, 2016 at 5:38 PM, Stefan Eissing wrote: > We now set exactly the same callback right before in line 709. If we had more > than one callback, we would not have to specify NULL, but restore any > previous callback there was, right? Actually NULL

Re: Apache Benchmark SNI SSL

On Thu, Jun 30, 2016 at 7:21 PM, Pietro Paolini wrote: > > I have built the httpd-2-.4.20 tarball but the problem is still there, has > it been fixed in newer version ? is there a workaround for that ? SNI handling just added to ab in http://svn.apache.org/r1750854. It

Re: Apache Benchmark SNI SSL

On Fri, Jul 1, 2016 at 1:44 PM, Pietro Paolini wrote: > > On 1 July 2016 at 11:18, Pietro Paolini wrote: >> >> Is it correct ? It does not look good to me. >> >> -while ((status = apr_getopt(opt, >>

Re: Apache Benchmark SNI SSL

On Fri, Jul 1, 2016 at 3:02 PM, Reindl Harald <h.rei...@thelounge.net> wrote: > > Am 01.07.2016 um 14:41 schrieb Yann Ylavic: >> >> The -I does not take any argument, it tells ab to use iether the -H >> "Host: ..." if any, or the host from the given UR

Re: Apache Benchmark SNI SSL

On Fri, Jul 1, 2016 at 3:17 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Fri, Jul 1, 2016 at 3:02 PM, Reindl Harald <h.rei...@thelounge.net> wrote: >> >> Am 01.07.2016 um 14:41 schrieb Yann Ylavic: >>> >>> The -I does not take any argumen

Re: svn commit: r1750730 - /httpd/httpd/branches/2.2.x/STATUS

On Thu, Jun 30, 2016 at 12:40 AM, William A Rowe Jr wrote: > I'd prefer if you would not invalidate a vote that others present. Sorry about that, I thought it was an oversight. > > I support the original patch. I reviewed and accept the amended patch also, > but it hasn't

Re: svn commit: r1750953 - /httpd/httpd/trunk/server/util_script.c

On Fri, Jul 1, 2016 at 5:00 PM, wrote: > Author: elukey > Date: Fri Jul 1 15:00:42 2016 > New Revision: 1750953 > > URL: http://svn.apache.org/viewvc?rev=1750953=rev > Log: > Fixed typo in log message, wrong RFC mentioned. > > Modified: >

Re: svn commit: r1750953 - /httpd/httpd/trunk/server/util_script.c

On Sat, Jul 2, 2016 at 2:05 AM, Luca Toscano wrote: > > We have discussed it briefly in another email but didn't reach a conclusion, > so I am really happy to re-discuss it again. Maybe an example would clarify > what a user will see in the logs. How about (modulo quick,

Re: Apache Benchmark SNI SSL

On Sat, Jul 2, 2016 at 2:02 PM, Kean Johnston <kean.johns...@gmail.com> wrote: > On 2016-07-01 5:22 PM, Yann Ylavic wrote: >> >> http://home.apache.org/~ylavic/patches/httpd-2.4.x-ab_sni.patch. > > This line worries me: > > +#if !defined(OPENSSL_NO_TLSEXT) &a

Re: svn commit: r1750953 - /httpd/httpd/trunk/server/util_script.c

On Fri, Jul 1, 2016 at 6:32 PM, Luca Toscano wrote: > > "The Last-Modified header value '%s' (parsed assuming the GMT timezone) has > been replaced with '%s' because considered in the future." Looks good to me (maybe "(GMT)" only between parentheses?). The original log

Re: svn commit: r1750953 - /httpd/httpd/trunk/server/util_script.c

On Fri, Jul 1, 2016 at 10:17 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Fri, Jul 1, 2016 at 2:58 PM, Yann Ylavic <ylavic@gmail.com> wrote: >> >> On Fri, Jul 1, 2016 at 6:32 PM, Luca Toscano <toscano.l...@gmail.com> >> wrote: >> > &

Re: svn commit: r1750953 - /httpd/httpd/trunk/server/util_script.c

On Sat, Jul 2, 2016 at 4:39 PM, William A Rowe Jr wrote: > Relevant data points... > > https://tools.ietf.org/html/rfc7231#section-7.1.1.1 > > There is no other supported time zone except GMT representing GMT. That is > the only value we may send. > > "Recipients of

Re: [VOTE] Release Apache httpd 2.4.23 as GA

On Thu, Jun 30, 2016 at 7:21 PM, Jim Jagielski wrote: > > I'm calling a VOTE on releasing these as Apache httpd 2.4.23 GA. [X] +1: Good to go Tested on debian(s) linux 9.x, 8.x, 7.x (all 64bit) and 6.x (mixed 64bit kernel 32bit system). No error (or regression for the

Re: svn commit: r1750301 - in /httpd/httpd/trunk/modules/proxy: mod_proxy.h proxy_util.c

this and potentially break Jim's tagging again? > > -Stefan > > > >> Am 28.06.2016 um 13:49 schrieb Yann Ylavic <ylavic@gmail.com>: >> >> Patch as a file attached. >> >> On Tue, Jun 28, 2016 at 1:48 PM, Yann Ylavic <ylavic@gmail.com&g

Re: Apache Benchmark SNI SSL

On Fri, Jul 1, 2016 at 4:05 PM, William A Rowe Jr wrote: > Yup, no extra steps for correct behavior. > > I'd support a ''surpress SNI' flag, and/or an explicit SNI arg, much like > openssl s_client -- just for testing. But that should be the exceptional > case. Done, so that

Re: svn commit: r1756540 - in /httpd/httpd/trunk: docs/manual/mod/core.xml modules/http/http_filters.c server/core.c server/protocol.c server/vhost.c

On Tue, Aug 16, 2016 at 8:11 PM, wrote: > Author: wrowe > Date: Tue Aug 16 18:11:14 2016 > New Revision: 1756540 > > URL: http://svn.apache.org/viewvc?rev=1756540=rev > Log: > Rename the previously undocumented HTTPProtocol directive > to EnforceHTTPProtocol, and invert the

Re: svn commit: r1756560 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS include/ap_mmn.h modules/dav/main/mod_dav.c modules/dav/main/mod_dav.h

On Wed, Aug 17, 2016 at 6:58 AM, Marion & Christophe JAILLET wrote: >> +if (err->childtags) { >> +if (err->namespace != NULL) { >> +ap_rprintf(r, >> +" xmlns:C=\"%s\">" DEBUG_CR >> +"%s" DEBUG_CR,

Re: svn commit: r1756540 - in /httpd/httpd/trunk: docs/manual/mod/core.xml modules/http/http_filters.c server/core.c server/protocol.c server/vhost.c

On Wed, Aug 17, 2016 at 12:24 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Aug 16, 2016 4:39 PM, "Yann Ylavic" <ylavic@gmail.com> wrote: >> > -AP_INIT_ITERATE("HttpProtocol", set_http_protocol, NULL, RSRC_CONF, >> > -

Re: svn commit: r1781300 - /httpd/httpd/branches/2.4.x/STATUS

On Wed, Feb 1, 2017 at 8:32 PM, wrote: > > 2.4.x patch: > http://home.apache.org/~ylavic/patches/httpd-2.4.x-r1740928_and_co-v2.patch > +1: ylavic > + rpluem says: Please add r1781299 Actually I've just reverted r1781188 (and your r1781299) to split the two

Re: httpd 2.4.25, mpm_event, ssl: segfaults

On Thu, Feb 2, 2017 at 11:19 PM, Jacob Champion wrote: > > Idle thoughts: "Cannot access memory" in this case could be a red herring, > if Niklas' gdb can't peer into mmap'd memory spaces [1]. It seems reasonable > that the data in question could be mmap'd, given the nice

Re: httpd 2.4.25, mpm_event, ssl: segfaults

On Thu, Feb 2, 2017 at 11:36 PM, Jacob Champion <champio...@gmail.com> wrote: > On 02/02/2017 02:32 PM, Yann Ylavic wrote: >> >> On Thu, Feb 2, 2017 at 11:19 PM, Jacob Champion <champio...@gmail.com> >> wrote: >>> >>> Idle thoughts: "Canno

Re: httpd 2.4.25, mpm_event, ssl: segfaults

Hi Niklas, On Wed, Feb 1, 2017 at 7:02 PM, Niklas Edmundsson wrote: > > We've started to see spurious segfaults with httpd 2.4.25, mpm_event, ssl on > Ubuntu 14.04LTS. Not frequent, but none the less happening. > > #4 ssl_io_filter_output (f=0x7f507013cfe0, bb=0x7f4f840be168)

Re: mod_http2 and Frequent wake-ups for mpm_event

Hi Stefan, On Tue, Jan 31, 2017 at 4:01 PM, Stefan Priebe - Profihost AG wrote: > > any ideas? I wonder if the attached patch (related to mod_ssl and proposed for another segfault report) could help in your case. Would you mind give it a try? Thanks, Yann. Index:

Re: mod_http2 and Frequent wake-ups for mpm_event

On Mon, Feb 6, 2017 at 1:29 PM, Ruediger Pluem <rpl...@apache.org> wrote: > > > On 02/06/2017 11:56 AM, Yann Ylavic wrote: >> Hi Stefan, >> >> On Mon, Feb 6, 2017 at 9:57 AM, Stefan Priebe - Profihost AG >> <s.pri...@profihost.ag> wrote: >>>

Re: mod_http2 and Frequent wake-ups for mpm_event

On Mon, Feb 6, 2017 at 1:42 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Mon, Feb 6, 2017 at 1:29 PM, Ruediger Pluem <rpl...@apache.org> wrote: >> >> >> On 02/06/2017 11:56 AM, Yann Ylavic wrote: >>> Hi Stefan, >>> >>> On Mon, Feb

Re: ssl_io_filter_output vs EOC

On Mon, Feb 6, 2017 at 12:53 PM, Plüm, Rüdiger, Vodafone Group wrote: > > IMHO we currently fail after we processed an EOC (no matter if in the > same brigade or in a follow up brigade) and we should continue doing > so. We fail in the same brigade thanks to

Re: Configuration of trusted OCSP responder certificates

On Mon, Feb 6, 2017 at 11:28 AM, Thijs Kinkhorst wrote: > On 02-01-17 14:17, Thijs Kinkhorst wrote: >> I'd like to enquire about the possibilities to merge the patch to >> support configuring trusted OCSP responder certificates. >> >> We need this change in order to be

Re: mod_http2 and Frequent wake-ups for mpm_event

On Mon, Feb 6, 2017 at 2:23 PM, Ruediger Pluem wrote: > > The question how much cycles this spends in GLIBC / kernel. I don't > know. So maybe its not worth the effort. But if its not worth the > effort it is worth documenting why :-) Sure ;)

Re: httpd 2.4.25, mpm_event, ssl: segfaults

On Mon, Feb 6, 2017 at 12:10 PM, Ruediger Pluem wrote: >> >> What might happen in ssl_io_filter_output() is that buffered >> output data (already deleted but not cleared) end up being reused >> on shutdown. >> >> Could you please try the attached patch? > > Why would we need to

Re: mod_http2 and Frequent wake-ups for mpm_event

On Mon, Feb 6, 2017 at 2:31 PM, Stefan Eissing wrote: > Currently running some tests. Have crashes on the original patch in my test > suite. Fixed one, hunting for the next... I think it comes from my change that creates slave connections from master->pool (instead

Re: mod_http2 and Frequent wake-ups for mpm_event

Hi Stefan, On Mon, Feb 6, 2017 at 9:57 AM, Stefan Priebe - Profihost AG wrote: > > your last patch results in multiple crashes every second: Sorry about that, the changes in mpm_event were incorrect (the mutex was cleared with the pool when recycled, hence its pointer was

Re: Configuration of trusted OCSP responder certificates

On Mon, Feb 6, 2017 at 12:09 PM, Yann Ylavic <ylavic@gmail.com> wrote: > On Mon, Feb 6, 2017 at 11:28 AM, Thijs Kinkhorst > <thijs.kinkho...@surfnet.nl> wrote: >> On 02-01-17 14:17, Thijs Kinkhorst wrote: >>> I'd like to enquire about the possibilities

Re: mood_remoteip ProxyProtocol addition

On Tue, Feb 7, 2017 at 10:14 PM, Jordan Gigov <colad...@gmail.com> wrote: > On 7 February 2017 at 22:33, Yann Ylavic <ylavic@gmail.com> wrote: >> I'm a bit reluctant with these patches, and probably need to be >> convinced this isn't an application issue in the fi

Re: mood_remoteip ProxyProtocol addition

On Tue, Feb 7, 2017 at 7:03 PM, Jordan Gigov wrote: > On 7 February 2017 at 18:08, Sander Hoentjen wrote: >> >> I am trying to have haproxy added in front of our Apache servers, for >> SSL termination. This is not hard to do, and especially with the recent

Re: mood_remoteip ProxyProtocol addition

On Wed, Feb 8, 2017 at 12:01 AM, Reindl Harald wrote: > > how can you trust as a php application developer that "X-Forwarded-Proto" is > trustable and not from the enduser client at all - for REMOTE_ADDR you don't > consider "X-Forwarded-For" exactly for that reason I'm

Re: mood_remoteip ProxyProtocol addition

On Wed, Feb 8, 2017 at 12:25 AM, Yann Ylavic <ylavic@gmail.com> wrote: > On Wed, Feb 8, 2017 at 12:01 AM, Reindl Harald <h.rei...@thelounge.net> wrote: >> >> how can you trust as a php application developer that "X-Forwarded-Proto" is >> trust

<    8   9   10   11   12   13   14   15   16   17   >