Re: An ask for eyes on proposal

2017-07-11 Thread Jim Jagielski
+1 for Whitelisting... > On Jul 10, 2017, at 12:02 PM, William A Rowe Jr wrote: > > Based on the fact that Jim's advanced this for consideration for 2.4.28, > any further feedback on the following proposal to make RemoteIPProxyProtocol > directive into a whitelist (to

Re: An ask for eyes on proposal

2017-07-10 Thread William A Rowe Jr
Based on the fact that Jim's advanced this for consideration for 2.4.28, any further feedback on the following proposal to make RemoteIPProxyProtocol directive into a whitelist (to compliment the current blacklist directive)? E.g. in the spirit of the protocol, assign specific remote ip consumers

Re: An ask for eyes on proposal

2017-06-09 Thread Sander Hoentjen
On 06/09/2017 03:29 PM, William A Rowe Jr wrote: > On Fri, Jun 9, 2017 at 4:17 AM, Sander Hoentjen wrote: >> On 06/08/2017 07:30 PM, Daniel Ruggeri wrote: >>> Hi, all; >>> With the proposal to T set for Monday, I wanted to draw attention to >>> the PROXY protocol proposal in

Re: An ask for eyes on proposal

2017-06-09 Thread William A Rowe Jr
On Fri, Jun 9, 2017 at 8:29 AM, William A Rowe Jr wrote: > > To your example, the *global* config line; > > RemoteIPProxyProtocol 127.0.0.1 [or 127.0.0.0/24] > > would configure all locally routed *client* requests, irrespective of > which by-IP vhost, to require the PROXY

Re: An ask for eyes on proposal

2017-06-09 Thread William A Rowe Jr
On Fri, Jun 9, 2017 at 4:17 AM, Sander Hoentjen wrote: > On 06/08/2017 07:30 PM, Daniel Ruggeri wrote: >> Hi, all; >> With the proposal to T set for Monday, I wanted to draw attention to >> the PROXY protocol proposal in STATUS. Just hoping for a quick review. >> I know it

Re: An ask for eyes on proposal

2017-06-09 Thread Sander Hoentjen
On 06/08/2017 07:30 PM, Daniel Ruggeri wrote: > Hi, all; > With the proposal to T set for Monday, I wanted to draw attention to > the PROXY protocol proposal in STATUS. Just hoping for a quick review. > I know it appears to be a large change, but as I worked through the > feedback, ten of the

Re: An ask for eyes on proposal

2017-06-08 Thread William A Rowe Jr
AIUI, yes, since the absolute 1-arg on|off boolean syntax would be preserved. Those would be disallowed for other patterns (e.g. any IP-looking thing subsumes and precludes using the first pattern.) 'On' devolves to 0.0.0.0/32 (any match). Just pointing out I'm still not convinced it's entirely

Re: An ask for eyes on proposal

2017-06-08 Thread Jim Jagielski
Is expansion of the syntax something that could be folded in for 2.4.27? > On Jun 8, 2017, at 2:51 PM, William A Rowe Jr wrote: > > [Again, using all the words] > > On Thu, Jun 8, 2017 at 12:30 PM, Daniel Ruggeri wrote: >> Hi, all; >> With the

Re: An ask for eyes on proposal

2017-06-08 Thread William A Rowe Jr
[Again, using all the words] On Thu, Jun 8, 2017 at 12:30 PM, Daniel Ruggeri wrote: > Hi, all; > With the proposal to T set for Monday, I wanted to draw attention to the > PROXY protocol proposal in STATUS. Just hoping for a quick review. I know it > appears to be a large

Re: An ask for eyes on proposal

2017-06-08 Thread William A Rowe Jr
FYI the one change I've been considering is to extend the On Thu, Jun 8, 2017 at 12:30 PM, Daniel Ruggeri wrote: > Hi, all; > With the proposal to T set for Monday, I wanted to draw attention to the > PROXY protocol proposal in STATUS. Just hoping for a quick review. I know

An ask for eyes on proposal

2017-06-08 Thread Daniel Ruggeri
Hi, all; With the proposal to T set for Monday, I wanted to draw attention to the PROXY protocol proposal in STATUS. Just hoping for a quick review. I know it appears to be a large change, but as I worked through the feedback, ten of the commits effectively got coded out. What we are left