Re: svn commit: r1916784 - /httpd/dev-tools/release/README

[Ruediger Pluem]

On 2024/08/07 10:48:26 Eric Covener wrote:
> On Wed, Aug 7, 2024 at 2:28 AM Ruediger Pluem  wrote:
> >
> >
> >
> > On 4/3/24 3:55 PM, cove...@apache.org wrote:
> > > Author: covener
> > > Date: Wed Apr  3 13:55:56 2024
> > > New Revision: 1916784
> > >
> > > URL: http://svn.apache.org/viewvc?rev=1916784&view=rev
> > > Log:
> > > amend log message
> > >
> > > Modified:
> > > httpd/dev-tools/release/README
> > >
> > > Modified: httpd/dev-tools/release/README
> > > URL: 
> > > http://svn.apache.org/viewvc/httpd/dev-tools/release/README?rev=1916784&r1=1916783&r2=1916784&view=diff
> > > ==
> > > --- httpd/dev-tools/release/README (original)
> > > +++ httpd/dev-tools/release/README Wed Apr  3 13:55:56 2024
> > > @@ -54,6 +54,7 @@ Usage overview:
> > >   If CHANGES is really bad, consider replacing the various CHANGES 
> > > files on dist/httpd.
> > > # If you are a moderator for announce@httpd.a.o or announce@a.o 
> > > moderate your own announcement
> > >   at https://webmod.apache.org/?action=frontpage
> > > +   # Edit the CVE info into the revisions that fixed them in the 
> > > backport, e.g. `svn propedit --revprop -r... svn:log`
> >
> > Someone opposed if we add a step that asks to add the revision numbers of 
> > the backport to the specific CVE timeline?
> 
> Makes sense, since the revisions need to be chased down and collected
> for the log message change, it's only 1 more papercut to add them to
> the timeline. I assume only on cveprocess.a.o and not on the website?
> 

Also to the website to ease the life of people who just want to backport 
security issues or are interested how we fixed a particular issue.

Regards

Rüdiger

Re: svn commit: r1916784 - /httpd/dev-tools/release/README

[Eric Covener]

On Wed, Aug 7, 2024 at 2:28 AM Ruediger Pluem  wrote:
>
>
>
> On 4/3/24 3:55 PM, cove...@apache.org wrote:
> > Author: covener
> > Date: Wed Apr  3 13:55:56 2024
> > New Revision: 1916784
> >
> > URL: http://svn.apache.org/viewvc?rev=1916784&view=rev
> > Log:
> > amend log message
> >
> > Modified:
> > httpd/dev-tools/release/README
> >
> > Modified: httpd/dev-tools/release/README
> > URL: 
> > http://svn.apache.org/viewvc/httpd/dev-tools/release/README?rev=1916784&r1=1916783&r2=1916784&view=diff
> > ======
> > --- httpd/dev-tools/release/README (original)
> > +++ httpd/dev-tools/release/README Wed Apr  3 13:55:56 2024
> > @@ -54,6 +54,7 @@ Usage overview:
> >   If CHANGES is really bad, consider replacing the various CHANGES 
> > files on dist/httpd.
> > # If you are a moderator for announce@httpd.a.o or announce@a.o 
> > moderate your own announcement
> >   at https://webmod.apache.org/?action=frontpage
> > +   # Edit the CVE info into the revisions that fixed them in the backport, 
> > e.g. `svn propedit --revprop -r... svn:log`
>
> Someone opposed if we add a step that asks to add the revision numbers of the 
> backport to the specific CVE timeline?

Makes sense, since the revisions need to be chased down and collected
for the log message change, it's only 1 more papercut to add them to
the timeline. I assume only on cveprocess.a.o and not on the website?

Re: svn commit: r1916784 - /httpd/dev-tools/release/README

[Ruediger Pluem]

On 4/3/24 3:55 PM, cove...@apache.org wrote:
> Author: covener
> Date: Wed Apr  3 13:55:56 2024
> New Revision: 1916784
> 
> URL: http://svn.apache.org/viewvc?rev=1916784&view=rev
> Log:
> amend log message
> 
> Modified:
> httpd/dev-tools/release/README
> 
> Modified: httpd/dev-tools/release/README
> URL: 
> http://svn.apache.org/viewvc/httpd/dev-tools/release/README?rev=1916784&r1=1916783&r2=1916784&view=diff
> ======
> --- httpd/dev-tools/release/README (original)
> +++ httpd/dev-tools/release/README Wed Apr  3 13:55:56 2024
> @@ -54,6 +54,7 @@ Usage overview:
>   If CHANGES is really bad, consider replacing the various CHANGES files 
> on dist/httpd.
> # If you are a moderator for announce@httpd.a.o or announce@a.o moderate 
> your own announcement
>   at https://webmod.apache.org/?action=frontpage
> +   # Edit the CVE info into the revisions that fixed them in the backport, 
> e.g. `svn propedit --revprop -r... svn:log`

Someone opposed if we add a step that asks to add the revision numbers of the 
backport to the specific CVE timeline?

Regards

Rüdiger

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Eric Covener]

Vote passes with 6 binding +1 and no other votes:
+1 icing, covener, jorton, thumbs, steffenal, ylavic

Will proceed with release throughout the next few hours

On Mon, Jul 15, 2024 at 8:13 AM Eric Covener  wrote:
>
> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: 3e2404d762a2da03560d7ada379ba1599d32f04a0d70ad6ff86f44325f2f062d
> *httpd-2.4.62-rc1.tar.gz
> sha512: 
> daf66daf1012c6df6266e13a743cabf6ac8b6552b83d3a2db89eb491813ba5acd28e4149e5abe5a03f10677f23b74ae6a319e3c69dd6d223ca8269751960818a
> *httpd-2.4.62-rc1.tar.gz
>
> The candidate source is found at
> <https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.62-rc1-candidate>
> and at <https://github.com/apache/httpd/tree/2.4.62-rc1-candidate>.
>
> --
> Eric Covener
> cove...@gmail.com



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Yann Ylavic]

On Mon, Jul 15, 2024 at 2:14 PM Eric Covener  wrote:
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.62-rc1 as 2.4.62:

[X] +1: It's not just good, it's good enough!

Tested on Debian stable and testing/sid, all passes.
Sigs/checksums OK.

Thanks again Eric!

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Steffen]

+1  Windows

> Op 15 jul 2024 om 14:14 heeft Eric Covener  het volgende 
> geschreven:
> 
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
> 
> The computed digests of the tarball up for vote are:
> sha256: 3e2404d762a2da03560d7ada379ba1599d32f04a0d70ad6ff86f44325f2f062d
> *httpd-2.4.62-rc1.tar.gz
> sha512: 
> daf66daf1012c6df6266e13a743cabf6ac8b6552b83d3a2db89eb491813ba5acd28e4149e5abe5a03f10677f23b74ae6a319e3c69dd6d223ca8269751960818a
> *httpd-2.4.62-rc1.tar.gz
> 
> The candidate source is found at
> <https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.62-rc1-candidate>
> and at <https://github.com/apache/httpd/tree/2.4.62-rc1-candidate>.
> 
> --
> Eric Covener
> cove...@gmail.com

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Frank Gingras]

On Mon, Jul 15, 2024 at 5:59 PM Rainer Jung  wrote:

> Am 15.07.24 um 18:35 schrieb Rainer Jung:
> > Am 15.07.24 um 14:13 schrieb Eric Covener:
> >> Hi all,
> >>
> >> Please find below the proposed release tarball and signatures:
> >>
> >> https://dist.apache.org/repos/dist/dev/httpd/
> >>
> >> I would like to call a VOTE over the next few days to release
> >> this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
> >> [ ] +1: It's not just good, it's good enough!
> >> [ ] +0: Let's have a talk.
> >> [ ] -1: There's trouble in paradise. Here's what's wrong.
> >>
> >> The computed digests of the tarball up for vte are:
> >> sha256: 3e2404d762a2da03560d7ada379ba1599d32f04a0d70ad6ff86f44325f2f062d
> >> *httpd-2.4.62-rc1.tar.gz
> >> sha512:
> >>
> daf66daf1012c6df6266e13a743cabf6ac8b6552b83d3a2db89eb491813ba5acd28e4149e5abe5a03f10677f23b74ae6a319e3c69dd6d223ca8269751960818a
> >> *httpd-2.4.62-rc1.tar.gz
> >>
> >> The candidate source is found at
> >> <https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.62-rc1-candidate
> >
> >> and at <https://github.com/apache/httpd/tree/2.4.62-rc1-candidate>.
> >
> > I need to check further, but on my setup the web server does not shut
> > down at the end of pytest with event MPM. It is just an early heads up,
> > it might also happen for other MPMs and it might be a local problem.
> >
> > Will report back after investigating later.
>
> It is a bug in the pytest framework, not shutting down the web server
> after each package or at the end of the session. I am testing a fix and
> will commit, hoping it is the right way to do it (additional package
> fixtures).
>
> Best regards,
>
> Rainer
>
>
+1 here as well, using Slackware64.  Sorry for the delay, I wanted to test
this morning.

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Rainer Jung]

Am 15.07.24 um 18:35 schrieb Rainer Jung:

Am 15.07.24 um 14:13 schrieb Eric Covener:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vte are:
sha256: 3e2404d762a2da03560d7ada379ba1599d32f04a0d70ad6ff86f44325f2f062d
*httpd-2.4.62-rc1.tar.gz
sha512: 
daf66daf1012c6df6266e13a743cabf6ac8b6552b83d3a2db89eb491813ba5acd28e4149e5abe5a03f10677f23b74ae6a319e3c69dd6d223ca8269751960818a

*httpd-2.4.62-rc1.tar.gz

The candidate source is found at
<https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.62-rc1-candidate>
and at <https://github.com/apache/httpd/tree/2.4.62-rc1-candidate>.


I need to check further, but on my setup the web server does not shut 
down at the end of pytest with event MPM. It is just an early heads up, 
it might also happen for other MPMs and it might be a local problem.


Will report back after investigating later.


It is a bug in the pytest framework, not shutting down the web server 
after each package or at the end of the session. I am testing a fix and 
will commit, hoping it is the right way to do it (additional package 
fixtures).


Best regards,

Rainer

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Rainer Jung]

Am 15.07.24 um 14:13 schrieb Eric Covener:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vte are:
sha256: 3e2404d762a2da03560d7ada379ba1599d32f04a0d70ad6ff86f44325f2f062d
*httpd-2.4.62-rc1.tar.gz
sha512: 
daf66daf1012c6df6266e13a743cabf6ac8b6552b83d3a2db89eb491813ba5acd28e4149e5abe5a03f10677f23b74ae6a319e3c69dd6d223ca8269751960818a
*httpd-2.4.62-rc1.tar.gz

The candidate source is found at
<https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.62-rc1-candidate>
and at <https://github.com/apache/httpd/tree/2.4.62-rc1-candidate>.


I need to check further, but on my setup the web server does not shut 
down at the end of pytest with event MPM. It is just an early heads up, 
it might also happen for other MPMs and it might be a local problem.


Will report back after investigating later.

Best regards,

Rainer

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Joe Orton]

On Mon, Jul 15, 2024 at 08:13:36AM -0400, Eric Covener wrote:
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
> [X] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1 from me, RHEL 8/9, Fedora 40 (x86_64).

Regards, Joe

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Eric Covener]

On Mon, Jul 15, 2024 at 8:13 AM Eric Covener  wrote:
>
> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
> [x] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

my +1 (aix/xlc/ppc64)

Re: [VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Stefan Eissing via dev]

> Am 15.07.2024 um 14:13 schrieb Eric Covener :
> 
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
> 

+1, macOS 14.5, x86_64

Thanks for the hard work, Eric!

- Stefan

[VOTE] Release httpd-2.4.62-rc1 as httpd-2.4.62

[Eric Covener]

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.62-rc1 as 2.4.62:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: 3e2404d762a2da03560d7ada379ba1599d32f04a0d70ad6ff86f44325f2f062d
*httpd-2.4.62-rc1.tar.gz
sha512: 
daf66daf1012c6df6266e13a743cabf6ac8b6552b83d3a2db89eb491813ba5acd28e4149e5abe5a03f10677f23b74ae6a319e3c69dd6d223ca8269751960818a
*httpd-2.4.62-rc1.tar.gz

The candidate source is found at
<https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.62-rc1-candidate>
and at <https://github.com/apache/httpd/tree/2.4.62-rc1-candidate>.

-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Eric Covener]

Proceeding with release on shortened timeline, binding +1:
+1: icing, jblond, thumbs, covener, steffen, gbechis, jorton, ylavic, jung

Thank everyone for testing on short notice.

On Tue, Jul 2, 2024 at 9:29 AM Eric Covener  wrote:
>
> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
>
> (sorry)
> === end not from a template
>
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
> *httpd-2.4.61-rc1.tar.gz
> sha512: 
> ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
> *httpd-2.4.61-rc1.tar.gz
>
> The candidate source is found at
> <https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate>
> and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.
>
> --
> Eric Covener
> cove...@gmail.com



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Nick Edwards]

This ones good, thanks Eric,

On Tue, Jul 2, 2024 at 11:30 PM Eric Covener  wrote:

> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
>
> (sorry)
> === end not from a template
>
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
> *httpd-2.4.61-rc1.tar.gz
> sha512:
> ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
> *httpd-2.4.61-rc1.tar.gz
>
> The candidate source is found at
> <
> https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate
> >
> and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.
>
> --
> Eric Covener
> cove...@gmail.com
>

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Rainer Jung]

Am 02.07.24 um 15:29 schrieb Eric Covener:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

=== Different from template ===
I would like to call an expedited VOTE (due to regression in 2.4.60)
over the next 1-2 days to release this candidate tarball
httpd-2.4.61-rc1 as 2.4.61:

(sorry)
=== end not from a template

[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.


+1 and many thanks for the hard work of all who contributed to this 
complex release and especially Eric.


Build and tested on RHEL 6, 7, 8 and 9 plus SLES 11, 12 and 15 plus 
Solaris 10 Sparc using OpenSSL 3.1.6.

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Yann Ylavic]

On Tue, Jul 2, 2024 at 3:45 PM Eric Covener  wrote:
>
> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
>
> (sorry)
> === end not from a template

[X] +1: It's not just good, it's good enough!

Tested on Debian stable and testing/sid, all passes.

Thanks Eric!

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Eric Covener]

I plan to release in another ~24h barring any bad feedback relative to
2.4.60, if anyone wants closer to the usually 72h for any reason,
please comment.

On Tue, Jul 2, 2024 at 9:29 AM Eric Covener  wrote:
>
> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
>
> (sorry)
> === end not from a template
>
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
> *httpd-2.4.61-rc1.tar.gz
> sha512: 
> ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
> *httpd-2.4.61-rc1.tar.gz
>
> The candidate source is found at
> <https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate>
> and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.
>
> --
> Eric Covener
> cove...@gmail.com



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Joe Orton]

On Tue, Jul 02, 2024 at 09:29:53AM -0400, Eric Covener wrote:
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
> 
> (sorry)
> === end not from a template
> 
> [X] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

No apologies necessary! Thanks again Eric.

+1 for release, tests pass on Fedora 40, RHEL8+9, CentOS Stream 10.

Regards, Joe

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[giovanni]

On 7/2/24 3:29 PM, Eric Covener wrote:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

=== Different from template ===
I would like to call an expedited VOTE (due to regression in 2.4.60)
over the next 1-2 days to release this candidate tarball
httpd-2.4.61-rc1 as 2.4.61:

(sorry)
=== end not from a template

[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
*httpd-2.4.61-rc1.tar.gz
sha512: 
ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
*httpd-2.4.61-rc1.tar.gz

The candidate source is found at
<https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate>
and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.


+1 Fedora 40

Thanks for all the hard work !!
 Giovanni


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Steffen]

+1 on Windows. 

Changes for 2.4.61 is empty. 

Eric, Rüdiger, Yann and others, thanks for all the work. 

> Op 2 jul 2024 om 15:30 heeft Eric Covener  het volgende 
> geschreven:
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
> 
> (sorry)
> === end not from a template
> 
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
> 
> The computed digests of the tarball up for vote are:
> sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
> *httpd-2.4.61-rc1.tar.gz
> sha512: 
> ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
> *httpd-2.4.61-rc1.tar.gz
> 
> The candidate source is found at
> <https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate>
> and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.
> 
> --
> Eric Covener
> cove...@gmail.com

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Eric Covener]

On Tue, Jul 2, 2024 at 9:29 AM Eric Covener  wrote:
>
> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
>
> (sorry)
> === end not from a template
>
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1 aix/xlc/ppc64 usual proxy/ssl/perl culprits only.

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Frank Gingras]

On Tue, Jul 2, 2024 at 10:18 AM Mario Brandt  wrote:

> +1 on Debian 12 x64
>
> Eric Covener  schrieb am Di., 2. Juli 2024, 15:30:
>
>> Hi all,
>>
>> Please find below the proposed release tarball and signatures:
>>
>> https://dist.apache.org/repos/dist/dev/httpd/
>>
>> === Different from template ===
>> I would like to call an expedited VOTE (due to regression in 2.4.60)
>> over the next 1-2 days to release this candidate tarball
>> httpd-2.4.61-rc1 as 2.4.61:
>>
>> (sorry)
>> === end not from a template
>>
>> [ ] +1: It's not just good, it's good enough!
>> [ ] +0: Let's have a talk.
>> [ ] -1: There's trouble in paradise. Here's what's wrong.
>>
>> The computed digests of the tarball up for vote are:
>> sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
>> *httpd-2.4.61-rc1.tar.gz
>> sha512:
>> ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
>> *httpd-2.4.61-rc1.tar.gz
>>
>> The candidate source is found at
>> <
>> https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate
>> >
>> and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.
>>
>> --
>> Eric Covener
>> cove...@gmail.com
>
>
+1

A quick test ran fine on Slackware15 here as well; it feels odd to use
AddType for that DSO after all these years.

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Mario Brandt]

+1 on Debian 12 x64

Eric Covener  schrieb am Di., 2. Juli 2024, 15:30:

> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
>
> (sorry)
> === end not from a template
>
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
> *httpd-2.4.61-rc1.tar.gz
> sha512:
> ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
> *httpd-2.4.61-rc1.tar.gz
>
> The candidate source is found at
> <
> https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate
> >
> and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.
>
> --
> Eric Covener
> cove...@gmail.com
>

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Eric Covener]

On Tue, Jul 2, 2024 at 9:49 AM Eric Covener  wrote:
>
> On Tue, Jul 2, 2024 at 9:47 AM Rainer Jung  wrote:
> >
> > Am 02.07.24 um 15:29 schrieb Eric Covener:
> > > Hi all,
> > >
> > > Please find below the proposed release tarball and signatures:
> > >
> > > https://dist.apache.org/repos/dist/dev/httpd/
>
> Thanks, checking on it, it seems like I did not get the usual gpg prompt.

On the way.



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Eric Covener]

On Tue, Jul 2, 2024 at 9:47 AM Rainer Jung  wrote:
>
> Am 02.07.24 um 15:29 schrieb Eric Covener:
> > Hi all,
> >
> > Please find below the proposed release tarball and signatures:
> >
> > https://dist.apache.org/repos/dist/dev/httpd/

Thanks, checking on it, it seems like I did not get the usual gpg prompt.

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Rainer Jung]

Am 02.07.24 um 15:29 schrieb Eric Covener:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/


No signatures yet ...

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Stefan Eissing via dev]

> Am 02.07.2024 um 15:29 schrieb Eric Covener :
> 
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> === Different from template ===
> I would like to call an expedited VOTE (due to regression in 2.4.60)
> over the next 1-2 days to release this candidate tarball
> httpd-2.4.61-rc1 as 2.4.61:
> 
> (sorry)
> === end not from a template
> 
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1, macOS 14.5

Thanks for all the hard work put into this, Eric.

- Stefan

Re: [VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Rainer Jung]

Small correction below (broken URL) ...

Am 02.07.24 um 15:29 schrieb Eric Covener:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

=== Different from template ===
I would like to call an expedited VOTE (due to regression in 2.4.60)
over the next 1-2 days to release this candidate tarball
httpd-2.4.61-rc1 as 2.4.61:

(sorry)
=== end not from a template

[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
*httpd-2.4.61-rc1.tar.gz
sha512: 
ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
*httpd-2.4.61-rc1.tar.gz

The candidate source is found at
<https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate>


<https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.61-rc1-candidate>

(strip one "tags")


and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.

[VOTE] Release httpd-2.4.61-rc1 as httpd-2.4.61

[Eric Covener]

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

=== Different from template ===
I would like to call an expedited VOTE (due to regression in 2.4.60)
over the next 1-2 days to release this candidate tarball
httpd-2.4.61-rc1 as 2.4.61:

(sorry)
=== end not from a template

[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: ccdc02f78ebf615002dbcab19c8dd9e124b99207b6fed4eecce7562e64c647c9
*httpd-2.4.61-rc1.tar.gz
sha512: 
ad5894ff83f06a8a39bedb26e32a4381ac6806ae0c8624c0dbf631781eb59431cef37af0e459dff0f5618628ed06adbee013a7a714447ed1de4542294e62b885
*httpd-2.4.61-rc1.tar.gz

The candidate source is found at
<https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate>
and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.

-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Nick Edwards]

Hi Eric,
Sure does, I've had email from another list member who has confirmed the
problem, they asked for the OS and php versions which differs from theirs,
so glad it's not just me.

LoadModule php_module modules/libphp.so
AddType application/x-httpd-php .php

On Tue, Jul 2, 2024 at 8:07 AM Eric Covener  wrote:

> On Mon, Jul 1, 2024 at 5:53 PM Nick Edwards 
> wrote:
> >
> > Umm, am I missing something here..
> >
> > After upgrade (same process as I always use which does NOT touch any
> config files for the test vhosts), going to any php site on my test server
> who gets all updates before I push them onto production, but for all
> intents and purposes, is a clean live server, results  in blank page with
> >
> > application/x-httpd-php D)ownload, or C)ancel
>
> There is a regression just reported in 2.4.60 related to
> DirectoryIndex and FallBackResource when handlers are configured with
> AddType (rather than AddHandler).
>
> I am curious if this matches your config?  Working on a followup the
> announcement and a 2.4.61.
>

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Eric Covener]

On Mon, Jul 1, 2024 at 5:53 PM Nick Edwards  wrote:
>
> Umm, am I missing something here..
>
> After upgrade (same process as I always use which does NOT touch any config 
> files for the test vhosts), going to any php site on my test server who gets 
> all updates before I push them onto production, but for all intents and 
> purposes, is a clean live server, results  in blank page with
>
> application/x-httpd-php D)ownload, or C)ancel

There is a regression just reported in 2.4.60 related to
DirectoryIndex and FallBackResource when handlers are configured with
AddType (rather than AddHandler).

I am curious if this matches your config?  Working on a followup the
announcement and a 2.4.61.

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Nick Edwards]

Umm, am I missing something here..

After upgrade (same process as I always use which does NOT touch any config
files for the test vhosts), going to any php site on my test server who
gets all updates before I push them onto production, but for all intents
and purposes, is a clean live server, results  in blank page with

application/x-httpd-php D)ownload, or C)ancel



On Sat, Jun 29, 2024 at 5:18 AM Helmut K. C. Tessarek 
wrote:

>
> On 2024-06-28 03:07, Ruediger Pluem wrote:
> > We already do this for Linux:
>
> Nice.
>
> > Our immediate target would be to do this for Windows.
> > An AIX self-hosted runner would require someone to provide an AIX host.
>
> I worked almost 2 decades at IBM. Even though IBM always had a complex
> organizational structure, it got a lot better with opensource and the
> community. I could imagine they'd sponsor an AIX partition isolated via
> VLAN or VXLAN in one of their DCs. But maybe not. I am no longer at IBM
> thus I can't even try anything in that regard.
>
> --
> regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
> Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944
>
> /*
> Thou shalt not follow the NULL pointer for chaos and madness
> await thee at its end.
> */
>

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Eric Covener]

Thanks to all who voted. Vote passes with 8 binding +1 and no -1:
+1 covener, icing, steffen, jorton, ylavic, jblond, thumbs, gbechis

Continuing release now.

On Wed, Jun 26, 2024 at 1:10 PM Eric Covener  wrote:
>
> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: 741554b6f608ac5cbe90d4774d1c3ccb0c251eaf1b087bac359f8146e1465e07
> *httpd-2.4.60-rc4.tar.gz
> sha512: 
> 4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
> *httpd-2.4.60-rc4.tar.gz
>
> The SVN candidate source is found at tags/2.4.60-rc4-candidate.
>
> --
> Eric Covener
> cove...@gmail.com



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-28 03:07, Ruediger Pluem wrote:

We already do this for Linux:


Nice.


Our immediate target would be to do this for Windows.
An AIX self-hosted runner would require someone to provide an AIX host.


I worked almost 2 decades at IBM. Even though IBM always had a complex 
organizational structure, it got a lot better with opensource and the 
community. I could imagine they'd sponsor an AIX partition isolated via 
VLAN or VXLAN in one of their DCs. But maybe not. I am no longer at IBM 
thus I can't even try anything in that regard.


--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[giovanni]

On 6/26/24 7:10 PM, Eric Covener wrote:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: 741554b6f608ac5cbe90d4774d1c3ccb0c251eaf1b087bac359f8146e1465e07
*httpd-2.4.60-rc4.tar.gz
sha512: 
4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
*httpd-2.4.60-rc4.tar.gz

The SVN candidate source is found at tags/2.4.60-rc4-candidate.


+1 on OpenBSD 7.5 and Fedora 40
Thanks for RMing.
 Giovanni


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Ruediger Pluem]

On 6/27/24 10:54 PM, Helmut K. C. Tessarek wrote:
> On 2024-06-26 17:20, Eric Covener wrote:
>> Thanks for testing and re-testing. I just extended an existing FCGI
>> test to cover the scenario as well.
> 
> You are welcome. Thanks for doing the release work and for adding a test that 
> will catch this in the future. :+1
> 
> May I ask whether you thought about using gh actions to run the test suite?

We already do this for Linux:

https://github.com/apache/httpd/blob/trunk/.github/workflows/linux.yml

> Even if AIX is not available via gh, you can self-host a runner.

Our immediate target would be to do this for Windows.
An AIX self-hosted runner would require someone to provide an AIX host.

Regards

Rüdiger

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Frank Gingras]

On Thu, Jun 27, 2024 at 4:16 PM Mario Brandt  wrote:

> +1 on Debian 12 x64
>
> Eric Covener  schrieb am Mi., 26. Juni 2024, 19:19:
>
>> Hi all,
>>
>> Please find below the proposed release tarball and signatures:
>>
>> https://dist.apache.org/repos/dist/dev/httpd/
>>
>> I would like to call a VOTE over the next few days to release
>> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
>> [ ] +1: It's not just good, it's good enough!
>> [ ] +0: Let's have a talk.
>> [ ] -1: There's trouble in paradise. Here's what's wrong.
>>
>> The computed digests of the tarball up for vote are:
>> sha256: 741554b6f608ac5cbe90d4774d1c3ccb0c251eaf1b087bac359f8146e1465e07
>> *httpd-2.4.60-rc4.tar.gz
>> sha512:
>> 4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
>> *httpd-2.4.60-rc4.tar.gz
>>
>> The SVN candidate source is found at tags/2.4.60-rc4-candidate.
>>
>> --
>> Eric Covener
>> cove...@gmail.com
>
>
+1 on Slackware64, the fcgi test passed without problems.

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-26 17:20, Eric Covener wrote:

Thanks for testing and re-testing. I just extended an existing FCGI
test to cover the scenario as well.


You are welcome. Thanks for doing the release work and for adding a test 
that will catch this in the future. :+1


May I ask whether you thought about using gh actions to run the test suite?
Even if AIX is not available via gh, you can self-host a runner.


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Mario Brandt]

+1 on Debian 12 x64

Eric Covener  schrieb am Mi., 26. Juni 2024, 19:19:

> Hi all,
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: 741554b6f608ac5cbe90d4774d1c3ccb0c251eaf1b087bac359f8146e1465e07
> *httpd-2.4.60-rc4.tar.gz
> sha512:
> 4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
> *httpd-2.4.60-rc4.tar.gz
>
> The SVN candidate source is found at tags/2.4.60-rc4-candidate.
>
> --
> Eric Covener
> cove...@gmail.com
>

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Cory McIntire]

+1 64-bit:
CentOS_6.5
CentOS_7
CentOS_8
AlmaLinux_9
xUbuntu_20
xUbuntu_22

From: Eric Covener 
Date: Wednesday, June 26, 2024 at 12:11
To: Apache HTTP Server Development List 
Subject: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60
Hi all,

Please find below the proposed release tarball and signatures:

https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdist.apache.org%2Frepos%2Fdist%2Fdev%2Fhttpd%2F&data=05%7C02%7Ccory.mcintire%40webpros.com%7C431e3f9560964be8631d08dc9602f21d%7Cf8497356a834406086b6d4b1d8059ee0%7C0%7C0%7C638550186603524746%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=Enbv%2B3HVpiTm3mrGjDmItvtBG%2Ft7hb%2FhWsER5DyQvx8%3D&reserved=0<https://dist.apache.org/repos/dist/dev/httpd/>

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: 741554b6f608ac5cbe90d4774d1c3ccb0c251eaf1b087bac359f8146e1465e07
*httpd-2.4.60-rc4.tar.gz
sha512: 
4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
*httpd-2.4.60-rc4.tar.gz

The SVN candidate source is found at tags/2.4.60-rc4-candidate.

--
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Steffen]

+1 Windows 64 and 32

> Op 26 jun 2024 om 19:10 heeft Eric Covener  het volgende 
> geschreven:
> 
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
> 
> The computed digests of the tarball up for vote are:
> sha256: 741554b6f608ac5cbe90d4774d1c3ccb0c251eaf1b087bac359f8146e1465e07
> *httpd-2.4.60-rc4.tar.gz
> sha512: 
> 4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
> *httpd-2.4.60-rc4.tar.gz
> 
> The SVN candidate source is found at tags/2.4.60-rc4-candidate.
> 
> --
> Eric Covener
> cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Yann Ylavic]

On Wed, Jun 26, 2024 at 7:10 PM Eric Covener  wrote:
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:

[X] +1: It's not just good, it's good enough!

Tested on Debian stable and testing/sid, all passes.
Sigs/checksums OK too.

Great job Eric, thank you very much!

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Joe Orton]

On Wed, Jun 26, 2024 at 01:10:38PM -0400, Eric Covener wrote:
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
> [X] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1 for release, big thank you Eric for this release.

Tests pass on Fedora 40, RHEL8+9 (all x86_64).

Regards, Joe

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Stefan Eissing via dev]

> Am 26.06.2024 um 19:10 schrieb Eric Covener :
> 
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1, macOS 14.5, x86_64

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Eric Covener]

On Wed, Jun 26, 2024 at 5:14 PM Helmut K. C. Tessarek
 wrote:
>
> On 2024-06-26 13:10, Eric Covener wrote:
> > Please find below the proposed release tarball and signatures:
>
> I don't get a vote, but the issue I had (fcgi permissions) is now gone.

Thanks for testing and re-testing. I just extended an existing FCGI
test to cover the scenario as well.

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-26 13:10, Eric Covener wrote:

Please find below the proposed release tarball and signatures:


I don't get a vote, but the issue I had (fcgi permissions) is now gone. 
Thanks!


Cheers,
  K. C.

--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Eric Covener]

> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
> [x] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1 AIX/xlc/ppc64

[VOTE] Release httpd-2.4.60-rc4 as httpd-2.4.60

[Eric Covener]

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.60-rc4 as 2.4.60:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: 741554b6f608ac5cbe90d4774d1c3ccb0c251eaf1b087bac359f8146e1465e07
*httpd-2.4.60-rc4.tar.gz
sha512: 
4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
*httpd-2.4.60-rc4.tar.gz

The SVN candidate source is found at tags/2.4.60-rc4-candidate.

-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-25 20:43, Yann Ylavic wrote:

Should be fixed by
https://github.com/apache/httpd/commit/6937b985ae112de0ad60f12a3cb522b608a4d501.diff


I'll test this tomorrow. Thanks!

--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-25 19:55, Yann Ylavic wrote:

Done in r1918626. Looks good in my manual testing too, there will be
two calls to ap_proxy_fixup_uds_filename() when proxying from
r->handler, first in proxy_handler() and second in
ap_proxy_pre_request(), but since the first will strip the UDS already
the other call is a noop. We can eventually rework this after the
release.


May I ask what this fixup was supposed to fix? I take it this was 
introduced after 2.4.59, so I guess it must have been added to fix 
something, but broke something else.
If it's too complicated to explain, that's ok too. I am just curious. 
That's all.


--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Yann Ylavic]

On Wed, Jun 26, 2024 at 12:02 AM Helmut K. C. Tessarek
 wrote:
>
> I tried with rc2, since rc3 is not available yet.
>
> Same issue.

Should be fixed by
https://github.com/apache/httpd/commit/6937b985ae112de0ad60f12a3cb522b608a4d501.diff

Regards;
Yann.

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Yann Ylavic]

On Wed, Jun 26, 2024 at 1:17 AM Eric Covener  wrote:
>
> On Tue, Jun 25, 2024 at 7:03 PM Yann Ylavic  wrote:
> >
> > On Wed, Jun 26, 2024 at 12:37 AM Eric Covener  wrote:
> > >
> > > > The attached might work, currently testing but sending early if you
> > > > want to try too.
> > >
> > > looks like proxy: is stripped off after the new call and needs to be
> > > added back in?
> >
> > Yeah, the new call to ap_proxy_fixup_uds_filename() should not take
> > &r->filename as argument.
> > Fixed in this new version.
>
> +1 with basic "fakefpm" and real fpm hello-world.  Please commit to
> trunk when practical.

Done in r1918626. Looks good in my manual testing too, there will be
two calls to ap_proxy_fixup_uds_filename() when proxying from
r->handler, first in proxy_handler() and second in
ap_proxy_pre_request(), but since the first will strip the UDS already
the other call is a noop. We can eventually rework this after the
release.

>
> If we can get another review for 2.4.x I can add it and roll an rc so
> it can be more easily picked up for testing.

+1


Regards;
Yann.

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 7:03 PM Yann Ylavic  wrote:
>
> On Wed, Jun 26, 2024 at 12:37 AM Eric Covener  wrote:
> >
> > > The attached might work, currently testing but sending early if you
> > > want to try too.
> >
> > looks like proxy: is stripped off after the new call and needs to be
> > added back in?
>
> Yeah, the new call to ap_proxy_fixup_uds_filename() should not take
> &r->filename as argument.
> Fixed in this new version.

+1 with basic "fakefpm" and real fpm hello-world.  Please commit to
trunk when practical.

If we can get another review for 2.4.x I can add it and roll an rc so
it can be more easily picked up for testing.

-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Yann Ylavic]

On Wed, Jun 26, 2024 at 12:37 AM Eric Covener  wrote:
>
> > The attached might work, currently testing but sending early if you
> > want to try too.
>
> looks like proxy: is stripped off after the new call and needs to be
> added back in?

Yeah, the new call to ap_proxy_fixup_uds_filename() should not take
&r->filename as argument.
Fixed in this new version.
Index: include/ap_mmn.h
===
--- include/ap_mmn.h	(revision 1918625)
+++ include/ap_mmn.h	(working copy)
@@ -601,6 +601,7 @@
  * 20120211.131 (2.4.59-dev) Add DAV_WALKTYPE_TOLERANT
  * 20120211.131 (2.4.60-dev) Add ap_set_content_type_ex(), ap_filepath_merge(),
  *   and AP_REQUEST_TRUSTED_CT BNOTE.
+ * 20120211.133 (2.4.60-dev) Add ap_proxy_fixup_uds_filename()
  */
 
 #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
@@ -608,7 +609,7 @@
 #ifndef MODULE_MAGIC_NUMBER_MAJOR
 #define MODULE_MAGIC_NUMBER_MAJOR 20120211
 #endif
-#define MODULE_MAGIC_NUMBER_MINOR 131 /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 133 /* 0...n */
 
 /**
  * Determine if the server's current MODULE_MAGIC_NUMBER is at least a
Index: modules/proxy/mod_proxy.c
===
--- modules/proxy/mod_proxy.c	(revision 1918625)
+++ modules/proxy/mod_proxy.c	(working copy)
@@ -1298,7 +1298,7 @@ static int proxy_handler(request_rec *r)
 ap_get_module_config(sconf, &proxy_module);
 apr_array_header_t *proxies = conf->proxies;
 struct proxy_remote *ents = (struct proxy_remote *) proxies->elts;
-int i, rc, access_status;
+int rc = DECLINED, access_status, i;
 int direct_connect = 0;
 const char *str;
 apr_int64_t maxfwd;
@@ -1314,22 +1314,33 @@ static int proxy_handler(request_rec *r)
 }
 
 if (!r->proxyreq) {
-rc = DECLINED;
 /* We may have forced the proxy handler via config or .htaccess */
 if (r->handler &&
 strncmp(r->handler, "proxy:", 6) == 0 &&
 strncmp(r->filename, "proxy:", 6) != 0) {
+char *old_filename = r->filename;
+
 r->proxyreq = PROXYREQ_REVERSE;
 r->filename = apr_pstrcat(r->pool, r->handler, r->filename, NULL);
+
 /* Still need to fixup/canonicalize r->filename */
-rc = proxy_fixup(r);
+uri = r->filename + 6;
+rc = ap_proxy_fixup_uds_filename(r, &uri);
+if (rc <= OK) {
+rc = proxy_fixup(r);
+}
+if (rc != OK) {
+r->filename = old_filename;
+r->proxyreq = 0;
+}
 }
-if (rc != OK) {
-return rc;
-}
-} else if (strncmp(r->filename, "proxy:", 6) != 0) {
-return DECLINED;
 }
+else if (strncmp(r->filename, "proxy:", 6) == 0) {
+rc = OK;
+}
+if (rc != OK) {
+return rc;
+}
 
 /* handle max-forwards / OPTIONS / TRACE */
 if ((str = apr_table_get(r->headers_in, "Max-Forwards"))) {
Index: modules/proxy/mod_proxy.h
===
--- modules/proxy/mod_proxy.h	(revision 1918625)
+++ modules/proxy/mod_proxy.h	(working copy)
@@ -1003,6 +1003,16 @@ PROXY_DECLARE(proxy_balancer_shared *) ap_proxy_fi
  proxy_balancer *balancer,
  unsigned int *index);
 
+/*
+ * In the case of the reverse proxy, we need to see if we
+ * were passed a UDS url (eg: from mod_proxy) and adjust uds_path
+ * as required.  
+ * @param rcurrent request
+ * @param url  request url to be fixed
+ * @return OK if fixed up, DECLINED if not UDS, or an HTTP_XXX error
+ */
+PROXY_DECLARE(int) ap_proxy_fixup_uds_filename(request_rec *r, char **url);
+
 /**
  * Get the most suitable worker and/or balancer for the request
  * @param worker   worker used for processing request
Index: modules/proxy/proxy_util.c
===
--- modules/proxy/proxy_util.c	(revision 1918625)
+++ modules/proxy/proxy_util.c	(working copy)
@@ -2429,7 +2429,7 @@ static int ap_proxy_retry_worker(const char *proxy
  * were passed a UDS url (eg: from mod_proxy) and adjust uds_path
  * as required.  
  */
-static int fix_uds_filename(request_rec *r, char **url) 
+PROXY_DECLARE(int) ap_proxy_fixup_uds_filename(request_rec *r, char **url) 
 {
 char *uds_url = r->filename + 6, *origin_url;
 
@@ -2452,7 +2452,7 @@ static int ap_proxy_retry_worker(const char *proxy
 if (!uds_path) {
 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10292)
 "Invalid proxy UDS filename (%s)", r->filename);
-return 0;
+return HTTP_BAD_REQUEST;
 }
 apr_table_setn(r->notes, "uds_path", uds_path);
 
@@ -2464,8 +2464,1

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-25 18:34, Eric Covener wrote:

In both GH (read only mirror) and SVN, there is a 2.4.x branch and a tag per rc.


Thank you.


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

> The attached might work, currently testing but sending early if you
> want to try too.

looks like proxy: is stripped off after the new call and needs to be
added back in?

-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 6:34 PM Eric Covener  wrote:
>
> On Tue, Jun 25, 2024 at 6:32 PM Helmut K. C. Tessarek
>  wrote:
> >
> > On 2024-06-25 18:25, Eric Covener wrote:
> > > As discussed in this thread earlier, the commit that jumped to mind
> > > was not in the rc's (and was hence obviously not the culprit)
> >
> > I missed that, sorry.
> >
> > My question still stands. What is the barnch from which the rcs are cut?
>
> In both GH (read only mirror) and SVN, there is a 2.4.x branch and a tag per 
> rc.

Whoops,e.g. https://github.com/apache/httpd/tree/2.4.60-rc2-candidate

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 6:32 PM Helmut K. C. Tessarek
 wrote:
>
> On 2024-06-25 18:25, Eric Covener wrote:
> > As discussed in this thread earlier, the commit that jumped to mind
> > was not in the rc's (and was hence obviously not the culprit)
>
> I missed that, sorry.
>
> My question still stands. What is the barnch from which the rcs are cut?

In both GH (read only mirror) and SVN, there is a 2.4.x branch and a tag per rc.



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-25 18:25, Eric Covener wrote:

As discussed in this thread earlier, the commit that jumped to mind
was not in the rc's (and was hence obviously not the culprit)


I missed that, sorry.

My question still stands. What is the barnch from which the rcs are cut?


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 6:02 PM Helmut K. C. Tessarek
 wrote:
>
> I tried with rc2, since rc3 is not available yet.
>
> Same issue.
>
> On 2024-06-25 08:44, Eric Covener wrote:
> >   - loglevel trace8 from this request
>
> Yeah, I am not putting that online for public consumption.
> I'll send it to your email address.
>
> >   - whether backing out
> > https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
> > from the candidate helps?
>
> Ok. I tried to find this code in rc2, but didn't. I seriously have no
> clue how development works with this project. Do you have a branch that
> I can use and just revert a commit? Trunk is not compatible with the
> 2.4.59 or 2.4.60 code. Referencing random commits from trunk is useless.

As discussed in this thread earlier, the commit that jumped to mind
was not in the rc's (and was hence obviously not the culprit)

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Yann Ylavic]

On Tue, Jun 25, 2024 at 11:35 PM Eric Covener  wrote:
>
> On Tue, Jun 25, 2024 at 5:22 PM Eric Covener  wrote:
> >
> > On Tue, Jun 25, 2024 at 5:06 PM Eric Covener  wrote:
> > >
> > > On Tue, Jun 25, 2024 at 4:35 PM Helmut K. C. Tessarek
> > >  wrote:
> > > >
> > > > On 2024-06-25 02:53, Ruediger Pluem wrote:
> > > > > Can you provide more details on your configuration how you forward 
> > > > > stuff to fcgi and what request you made?
> > > >
> > > > Very simple:
> > > >
> > > > 
> > > >  SetHandler  "proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx"
> > > > 
> > >
> > > I think this new path needs to account for UDS.  The URL is e.g.
> > > "unix:/tmp/fake.sock|fcgi://xxx..." during proxy_fcgi_canon so it
> > > declines, then the core handler reports the error on the
> > > pseudo-filename.
> >
> > Or for now, skip the newly added proxy_fixup() and escape just
> > r->filename before it gets the handler prefixed to it?
>
> These all seem hairy. We can do something more targetted from the
> start to decrease the fallout?

The attached might work, currently testing but sending early if you
want to try too.
Index: include/ap_mmn.h
===
--- include/ap_mmn.h	(revision 1918625)
+++ include/ap_mmn.h	(working copy)
@@ -601,6 +601,7 @@
  * 20120211.131 (2.4.59-dev) Add DAV_WALKTYPE_TOLERANT
  * 20120211.131 (2.4.60-dev) Add ap_set_content_type_ex(), ap_filepath_merge(),
  *   and AP_REQUEST_TRUSTED_CT BNOTE.
+ * 20120211.133 (2.4.60-dev) Add ap_proxy_fixup_uds_filename()
  */
 
 #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
@@ -608,7 +609,7 @@
 #ifndef MODULE_MAGIC_NUMBER_MAJOR
 #define MODULE_MAGIC_NUMBER_MAJOR 20120211
 #endif
-#define MODULE_MAGIC_NUMBER_MINOR 131 /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 133 /* 0...n */
 
 /**
  * Determine if the server's current MODULE_MAGIC_NUMBER is at least a
Index: modules/proxy/mod_proxy.c
===
--- modules/proxy/mod_proxy.c	(revision 1918625)
+++ modules/proxy/mod_proxy.c	(working copy)
@@ -1298,7 +1298,7 @@ static int proxy_handler(request_rec *r)
 ap_get_module_config(sconf, &proxy_module);
 apr_array_header_t *proxies = conf->proxies;
 struct proxy_remote *ents = (struct proxy_remote *) proxies->elts;
-int i, rc, access_status;
+int rc = DECLINED, access_status, i;
 int direct_connect = 0;
 const char *str;
 apr_int64_t maxfwd;
@@ -1314,22 +1314,30 @@ static int proxy_handler(request_rec *r)
 }
 
 if (!r->proxyreq) {
-rc = DECLINED;
 /* We may have forced the proxy handler via config or .htaccess */
 if (r->handler &&
 strncmp(r->handler, "proxy:", 6) == 0 &&
 strncmp(r->filename, "proxy:", 6) != 0) {
+char *old_filename = r->filename;
+/* Still need to fixup/canonicalize r->filename */
 r->proxyreq = PROXYREQ_REVERSE;
 r->filename = apr_pstrcat(r->pool, r->handler, r->filename, NULL);
-/* Still need to fixup/canonicalize r->filename */
-rc = proxy_fixup(r);
+rc = ap_proxy_fixup_uds_filename(r, &r->filename);
+if (rc <= OK) {
+rc = proxy_fixup(r);
+}
+if (rc != OK) {
+r->filename = old_filename;
+r->proxyreq = 0;
+}
 }
-if (rc != OK) {
-return rc;
-}
-} else if (strncmp(r->filename, "proxy:", 6) != 0) {
-return DECLINED;
 }
+else if (strncmp(r->filename, "proxy:", 6) == 0) {
+rc = OK;
+}
+if (rc != OK) {
+return rc;
+}
 
 /* handle max-forwards / OPTIONS / TRACE */
 if ((str = apr_table_get(r->headers_in, "Max-Forwards"))) {
Index: modules/proxy/mod_proxy.h
===
--- modules/proxy/mod_proxy.h	(revision 1918625)
+++ modules/proxy/mod_proxy.h	(working copy)
@@ -1003,6 +1003,16 @@ PROXY_DECLARE(proxy_balancer_shared *) ap_proxy_fi
  proxy_balancer *balancer,
  unsigned int *index);
 
+/*
+ * In the case of the reverse proxy, we need to see if we
+ * were passed a UDS url (eg: from mod_proxy) and adjust uds_path
+ * as required.  
+ * @param rcurrent request
+ * @param url  request url to be fixed
+ * @return OK if fixed up, DECLINED if not UDS, or an HTTP_XXX error
+ */
+PROXY_DECLARE(int) ap_proxy_fixup_uds_filename(request_rec *r, char **url);
+
 /**
  * Get the most suitable worker and/or balancer for the request
  * @param worker   worker used for processing request
Index: modules/proxy/proxy_util.c
===
--- modules/proxy/proxy_util.c	(revision 191862

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

I tried with rc2, since rc3 is not available yet.

Same issue.

On 2024-06-25 08:44, Eric Covener wrote:

  - loglevel trace8 from this request


Yeah, I am not putting that online for public consumption.
I'll send it to your email address.


  - whether backing out
https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
from the candidate helps?


Ok. I tried to find this code in rc2, but didn't. I seriously have no 
clue how development works with this project. Do you have a branch that 
I can use and just revert a commit? Trunk is not compatible with the 
2.4.59 or 2.4.60 code. Referencing random commits from trunk is useless.


How about a branch 2.4.60 or 2.4.60-rcX that can be used to add/revert 
commits? There must be a branch from which the rcs are created.


Cheers,
  K. C.

--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 5:22 PM Eric Covener  wrote:
>
> On Tue, Jun 25, 2024 at 5:06 PM Eric Covener  wrote:
> >
> > On Tue, Jun 25, 2024 at 4:35 PM Helmut K. C. Tessarek
> >  wrote:
> > >
> > > On 2024-06-25 02:53, Ruediger Pluem wrote:
> > > > Can you provide more details on your configuration how you forward 
> > > > stuff to fcgi and what request you made?
> > >
> > > Very simple:
> > >
> > > 
> > >  SetHandler  "proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx"
> > > 
> >
> > I think this new path needs to account for UDS.  The URL is e.g.
> > "unix:/tmp/fake.sock|fcgi://xxx..." during proxy_fcgi_canon so it
> > declines, then the core handler reports the error on the
> > pseudo-filename.
>
> Or for now, skip the newly added proxy_fixup() and escape just
> r->filename before it gets the handler prefixed to it?

These all seem hairy. We can do something more targetted from the
start to decrease the fallout?



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 5:06 PM Eric Covener  wrote:
>
> On Tue, Jun 25, 2024 at 4:35 PM Helmut K. C. Tessarek
>  wrote:
> >
> > On 2024-06-25 02:53, Ruediger Pluem wrote:
> > > Can you provide more details on your configuration how you forward stuff 
> > > to fcgi and what request you made?
> >
> > Very simple:
> >
> > 
> >  SetHandler  "proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx"
> > 
>
> I think this new path needs to account for UDS.  The URL is e.g.
> "unix:/tmp/fake.sock|fcgi://xxx..." during proxy_fcgi_canon so it
> declines, then the core handler reports the error on the
> pseudo-filename.

Or for now, skip the newly added proxy_fixup() and escape just
r->filename before it gets the handler prefixed to it?

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 4:35 PM Helmut K. C. Tessarek
 wrote:
>
> On 2024-06-25 02:53, Ruediger Pluem wrote:
> > Can you provide more details on your configuration how you forward stuff to 
> > fcgi and what request you made?
>
> Very simple:
>
> 
>  SetHandler  "proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx"
> 

I think this new path needs to account for UDS.  The URL is e.g.
"unix:/tmp/fake.sock|fcgi://xxx..." during proxy_fcgi_canon so it
declines, then the core handler reports the error on the
pseudo-filename.

static int proxy_fcgi_canon(request_rec *r, char *url)
{
char *host, sport[7];
const char *err;
char *path;
apr_port_t port, def_port;
fcgi_req_config_t *rconf = NULL;
const char *pathinfo_type = NULL;

if (ap_cstr_casecmpn(url, "fcgi:", 5) == 0) {
url += 5;
}
else {
return DECLINED;
}

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-25 08:44, Eric Covener wrote:

  - whether you build both from source / the same way


Yes, and I build always exactly the same way (my own ansible script). 
The only thing that differs is the tarball.



  - Any hint as to why there's a space in that parameter?


Which space and which parameter? I said that I believed there should be 
a space in the log output between the fcgi setup and the resource that 
is accessed.



  - loglevel trace8 from this request
  - whether backing out
https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
from the candidate helps?


I can't do that. At least not at the moment. This is a production 
machine. (Yes, I was stupid enough to do that on prod.) I'll reproduce 
on a test VM and get you the info. First I'll try rc3 or whateever the 
latest one is.


Cheers,
  K.C.
--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

On 2024-06-25 02:53, Ruediger Pluem wrote:

Can you provide more details on your configuration how you forward stuff to 
fcgi and what request you made?


Very simple:


SetHandler  "proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx"


And then I access my website at https://example.com

Please don't forget that I've been using this configuration for years.
I only change the path to the socket every time when I move to a newer 
PHP release.


Cheers,
  K.C.

--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc2 as httpd-2.4.60

[Eric Covener]

Abandoning this one as well, onto rc3.

On Tue, Jun 25, 2024 at 11:36 AM Eric Covener  wrote:
>
> Hi all,
>
> (sorry for the rework)
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc2 as 2.4.60:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha256: bcdb6b54d366269da31d8613287c4bfc9b7a8a918f6576aa28864518b031489d
> *httpd-2.4.60-rc2.tar.gz
> sha512: 
> fc5cd3da80786156f618bd7a0e48929a701903183604b4de2fc025245b62c980a1e0cc9551d712230d30fd6bf2be12692fc9db28ee90a5833d697f782cf6c9ca
> *httpd-2.4.60-rc2.tar.gz
>
> The SVN candidate source is found at tags/2.4.60-rc2-candidate.
>
> --
> Eric Covener
> cove...@gmail.com



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc2 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 11:36 AM Eric Covener  wrote:
>
> Hi all,
>
> (sorry for the rework)
>
> Please find below the proposed release tarball and signatures:
>
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc2 as 2.4.60:
> [x] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.


my +1, perl fw on AIX/xlc/ppc64 with only known perl/ssl errors in proxy.t

[VOTE] Release httpd-2.4.60-rc2 as httpd-2.4.60

[Eric Covener]

Hi all,

(sorry for the rework)

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.60-rc2 as 2.4.60:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: bcdb6b54d366269da31d8613287c4bfc9b7a8a918f6576aa28864518b031489d
*httpd-2.4.60-rc2.tar.gz
sha512: 
fc5cd3da80786156f618bd7a0e48929a701903183604b4de2fc025245b62c980a1e0cc9551d712230d30fd6bf2be12692fc9db28ee90a5833d697f782cf6c9ca
*httpd-2.4.60-rc2.tar.gz

The SVN candidate source is found at tags/2.4.60-rc2-candidate.

-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

Vote is abandoned, please look for an RC2 thread soon.

On Tue, Jun 25, 2024 at 10:58 AM Eric Covener  wrote:
>
> On Tue, Jun 25, 2024 at 9:38 AM Yann Ylavic  wrote:
> >
> > On Tue, Jun 25, 2024 at 2:50 PM Eric Covener  wrote:
> > >
> > >  - whether backing out
> > > https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
> > > from the candidate helps?
> >
> > I'm not sure r1918553 made it to rc1, did it?
>
> Sorry -- I plan to re-spin to pick it up in the next few hours.



-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 9:38 AM Yann Ylavic  wrote:
>
> On Tue, Jun 25, 2024 at 2:50 PM Eric Covener  wrote:
> >
> >  - whether backing out
> > https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
> > from the candidate helps?
>
> I'm not sure r1918553 made it to rc1, did it?

Sorry -- I plan to re-spin to pick it up in the next few hours.

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Ruediger Pluem]

On 6/25/24 3:30 PM, Yann Ylavic wrote:
> On Tue, Jun 25, 2024 at 2:50 PM Eric Covener  wrote:
>>
>>  - whether backing out
>> https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
>> from the candidate helps?
> 
> I'm not sure r1918553 made it to rc1, did it?
> 

I cannot see it there.

Regards

Rüdiger

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Yann Ylavic]

On Tue, Jun 25, 2024 at 2:50 PM Eric Covener  wrote:
>
>  - whether backing out
> https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
> from the candidate helps?

I'm not sure r1918553 made it to rc1, did it?

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

On Tue, Jun 25, 2024 at 2:54 AM Ruediger Pluem  wrote:
>
>
>
> On 6/25/24 8:30 AM, Helmut K. C. Tessarek wrote:
> > Hello,
> >
> > On 2024-06-24 14:28, Eric Covener wrote:
> >> Hi all,
> >>
> >> Please find below the proposed release tarball and signatures:
> >>
> >> https://dist.apache.org/repos/dist/dev/httpd/
> >>
> >> I would like to call a VOTE over the next few days to release
> >> this candidate tarball httpd-2.4.60-rc1 as 2.4.60:
> >> [ ] +1: It's not just good, it's good enough!
> >> [ ] +0: Let's have a talk.
> >> [ ] -1: There's trouble in paradise. Here's what's wrong.
> >
> > It's the first time I tested an rc, but since my current one coredumps on 
> > Fedora 40 (a bug is open), I thought I'd give it a try.
> >
> > Right after starting it, I get permission errors all over the place.
> >
> > Here an example:
> >
> > [core:error] [pid 1385877] AH00132: file permissions deny server access:
> > proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx/var/www/index.php
> >
> > As you can see there is no space between the fcgi and the path of the 
> > resource.
> >
> > The last part should be: fcgi://xxx /var/www/index.php
> >
> > Or maybe this is correct and normal way the error message is constructed. 
> > Either way, as soon as I install 2.4.59, the errors are
> > gone. Thus, something is off with this version.
>
> Can you provide more details on your configuration how you forward stuff to 
> fcgi and what request you made?

Also curious about:

 - whether you build both from source / the same way
 - Any hint as to why there's a space in that parameter?
 - loglevel trace8 from this request
 - whether backing out
https://github.com/apache/httpd/commit/9494aa8d52e3c263bc0413b77ac8a73b0d524388.diff
from the candidate helps?

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Stefan Eissing via dev]

> Am 24.06.2024 um 20:28 schrieb Eric Covener :
> 
> Hi all,
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.60-rc1 as 2.4.60:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1 on macOS 14.5.

Thanks for doing the release work!

- Stefan

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Ruediger Pluem]

On 6/25/24 8:30 AM, Helmut K. C. Tessarek wrote:
> Hello,
> 
> On 2024-06-24 14:28, Eric Covener wrote:
>> Hi all,
>>
>> Please find below the proposed release tarball and signatures:
>>
>> https://dist.apache.org/repos/dist/dev/httpd/
>>
>> I would like to call a VOTE over the next few days to release
>> this candidate tarball httpd-2.4.60-rc1 as 2.4.60:
>> [ ] +1: It's not just good, it's good enough!
>> [ ] +0: Let's have a talk.
>> [ ] -1: There's trouble in paradise. Here's what's wrong.
> 
> It's the first time I tested an rc, but since my current one coredumps on 
> Fedora 40 (a bug is open), I thought I'd give it a try.
> 
> Right after starting it, I get permission errors all over the place.
> 
> Here an example:
> 
> [core:error] [pid 1385877] AH00132: file permissions deny server access:
> proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx/var/www/index.php
> 
> As you can see there is no space between the fcgi and the path of the 
> resource.
> 
> The last part should be: fcgi://xxx /var/www/index.php
> 
> Or maybe this is correct and normal way the error message is constructed. 
> Either way, as soon as I install 2.4.59, the errors are
> gone. Thus, something is off with this version.

Can you provide more details on your configuration how you forward stuff to 
fcgi and what request you made?

Regards

Rüdiger

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Helmut K. C. Tessarek]

Hello,

On 2024-06-24 14:28, Eric Covener wrote:

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.60-rc1 as 2.4.60:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.


It's the first time I tested an rc, but since my current one coredumps 
on Fedora 40 (a bug is open), I thought I'd give it a try.


Right after starting it, I get permission errors all over the place.

Here an example:

[core:error] [pid 1385877] AH00132: file permissions deny server access: 
proxy:unix:/run/php82-fpm/xxx.sock|fcgi://xxx/var/www/index.php


As you can see there is no space between the fcgi and the path of the 
resource.


The last part should be: fcgi://xxx /var/www/index.php

Or maybe this is correct and normal way the error message is 
constructed. Either way, as soon as I install 2.4.59, the errors are 
gone. Thus, something is off with this version.


Cheers,
  K. C.


--
regards Helmut K. C. Tessarek  KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944

/*
   Thou shalt not follow the NULL pointer for chaos and madness
   await thee at its end.
*/


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: [VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

> this candidate tarball httpd-2.4.60-rc1 as 2.4.60:
> [X] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

Looks good on AIX/xlc/ppc (only known issues with system perl and t/ssl/proxy.t)

[VOTE] Release httpd-2.4.60-rc1 as httpd-2.4.60

[Eric Covener]

Hi all,

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.60-rc1 as 2.4.60:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha256: 75652b279ad286d8f45b65ddf072caee19017fa60b6c73a73317545baac7b798
*httpd-2.4.60-rc1.tar.gz
sha512: 
7a266e0f4ecf485e15acefa9e429499d50343c559a67de0910cc56c501cc4a8228098d5cecd390684f97fd89b953e744be7e932301bb23314330d955c886a655
*httpd-2.4.60-rc1.tar.gz

The SVN candidate source is found at tags/2.4.60-rc1-candidate.

-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Stefan Eissing via dev]

> Am 04.04.2024 um 16:22 schrieb jean-frederic clere :
> 
> On 4/4/24 13:59, SteffenAL wrote:
>> Thanks for the hint.
>> Yep, needed an extra include. Not using cmake.
>> mod_http2 shows still version 2.0.22 (h2_version.h).
>> Should it be 2.0.26 ?
> 
> or better 2.0.27? ;-)
> 
> We picked the fixes but not version...

Yeah, saw that too late. But with the secret code whisking around...we'll fix 
it in the next version. No harm done really.

> 
>> Steffen
>> On Thursday 04/04/2024 at 13:25, jean-frederic clere  wrote:
>>> On 4/4/24 12:49, Steffen Land wrote:
>>>> 
>>>> -1
>>>> Get an error:
>>>> ErrorC2065'DAV_WALKTYPE_TOLERANT': undeclared identifier
>>>> mod_dav_fsC:\VS17\Win32\httpd-2.4\modules\dav\fs\repos.c1599
>>> 
>>> I didn't see any problem while building on windows (using cmake and VS19).
>>> 
>>> +++
>>> ModeLastWriteTime Length Name
>>> - -- 
>>> -a 4/3/2024   7:56 AM 101376 mod_dav.so
>>> -a 4/3/2024   7:56 AM  51200 mod_dav_fs.so
>>> -a 4/3/2024   7:56 AM  23552 mod_dav_lock.so
>>> +++
>>> 
>>> DAV_WALKTYPE_TOLERANT is in ./modules/dav/main/mod_dav.h line 1826
>>> 
>>>> 
>>>> Steffen
>>>> On 2024/04/03 12:26:09 Eric Covener wrote:
>>>>> 
>>>>> Hi all,
>>>>> 
>>>>> (After only minor embarrassment of patching tags/2.4.55 instead of 
>>>>> 2.4.x...)
>>>>> 
>>>>> Please find below the proposed release tarball and signatures:
>>>>> 
>>>>> https://dist.apache.org/repos/dist/dev/httpd/
>>>>> 
>>>>> I would like to call a SHORTENED VOTE to release
>>>>> this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
>>>>> [ ] +1: It's not just good, it's good enough!
>>>>> [ ] +0: Let's have a talk.
>>>>> [ ] -1: There's trouble in paradise. Here's what's wrong.
>>>>> 
>>>>> The computed digests of the tarball up for vote are:
>>>>> = e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
>>>>> = 
>>>>> baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82
>>>>> 
>>>>> The SVN candidate source is found at tags/2.4.59-rc1-candidate.
>>>>> 
>>> 
>>> -- 
>>> Cheers
>>> 
>>> Jean-Frederic
>>> 
> 
> -- 
> Cheers
> 
> Jean-Frederic
> 

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[jean-frederic clere]

On 4/4/24 13:59, SteffenAL wrote:


Thanks for the hint.
Yep, needed an extra include. Not using cmake.


mod_http2 shows still version 2.0.22 (h2_version.h).
Should it be 2.0.26 ?


or better 2.0.27? ;-)

We picked the fixes but not version...



Steffen


On Thursday 04/04/2024 at 13:25, jean-frederic clere  wrote:

On 4/4/24 12:49, Steffen Land wrote:


-1
Get an error:
Error    C2065    'DAV_WALKTYPE_TOLERANT': undeclared identifier
mod_dav_fs    C:\VS17\Win32\httpd-2.4\modules\dav\fs\repos.c    1599


I didn't see any problem while building on windows (using cmake and 
VS19).


+++
Mode    LastWriteTime Length Name
    - -- 
-a 4/3/2024   7:56 AM 101376 mod_dav.so
-a 4/3/2024   7:56 AM  51200 mod_dav_fs.so
-a 4/3/2024   7:56 AM  23552 mod_dav_lock.so
+++

DAV_WALKTYPE_TOLERANT is in ./modules/dav/main/mod_dav.h line 1826



Steffen
On 2024/04/03 12:26:09 Eric Covener wrote:


Hi all,

(After only minor embarrassment of patching tags/2.4.55 instead of 
2.4.x...)


Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a SHORTENED VOTE to release
this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
= e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
= 
baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82


The SVN candidate source is found at tags/2.4.59-rc1-candidate.



--
Cheers

Jean-Frederic







--
Cheers

Jean-Frederic

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Jim Jagielski]

+1: macOS 14.4.1/Xcode 15.3, CentOS8, Ubuntu 18.04LTS, 20.04LTS, 22.04LTS

> On Apr 3, 2024, at 8:26 AM, Eric Covener  wrote:
> 
> Hi all,
> 
> (After only minor embarrassment of patching tags/2.4.55 instead of 2.4.x...)
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a SHORTENED VOTE to release
> this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
> 
> The computed digests of the tarball up for vote are:
> = e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
> = 
> baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82
> 
> The SVN candidate source is found at tags/2.4.59-rc1-candidate.

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Eric Covener]

On Thu, Apr 4, 2024 at 8:12 AM Eric Covener  wrote:

Proceeding with release now, thanks everyone for testing.

> FYI I plan to call this in about an hour with the following binding +1:
> covener, icing, jorton, thumbs, gbechis, jfclere, ylavic, minfrin


-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Eric Covener]

FYI I plan to call this in about an hour with the following binding +1:
covener, icing, jorton, thumbs, gbechis, jfclere, ylavic, minfrin


-- 
Eric Covener
cove...@gmail.com

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[SteffenAL]

Thanks for the hint.
Yep, needed an extra include. Not using cmake.


mod_http2 shows still version 2.0.22 (h2_version.h).
Should it be 2.0.26 ?

Steffen


On Thursday 04/04/2024 at 13:25, jean-frederic clere  wrote:

On 4/4/24 12:49, Steffen Land wrote:


-1
Get an error:
Error	C2065	'DAV_WALKTYPE_TOLERANT': undeclared 
identifier	mod_dav_fs	C:\VS17\Win32\httpd-2.4\modules\dav\fs\repos.c	1599


I didn't see any problem while building on windows (using cmake and 
VS19).


+++
ModeLastWriteTime Length Name
- -- 
-a 4/3/2024   7:56 AM 101376 mod_dav.so
-a 4/3/2024   7:56 AM  51200 mod_dav_fs.so
-a 4/3/2024   7:56 AM  23552 mod_dav_lock.so
+++

DAV_WALKTYPE_TOLERANT is in ./modules/dav/main/mod_dav.h line 1826



Steffen
On 2024/04/03 12:26:09 Eric Covener wrote:


Hi all,

(After only minor embarrassment of patching tags/2.4.55 instead of 
2.4.x...)


Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a SHORTENED VOTE to release
this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
= e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
= 
baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82


The SVN candidate source is found at tags/2.4.59-rc1-candidate.



--
Cheers

Jean-Frederic

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[jean-frederic clere]

On 4/4/24 12:49, Steffen Land wrote:

-1
Get an error:

Error   C2065   'DAV_WALKTYPE_TOLERANT': undeclared identifier  mod_dav_fs  
C:\VS17\Win32\httpd-2.4\modules\dav\fs\repos.c  1599


I didn't see any problem while building on windows (using cmake and VS19).

+++
ModeLastWriteTime Length Name
- -- 
-a 4/3/2024   7:56 AM 101376 mod_dav.so
-a 4/3/2024   7:56 AM  51200 mod_dav_fs.so
-a 4/3/2024   7:56 AM  23552 mod_dav_lock.so
+++

DAV_WALKTYPE_TOLERANT is in ./modules/dav/main/mod_dav.h line 1826



Steffen

On 2024/04/03 12:26:09 Eric Covener wrote:

Hi all,

(After only minor embarrassment of patching tags/2.4.55 instead of 2.4.x...)

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a SHORTENED VOTE to release
this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
= e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
= 
baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82

The SVN candidate source is found at tags/2.4.59-rc1-candidate.



--
Cheers

Jean-Frederic

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Yann Ylavic]

On Thu, Apr 4, 2024 at 12:52 PM Steffen Land  wrote:
>
> -1
> Get an error:
>
> Error   C2065   'DAV_WALKTYPE_TOLERANT': undeclared identifier  mod_dav_fs
>   C:\VS17\Win32\httpd-2.4\modules\dav\fs\repos.c  1599

Are you compiling with an old "mod_dav.h" somewhere in the -I[nclude] path?
Because DAV_WALKTYPE_TOLERANT is well defined in the new "mod_dav.h"
(of 2.4.59) which is also correctly #include'd in
"modules\dav\fs\repos.c"..

Regards;
Yann.

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Ruediger Pluem]

Are you sure that you did not use outdated headers somehow?

DAV_WALKTYPE_TOLERANT is defined in modules/dav/main/mod_dav.h

Regards

Rüdiger

On 4/4/24 12:49 PM, Steffen Land wrote:
> -1 
> Get an error:
> 
> Error C2065   'DAV_WALKTYPE_TOLERANT': undeclared identifier  mod_dav_fs  
> C:\VS17\Win32\httpd-2.4\modules\dav\fs\repos.c  1599
> 
> Steffen 
> 
> On 2024/04/03 12:26:09 Eric Covener wrote:
>> Hi all,
>>
>> (After only minor embarrassment of patching tags/2.4.55 instead of 2.4.x...)
>>
>> Please find below the proposed release tarball and signatures:
>>
>> https://dist.apache.org/repos/dist/dev/httpd/
>>
>> I would like to call a SHORTENED VOTE to release
>> this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
>> [ ] +1: It's not just good, it's good enough!
>> [ ] +0: Let's have a talk.
>> [ ] -1: There's trouble in paradise. Here's what's wrong.
>>
>> The computed digests of the tarball up for vote are:
>> = e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
>> = 
>> baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82
>>
>> The SVN candidate source is found at tags/2.4.59-rc1-candidate.
>>
> 

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Steffen Land]

-1 
Get an error:

Error   C2065   'DAV_WALKTYPE_TOLERANT': undeclared identifier  mod_dav_fs  
C:\VS17\Win32\httpd-2.4\modules\dav\fs\repos.c  1599

Steffen 

On 2024/04/03 12:26:09 Eric Covener wrote:
> Hi all,
> 
> (After only minor embarrassment of patching tags/2.4.55 instead of 2.4.x...)
> 
> Please find below the proposed release tarball and signatures:
> 
> https://dist.apache.org/repos/dist/dev/httpd/
> 
> I would like to call a SHORTENED VOTE to release
> this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
> 
> The computed digests of the tarball up for vote are:
> = e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
> = 
> baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82
> 
> The SVN candidate source is found at tags/2.4.59-rc1-candidate.
> 

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Rainer Jung]

Thanks!

Am 03.04.24 um 21:13 schrieb Eric Covener:

On Wed, Apr 3, 2024 at 3:03 PM Eric Covener  wrote:


On Wed, Apr 3, 2024 at 2:54 PM Rainer Jung  wrote:


Minor nit: the format of the SHA hash files has changes. Example:

2.4.58:

fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5
*httpd-2.4.58.tar.bz2

2.4.59:

SHA2-256(httpd-2.4.59-rc1.tar.bz2)=
ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323


fixed and repaired the ones on dist/dev

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Eric Covener]

On Wed, Apr 3, 2024 at 3:03 PM Eric Covener  wrote:
>
> On Wed, Apr 3, 2024 at 2:54 PM Rainer Jung  wrote:
> >
> > Minor nit: the format of the SHA hash files has changes. Example:
> >
> > 2.4.58:
> >
> > fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5
> > *httpd-2.4.58.tar.bz2
> >
> > 2.4.59:
> >
> > SHA2-256(httpd-2.4.59-rc1.tar.bz2)=
> > ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323

fixed and repaired the ones on dist/dev

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Eric Covener]

On Wed, Apr 3, 2024 at 2:54 PM Rainer Jung  wrote:
>
> Minor nit: the format of the SHA hash files has changes. Example:
>
> 2.4.58:
>
> fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5
> *httpd-2.4.58.tar.bz2
>
> 2.4.59:
>
> SHA2-256(httpd-2.4.59-rc1.tar.bz2)=
> ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323

It looks like the release tools are trying to strip that but maybe no
longer matching?
https://svn.apache.org/repos/asf/httpd/dev-tools/release/common-lib.sh

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Rainer Jung]

Minor nit: the format of the SHA hash files has changes. Example:

2.4.58:

fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5 
*httpd-2.4.58.tar.bz2


2.4.59:

SHA2-256(httpd-2.4.59-rc1.tar.bz2)= 
ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323


I need to see how to check scripted with commandline tools.

Am 03.04.24 um 14:26 schrieb Eric Covener:

Hi all,

(After only minor embarrassment of patching tags/2.4.55 instead of 2.4.x...)

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a SHORTENED VOTE to release
this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
= e4ec4ce12c6c8f5a794dc2263d126cb1d6ef667f034c4678ec945d61286e8b0f
= 
baa96a7c9bba48f758ca9b3e3d63f0c65db960653618109d4d7bcbf3d4776d1d51453beb65e5af57655f0b1cfb88913842bc3a117fe7acc754ddb43d4524bc82

The SVN candidate source is found at tags/2.4.59-rc1-candidate.

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Graham Leggett via dev]

On 03 Apr 2024, at 13:26, Eric Covener  wrote:

> [ ] +1: It's not just good, it's good enough!

+1 on RHEL9.

Regards,
Graham
--

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Cory McIntire]

+1

CentOS 6
CentOS 7
AlmaLinux 8
AlmaLinux 9
Ubuntu 20
Ubuntu 22

Thanks for RM’n.

Regards,
Cory McIntire | Release Manager
cory.mcint...@webpros.com<mailto:cory.mcint...@webpros.com> | cPanel – a 
webpros company



From: Eric Covener 
Date: Wednesday, April 3, 2024 at 07:26
To: Apache HTTP Server Development List 
Subject: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59
Hi all,

I would like to call a SHORTENED VOTE to release
this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[Yann Ylavic]

On Wed, Apr 3, 2024 at 2:26 PM Eric Covener  wrote:
>
> I would like to call a SHORTENED VOTE to release
> this candidate tarball httpd-2.4.59-rc1 as 2.4.59:

[X] +1: It's not just good, it's good enough!

All good from my testing on debian(s).

Thanks Eric!

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[jean-frederic clere]

On 4/3/24 14:26, Eric Covener wrote:

[X] +1: It's not just good, it's good enough!


Build and tested in fedora 39 and windows server 2019 (VS17 2022 Cmake).

--
Cheers

Jean-Frederic

Re: [VOTE] Release httpd-2.4.59-rc1 as httpd-2.4.59

[giovanni]

On 4/3/24 14:26, Eric Covener wrote:

Hi all,

(After only minor embarrassment of patching tags/2.4.55 instead of 2.4.x...)

Please find below the proposed release tarball and signatures:

https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a SHORTENED VOTE to release
this candidate tarball httpd-2.4.59-rc1 as 2.4.59:
+1

tested on OpenBSD 7.5 (LibreSSL 3.9.0) and Fedora39

Thanks for RMing
 Giovanni


OpenPGP_signature.asc
Description: OpenPGP digital signature