Re: apr 1.7.0 configure fails on macOS with Xcode 10.2.1 SDK MacOSX10.14.sdk

On Thu, Apr 25, 2019 at 06:31:50PM +0100, Barry Scott wrote: > > On 25 Apr 2019, at 10:19, Stefan Sperling wrote: > > On Wed, Apr 24, 2019 at 08:31:12PM -0500, A. Wilcox wrote: > >> On 04/24/19 13:39, William A Rowe Jr wrote: > >>> On Wed, Apr 24, 2019 at 1:

Re: apr 1.7.0 configure fails on macOS with Xcode 10.2.1 SDK MacOSX10.14.sdk

On Wed, Apr 24, 2019 at 08:31:12PM -0500, A. Wilcox wrote: > On 04/24/19 13:39, William A Rowe Jr wrote: > > On Wed, Apr 24, 2019 at 1:04 PM Barry Scott > > wrote: > > > > I use ./configure --prefix=/usr/local/svn and see the error: > > ... > > checking

Re: Verifying printf() formatting of types

On Fri, Mar 22, 2019 at 11:55:27AM +, Yann Ylavic wrote: > On Fri, Mar 22, 2019 at 9:45 AM Yann Ylavic wrote: > > Both apr_time_t and apr_interval_time_t are (apr_)int64_t, which is > > probably format "%lld" on OpenBSD, so we'd need to determine > > APR_INT64_T (and all of our numeric _FMT)

Re: Verifying printf() formatting of types

On Fri, Mar 22, 2019 at 09:45:38AM +, Yann Ylavic wrote: > Both apr_time_t and apr_interval_time_t are (apr_)int64_t, which is > probably format "%lld" on OpenBSD, so we'd need to determine > APR_INT64_T (and all of our numeric _FMT) with > APR_CHECK_TYPES_FMT_COMPATIBLE too. Yes, I agree.

Re: Verifying printf() formatting of types

On Tue, Mar 19, 2019 at 07:30:09PM -0500, William A Rowe Jr wrote: > According to my observations, apr_time_t should match the APR_TIME_T_FMT > token in every case. Please inspect that line of httpd code to see how some > non-apr_time_t value was passed in APR_TIME_T_FMT formatting. Indeed, this

Re: Verifying printf() formatting of types

On Tue, Mar 19, 2019 at 02:09:51PM -0500, William A Rowe Jr wrote: > I find no errors in our APR_TIME -> APR_INT64 determination, and > made no such changes. > > But I note httpd 2.4.x commit r1824504 by Yann made a correction in > this sphere. Are you testing the current code or an old 2.4

Re: APR thread_mutex_cleanup on windows mishandles being called twice

On Tue, Mar 19, 2019 at 11:12:25AM +, Michael Schlenker wrote: > Hi, > > just filed https://bz.apache.org/bugzilla/show_bug.cgi?id=63271 > > (Patch attached) > > It seems to be the reason behind various crashes/restarts seen in Apache > httpd on Windows, especially when mod_cache_disk is

Re: Verifying printf() formatting of types

On Mon, Mar 18, 2019 at 05:09:40PM -0500, William A Rowe Jr wrote: > Hi folks, > > please test the attached, it works for me on Fedora, but need to verify at > least BSD, Solaris, etc. mingw remains special-case so it shouldn't be > affected. This should force off_t_fmt to "ldd" in the cases

Re: Showstoppers to 1.7.0?

On Thu, Mar 14, 2019 at 07:49:41AM -0400, Jim Jagielski wrote: > I use maintainer-mode all the time... as I said, building httpd does not > cause any errors due to APR_SSIZE_T_FMT Ah, sorry Jim. I misread your message.

Re: Showstoppers to 1.7.0?

On Wed, Mar 13, 2019 at 04:22:46PM -0400, Jim Jagielski wrote: > Just a FYI that compiling httpd trunk (HEAD) against apr-1.7 (HEAD) and > apu-1.6 (HEAD), I get no error messages about APR_OFF_T_FMT issues, so I'm > not exactly sure where these are coming from for macOS > > % uname -a > Darwin

Re: Showstoppers to 1.7.0?

On Tue, Mar 12, 2019 at 02:21:46PM -0500, William A Rowe Jr wrote: > Rereading the APR_CHECK_TYPES_COMPATIBLE logic, I misread it. We test and > successively pass ssize_t as int compatible, followed by retesting and > passing ssize_t as long compatible, so the resulting > APR_SSIZE_T_FMT pattern

Re: [PATCH] apr_off_t is 'long long' but APR_OFF_T_FMT is "ld" on OpenBSD

On Thu, Jan 17, 2019 at 03:40:26PM +0100, Stefan Eissing wrote: > I had the issue in one of my configure.ac that the extra CPPFLAGS were not > added, as from > > > apxs -q EXTRA_CPPFLAGS > > and it all compiled, except APR_OFF_T_FMT was ld instead of lld on MacOS. > > Maybe this is the same

Re: [PATCH] apr_off_t is 'long long' but APR_OFF_T_FMT is "ld" on OpenBSD

On Thu, Jan 17, 2019 at 03:24:41PM +0100, Branko Čibej wrote: > On 17.01.2019 13:28, Stefan Sperling wrote: > > On Thu, Jan 10, 2019 at 01:17:40AM +0100, Branko Čibej wrote: > >> I get that part, my question was related to APR's configure setting the > >> type of apr_off

Re: [PATCH] apr_off_t is 'long long' but APR_OFF_T_FMT is "ld" on OpenBSD

On Thu, Jan 10, 2019 at 01:17:40AM +0100, Branko Čibej wrote: > I get that part, my question was related to APR's configure setting the > type of apr_off_t and its format specifier correctly on Linux but > incorrectly on OpenBSD, even though they're equivalent. It seems to be wrong on Linux as

Re: pool debugging and httpd HTTP/2

On Thu, Jan 17, 2019 at 01:02:15PM +0100, Yann Ylavic wrote: > On Thu, Jan 17, 2019 at 12:50 PM Branko Čibej wrote: > > > > On 17.01.2019 12:36, Yann Ylavic wrote: > > > OK, so an APR only option like this? > > > > This still affects /everything/ that uses this particular compiled > > version of

Re: pool debugging and httpd HTTP/2

On Thu, Jan 17, 2019 at 12:36:49PM +0100, Yann Ylavic wrote: > OK, so an APR only option like this? Yes, thank you, this looks great! I'll see about making OpenBSD's APR port use this patch.

Re: pool debugging and httpd HTTP/2

On Thu, Jan 17, 2019 at 12:04:37PM +0100, Yann Ylavic wrote: > On Tue, Jan 15, 2019 at 11:48 AM Stefan Sperling wrote: > > > > On Tue, Jan 15, 2019 at 11:19:24AM +0100, Stefan Eissing wrote: > > > Would OpenBSD be happy with a setting (COMPILE FLAG) that forces

Re: pool debugging and httpd HTTP/2

On Tue, Jan 15, 2019 at 12:04:03PM +0100, Branko Čibej wrote: > While I understand all these arguments, I have trouble understanding how > they pertain to APR pools -- since there's no apr_pool_free(), the only > time memory can be returned to the system is during apr_pool_clear() and >

Re: pool debugging and httpd HTTP/2

On Tue, Jan 15, 2019 at 11:19:24AM +0100, Stefan Eissing wrote: > Stefan: which DEBUG flags are "you" using in production for OpenBSD? I > would like to run some h2 tests in exactly that setting... We pass --enable-pool-debug=yes to the configure script. That's all. > Would OpenBSD be happy with

Re: pool debugging and httpd HTTP/2

On Mon, Jan 14, 2019 at 11:38:55AM -0600, William A Rowe Jr wrote: > On Mon, Jan 14, 2019 at 8:42 AM Stefan Sperling wrote: > > > > > FYI, the reason APR pool debugging is enabled in production on OpenBSD > > is because, after Heartbleed, OpenBSD decided to force 3rd p

Re: pool debugging and httpd HTTP/2

On Mon, Jan 14, 2019 at 03:26:41PM +0100, Stefan Eissing wrote: > Dear APR devs, > > I need help regarding apr pools and the assumptions they make, especially in > debug mode. > > Background: there are reports of read after free and failed assertions when > httpd's HTTP/2 implementation is

[PATCH] apr_off_t is 'long long' but APR_OFF_T_FMT is "ld" on OpenBSD

APR's configure script logic results in inconsistent type and format string definitions on OpenBSD. apr_off_t is defined as 'long long' but APR_OFF_T_FMT is defined as "ld". This results in obvious build failures e.g. if httpd is built with -Werror. This is just one example of many such errors:

Re: Using APR pools "better"

On Wed, Sep 26, 2018 at 04:15:19PM -0500, Greg Stein wrote: > iterpool, scratch_pool, and result_pool are the KEY three concepts that we > learned while working on Subversion. Here's a recent example of where and why we added an iterpool (which should have been added when this loop was written in

fix build on OpenBSD/arm

APR is failing to build on OpenBSD/arm. See https://marc.info/?l=openbsd-ports=152451633123867=2 This patch fixes it. However, I would hesitate using such an approach in the first place, because you will receive more patches for someone else's FavouriteBSD or some other OS in the future. I don't

Re: Licensing claims (fnmatch)

On Thu, Feb 22, 2018 at 01:31:34PM -0600, William A Rowe Jr wrote: > Nick is right, I needed to pursue this with all apr_fnmatch.c committers > for this specific change, once that first question is resolved. Thanks for > the confirmation, Ryan! Small fixes were also suggested by several >

Re: [Announce] Apache Portable Runtime APR 1.6.3, APR-util 1.6.1 and APR-iconv 1.2.2 Released

On Wed, Nov 01, 2017 at 01:07:34PM +0100, Rainer Jung wrote: > Am 01.11.2017 um 12:22 schrieb Stefan Sperling: > > On Mon, Oct 23, 2017 at 01:27:59PM -0500, William A Rowe Jr wrote: > > >CVE-2017-12618; Out-of-bounds access in corrupted SDBM database. > > > > &

Re: [PATCH] arc4random support

Bump. Is this patch worth considering for APR? On Thu, Oct 26, 2017 at 12:56:13PM +0200, Stefan Sperling wrote: > This patch adds support for using the arc4random API as an entropy source. > > The arc4random API originates from OpenBSD where it supersedes random(3), > rand(3

Re: [Announce] Apache Portable Runtime APR 1.6.3, APR-util 1.6.1 and APR-iconv 1.2.2 Released

On Mon, Oct 23, 2017 at 01:27:59PM -0500, William A Rowe Jr wrote: > CVE-2017-12618; Out-of-bounds access in corrupted SDBM database. > > APR-util 1.6.0 and prior failed to validate the integrity of SDBM > database files used by apr_sdbm*() functions, resulting in a > possible out of

[PATCH] arc4random support

This patch adds support for using the arc4random API as an entropy source. The arc4random API originates from OpenBSD where it supersedes random(3), rand(3), and files in the /dev filesystem: http://man.openbsd.org/arc4random The arc4random_buf() function maps 1:1 onto

Re: Default Linux mutex method

On Mon, Apr 03, 2017 at 05:36:02PM -0500, William A Rowe Jr wrote: > On Mon, Apr 3, 2017 at 5:00 PM, Yann Ylavic wrote: > > On Mon, Apr 3, 2017 at 9:24 PM, William A Rowe Jr > > wrote: > > > >> Given that we didn't elect PROC_PTHREAD mutexes as an

Re: apr_token_* conclusions

On Wed, Jan 27, 2016 at 10:40:06PM -0600, William A Rowe Jr wrote: > If you are new to the conversation, include/apr_cstr.h has absorbed much of > the efforts of svn_cstring_* API's into apr_cstr_* functions. I'm very happy to see our strtol()-wrappers in APR. These wrap the POSIX functions with

Re: Bug: svn: E000002: Can't create temporary file from template '/tmp/svn-XXXXXX': No such file or directory

Hi Edwin, Seems like HP-UX's mktemp() shouldn't be used by APR. Cross-posting this to apr-dev. I believe it should be addressed in APR rather than Subversion. On Tue, Aug 28, 2012 at 11:33:48AM +0300, Edwin Goh wrote: OS: HP-UX SVN: svn, version 1.7.6 (r1370777) compiled Aug 20 2012,

Re: apr_proc_create {detached} pipes?

On Thu, Apr 12, 2012 at 10:37:13PM -0500, William A. Rowe Jr. wrote: Has anyone else ever encountered an opportunity to detach a process, which you would still enjoy stdio channels to communicate? Yes, this is done in Subversion to run hook scripts. See svn_io_start_cmd3() in:

Re: apr_proc_create {detached} pipes?

On Sun, Apr 15, 2012 at 04:02:55PM -0500, William A. Rowe Jr. wrote: Stefan I don't see where you detach... did you simply mean that cmd3 was meant to use detached processes? As in, not of this process group? We might be talking of two different bugs. Oh. I realise I didn't understand

Re: [PATCH] charclass matching and input check for fnmatch

On Wed, Dec 07, 2011 at 03:38:05PM -0800, William A. Rowe Jr. wrote: On 12/7/2011 1:12 PM, Stefan Sperling wrote: Can the classmatch bits go in without this strnlen check in the meantime? As long as the appropriate change is made to NOTICE, I am +1, the license appears group-A fully

Re: [PATCH] charclass matching and input check for fnmatch

Oops, hit 'send' to early and forgot to put the charclass.h copyright notice into LICENSE in the last diff I sent. Index: strings/charclass.h === --- strings/charclass.h (revision 0) +++ strings/charclass.h (working copy) @@ -0,0

Re: [PATCH] charclass matching and input check for fnmatch

On Tue, Dec 06, 2011 at 12:48:26PM -0800, William A. Rowe Jr. wrote: On 12/6/2011 4:36 AM, Stefan Sperling wrote: @@ -207,6 +274,10 @@ APR_DECLARE(int) apr_fnmatch(const char *pattern, const char *mismatch = NULL; int matchlen = 0; +if (strnlen(pattern, APR_PATH_MAX

[PATCH] charclass matching and input check for fnmatch

side. Would these also be welcome at APR so we can stay in sync more easily? [[[ Add character class matching to fnmatch(). Don't try to match patterns or strings longer than APR_PATH_MAX. Both changes were obtained from OpenBSD. Submitted by: Stefan Sperling s...@apache.org ]]] Index: strings

Re: [PATCH] charclass matching and input check for fnmatch

On Tue, Dec 06, 2011 at 01:36:30PM +0100, Stefan Sperling wrote: It is likely that we'll apply some intending changes on the OpenBSD side. I meant of course *indentation* changes :)