[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #2 from Aleksandr --- (In reply to Eric Covener from comment #1) > How do you run PHP? This directive only applies to things forked like CGI > scripts. If you use mod_php or proxy_fcgi, these directives do not apply. mod_php. Shouldn't it be applied to the whole apache process and inherited by its forked childs, including mod_php? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 Eric Covener changed: What|Removed |Added Status|NEEDINFO|RESOLVED Resolution|--- |INVALID --- Comment #3 from Eric Covener --- That's not how the manual describes it. I think in that case it would not add much to just setting ulimits in the environment that starts Apache. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #4 from Aleksandr --- (In reply to Eric Covener from comment #3) > That's not how the manual describes it. I think in that case it would not > add much to just setting ulimits in the environment that starts Apache. But technically, the is reading kernel's rlimits: AP_DECLARE(void) ap_unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit, const char *arg, const char * arg2, int type) *plimit = (struct rlimit *)apr_pcalloc(cmd->pool, sizeof(**plimit)); limit = *plimit; then adjusts: limit->rlim_max = max So I would guess either this variable is supposed to either be picked up by kernel from *plimit, or set by setrlimit, isn't it? Again, I'm not a C/kernel developer but for some reason, RLimitMEM handler calls ap_unixd_set_rlimit -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #5 from Aleksandr --- I wonder why you resolved this ticket. The only thing that RLimitMEM calls is this ap_unixd_set_rlimit, and I've not found any other code enforcing this limit -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217
--- Comment #6 from Aleksandr ---
(In reply to Aleksandr from comment #5)
> I wonder why you resolved this ticket. The only thing that RLimitMEM calls
> is this ap_unixd_set_rlimit, and I've not found any other code enforcing
> this limit
There is like 80 lines of code to check
1. core.c:
#if defined (RLIMIT_DATA) || defined (RLIMIT_VMEM) || defined (RLIMIT_AS)
AP_INIT_TAKE12("RLimitMEM", set_limit_mem,
(void*)APR_OFFSETOF(core_dir_config, limit_mem),
OR_ALL, "Soft/hard limits for max memory usage per process"),
#else
2. core.c:
static const char *set_limit_mem(cmd_parms *cmd, void *conf_,
const char *arg, const char * arg2)
{
core_dir_config *conf = conf_;
#if defined(RLIMIT_AS)
ap_unixd_set_rlimit(cmd, &conf->limit_mem, arg, arg2 ,RLIMIT_AS);
#elif defined(RLIMIT_DATA)
ap_unixd_set_rlimit(cmd, &conf->limit_mem, arg, arg2, RLIMIT_DATA);
#elif defined(RLIMIT_VMEM)
ap_unixd_set_rlimit(cmd, &conf->limit_mem, arg, arg2, RLIMIT_VMEM);
#endif
return NULL;
}
3. httpd/os/unix/unixd.c
AP_DECLARE(void) ap_unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
const char *arg,
const char * arg2, int type)
which is like 60 lines long... and has no call to setrlimit() in neither
version of apache, so this is why I'm asking if I understand properly that I
either miss something, or there is a feature that has never worked.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #7 from Eric Covener --- (In reply to Aleksandr from comment #4) > (In reply to Eric Covener from comment #3) > > That's not how the manual describes it. I think in that case it would not > > add much to just setting ulimits in the environment that starts Apache. > > But technically, the is reading kernel's rlimits: > > AP_DECLARE(void) ap_unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit, > const char *arg, > const char * arg2, int type) > > > *plimit = (struct rlimit *)apr_pcalloc(cmd->pool, sizeof(**plimit)); > limit = *plimit; > > then adjusts: > > limit->rlim_max = max > > So I would guess either this variable is supposed to either be picked up by > kernel from *plimit, or set by setrlimit, isn't it? Again, I'm not a > C/kernel developer but for some reason, RLimitMEM handler calls > ap_unixd_set_rlimit AIUI the values are read by mod_cgi/mod_cgid and passed down to the code that forks/execs CGI scripts (apr_procattr_limit_set). Nothing happens in-place for the httpd processes """ This applies to processes forked from Apache httpd children servicing requests, not the Apache httpd children themselves. This includes CGI scripts and SSI exec commands, but not any processes forked from the Apache httpd parent, such as piped logs. """ -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #8 from Eric Covener --- > or there is a feature that has never worked. The feature just doesn't limit how much memory mod_php can allocate. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #9 from Aleksandr --- Got it, what it does? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #10 from Aleksandr --- Sorry. Let me explain the problem deeper. Documentation says: ``` This applies to processes forked from Apache httpd children servicing requests, not the Apache httpd children themselves. This includes CGI scripts and SSI exec commands, but not any processes forked from the Apache httpd parent, such as piped logs. ``` So what happens, is that mod_php spawns a child process, ImageMagic's 'identify' cli proccess, which eats all the memory + all the swap. Is it applicable to that case exactly? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #11 from Aleksandr --- Again, if we're talking about 'processes forked from Apache httpd children servicing requests', in my understanding those are apache instances, running as www-data for example, not the main process which manages apache children, which is totally clear. The thing is that those 'children, servicing requests' are in fact, running mod_php, and are supposed to be actually restricted by RLimitMEM. Root apache process is not running mod_php, children are. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66218] New: Please add support for HTTP/3
https://bz.apache.org/bugzilla/show_bug.cgi?id=66218 Bug ID: 66218 Summary: Please add support for HTTP/3 Product: Apache httpd-2 Version: 2.4.53 Hardware: PC OS: All Status: NEW Severity: major Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: jfh...@gmail.com Target Milestone: --- Hey guys, Even though work is not done with Quic and HTTP/3, how long will it take for you to add a mod_http3? other web servers like IIS and nginx claim they already have or are working on it, but Apache has been quiet about it, what's going on? Thanks you. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #12 from Eric Covener --- (In reply to Aleksandr from comment #10) > Sorry. Let me explain the problem deeper. Documentation says: > > ``` > This applies to processes forked from Apache httpd children servicing > requests, not the Apache httpd children themselves. This includes CGI > scripts and SSI exec commands, but not any processes forked from the Apache > httpd parent, such as piped logs. > ``` > > So what happens, is that mod_php spawns a child process, ImageMagic's > 'identify' cli proccess, which eats all the memory + all the swap. Is it > applicable to that case exactly? I wouldn't think so. mod_cgi[d] is explicitly instrumented to read this stuff and run it between fork and exec of the script. I don't know much about PHP but i wouldn't expect it to reach back into the webserver for this kind of config. Maybe you could wrap the calls to identify to go through a script with ulimit? Or run the whole service under a lower ulimit. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66218] Please add support for HTTP/3
https://bz.apache.org/bugzilla/show_bug.cgi?id=66218 Eric Covener changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #1 from Eric Covener --- There's no sign anyone is working on HTTP/3 support. *** This bug has been marked as a duplicate of bug 64462 *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 64462] [Feature Request] Support for HTTP/3
https://bz.apache.org/bugzilla/show_bug.cgi?id=64462 Eric Covener changed: What|Removed |Added CC||jfh...@gmail.com --- Comment #3 from Eric Covener --- *** Bug 66218 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66219] New: Apache 2.4.4.3 version having latency issues on RHEL7
https://bz.apache.org/bugzilla/show_bug.cgi?id=66219 Bug ID: 66219 Summary: Apache 2.4.4.3 version having latency issues on RHEL7 Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: All Assignee: bugs@httpd.apache.org Reporter: vtownte...@gmail.com Target Milestone: --- Apache 2.4.4.3 version having latency issues on RHEL7. We opened Case with Red Hat who says this version is not supported by Red Hat. Has anyone else seen Apache 2.4.4.3 causing Web application latency issues? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66217] RLimitMEM doesn't work
https://bz.apache.org/bugzilla/show_bug.cgi?id=66217 --- Comment #13 from Aleksandr --- Thank you so much, that's the plan at the moment - to run apache under some ulimit restrictions. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66219] Apache 2.4.4.3 version having latency issues on RHEL7
https://bz.apache.org/bugzilla/show_bug.cgi?id=66219 --- Comment #1 from Michael W Johnson --- Does Apache offer any support for Apache 2.4.4.3 on any RHEL version? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66219] Apache 2.4.4.3 version having latency issues on RHEL7
https://bz.apache.org/bugzilla/show_bug.cgi?id=66219 --- Comment #2 from Eric Covener --- (In reply to Michael W Johnson from comment #1) > Does Apache offer any support for Apache 2.4.4.3 on any RHEL version? Any help is best-effort from volunteers. https://httpd.apache.org/userslist.html may help you articulate a problem or question, bugzilla is primarily monitored for actionable defects. There's not much to go on here. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 28656] consecutive ssh commands from a CGI timeout
https://bz.apache.org/bugzilla/show_bug.cgi?id=28656 ayushi changed: What|Removed |Added URL||https://trucks.tractorjunct ||ion.com/en/ashok-leyland-tr ||uck/4020 --- Comment #8 from ayushi --- This blog is so nice to me. I will continue to come here again and again https://trucks.tractorjunction.com/en/ashok-leyland-truck/4225-tipper";>Ashok Leyland 4225 Tipper -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 28656] consecutive ssh commands from a CGI timeout
https://bz.apache.org/bugzilla/show_bug.cgi?id=28656 --- Comment #9 from ayushi --- Best blog https://trucks.tractorjunction.com/en/ashok-leyland-truck/3520-twin-steering https://trucks.tractorjunction.com/en/ashok-leyland-truck/4220 https://trucks.tractorjunction.com/en/ashok-leyland-truck/2820 https://trucks.tractorjunction.com/en/ashok-leyland-truck/2820-tipper https://trucks.tractorjunction.com/en/ashok-leyland-truck/4225 https://trucks.tractorjunction.com/en/ashok-leyland-truck/2820-rmc https://trucks.tractorjunction.com/en/ashok-leyland-truck/3525-tipper https://trucks.tractorjunction.com/en/ashok-leyland-truck/3520-tipper https://trucks.tractorjunction.com/en/ashok-leyland-truck/5525 https://trucks.tractorjunction.com/en/ashok-leyland-truck/3520-8x2 https://trucks.tractorjunction.com/en/ashok-leyland-truck/4120-8x2-dtla https://trucks.tractorjunction.com/en/ashok-leyland-truck/4825 https://trucks.tractorjunction.com/en/ashok-leyland-truck/4220-tipper https://trucks.tractorjunction.com/en/ashok-leyland-truck/4020 https://trucks.tractorjunction.com/en/ashok-leyland-truck/4620 https://trucks.tractorjunction.com/en/ashok-leyland-truck/4225-tipper https://trucks.tractorjunction.com/en/ashok-leyland-truck/2825-tipper https://trucks.tractorjunction.com/en/ashok-leyland-truck/2825-rmc https://trucks.tractorjunction.com/en/ashok-leyland-truck/3525-rmc https://trucks.tractorjunction.com/en/ashok-leyland-truck/1920-tipper https://trucks.tractorjunction.com/en/ashok-leyland-truck/partner-6-tyre -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66223] New: Lacking a check for the return value of SSL_do_handshake()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66223 Bug ID: 66223 Summary: Lacking a check for the return value of SSL_do_handshake() Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC OS: Mac OS X 10.1 Status: NEW Severity: critical Priority: P2 Component: mod_ssl Assignee: bugs@httpd.apache.org Reporter: daniel.zhao1...@gmail.com Target Milestone: --- According to the descriptions of SSL_do_handshake(), it has three different return values. But in httpd-2.4.53/modules/ssl/ssl_engine_kernel.c, we find it lacks a check for the return value of SSL_do_handshake(). Reference: https://www.openssl.org/docs/man1.1.1/man3/SSL_do_handshake.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66223] Lacking a check for the return value of SSL_do_handshake()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66223 UVScan changed: What|Removed |Added CC||daniel.zhao1...@gmail.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66224] New: Lacking a check for the return value of SSL_peek()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66224 Bug ID: 66224 Summary: Lacking a check for the return value of SSL_peek() Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC OS: Mac OS X 10.1 Status: NEW Severity: normal Priority: P2 Component: mod_ssl Assignee: bugs@httpd.apache.org Reporter: daniel.zhao1...@gmail.com Target Milestone: --- According to the descriptions of SSL_peek(), it has two kinds of return values. But in httpd-2.4.53/modules/ssl/ssl_engine_kernel.c, we find it lacks a check for the return value of SSL_peek(). Reference: https://www.openssl.org/docs/man1.1.1/man3/SSL_peek.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66225] New: Lacking a check for the return value of SSL_renegotiate()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66225 Bug ID: 66225 Summary: Lacking a check for the return value of SSL_renegotiate() Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC OS: Mac OS X 10.1 Status: NEW Severity: critical Priority: P2 Component: mod_ssl Assignee: bugs@httpd.apache.org Reporter: daniel.zhao1...@gmail.com Target Milestone: --- According to the descriptions of SSL_renegotiate(), it has two different return values. But in httpd-2.4.53/modules/ssl/ssl_engine_kernel.c, we find it lacks a check for the return value of SSL_renegotiate(). Reference: https://www.openssl.org/docs/man1.1.1/man3/SSL_renegotiate.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66226] New: Lacking a check for the return value of SSL_CTX_set_session_id_context()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66226 Bug ID: 66226 Summary: Lacking a check for the return value of SSL_CTX_set_session_id_context() Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC OS: Mac OS X 10.1 Status: NEW Severity: critical Priority: P2 Component: mod_ssl Assignee: bugs@httpd.apache.org Reporter: daniel.zhao1...@gmail.com Target Milestone: --- According to the descriptions of SSL_CTX_set_session_id_context(), it has two different return values. But in httpd-2.4.53/modules/ssl/ssl_engine_kernel.c, we find it lacks a check for the return value of SSL_CTX_set_session_id_context(). Reference: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_session_id_context.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66224] Lacking a check for the return value of SSL_peek()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66224 UVScan changed: What|Removed |Added Severity|normal |critical -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 28656] consecutive ssh commands from a CGI timeout
https://bz.apache.org/bugzilla/show_bug.cgi?id=28656 --- Comment #8 from ayushi --- Thanks for sharing this Infomational and helpfull post. https://trucks.tractorjunction.com/en/ashok-leyland-truck/3520-twin-steering";>Ashok Leyland 3520 Twin Steering -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66228] New: Apache fails to start with "(38)Function not implemented: AH00141: Could not initialize random number generator"
https://bz.apache.org/bugzilla/show_bug.cgi?id=66228 Bug ID: 66228 Summary: Apache fails to start with "(38)Function not implemented: AH00141: Could not initialize random number generator" Product: Apache httpd-2 Version: 2.4.53 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: frederic.li...@free.fr Target Milestone: --- I updated debian from 10 to 11 (bullseye) and apache2 do not work anymore. "apache2 -v" gives : [:crit] [pid 48885] (38)Function not implemented: AH00141: Could not initialize random number generator -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66228] Apache fails to start with "(38)Function not implemented: AH00141: Could not initialize random number generator"
https://bz.apache.org/bugzilla/show_bug.cgi?id=66228 --- Comment #1 from frederic.li...@free.fr --- The problem seems to be my kernel version which is 3.14 # uname -r 3.14.32--grs-ipv6-64 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66225] Lacking a check for the return value of SSL_renegotiate()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66225 --- Comment #1 from UVScan --- If httpd does not check the return value of SSL_renegotiate(), it could cause a DoS attack. Since SSL renegotiation process needs many computing resources and the current httpd does not break the renegotiation process when the return value is 0 (for error), we can initiate many renegotiation requests to exhaust the resources of devices or services, causing a DoS attack. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2022/08/21]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66214] Huge memory utilization after upgrade from 2.3.39 to 2.4.54
https://bz.apache.org/bugzilla/show_bug.cgi?id=66214 engrand changed: What|Removed |Added OS||All --- Comment #2 from engrand --- Did you find any solution ? We have the same issue, our architecture is the following: * apache run in foreground mode inside a docker container * apache run behind haproxy with option forceclose * Use of mpm_event with the following configuration: StartServers 3 ServerLimit16 ThreadLimit32 MinSpareThreads25 MaxSpareThreads32 ThreadsPerChild32 MaxRequestWorkers 512 MaxConnectionsPerChild 1024 Keepalive On The number of children grows up until the limit then the server cannot serves request anymore. With mpm_worker, the number of children grows up infinitely. As consequences, the memory usage also grows up. It seems, it is not the gracefully stop problem, because apache status does not show a such situation. As workaround, we just set MaxConnectionsPerChild to 0. Thank you for your help. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66241] New: Apache server automatically restarting while getting multiple requests
https://bz.apache.org/bugzilla/show_bug.cgi?id=66241 Bug ID: 66241 Summary: Apache server automatically restarting while getting multiple requests Product: Apache httpd-2 Version: 2.4.10 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: All Assignee: bugs@httpd.apache.org Reporter: vignesh...@futurehook.com Target Milestone: --- Apache2 is automatically restarting the server and sending all request at a time. I increased the workers and events but the issue is still remaining. What should i do? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66241] Apache server automatically restarting while getting multiple requests
https://bz.apache.org/bugzilla/show_bug.cgi?id=66241 Eric Covener changed: What|Removed |Added Status|NEW |NEEDINFO OS||All --- Comment #1 from Eric Covener --- What does the error_log say? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2022/08/28]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66243] New: Nested #include not detected / path not taken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66243
Bug ID: 66243
Summary: Nested #include not detected / path not taken
Product: Apache httpd-2
Version: 2.5-HEAD
Hardware: PC
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_include
Assignee: bugs@httpd.apache.org
Reporter: 0.apa...@iam.tj
Target Milestone: ---
In mod_include.c::includes_filter() the code intended to detect nested
#includes does not trigger. I discovered this whilst adding two environment
variables (SSI_INCLUDE_LEVEL and SSI_INCLUDE_COUNT) - the sub-requests for the
nested #include statements get a new request_rec so the following code never
triggers:
if ((parent = ap_get_module_config(r->request_config, &include_module))) {
/* Kludge --- for nested includes, we want to keep the subprocess
* environment of the base document (for compatibility); that means
* torquing our own last_modified date as well so that the
* LAST_MODIFIED variable gets reset to the proper value if the
* nested document resets .
*/
r->subprocess_env = r->main->subprocess_env;
apr_pool_join(r->main->pool, r->pool);
r->finfo.mtime = r->main->finfo.mtime;
}
I added copious debug messages to trace the paths taken and the above code is
never executed.
I've tried several other methods to detect nesting but the only way it
(sometimes) works is by using static variables - but that falls over if another
thread handles sub-requests or the next full request.
It definitely won't work by storing info in include_ctx_t nor ssi_internal_ctx.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66243] Nested #include not detected / path not taken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66243 --- Comment #1 from Tj <0.apa...@iam.tj> --- Created attachment 38377 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38377&action=edit WIP + debug messaging This is the current WIP I'm using to explore the issue. There are two compile options; for per-request or per-thread tracking attempts. Neither work well at this point because I've been hacking the code about to get one or the other to work. Generally, the per-thread will work *most* of the time if the same thread handles the request and sub-requests AND the following main request (it relies on detecting the start of a new request to reset the tracking variables - a new thread breaks that in some cases). Compilation is one of: apxs -D SSI_PER_REQUEST -D DEBUG_INCLUDE -c mod_include.c apxs -D SSI_PER_THREAD -D DEBUG_INCLUDE -c mod_include.c I'll also attach a tar.bz2 containing the HTML files I'm using for the testing. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66243] Nested #include not detected / path not taken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66243 --- Comment #2 from Tj <0.apa...@iam.tj> --- Created attachment 38378 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38378&action=edit Test case HTML files -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66243] Nested #include not detected / path not taken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66243
--- Comment #3 from Eric Covener ---
> the sub-requests for the nested #include statements get a new request_rec so
> the following code never triggers:
I think on the surface it is anticipating that a new request_rec will be used
and sets things up correctly / in the right timing:
// parent setting the request_config on the subrequest to point back to itself
if (rr) {
ap_set_module_config(rr->request_config, &include_module, r);
}
// running the handler on the subrequest in the parent, which will then invoke
output filters like mod_include
if (!error_fmt && ((status = ap_run_sub_req(rr {
error_fmt = "unable to include \"%s\" in parsed file %s, subrequest
returned %d";
}
I don't understand why it doesn't work, but I suggest looking at RULEFLAG_END
in mod_rewrite.c if you want to try yet another method.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66243] Nested #include not detected / path not taken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66243
--- Comment #4 from Tj <0.apa...@iam.tj> ---
With some further debug messages I've identified the cause but not the
solution!
All calls to includes_filter() have the same, original request_rec address -
including the sub-requests so 'parent' is always NULL (since the code expects
to be working on one of the sub-request structures).
In my test page I see the same message for original and sub-requests ('r' never
changes to reflect a sub-request 'rr' value):
* includes_filter() r=0x7fc5f45150a0 r->request_config=0x7fc5f4516388
parent=0x0
In handle_include() the 'rr' values change. E.g:
...
# level2-C2.html + level3-D3.html ?
* handle_include() r=0x7fc5f44f90a0 rr=0x7fc5f44ef0a0
...
# level1_A1.html + level2-C2.html ?
* handle_include() r=0x7fc5f45070a0 rr=0x7fc5f44f90a0
...
# index.html + level1-A4.html ?
* handle_include() r=0x7fc5f45150a0 rr=0x7fc5f45070a0
# index.html + level1-A4.html ?
* handle_include() r=0x7fc5f45150a0 rr=0x7fc5f44fb0a0
...
# index.html + level1-B5.html ?
* handle_include() r=0x7fc5f45150a0 rr=0x7fc5f44f30a0
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66243] Nested #include not detected / path not taken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66243 --- Comment #5 from Tj <0.apa...@iam.tj> --- Vital typo in previous comment (put level1-A4.html twice)! * includes_filter() r=0x7fc5f45150a0 r->request_config=0x7fc5f4516388 parent=0x0 In handle_include() the 'rr' values change. E.g: ... # level2-C2.html + level3-D3.html ? * handle_include() r=0x7fc5f44f90a0 rr=0x7fc5f44ef0a0 ... # level1_A1.html + level2-C2.html ? * handle_include() r=0x7fc5f45070a0 rr=0x7fc5f44f90a0 ... # index.html + level1-A1.html ? * handle_include() r=0x7fc5f45150a0 rr=0x7fc5f45070a0 # index.html + level1-A4.html ? * handle_include() r=0x7fc5f45150a0 rr=0x7fc5f44fb0a0 ... # index.html + level1-B5.html ? * handle_include() r=0x7fc5f45150a0 rr=0x7fc5f44f30a0 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66243] Nested #include not detected / path not taken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66243 --- Comment #6 from Tj <0.apa...@iam.tj> --- Going further; attempting to use the presence of my new env-var SSI_INCLUDE_LEVEL >= 1 to trigger the nested path in includes_filter() causes a SIGSEGV because r->main is always NULL. I think this code must have been broken for some time; as a newcomer I'm finding it difficult to figure out where to look in both code and commit history to determine if this once did work (was tested and proven) and some subsequent change broke it (or if the choice of MPM affects it). Regardless of that, it looks like there needs to be a new mechanism to replace this self-admitted kludge. Adding/removing an env-var may indeed be the way. Right now the kludge is only there for finfo.mtime correction but my additions to track and report include level and counts also needs it. Recommendations on best path forward? My instinct is to totally remove the kludge and use my new variables to detect the nesting, plus possibly an temporary env-var that is set/removed internally to carry finfo.mtime, but that might be seen by some as inelegant! -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66004] Child processes disappears one by one with no web access.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66004 --- Comment #22 from rtnf...@gmail.com --- Mentioned in : https://operations.osmfoundation.org/2022/07/24/standard-tile-layer.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 64919] mod_proxy_fcgi fails to parse headers with a string length over 8192
https://bz.apache.org/bugzilla/show_bug.cgi?id=64919 maikhu...@gmail.com changed: What|Removed |Added CC||maikhu...@gmail.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2022/09/04]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66253] New: rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 Bug ID: 66253 Summary: rotatelogs -n option log file suffix can't modify Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC Status: NEW Severity: normal Priority: P2 Component: support Assignee: bugs@httpd.apache.org Reporter: max...@qq.com Target Milestone: --- some log system only collect *.log and rotatelogs with option -n will gen file log.1 log.2 can't be collect by log system so rotatelogs need an option to make log file suffix fixed -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 Eric Covener changed: What|Removed |Added OS||All Status|NEW |NEEDINFO --- Comment #1 from Eric Covener --- -n is meant for circular set of files that overwrites itself, like short-term trace. maybe it's not a good fit if you expect it to be collected. Not using -n means you can choose whatever filename you like. what's drawing you to -n in this case? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 --- Comment #2 from max --- i want save log with 50M per file, and two file for rotate. total 100m space is there a good method to gen log file xx.1.log xx.2.log or xx.2022-xxx(date).log -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 Eric Covener changed: What|Removed |Added Status|NEEDINFO|NEW --- Comment #3 from Eric Covener --- The examples here show how to use a format string in the filename argument, you can tack ".log" onto the end. Of course your 2nd arg will be "50M". -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 --- Comment #4 from Eric Covener --- Whoops, never pasted: https://httpd.apache.org/docs/2.4/programs/rotatelogs.html -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 --- Comment #5 from max --- while true; do echo 123; done | rotatelogs -n2 1.%Y-%m-%d-%H_%M_%S.log 1k Cannot use -n with % in filename if not append -n2, it will gen many log file how to make a limit of number of file -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253
--- Comment #6 from Eric Covener ---
(In reply to max from comment #5)
> while true; do echo 123; done | rotatelogs -n2 1.%Y-%m-%d-%H_%M_%S.log 1k
> Cannot use -n with % in filename
>
>
> if not append -n2, it will gen many log file
>
> how to make a limit of number of file
you can't do both at the same time with rotatelogs directly.
With -n, you could add a hard link to each file with a simple -p script:
```
#!/bin/bash
CURFILE=$1
PREVFILE=$2
ln -f $CURFILE ${CURFILE}.log
```
Or without -n, use something like logrotated to purge old log files.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 Eric Covener changed: What|Removed |Added Severity|normal |enhancement -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66253] rotatelogs -n option log file suffix can't modify
https://bz.apache.org/bugzilla/show_bug.cgi?id=66253 --- Comment #7 from max --- so it is too bother so i think it can add option to control log file suffix when with -n option can save log file with x.1.log x.2.log thanks -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 62349] Adding ProxyHTMLLinks directive leads to "malformed" / "corrupt" response (potentially due to proxying to HTTPS location?)
https://bz.apache.org/bugzilla/show_bug.cgi?id=62349 --- Comment #1 from benjamin.demart...@liege.be --- I'm encountering this as well, only when proxying a request with content-encoding set. My guess is that mod_proxy_html is executed at the wrong time and executing either before proxied request decoding or after response encoding, causing it to be applied to the compressed data and garbling it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 60439] Program terminated with signal SIGSEGV, Segmentation fault.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60439 benjamin.demart...@liege.be changed: What|Removed |Added Version|2.4.25 |2.4.37 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 62349] Adding ProxyHTMLLinks directive leads to "malformed" / "corrupt" response (potentially due to proxying to HTTPS location?)
https://bz.apache.org/bugzilla/show_bug.cgi?id=62349 benjamin.demart...@liege.be changed: What|Removed |Added Version|2.4.33 |2.4.37 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 62349] Adding ProxyHTMLLinks directive leads to "malformed" / "corrupt" response (potentially due to proxying to HTTPS location?)
https://bz.apache.org/bugzilla/show_bug.cgi?id=62349 benjamin.demart...@liege.be changed: What|Removed |Added CC||benjamin.demart...@liege.be -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 62349] Adding ProxyHTMLLinks directive leads to "malformed" / "corrupt" response (potentially due to proxying to HTTPS location?)
https://bz.apache.org/bugzilla/show_bug.cgi?id=62349 --- Comment #2 from benjamin.demart...@liege.be --- I can confirm, a bit more googling showed me the answer: Either you register the proxy-html filter manually in between INFLATE and DEFLATE using `SetOutputFilter INFLATE;xml2enc;proxy-html;DEFLATE` (in this case, don't add `ProxyHTMLEnable on` or the filter is applied twice). Or you unset accept-encoding header to avoid the problem altogether: `RequestHeader unset Accept-Encoding`. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66256] New: connection reset uploading large files
https://bz.apache.org/bugzilla/show_bug.cgi?id=66256 Bug ID: 66256 Summary: connection reset uploading large files Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC OS: Linux Status: NEW Severity: critical Priority: P2 Component: All Assignee: bugs@httpd.apache.org Reporter: push...@gmail.com Target Milestone: --- After upgrade to debian11 with apache 2.4.54, apache send reset after a while whenever I upload large files. I don´t know if it is a time or size problem. Apache log nothing. Same config does work fine in 2.4.38 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66256] connection reset uploading large files
https://bz.apache.org/bugzilla/show_bug.cgi?id=66256 --- Comment #1 from pushakk --- I have changed some reqtimeout mod params without results. Disable this mod does not work neither. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2022/09/11]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66256] connection reset uploading large files
https://bz.apache.org/bugzilla/show_bug.cgi?id=66256 pushakk changed: What|Removed |Added Resolution|--- |CLOSED Status|NEW |RESOLVED --- Comment #2 from pushakk --- finally I have solved it configuring LimitRequestBody 0 in the vhosts. It's weird because in the doc says that this parameter is unlimited by default. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66256] connection reset uploading large files
https://bz.apache.org/bugzilla/show_bug.cgi?id=66256 --- Comment #3 from Eric Covener --- The default was recently changed. But the manual looks correct here: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66256] connection reset uploading large files
https://bz.apache.org/bugzilla/show_bug.cgi?id=66256 --- Comment #4 from pushakk --- Hello, but, in this link it say Valor por defecto: LimitRequestBody 0 and 0 is unlimited. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66256] connection reset uploading large files
https://bz.apache.org/bugzilla/show_bug.cgi?id=66256 --- Comment #5 from Eric Covener --- (In reply to pushakk from comment #4) > Hello, > > but, in this link it say > > Valor por defecto:LimitRequestBody 0 > > and 0 is unlimited. Looks like an out of date translation, unfortunately there is not much volunteer effort on keeping translations up to date. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66267] New: mod_rewrite returns 403 when a directory with the same name as RewriteRule exists in server's root directory
https://bz.apache.org/bugzilla/show_bug.cgi?id=66267 Bug ID: 66267 Summary: mod_rewrite returns 403 when a directory with the same name as RewriteRule exists in server's root directory Product: Apache httpd-2 Version: 2.4.51 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: mod_rewrite Assignee: bugs@httpd.apache.org Reporter: g.g.sat...@gmail.com Target Milestone: --- I added rewrite rule in httpd.conf as below: ``` RewriteEngine on RewriteRule .* /test/sorry.html ``` When I access to http://myhostname/foo/bar, rewrite rule works as expected. (Apache returns "[DocumentRoot]/test/sorry.html" no matter which page is accessed) However, after creating `/test` directory in my server's root directory, rewrite rule will not work. You can reproduce this symptom with the following docker commands: ``` # Pull and run httpd docker image docker run --rm -d --name test_httpd -p 4000:80 docker.io/httpd:2.4.51 # Append rewrite rule to httpd.conf docker cp test_httpd:/usr/local/apache2/conf/httpd.conf ./ echo $'LoadModule rewrite_module modules/mod_rewrite.so\nRewriteEngine on\nRewriteRule .* /test/sorry.html' >> httpd.conf docker cp ./httpd.conf test_httpd:/usr/local/apache2/conf/httpd.conf # Create test HTML page docker exec test_httpd sh -c "mkdir /usr/local/apache2/htdocs/test && echo Test page > /usr/local/apache2/htdocs/test/sorry.html" docker restart test_httpd # This curl command works as expected. (says "Test page" with status 200) curl http://localhost:4000/foo/bar # After creating `/test` directory in my root directory in container, apache returns "403 Forbidden". docker exec test_httpd sh -c "mkdir /test" curl http://localhost:4000/foo/bar docker stop test_httpd ``` This example is a container, but the same thing happens on a normal server. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66267] mod_rewrite returns 403 when a directory with the same name as RewriteRule exists in server's root directory
https://bz.apache.org/bugzilla/show_bug.cgi?id=66267 Eric Covener changed: What|Removed |Added OS||All --- Comment #1 from Eric Covener --- Rewrite guesses that you are rewriting a url path to a filesystem path when the first segment exists on disk. When rewiring from url to url, PT is a good way to make it explicit. This guessing is a historical behavior that is difficult to unwind. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66267] mod_rewrite returns 403 when a directory with the same name as RewriteRule exists in server's root directory
https://bz.apache.org/bugzilla/show_bug.cgi?id=66267 Sato Kenta changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |CLOSED --- Comment #2 from Sato Kenta --- Thank you for answering. I understood. I'm sorry for not reading the documentation carefully. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2022/09/18]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66273] New: Traffic is halted in apache when one of the worker network connection is down
https://bz.apache.org/bugzilla/show_bug.cgi?id=66273 Bug ID: 66273 Summary: Traffic is halted in apache when one of the worker network connection is down Product: Apache httpd-2 Version: 2.4.34 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: mod_proxy_balancer Assignee: bugs@httpd.apache.org Reporter: lepakshidiva...@gmail.com Target Milestone: --- In loadbalancer config file ,below two works are configured. When high load is running , one of the worker network interface is down (to check the robustness - 10.192.1.2 ). On Apache , there was not traffic is passed for almost 60 secs or more. And there were some timeout and 503 errors are client side. No other timeouts are set in the apache configuration. BalancerMember https://10.192.1.2:9443 ttl=60 BalancerMember https://10.192.1.3:9443 ttl=60 Expectation is apache should halt the traffic for 60 secs , it should divert the traffic to working worker (10.192.1.3). Could you please help me understanding apache behavior when some of the workers down and is there any configuration can be used for turning the behavior. Let me know if any more information is needed -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66273] Traffic is halted in apache when one of the worker network connection is down
https://bz.apache.org/bugzilla/show_bug.cgi?id=66273 MDReddy changed: What|Removed |Added OS||All --- Comment #1 from MDReddy --- In loadbalancer config file ,below two workers are configured. When high load is running , one of the worker network interface is down (to check the robustness - 10.192.1.2 ). On Apache , there was no traffic passed for almost 60 secs or more. And there were some timeouts and 503 errors are on client side. There is no timeout related configurations are configured in apache configuration. BalancerMember https://10.192.1.2:9443 ttl=60 BalancerMember https://10.192.1.3:9443 ttl=60 Expectation is apache should not halt the traffic for 60 secs , it should divert the traffic to working worker (10.192.1.3). Could you please help me understanding apache behaviour when some of the workers down and is there any configuration can be used for turning the behaviour. Let me know if any more information is needed -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2022/09/25]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66274] New: I need to add Total column as shown below. So far my code looks like this. What is the best way to archive that?
https://bz.apache.org/bugzilla/show_bug.cgi?id=66274
Bug ID: 66274
Summary: I need to add Total column as shown below. So far my
code looks like this. What is the best way to archive
that?
Product: Apache httpd-2
Version: 2.5-HEAD
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: support
Assignee: bugs@httpd.apache.org
Reporter: adnanfarooq...@gmail.com
Target Milestone: ---
Frz
Clr
Dry
Forks
Active FL
Pallets/Hr
Pallets Done
Pallets Left
Hours Remaing
{
props.sdata.sfDetails && props.sdata.sfDetails
.map(data => {
const dmdData =
props.sdata.shiftDDetails.find(dmdRow => dmdRow.area == data.area);
return data.area === 'Total' ? null :
{data.put_active}
{(props.day) ?
isNaN(parseFloat(data.put_pal).toFixed(1)) ? 0 :
parseFloat(data.put_pal).toFixed(1) :
isNaN(parseFloat(dmdData.pal_hr).toFixed(1)) ? 0 :
parseFloat(dmdData.pal_hr).toFixed(1)}
{props.day ? data.put_done || 0 :
data.dmd_done}
{props.day ? data.put_left || 0 :
data.dmd_left}
{props.day ?
isNaN(parseFloat(data.put_hour).toFixed(1)) ? 0 :
parseFloat(data.dmd_hour).toFixed(1) : ''}
})
}
```
https://freefirebattles.com/which-game-comes-first-pubg-or-free-fire/
https://inshotapps.com/
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66273] Traffic is halted in apache when one of the worker network connection is down
https://bz.apache.org/bugzilla/show_bug.cgi?id=66273 --- Comment #2 from MDReddy --- Update : Performed the same test with connectiontimeout=5 and results are little different compare to above mentioned. There was no halt seen but no of requests sent to other node is very limited. Throughput was very down for 2 or 3 minutes and later healthy worker picked up the load . Apache should send the traffic to other worker when one worker is down and there would be any delay in traffic. proxy_hcheck_module (hcmethod=TCP hcinterval=2 hcpasses=1 hcfails=1 connectiontimeout=5) also used in the configuration and there was no different in the above behaviour. Very slow traffic was observed significant time(1 to 3 minutes ) before increasing the load on healthy worker. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66274] I need to add Total column as shown below. So far my code looks like this. What is the best way to archive that?
https://bz.apache.org/bugzilla/show_bug.cgi?id=66274 Eric Covener changed: What|Removed |Added OS||All Status|NEW |RESOLVED Resolution|--- |INVALID -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66280] New: ap_uname2id() / ap_gname2id() disregard errno (esp. EINTR) from getpwnam() / getgrnam()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66280 Bug ID: 66280 Summary: ap_uname2id() / ap_gname2id() disregard errno (esp. EINTR) from getpwnam() / getgrnam() Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: overrip...@gmail.com Target Milestone: --- Apache uses the aforementioned calls to resolve configured users/groups during startup, i.e. SuexecUserGroup directives in mod_suexec. The respective code (server/mpm_common.c) checks the return value from getpwnam()/getgrnam() and exits the process with an error message if it's NULL. The assumption here is that the username/group does not exist if the functions return NULL. But according to the standard library documentation, NULL could also be returned if an error occurs. Only errno could be used to determine whether we have a bad user/group indeed or an error or signal has interrupted the call. 0 or ENOENT or ESRCH or EBADF or EPERM or ... The given name or uid was not found. EINTR A signal was caught; see signal(7). EIOI/O error. An issue I encounter semi-regularly is having some signal interrupt Apache during restart while being inside one of these calls and the webserver dying with "AH00544: httpd: bad group name groupname". This is similar in effect to a crash, since it's dying for no real reason. My proposal here is to use errno and handle EINTR with a retry so that the server is no longer dying when it could have continued without issue. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 64537] ProxyPassMatch with mod_proxy_ajp ignores AJP secret
https://bz.apache.org/bugzilla/show_bug.cgi?id=64537 --- Comment #7 from Cedric Roijakkers --- It's been over a year since my last comment in this thread. We've been running in production with the patch supplied in this bug, everything is working fine. The latest httpd release is now 2.4.54 and this patch has still not made it into the release. We've recently ran into this bug again when using vanilla httpd in a project instead of the custom patched httpd. When will this patch finally make it into a release? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66282] New: mod_proxy_https adds "Content-Encoding: chunked" to requests that have no body
https://bz.apache.org/bugzilla/show_bug.cgi?id=66282 Bug ID: 66282 Summary: mod_proxy_https adds "Content-Encoding: chunked" to requests that have no body Product: Apache httpd-2 Version: 2.4.53 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: mod_proxy_http2 Assignee: bugs@httpd.apache.org Reporter: rainer.j...@kippdata.de Target Milestone: --- When I send a normal GET request, without body, no Transfer-Encoding and no Content-Length, to httpd and proxy it via mod_proxy_http2 to the same server, the proxied request gets "Transfer-Encoding: chunked" added by mod_proxy_http2. I think this is problematic, because - it seems to me, that "Transfer-Encoding: chunked" is not allowed for http/2 (due to its always streaming behavior), and at least it is unexpected for a GET or HEAD request - the Core Rule Set 3 of mod_security contains a rule that forbids requests without body but with Transfer-Encoding set to chunked The header is not added when using mod_proxy_http. Any chance we can get rid of it when proxying a request, that has no body and doesn't bring the header by its own? Thanks and regards, Rainer -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 64537] ProxyPassMatch with mod_proxy_ajp ignores AJP secret
https://bz.apache.org/bugzilla/show_bug.cgi?id=64537 Ruediger Pluem changed: What|Removed |Added Status|NEW |NEEDINFO --- Comment #8 from Ruediger Pluem --- This should be fixed in 2.4.54. The code evolved further from the patch attached here. Please retry with 2.4.54. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 64537] ProxyPassMatch with mod_proxy_ajp ignores AJP secret
https://bz.apache.org/bugzilla/show_bug.cgi?id=64537 --- Comment #9 from Cedric Roijakkers --- Version 2.4.54 is what I tried with, that got me fooled by looking into this issue again. To be more precise, I based my container on top of docker container httpd:2.4.54-alpine3.16. The full httpd -V output in that container is: Server version: Apache/2.4.54 (Unix) Server built: Jul 18 2022 23:35:13 Server's Module Magic Number: 20120211:124 Server loaded: APR 1.7.0, APR-UTIL 1.6.1, PCRE 8.45 2021-06-15 Compiled using: APR 1.7.0, APR-UTIL 1.6.1, PCRE 8.45 2021-06-15 Architecture: 64-bit Server MPM: event threaded: yes (fixed thread count) forked: yes (variable process count) Server compiled with -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_PROC_PTHREAD_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=256 -D HTTPD_ROOT="/usr/local/apache2" -D SUEXEC_BIN="/usr/local/apache2/bin/suexec" -D DEFAULT_PIDLOG="logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66282] mod_proxy_https adds "Content-Encoding: chunked" to requests that have no body
https://bz.apache.org/bugzilla/show_bug.cgi?id=66282 Stefan Eissing changed: What|Removed |Added OS||All --- Comment #1 from Stefan Eissing --- I made some improvements in release v2.0.8 on github of mod_http2. It might put salve on the issue, but it will not fully resolve it. To elaborate: 1. The mod_security assumption that requests without body MUST NOT have "Transfer-Encoding: chunked" is wrong. In HTTP/1.1 any request might have trailers and the only way to transport trailers is chunked encoding. Now, this may not be used by clients we know. However I recently learned that gRPC uses trailers in responses, even when there is no body. 2. The "Transfer-Encoding: chunked" that mod_security "sees" is not sent by the client via HTTP/2. mod_proxy_http2 also never sends it. Instead, there are situations where mod_http2 needs to *simulate* chunked encoding for Apache httpd internal processing (in 2.4.x). HTTP/2 request frames for a stream follow the patterns: i. HEADER* HEADER(EOH,EOS) ii. HEADER* HEADER(EOH) DATA* DATA(EOS) iii. HEADER* HEADER(EOH) DATA* HEADER* HEADER(EOS) (the "EOS" is a flag at a frame indicating this is the last one for the stream. The "EOH" bit is set at the end of request headers). Until the EOS is seen by the server, it does not know how many DATA and HEADER frames (for trailers) may follow. Even if there is a "Content-Length: 0", there might be trailer frames coming. In Apache httpd trunk we solved this problem with the new meta buckets, moving the idea that "everything follows HTTP/1.1 rules" to the transcoding layer, away from our request processing. But 2.4.x still lives in the HTTP/1.1 world and we need to make the HTTP/2 streams somehow digestible for it. I hope this illustrates the problem. And maybe mod_security may wish to comment on this. If you discover cases where we could avoid chunked encoding in 2.4.x, I'd be happy to look at them and see how we can improve. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66286] New: Replace ap_pbase64decode with apr_pbase64_decode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66286 Bug ID: 66286 Summary: Replace ap_pbase64decode with apr_pbase64_decode Product: Apache httpd-2 Version: 2.5-HEAD Hardware: All OS: All Status: NEW Severity: enhancement Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: tnies...@tnie.de Target Milestone: --- ap_pbase64decode does exactly the same as apr_pbase64_decode and can likely be replaced by it. However, I am new to the httpd code (this is my first small patch) and I don't know if compiled modules might rely on the existence of ap_pbase64decode, so I am suggesting to replace the function body of ap_pbase64decode with a call to apr_pbase64_decode for now. If someone more experienced determines that it is safe to remove ap_pbase64decode and to update call sites within httpd to use apr_pbase64_decode, I'd be glad to update the patch. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66286] Replace ap_pbase64decode with apr_pbase64_decode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66286 --- Comment #1 from Tobias Nießen --- Created attachment 38395 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38395&action=edit patch v1 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66286] Replace ap_pbase64decode with apr_pbase64_decode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66286 Tobias Nießen changed: What|Removed |Added Keywords||PatchAvailable -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66286] Replace ap_pbase64decode with apr_pbase64_decode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66286 --- Comment #2 from Eric Covener --- as you said, removing the function would be a breaking change to compiled modules and even ones that were re-compiled since they'd still have those references. We'd avoid those as they are not backportable to 2.4.x. I think apr_pbase64_decode is trunk-only for APR though, or my searching is failing me some other way. Even 2.5.x should support older apr/apr-util. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 64451] mod_reqtimeout + rewriteengine
https://bz.apache.org/bugzilla/show_bug.cgi?id=64451 --- Comment #1 from Rainer --- I can confirm this behaviour with 2.4.41-4ubuntu3.12. The body will be partially passed to the application if chunked transfer is used and transfer of a chunk exceeds the timeout. Additionally configuration overrides within a vhost seem to get ignored. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66288] New: Randi
https://bz.apache.org/bugzilla/show_bug.cgi?id=66288 Bug ID: 66288 Summary: Randi Product: Apache httpd-2 Version: 2.5-HEAD Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P2 Component: Build Assignee: bugs@httpd.apache.org Reporter: hesoyamid2...@gmail.com Target Milestone: --- Created attachment 38397 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38397&action=edit Nginx -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66288] Randi
https://bz.apache.org/bugzilla/show_bug.cgi?id=66288 Eric Covener changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66290] New: ErrorDocument is not sent when mod_security changes error code in phase 3/4
https://bz.apache.org/bugzilla/show_bug.cgi?id=66290 Bug ID: 66290 Summary: ErrorDocument is not sent when mod_security changes error code in phase 3/4 Product: Apache httpd-2 Version: 2.4.53 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: aogb...@redhat.com Target Milestone: --- Using a simplified config like this with mod_security: ProxyPass /helloworld http://unavailablesite/helloworld ErrorDocument 403 /forbidden.html SecRule RESPONSE_PROTOCOL "@contains HTTP" "id:'4',phase:4,auditlog,log,deny,status:403,msg:'yay!'" One would expect for mod_security to override the 503 with a 403 and provide the custom 403 ErrorDocument. (More realistic scenarios are using the core rule set, which will change a 5xx level response code to a 403 at paranoia level 2) The response code is changed to 403, but it suggests the ErrorDocument can't be served: 403 Forbidden Forbidden You don't have permission to access this resource. Additionally, a 503 Service Unavailable error was encountered while trying to use an ErrorDocument to handle the request. If you do proxy through to the backend and that returns another error code like 500, then this reports that 500 (or whatever from the backend) was encountered instead while serving the ErrorDocument. If you test a local page that would return a 200, then mod_security can set the 403 and serve out the ErrorDocument. >From logs and backtracking, I see no indication that the ErrorDocument is attempted and no ap_internal_redirect call. So stepping through logs and backtraces, the proxy connection fails and the processing steps into ap_die. No ErrorDocument is set for this code so it falls through: === [Fri Sep 30 17:38:22.633786 2022] [proxy_fcgi:debug] [pid 73359] mod_proxy_fcgi.c(1021): [client 127.0.0.1:32980] AH01076: url: http://127.0.0.1:8080/helloworld/foo proxyname: (null) proxyport: 0 [Fri Sep 30 17:38:22.633794 2022] [proxy_fcgi:debug] [pid 73359] mod_proxy_fcgi.c(1024): [client 127.0.0.1:32980] AH01077: declining URL http://127.0.0.1:8080/helloworld/foo [Fri Sep 30 17:38:22.633803 2022] [proxy_http:trace1] [pid 73359] mod_proxy_http.c(1978): [client 127.0.0.1:32980] HTTP: serving URL http://127.0.0.1:8080/helloworld/foo [Fri Sep 30 17:38:22.633812 2022] [proxy:debug] [pid 73359] proxy_util.c(2353): AH00942: HTTP: has acquired connection for (127.0.0.1) [Fri Sep 30 17:38:22.633822 2022] [proxy:debug] [pid 73359] proxy_util.c(2408): [client 127.0.0.1:32980] AH00944: connecting http://127.0.0.1:8080/helloworld/foo to 127.0.0.1:8080 [Fri Sep 30 17:38:22.633833 2022] [proxy:debug] [pid 73359] proxy_util.c(2634): [client 127.0.0.1:32980] AH00947: connected /helloworld/foo to 127.0.0.1:8080 [Fri Sep 30 17:38:22.633896 2022] [proxy:trace2] [pid 73359] proxy_util.c(3070): HTTP: fam 2 socket created to connect to 127.0.0.1 [Fri Sep 30 17:38:22.634041 2022] [proxy:error] [pid 73359] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8080 (127.0.0.1) failed [Fri Sep 30 17:38:22.634062 2022] [proxy_http:error] [pid 73359] [client 127.0.0.1:32980] AH01114: HTTP: failed to make connection to backend: 127.0.0.1 [Fri Sep 30 17:38:22.634071 2022] [proxy:debug] [pid 73359] proxy_util.c(2368): AH00943: HTTP: has released connection for (127.0.0.1) (gdb) bt #0 0x561b30a2db70 in ap_die_r () #1 0x561b30a2e627 in ap_process_async_request () #2 0x561b30a2e9c2 in ap_process_request () #3 0x561b30a2abe5 in ap_process_http_connection () #4 0x561b30a210c8 in ap_run_process_connection () #5 0x7f3c11be6e71 in child_main () from target:/etc/httpd/modules/mod_mpm_prefork.so #6 0x7f3c11be7174 in make_child () from target:/etc/httpd/modules/mod_mpm_prefork.so #7 0x7f3c11be71cf in startup_children () from target:/etc/httpd/modules/mod_mpm_prefork.so #8 0x7f3c11be7db3 in prefork_run () from target:/etc/httpd/modules/mod_mpm_prefork.so #9 0x561b309f915e in ap_run_mpm () #10 0x561b309f1733 in main () #0 0x561b30a082c0 in ap_response_code_string () #1 0x561b30a2de26 in ap_die_r () #2 0x561b30a2e627 in ap_process_async_request () #3 0x561b30a2e9c2 in ap_process_request () #4 0x561b30a2abe5 in ap_process_http_connection () #5 0x561b30a210c8 in ap_run_process_connection () #6 0x7f3c11be6e71 in child_main () from target:/etc/httpd/modules/mod_mpm_prefork.so #7 0x7f3c11be7174 in make_child () from target:/etc/httpd/modules/mod_mpm_prefork.so #8 0x7f3c11be71cf in startup_children () from target:/etc/httpd/modules/mod_mpm_prefork.so #9 0x7f3c11be7db3 in prefork_run () from target:/etc/httpd/modules/mod_mpm_prefork.so #10 0x561b309f915e in ap_run_mpm () #11 0x561b309f1733 in main () Thr
Bug report for Apache httpd-2 [2022/10/02]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66297] New: Undefined symbol: RAND_egd modules/ssl/.libs/libmod_ssl.a(ssl_engine_rand.o)
https://bz.apache.org/bugzilla/show_bug.cgi?id=66297 Bug ID: 66297 Summary: Undefined symbol: RAND_egd modules/ssl/.libs/libmod_ssl.a(ssl_engine_rand.o) Product: Apache httpd-2 Version: 2.5-HEAD Hardware: Sun OS: Solaris Status: NEW Severity: regression Priority: P2 Component: Build Assignee: bugs@httpd.apache.org Reporter: ran.mo...@oracle.com Target Milestone: --- While trying to compile with the following configuration: CFLAGS="-m32"; export CFLAGS "./configure" \ "--prefix=/var/opt/sun/xvm/uce/opt/server" \ "--disable-proxy_express" \ "--disable-proxy_balancer" \ "--enable-cgi=static" \ "--enable-dir=static" \ "--enable-ssl=static" \ "--enable-pcre=static" \ "--enable-unixd=static" \ "--enable-alias=static" \ "--enable-setenvif=static" \ "--enable-log-config=static" \ "--enable-deflate=static" \ "--enable-filter=static" \ "--enable-socache-dbm=static" \ "--enable-mime=static" \ "--enable-authz-core=static" \ "--enable-authz-host=static" \ "--enable-proxy=static" \ "--enable-proxy-http=static" \ "--enable-rewrite=static" \ "--enable-headers=static" \ "--enable-cache=static" \ "--enable-cache-disk=static" \ "--enable-dav=static" \ "--enable-autoindex=static" \ "--enable-reqtimeout=static" \ "--enable-mime_magic=static" \ "--with-mpm=prefork" \ "--with-ssl=/var/opt/sun/xvm/uce/opt/server/" \ "--with-module=sigvalidate:/scratch/rmozes/apache_upgrade_2.4.54/mod_sigvalidate.c" \ "--with-included-apr" \ "--with-pcre=/var/opt/sun/xvm/uce/opt/server/bin/pcre-config" \ "--with-zlib=/var/opt/sun/xvm/uce/opt/server" \ "--with-expat=/usr/sfw/" \ "CFLAGS=-m32" \ "$@" using modules: apr-1.7.0 apr-util-1.6.1 openssl1.1.1o (same error with openssl1.1.1q) the make process will fail with undefined symbol RAND_egd: bash-3.2$ /scratch/rmozes/apache_upgrade_2.4.54/httpd-2.4.54/srclib/apr/libtool --silent --mode=link gcc -std=gnu99-m32 -L/var/opt/sun/xvm/uce/opt/server/lib -o httpd modules.lo buildmark.o -export-dynamic server/libmain.la modules/aaa/libmod_authz_host.la modules/aaa/libmod_authz_core.la modules/cache/libmod_cache.la modules/cache/libmod_cache_disk.la modules/cache/libmod_socache_dbm.la modules/core/libmod_so.la modules/filters/libmod_reqtimeout.la modules/filters/libmod_filter.la modules/filters/libmod_deflate.la modules/http/libmod_http.la modules/http/libmod_mime.la modules/loggers/libmod_log_config.la modules/metadata/libmod_mime_magic.la modules/metadata/libmod_headers.la modules/metadata/libmod_setenvif.la modules/proxy/libmod_proxy.la modules/proxy/libmod_proxy_connect.la modules/proxy/libmod_proxy_ftp.la modules/proxy/libmod_proxy_http.la modules/proxy/libmod_proxy_fcgi.la modules/proxy/libmod_proxy_scgi.la modules/proxy/libmod_proxy_uwsgi.la modules/proxy/libmod_proxy_wstunnel.la modules/proxy/libmod_proxy_ajp.la modules/ssl/libmod_ssl.la modules/arch/unix/libmod_unixd.la modules/dav/main/libmod_dav.la modules/generators/libmod_autoindex.la modules/generators/libmod_cgi.la modules/dav/fs/libmod_dav_fs.la modules/sigvalidate/libmod_sigvalidate.la modules/mappers/libmod_dir.la modules/mappers/libmod_alias.la modules/mappers/libmod_rewrite.la server/mpm/prefork/libprefork.la os/unix/libos.la -L/var/opt/sun/xvm/uce/opt/server/lib -R/var/opt/sun/xvm/uce/opt/server/lib -lpcre -lz /scratch/rmozes/apache_upgrade_2.4.54/httpd-2.4.54/srclib/apr-util/libaprutil-1.la -lexpat /scratch/rmozes/apache_upgrade_2.4.54/httpd-2.4.54/srclib/apr/libapr-1.la -luuid -lsendfile -lrt -lsocket -lnsl -lpthread Undefined first referenced symbol in file RAND_egd modules/ssl/.libs/libmod_ssl.a(ssl_engine_rand.o) ld: fatal: symbol referencing errors. No output written to .libs/httpd collect2: ld returned 1 exit status bash-3.2$ the symbold RAND_egd is truly not there bash-3.2$ nm -gDC /var/opt/sun/xvm/uce/opt/server/lib/libcrypto.so | grep -i "RAND_egd" bash-3.2$ nm -gDC /var/opt/sun/xvm/uce/opt/server/lib/libssl.so | grep -i "RAND_egd" bash-3.2$ I'm not sure if this is an Apache bug or openssl or rather something I should have done while compiling the openssl. openssl was compiled with: ./Configure solaris-x86-gcc shared threads 386 no-ssl3 --prefix=/var/opt/sun/xvm/uce/opt/server --openssldir=/var/opt/sun/xvm/uce/opt/server CNF_CFLAGS=-pthreads -Wa,--noexecstack CNF_EX_LIBS=-lsocket -lnsl -ldl -pthreads -lrt -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66297] Undefined symbol: RAND_egd modules/ssl/.libs/libmod_ssl.a(ssl_engine_rand.o)
https://bz.apache.org/bugzilla/show_bug.cgi?id=66297 --- Comment #1 from Rainer Jung --- There seems to be an OpenSSL header file mixup. When OpenSSL is compiled, it detects egd support. The definition of RAND_egd() in openssl/rand.h is protected by an # ifndef OPENSSL_NO_EGD and in (my) openssl/opensslconf.h I find: #ifndef OPENSSL_NO_EGD # define OPENSSL_NO_EGD #endif When httpd gets compiled, its configure script checks for RAND_egd via AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines RAND_egd]) and sets HAVE_RAND_EGD in include/ap_config_auto.h. For my build there is: /* #undef HAVE_RAND_EGD */ Configure output and config.log also show checking for RAND_egd... no So it seems the OpenSSL which is found and used by configure supports RAND_egd (resp. OPENSSL_NO_EGD is undefined) but the one used for the compilation does not. Please check configure output and the definitions in the quoted header file, to find, where things start to go wrong. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66297] Undefined symbol: RAND_egd modules/ssl/.libs/libmod_ssl.a(ssl_engine_rand.o)
https://bz.apache.org/bugzilla/show_bug.cgi?id=66297 --- Comment #2 from ran.mo...@oracle.com --- Thanks for looking into it Rainer. I double checked that and I don’t think to have conflicting versions of the openssl in the included paths. I cleaned the path /var/opt/sun/xvm/uce/opt/server/ before compilation, then compiled the current openssl version into it. configure:27443: checking for OpenSSL configure:27456: checking for user-provided OpenSSL base directory configure:27472: result: /var/opt/sun/xvm/uce/opt/server configure:27809: checking for OpenSSL version >= 0.9.8a configure:27828: gcc -std=gnu99 -c -m32 -DSOLARIS2=10 -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -D_LARGEFILE64_SOURCE -I/var/opt/sun/xvm/uce/opt/server/include conftest.c >&5 configure:27828: $? = 0 configure:27829: result: OK Looks the same in (my) opensslconf.h file #ifndef OPENSSL_NO_EGD # define OPENSSL_NO_EGD #endif in (my) ap_config_auto.h it says: /* Define to 1 if you have the `RAND_egd' function. */ #define HAVE_RAND_EGD 1 This file differs from yours. in config.log I see: configure:27935: checking for RAND_egd configure:27935: gcc -std=gnu99 -o conftest -m32 -DSOLARIS2=10 -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -D_LARGEFILE64_SOURCE -I/var/opt/sun/xvm/uce/opt/server/include -L/usr/sfw//lib -L/var/opt/sun/xvm/uce/opt/server/lib conftest.c -lssl -lcrypto-luuid -lsendfile -lrt -lsocket -lnsl -lpthread >&5 configure:27935: $? = 0 configure:27935: result: yes configure:27961: result: yes Not sure if related but the file also includes this line: ac_cv_func_RAND_egd=yes and also found this: include/ap_config_auto.h.in:/* Define to 1 if you have the `RAND_egd' function. */ include/ap_config_auto.h.in:#undef HAVE_RAND_EGD So it seems the OpenSSL which is found and used by configure supports RAND_egd (resp. OPENSSL_NO_EGD is undefined) but the one used for the compilation does not. Looks to me like openssl claims to support the functionality but doesn’t expose it in the '.so‘ file as it should have. Do you think the same? Can you find the symbols of the RAND_egd* functions in libcrypto.so or libssl.so? Also Apache decides to use this functionality (#define HAVE_RAND_EGD 1) although the Solaris OS does include (see openssl doc for this: https://www.openssl.org/docs/manmaster/man3/RAND_egd.html) ls /dev/urandom /dev/urandom I wonder why in your case the compilation has decided to use /* #undef HAVE_RAND_EGD */ As a workaround I have manually changed ap_config_auto.h include/ap_config_auto.h.in:#undef HAVE_RAND_EGD then ran the make process from start and the compilation ended successfully. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 44181] add UnAlias
https://bz.apache.org/bugzilla/show_bug.cgi?id=44181 Smylers changed: What|Removed |Added CC||smyl...@stripey.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66297] Undefined symbol: RAND_egd modules/ssl/.libs/libmod_ssl.a(ssl_engine_rand.o)
https://bz.apache.org/bugzilla/show_bug.cgi?id=66297 --- Comment #3 from ran.mo...@oracle.com --- exchanging information also with openssl folks, they said that the configuration used in opensslconf.h and rand.h is disabling the RAND_egd by default unless openssl is compiled with "enable-egd" option (which it wasn't). It seems likely to me that a bug in the Apache build process is incorrectly detecting that EGD is enabled when it is not. The other option with 2 sets of OpenSSL headers seems unlikely to me because on my build env the Apache config process should have taken whatever is there from one location "--with-ssl=/var/opt/sun/xvm/uce/opt/server/" This location was cleaned before the process and then openssl was built with the same prefix as mentioned before. bash-3.2$ sudo find /var/opt/ -name opensslconf.h Password: /var/opt/sun/xvm/uce/opt/server/include/openssl/opensslconf.h only one instance found -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2022/10/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36636|Opn|Maj|2005-09-13|database write lock taken for PROPFIND operations | |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006
[Bug 66297] Undefined symbol: RAND_egd modules/ssl/.libs/libmod_ssl.a(ssl_engine_rand.o)
https://bz.apache.org/bugzilla/show_bug.cgi?id=66297 --- Comment #4 from Rainer Jung --- > configure:27443: checking for OpenSSL > configure:27456: checking for user-provided OpenSSL base directory > configure:27472: result: /var/opt/sun/xvm/uce/opt/server > configure:27809: checking for OpenSSL version >= 0.9.8a > configure:27828: gcc -std=gnu99 -c -m32 -DSOLARIS2=10 > -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -D_LARGEFILE64_SOURCE > -I/var/opt/sun/xvm/uce/opt/server/include conftest.c >&5 > configure:27828: $? = 0 > configure:27829: result: OK Good. > Looks the same in (my) opensslconf.h file > #ifndef OPENSSL_NO_EGD > # define OPENSSL_NO_EGD > #endif Good. > in (my) ap_config_auto.h it says: > /* Define to 1 if you have the `RAND_egd' function. */ > #define HAVE_RAND_EGD 1 Bad, but it comes from ... > in config.log I see: > configure:27935: checking for RAND_egd > configure:27935: gcc -std=gnu99 -o conftest -m32 -DSOLARIS2=10 > -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -D_LARGEFILE64_SOURCE > -I/var/opt/sun/xvm/uce/opt/server/include -L/usr/sfw//lib > -L/var/opt/sun/xvm/uce/opt/server/lib conftest.c -lssl -lcrypto-luuid > -lsendfile -lrt -lsocket -lnsl -lpthread >&5 > configure:27935: $? = 0 > configure:27935: result: yes > configure:27961: result: yes So this is the culprit and what we ned to understand. > Not sure if related but the file also includes this line: > ac_cv_func_RAND_egd=yes That is also a consequence of configure detecting RAND_egd. > and also found this: > include/ap_config_auto.h.in:/* Define to 1 if you have the `RAND_egd' > function. > */ > include/ap_config_auto.h.in:#undef HAVE_RAND_EGD That is also a consequence of configure detecting RAND_egd. > So it seems the OpenSSL which is found and used by configure supports RAND_egd > (resp. OPENSSL_NO_EGD is undefined) but the one used for the compilation does > not. Yes. > Looks to me like openssl claims to support the functionality but doesn’t > expose > it in the '.so‘ file as it should have. > Do you think the same? Can you find the symbols of the RAND_egd* functions in > libcrypto.so or libssl.so? No it doesn't have the symbol either. BUT: For instance on my Solaris 11 Sparc system, there is a local OpenSSL installation under /lib/64/libcrypto.so.1.0.0 which *does* have the RAND_egd symbol. The local file /usr/include/openssl/opensslconf.h does not define OPENSSL_NO_EGD and /usr/include/openssl/rand.h declares RAND_egd. So in my case the system installation of openssl does support RAND_egd, but my custom OpenSSL, which I use to build httpd, does not. To make sure, that httpd finds all info for your custom openssl - header files and libs - before the ones from the operating system, the include and linker paths need to be set up correctly during configure and build. Since during the configure check on your system the gcc flags are: gcc -std=gnu99 -o conftest -m32 -DSOLARIS2=10 -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -D_LARGEFILE64_SOURCE -I/var/opt/sun/xvm/uce/opt/server/include -L/usr/sfw//lib -L/var/opt/sun/xvm/uce/opt/server/lib conftest.c -lssl -lcrypto-luuid -lsendfile -lrt -lsocket -lnsl -lpthread we can see, that it would eg. use libs from /usr/sfw/lib before your own openssl libs. Therefore I think it makes sense to do the litle investigation that I suggest further below. In addition: what are your configure flags plus additional env vars you set? > Also Apache decides to use this functionality (#define HAVE_RAND_EGD 1) > although the Solaris OS does include (see openssl doc for this: > https://www.openssl.org/docs/manmaster/man3/RAND_egd.html) > ls /dev/urandom > /dev/urandom Using egd - if detected as existing - seems to have higher priority than just /dev/urandom. > I wonder why in your case the compilation has decided to use /* #undef > HAVE_RAND_EGD */ > > As a workaround I have manually changed ap_config_auto.h > include/ap_config_auto.h.in:#undef HAVE_RAND_EGD > then ran the make process from start and the compilation ended successfully. OK, the compilation result will be fine, the workaround is OK, but of course it would be better to understand why it goes wrong without woraround. So if you are still interested in fixing it really, we can have a look at what the above > configure:27935: gcc -std=gnu99 -o conftest -m32 -DSOLARIS2=10 -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT -D_LARGEFILE64_SOURCE -I/var/opt/sun/xvm/uce/opt/server/include -L/usr/sfw//lib -L/var/opt/sun/xvm/uce/opt/server/lib conftest.c -lssl -lcrypto -luuid -lsendfile -lrt -lsocket -lnsl -lpthread >&5 compiles and why it succeeeds. There are several ways of doing it, but the following should be easy: - edit your configure script, replace "RAND_egd" by "RAND_egd_unknown" There s
[Bug 66300] New: mod_proxy_hcheck does not detect AJP/CPING support
https://bz.apache.org/bugzilla/show_bug.cgi?id=66300 Bug ID: 66300 Summary: mod_proxy_hcheck does not detect AJP/CPING support Product: Apache httpd-2 Version: 2.4-HEAD Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: mod_proxy_hcheck Assignee: bugs@httpd.apache.org Reporter: alessandro.cavali...@unibo.it Target Milestone: --- We were very excited to see mod_proxy_hcheck support for AJP/CPING (r1887415) land in Ubuntu 22.04; however trying to enable it yields the following error: BalancerMember Health check method CPING not (yet) implemented This was surprising for us since from a cursory look at the code this functionality seems implemented. A couple of hours of debugging later we concluded that the order of execution of the code added in r1887415 seems to be incorrect: the code checking for AJP availability is executed in hc_post_config() which is unfortunately too late since the configuration syntax has already been marked invalid when the "hcmethod=CPING" token was found. To fix this we simply moved the code checking for AJP availability in hc_pre_config(). We are running a patched version of http-2.4.52 on a couple of hosts running Ubuntu 22.04 and it seems to be working without issues so far. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66300] mod_proxy_hcheck does not detect AJP/CPING support
https://bz.apache.org/bugzilla/show_bug.cgi?id=66300 alessandro.cavali...@unibo.it changed: What|Removed |Added Keywords||PatchAvailable -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
