[Bug 66499] 302 redirects when the :scheme header does not match the connection type
https://bz.apache.org/bugzilla/show_bug.cgi?id=66499 Paulo M changed: What|Removed |Added CC|mentalstring+apache@gmail.c | |om | -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66225] Lacking a check for the return value of SSL_renegotiate()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66225 Giovanni Bechis changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #2 from Giovanni Bechis --- Fixed in r1908805. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66225] Lacking a check for the return value of SSL_renegotiate()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66225 Giovanni Bechis changed: What|Removed |Added Keywords||PatchAvailable -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66547] New: emptying query strings broken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66547
Bug ID: 66547
Summary: emptying query strings broken
Product: Apache httpd-2
Version: 2.4.56
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_rewrite
Assignee: bugs@httpd.apache.org
Reporter: robert.will...@conceptpeople.de
Target Milestone: ---
Redirects that remove the query string doesn't work anymore.
RewriteCond %{QUERY_STRING} "q\=([0-9]+)"
RewriteRule ^(.*)$ $1? [R=301,L]
This will add %3f to the URL since 2.4.56.
With NE flag set ? will be added to the URL.
2.4.54 /test?q=123 -> /test
2.4.56 /test?q=123 -> /test%3f
2.4.56 NE /test?q=123 -> /test?
Debian Bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033284
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66547] emptying query strings broken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66547 Eric Covener changed: What|Removed |Added Status|NEW |NEEDINFO --- Comment #1 from Eric Covener --- Thanks for reporting, if you have the ability to give this fix a try: http://svn.apache.org/viewvc?view=revision&revision=1908813 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66547] emptying query strings broken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66547 Robert Willert changed: What|Removed |Added Resolution|--- |FIXED Status|NEEDINFO|RESOLVED --- Comment #2 from Robert Willert --- I tested the current trunk version. The query string is removed. thx -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66547] emptying query strings broken
https://bz.apache.org/bugzilla/show_bug.cgi?id=66547 --- Comment #3 from Eric Covener --- Is queued up for 2.4.57 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2023/04/02]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content | |39748|New|Enh|2006
[Bug 66551] New: Viajes organizados al detalle para los viajeros que visitan por primera vez Costa Rica.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66551 Bug ID: 66551 Summary: Viajes organizados al detalle para los viajeros que visitan por primera vez Costa Rica. Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC Status: NEW Severity: normal Priority: P2 Component: libapreq2 Assignee: bugs@httpd.apache.org Reporter: josemerchan2...@gmail.com Target Milestone: --- https://rutascostarica.viajes/ -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66551] Viajes organizados al detalle para los viajeros que visitan por primera vez Costa Rica.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66551 José marchan changed: What|Removed |Added OS||All -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66551] Viajes organizados al detalle para los viajeros que visitan por primera vez Costa Rica.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66551 José marchan changed: What|Removed |Added CC||josemerchan2...@gmail.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66551] Viajes organizados al detalle para los viajeros que visitan por primera vez Costa Rica.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66551 José marchan changed: What|Removed |Added Resolution|--- |CLOSED Status|NEW |RESOLVED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66223] Lacking a check for the return value of SSL_do_handshake()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66223 Giovanni Bechis changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Giovanni Bechis --- Fixed in r1908936 and r1908964. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66223] Lacking a check for the return value of SSL_do_handshake()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66223 Giovanni Bechis changed: What|Removed |Added Keywords||PatchAvailable -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66226] Lacking a check for the return value of SSL_CTX_set_session_id_context()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66226 Giovanni Bechis changed: What|Removed |Added Keywords||PatchAvailable -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66226] Lacking a check for the return value of SSL_CTX_set_session_id_context()
https://bz.apache.org/bugzilla/show_bug.cgi?id=66226 Giovanni Bechis changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Giovanni Bechis --- Fixed in r1908971. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66558] New: Undocumented "Absolute Path" requirement for mod_vhost_alias directives
https://bz.apache.org/bugzilla/show_bug.cgi?id=66558 Bug ID: 66558 Summary: Undocumented "Absolute Path" requirement for mod_vhost_alias directives Product: Apache httpd-2 Version: 2.4.46 Hardware: All Status: NEW Severity: normal Priority: P2 Component: mod_vhost_alias Assignee: bugs@httpd.apache.org Reporter: jamie.mcglynn6...@outlook.com Target Milestone: --- Created attachment 38532 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38532&action=edit What happens when "sites/%p/%0" is used (e.g. with intent for "sites/443/example.com") The current behaviour of the mod_vhost_alias module requires that its directives require absolute paths, however this requirement is not documented on the runtime documentation for the module on the httpd website. | Syntax error on line x of y.conf: | format string must be an absolute path, or 'none' Additionally, this introduces portable-installation issues, especially on Windows builds, and would require manual changes when the installation location is moved or is run from an ejectable/portable storage medium where the drive letter could potentially change. A recommendation for a fix is that the behaviour of the directives in mod_vhost_alias should allow for relative paths (for example "sites/%p/%0" for "sites/443/example.com" relative to the server root) or, in-short, be patched to folow the same validity criteria and make it more compatible with the DocumentRoot directive in the server's core. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66559] New: implement flushpackets=on
https://bz.apache.org/bugzilla/show_bug.cgi?id=66559 Bug ID: 66559 Summary: implement flushpackets=on Product: Apache httpd-2 Version: 2.5-HEAD Hardware: PC Status: NEW Severity: normal Priority: P2 Component: mod_proxy_http Assignee: bugs@httpd.apache.org Reporter: i...@fernandolucas.info Target Milestone: --- flushpackets in proxypass is not implemented in mod_proxy_http It would be quite useful to implement flushpackets on the case of doing a reverse proxy. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66559] implement flushpackets=on
https://bz.apache.org/bugzilla/show_bug.cgi?id=66559 i...@fernandolucas.info changed: What|Removed |Added OS||All Version|2.5-HEAD|2.4-HEAD Severity|normal |enhancement Hardware|PC |All -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2023/04/09]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content | |39748|New|Enh|2006
[Bug 66561] New: The build fails with slibtool
https://bz.apache.org/bugzilla/show_bug.cgi?id=66561 Bug ID: 66561 Summary: The build fails with slibtool Product: Apache httpd-2 Version: 2.4.56 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Build Assignee: bugs@httpd.apache.org Reporter: or...@riseup.net Target Milestone: --- Created attachment 38534 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38534&action=edit Build fix patch When building with slibtool instead of GNU libtool the user should be using the rlibtool symlink which will correctly determine if building shared or static libraries from the libtool generated by autotools from LT_INIT in configure.in. However apache-httpd doesn't call LT_INIT and the generated libtool doesn't exist causing the build to fail. LT_INIT can be simply added to configure.in as shown in the attached patch which will result in the build working just fine with both GNU libtool and slibtool, but with GNU libtool it will end up using the generated libtool rather than /usr/share/apr/build/libtool from the apr package so I am unsure if that is the idea solution? This was reported for Gentoo here. https://bugs.gentoo.org/858836 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66561] The build fails with slibtool
https://bz.apache.org/bugzilla/show_bug.cgi?id=66561 --- Comment #1 from or...@riseup.net --- Created attachment 38535 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38535&action=edit Build log -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66562] New: apxs does not respect slibtool
https://bz.apache.org/bugzilla/show_bug.cgi?id=66562 Bug ID: 66562 Summary: apxs does not respect slibtool Product: Apache httpd-2 Version: 2.4.56 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Build Assignee: bugs@httpd.apache.org Reporter: or...@riseup.net Target Milestone: --- Created attachment 38536 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38536&action=edit Build fix workaround for mod_musicindex When building a project that depends upon apxs it will call /usr/lib/apache2/build/instdso.sh and then /usr/share/apr/build/libtool. This is a problem when the user is also using slibtool as mixing and matching libtool implementations is not going to work. For example in an arbitrary example of mod_musicindex it will build the project with slibtool and then fail during the install target because it calls /usr/share/apr/build/libtool instead. /usr/sbin/apxs -S LIBEXECDIR="/var/tmp/portage/www-apache/mod_musicindex-1.4.1-r3/image/usr/lib/apache2/modules" -i -n musicindex mod_musicindex.la /usr/lib/apache2/build/instdso.sh SH_LIBTOOL='/usr/share/apr/build/libtool' mod_musicindex.la /var/tmp/portage/www-apache/mod_musicindex-1.4.1-r3/image/usr/lib/apache2/modules /usr/share/apr/build/libtool --mode=install install mod_musicindex.la /var/tmp/portage/www-apache/mod_musicindex-1.4.1-r3/image/usr/lib/apache2/modules/ libtool: install: install .libs/mod_musicindex.so /var/tmp/portage/www-apache/mod_musicindex-1.4.1-r3/image/usr/lib/apache2/modules/mod_musicindex.so libtool: install: install .libs/mod_musicindex.lai /var/tmp/portage/www-apache/mod_musicindex-1.4.1-r3/image/usr/lib/apache2/modules/mod_musicindex.la libtool: install: install .libs/libmod_musicindex.a /var/tmp/portage/www-apache/mod_musicindex-1.4.1-r3/image/usr/lib/apache2/modules/libmod_musicindex.a install: cannot stat '.libs/libmod_musicindex.a': No such file or directory install-xattr: failed to stat /var/tmp/portage/www-apache/mod_musicindex-1.4.1-r3/image/usr/lib/apache2/modules/libmod_musicindex.a: No such file or directory apxs:Error: Command failed with rc=65536 . make[1]: *** [Makefile:766: install] Error 1 In this case simply using the default autotools install target works easily enough, but perhaps it would be better if apxs allowed using slibtool when its set? Ideally it should be respected as part of the MAKEFLAGS env variable, for example: export MAKEFLAGS='LIBTOOL=rlibtool' Where rlibtool should be the default slibtool symlink that correctly respects the --enable/disable-shared/static flags as set in the libtool generated by autotools. As I don't know perl I would greatly appreciate any help that can be offered here. One of the bug reports made for Gentoo can be seen here. https://bugs.gentoo.org/778566 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66562] apxs does not respect slibtool
https://bz.apache.org/bugzilla/show_bug.cgi?id=66562 --- Comment #1 from or...@riseup.net --- Created attachment 38537 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38537&action=edit mod_musicindex build log -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66561] The build fails with slibtool
https://bz.apache.org/bugzilla/show_bug.cgi?id=66561 Sam James changed: What|Removed |Added CC||s...@gentoo.org -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66562] apxs does not respect slibtool
https://bz.apache.org/bugzilla/show_bug.cgi?id=66562 Sam James changed: What|Removed |Added CC||s...@gentoo.org -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66539] Crash in mod_log_config when using the new mod_http2 in httpd-2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66539 --- Comment #5 from Teodor Milkov --- Hello, I see there's 2.4.57 incorporating this fix, so naturally I tried it and for my big surprise it crashed in the same way as 2.4.56 without the patch. I looked into httpd-2.4.57/modules/http2/h2_request.c and the apr_table_copy() -> apr_table_clone() fix seems to be there as expected. Here's a backtrace, which looks very much the same as in 2.4.56: #0 __strcasecmp_l_avx () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:199 #1 0x72c28fc655f1 in apr_table_get () from /usr/lib/x86_64-linux-gnu/libapr-1.so.0 #2 0x1d2d6f31cafb in log_header_in (r=0x72c20813c0a0, a=0x72c28475fc08 "Referer") at mod_log_config.c:441 #3 0x1d2d6f31e2ed in process_item (r=0x72c20813c0a0, orig=0x72c20813c0a0, item=0x72c28475fe80) at mod_log_config.c:1095 #4 0x1d2d6f31e5b7 in config_log_transaction (r=0x72c20813c0a0, cls=0x72c28f838b00, default_format=0x72c28f8410c0) at mod_log_config.c:1168 #5 0x1d2d6f31e7ed in multi_log_transaction (r=0x72c20813c0a0) at mod_log_config.c:1206 #6 0x1d2d6f2a98ed in ap_run_log_transaction (r=0x72c20813c0a0) at protocol.c:2586 #7 0x1d2d6f2bed3f in eor_bucket_cleanup (data=0x72c2081db390) at eor_bucket.c:40 #8 0x72c28fc6d80e in apr_pool_destroy () from /usr/lib/x86_64-linux-gnu/libapr-1.so.0 #9 0x72c28fc6d82d in apr_pool_destroy () from /usr/lib/x86_64-linux-gnu/libapr-1.so.0 #10 0x72c28fc6d82d in apr_pool_destroy () from /usr/lib/x86_64-linux-gnu/libapr-1.so.0 #11 0x72c28fc6d82d in apr_pool_destroy () from /usr/lib/x86_64-linux-gnu/libapr-1.so.0 #12 0x72c28fc6d82d in apr_pool_destroy () from /usr/lib/x86_64-linux-gnu/libapr-1.so.0 #13 0x72c28f800605 in ?? () from /apache/modules/mod_http2.so #14 0x72c28f7eae85 in ?? () from /apache/modules/mod_http2.so #15 0x1d2d6f2d56ac in ap_run_pre_close_connection (c=0x72c26c11f360) at connection.c:44 #16 0x1d2d6f2d5840 in ap_prep_lingering_close (c=0x72c26c11f360) at connection.c:101 #17 0x1d2d6f2d58b5 in ap_start_lingering_close (c=0x72c26c11f360) at connection.c:127 #18 0x1d2d6f37e56e in process_lingering_close (cs=0x72c26c11f2b0) at event.c:1500 #19 0x1d2d6f37dbb7 in process_socket (thd=0x72c27f1387a8, p=0x72c26c11f028, sock=0x72c26c11f0b0, cs=0x72c26c11f2b0, my_child_num=0, my_thread_num=25) at event.c:1238 #20 0x1d2d6f380920 in worker_thread (thd=0x72c27f1387a8, dummy=0x72c278002f50) at event.c:2179 #21 0x1d2d6f299a78 in thread_start (thread=0x72c27f1387a8, data=0x72c27f138798) at util.c:3208 #22 0x72c28fc30ea7 in start_thread (arg=) at pthread_create.c:477 #23 0x72c28fb50a2f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 (gdb) dump_table r->headers_out [0] 'Last-Modified'='Wed, 28 Nov 2018 20:17:41 GMT' … (gdb) dump_table r->headers_in [0] 'Cannot access memory at address 0x72c26c0ea428 Please let me know if I can collect and provide any other useful information. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66539] Crash in mod_log_config when using the new mod_http2 in httpd-2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66539 --- Comment #6 from Stefan Eissing --- Can't wrap my head around that. As you noted, the patch that resolved the issue for you is part of the 2.5.57 release. Excuse me double verifying: are you sure you look at a core from 2.5.57? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66539] Crash in mod_log_config when using the new mod_http2 in httpd-2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66539 --- Comment #7 from Stefan Eissing --- 2.4.57, I meant. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66539] Crash in mod_log_config when using the new mod_http2 in httpd-2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66539 --- Comment #8 from Ruediger Pluem --- What looks strange to me is that in your latest stacktrace the debug information for mod_http2.so is missing whereas it is available for the remainder of httpd. Are you sure you use the mod_http2.so from 2.4.57? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66440] The maximum effective value of SSLSessionCacheTimeout is 3600
https://bz.apache.org/bugzilla/show_bug.cgi?id=66440 Aaron Ogburn changed: What|Removed |Added CC||aogb...@redhat.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66563] New: REQUEST_URI characters are not URL encoded when used within RewriteRule
https://bz.apache.org/bugzilla/show_bug.cgi?id=66563
Bug ID: 66563
Summary: REQUEST_URI characters are not URL encoded when used
within RewriteRule
Product: Apache httpd-2
Version: 2.4.56
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_rewrite
Assignee: bugs@httpd.apache.org
Reporter: mazer1...@gmail.com
Target Milestone: ---
When REQUEST_URI is used within a mod_rewrite RewriteRule such as:
RewriteRule "^/dev/test/(.*)$" "/search?q=$1&origin=%{REQUEST_URI}"
[B,PT,L,QSA]
RewriteRule "^/dev/test2/(.*)$" "/search?q=$1" [B,PT,L,QSA]
The REQUEST_URI portion does not appear to be correctly escaped. As a result,
starting with httpd 2.4.57, the following fails with 403 Forbidden due to the
newly introduced restrictions on spaces in the mapped target URL for
RewriteRules:
/dev/test/foo%20bar (ERROR: 403. Log message includes "AH10410: Rewritten
query string contains control characters or spaces")
whereas
/srb/test2/foo%20bar works as expected (200)
Although I only tested %{REQUEST_URI} in this context, I suspect that other
mod_rewrite Server-Variables are likely affected as well.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66563] REQUEST_URI characters are not URL encoded when used within RewriteRule
https://bz.apache.org/bugzilla/show_bug.cgi?id=66563 Eric Covener changed: What|Removed |Added Status|NEW |NEEDINFO Version|2.4.56 |2.4.57 --- Comment #1 from Eric Covener --- I think it's expected/longstanding that variables other than %THE_REQUEST have already been decoded, and that [B] only affects regex back-references. For other variables I think you need something like int:escape map. There was some early discussion about allowing spaces here, but it didn't go over well. What eventually consumes this URL? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66563] REQUEST_URI characters are not URL encoded when used within RewriteRule
https://bz.apache.org/bugzilla/show_bug.cgi?id=66563
--- Comment #2 from Steven Bush ---
>> There was some early discussion about allowing spaces here, but it didn't go
>> over well. What eventually consumes this URL? <<
The original service that caused problems for us (not the stripped down sample
that I provided) is consumed by a service that internally determines it's
output based on the origin. In essence, three different services are handled
by a single implementation based on the origin path.
The problem is that mod_rewrite allows server-variables (such as REQUEST_URI)
as a substitutions within the RewriteRule target URL, but those might not be
properly URL encoded, and unlike the back references, there isn't any option to
escape the characters safely.
I was hoping I could go back to the service developer and say, "using
REQUEST_URI in this way is not supported by mod_rewrite.". However, when I
looked at the RewriteRule documentation, I found this bit of text which
unfortunately indicates that server-variables are supported:
https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html#rewriterule
>>In addition to plain text, the Substitution string can include
>>back-references ($N) to the RewriteRule pattern
>>back-references (%N) to the last matched RewriteCond pattern
>>server-variables as in rule condition test-strings (%{VARNAME})
>>mapping-function calls (${mapname:key|default})
I'll give a try to using the RewriteMap internal functions and see if that
sorts this out and I'll comment again once I have it tested.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66563] REQUEST_URI characters are not URL encoded when used within RewriteRule
https://bz.apache.org/bugzilla/show_bug.cgi?id=66563
--- Comment #3 from Steven Bush ---
Ok, that worked successfully. I was able to get it working with:
RewriteMap esc int:escape
RewriteRule "^/dev/test/(.*)$" "/search?q=$1&origin=${esc:%{REQUEST_URI}}"
[B,PT,L,QSA]
I would suggest perhaps adding some text to the mod_rewrite documentation for
RewriteRule, but otherwise this issue can be closed.
Something along these lines for the docs:
EXISTING:
In addition to plain text, the Substitution string can include
back-references ($N) to the RewriteRule pattern
back-references (%N) to the last matched RewriteCond pattern
server-variables as in rule condition test-strings (%{VARNAME})
mapping-function calls (${mapname:key|default})
Back-references are identifiers of the form $N (N=0..9), which will be replaced
by the contents of the Nth group of the matched Pattern. The server-variables
are the same as for the TestString of a RewriteCond directive. The
mapping-functions come from the RewriteMap directive and are explained there.
These three types of variables are expanded in the order above.
PROPOSED: Although the B and related flags escape back-references,
server-variables are not similarly escaped. Instead, use the RewriteMap
internal functions to escape the server-variables as needed.
Meanwhile, Thank you for the quick response!
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66563] REQUEST_URI characters are not URL encoded when used within RewriteRule
https://bz.apache.org/bugzilla/show_bug.cgi?id=66563 Eric Covener changed: What|Removed |Added Status|NEEDINFO|RESOLVED Resolution|--- |WORKSFORME --- Comment #4 from Eric Covener --- Thanks for the feedback, I made a similar update where the variables are talked about and once again in the [B] flag section http://svn.apache.org/viewvc?view=revision&revision=1909075 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66539] Crash in mod_log_config when using the new mod_http2 in httpd-2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66539 --- Comment #9 from Teodor Milkov --- Hello, I apologize - it seems that during my build process, I accidentally used the external https://github.com/icing/mod_h2 instead of the built-in mod_http2. I believe this is a remnant of a past occurrence where certain bugs were only fixed in mod_h2. Moving forward, I would like to confirm if it is recommended to use the built-in mod_http2 instead of the external mod_h2? I am sorry for any time wasted on this matter. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66539] Crash in mod_log_config when using the new mod_http2 in httpd-2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66539 --- Comment #10 from Stefan Eissing --- Ah, sorry for the confusion. You hit the first time that the github version lagged behind the Apache one. The github version is meant to be the experimental cousin of the one released by apache. I will update it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 65602] Failed linking C shared library mod_md.so
https://bz.apache.org/bugzilla/show_bug.cgi?id=65602 Tần Quảng changed: What|Removed |Added Resolution|INFORMATIONPROVIDED |--- Status|RESOLVED|REOPENED --- Comment #11 from Tần Quảng --- Hello, I tried compiling the latest version (2.4.57), but this error still occurs. As I reported earlier, the cURL variables in the "CMakeLists.txt" file were declared but not assigned values, which led to this bug. I've made some changes to the "CMakeLists.txt" file that automatically finds and assigns values to cURL variables to resolve compilation errors related to this bug (without having to recompile cURL again during HTTPd compilation). Here is the link to the file "CMakeLists.txt" after I edited and successfully fixed this bug: https://pastebin.com/kCTmeUyv I also created a pull request on GitHub, if you're a maintainer, can you test and merge it? Link to pull request: https://github.com/apache/httpd/pull/356 Thank you. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2023/04/16]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content | |39748|New|Enh|2006
[Bug 66571] New: modules/mappers/config9.m4: Add 'server' directory to include path if mod_rewrite is enabled.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66571 Bug ID: 66571 Summary: modules/mappers/config9.m4: Add 'server' directory to include path if mod_rewrite is enabled. Product: Apache httpd-2 Version: 2.4.57 Hardware: PC OS: Linux Status: NEW Severity: blocker Priority: P2 Component: mod_rewrite Assignee: bugs@httpd.apache.org Reporter: valeria.pet...@spinetix.com Target Milestone: --- Created attachment 38542 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38542&action=edit modules/mappers/config9.m4: Add 'server' directory to include path if mod_rewrite is enabled. mod_rewrite requires test_char.h. Hence add /server directory to the include path for Linux systems. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66571] modules/mappers/config9.m4: Add 'server' directory to include path if mod_rewrite is enabled.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66571 Ruediger Pluem changed: What|Removed |Added Status|NEW |RESOLVED Keywords||FixedInTrunk, ||PatchAvailable Resolution|--- |LATER --- Comment #1 from Ruediger Pluem --- Thanks for the patch. I guess we did not notice, because we always build mod_log_forensic as well during our tests which already adds server to the include path. Fixed in r1909241. For Windows this was already fixed in r1908937 / r1909061. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66571] modules/mappers/config9.m4: Add 'server' directory to include path if mod_rewrite is enabled.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66571 --- Comment #2 from Ruediger Pluem --- Proposed for backport as r1909276 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2023/04/23]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content | |39748|New|Enh|2006
[Bug 66577] New: Column with null value does not collect in lua table.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66577 Bug ID: 66577 Summary: Column with null value does not collect in lua table. Product: Apache httpd-2 Version: 2.4.54 Hardware: PC OS: All Status: NEW Severity: normal Priority: P2 Component: mod_lua Assignee: bugs@httpd.apache.org Reporter: flash_...@hotmail.com Target Milestone: --- Created attachment 38545 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38545&action=edit lua file for connect to db, query and output results. Column with null value does not collect in lua table. To reproduce the result : 1. Create a testlua database, create a test table. 2. Insert few rows, some contains null values. 3. Compare output with mysql, lua. Tested with : System 1 : Package: apache2, Version: 2.4.54-1~deb11u1 System 2 : Server version: Apache/2.4.55 (Win64) Server built: Jan 15 2023 10:24:46 Distributed by: The Apache Haus Compiled with: Visual Studio 2022 (VS17) Details in attachment. Regards, TC Ang -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66577] Column with null value does not collect in lua table.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66577 TC ANG changed: What|Removed |Added CC||flash_...@hotmail.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66577] Column with null value does not collect in lua table.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66577 --- Comment #1 from TC ANG --- text/plain; charset=utf-8 result : test_DBSelect0 : -- row 1 : 1 : 3 2 : Insert date into table 3 : 2018-01-09 4 : 2018-09-15 5 : 8 -- row 2 : 1 : 4 2 : Use current date for the task 3 : 2023-04-20 4 : 2023-12-31 5 : 7 -- row 3 : 1 : 5 2 : My first task 5 : 1 -- row 4 : 1 : 6 2 : It is the second task 5 : 2 -- row 5 : 1 : 7 2 : This is the third task of the week 5 : 3 == == test_DBSelect1 : -- row 1 : task_id : 4 priority : 7 title : Use current date for the task start_date : 2023-04-20 due_date : 2023-12-31 -- row 2 : task_id : 5 priority : 1 title : My first task -- row 3 : task_id : 6 priority : 2 title : It is the second task -- row 4 : task_id : 7 priority : 3 title : This is the third task of the week == == test_PrepareSelect : -- row 1 : 1 : 1 = 1 1 : 2 = Learn MySQL INSERT Statement 1 : 5 = 9 -- row 2 : 2 : 1 = 2 2 : 2 = Understanding DEFAULT keyword in INSERT statement 2 : 5 = 3 -- row 3 : 3 : 1 = 3 3 : 2 = Insert date into table 3 : 3 = 2018-01-09 3 : 4 = 2018-09-15 3 : 5 = 8 -- row 4 : 4 : 1 = 4 4 : 2 = Use current date for the task 4 : 3 = 2023-04-20 4 : 4 = 2023-12-31 4 : 5 = 7 -- row 5 : 5 : 1 = 5 5 : 2 = My first task 5 : 5 = 1 -- row 6 : 6 : 1 = 6 6 : 2 = It is the second task 6 : 5 = 2 -- row 7 : 7 : 1 = 7 7 : 2 = This is the third task of the week 7 : 5 = 3 == == test_PrepareSelectN : statement:select() table, err nil -- row 1 : 1 : 1 = 3 1 : 2 = Insert date into table 1 : 3 = 2018-01-09 1 : 4 = 2018-09-15 1 : 5 = 8 -- row 2 : 2 : 1 = 4 2 : 2 = Use current date for the task 2 : 3 = 2023-04-20 2 : 4 = 2023-12-31 2 : 5 = 7 -- row 3 : 3 : 1 = 5 3 : 2 = My first task 3 : 5 = 1 -- row 4 : 4 : 1 = 6 4 : 2 = It is the second task 4 : 5 = 2 -- row 5 : 5 : 1 = 7 5 : 2 = This is the third task of the week 5 : 5 = 3 == == -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66577] Column with null value does not collect in lua table.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66577 --- Comment #2 from TC ANG --- MariaDB [testlua]> select * from tasks; +-+---+++--+-+ | task_id | title | start_date | due_date | priority | description | +-+---+++--+-+ | 1 | Learn MySQL INSERT Statement | NULL | NULL |9 | NULL| | 2 | Understanding DEFAULT keyword in INSERT statement | NULL | NULL |3 | NULL| | 3 | Insert date into table| 2018-01-09 | 2018-09-15 |8 | NULL| | 4 | Use current date for the task | 2023-04-20 | 2023-12-31 |7 | NULL| | 5 | My first task | NULL | NULL |1 | NULL| | 6 | It is the second task | NULL | NULL |2 | NULL| | 7 | This is the third task of the week| NULL | NULL |3 | NULL| +-+---+++--+-+ 7 rows in set (0.001 sec) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 65693] balancer-manager‘s edit function won't work when ProxySet nonce=None
https://bz.apache.org/bugzilla/show_bug.cgi?id=65693 jacob.h...@e-hps.com changed: What|Removed |Added CC||jacob.h...@e-hps.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 63300] mod_status lists BusyWorkers IdleWorkers keys twice
https://bz.apache.org/bugzilla/show_bug.cgi?id=63300 --- Comment #6 from Tomas Korbar --- Hi guys, Any plan to fix this? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 63300] mod_status lists BusyWorkers IdleWorkers keys twice
https://bz.apache.org/bugzilla/show_bug.cgi?id=63300 --- Comment #7 from Rainer Jung --- I just added a fix for trunk in 1909429 and plan to suggest it for backport. The changelog item would be: mod_status: Remove duplicate keys "BusyWorkers" and "IdleWorkers". Resolve inconsistency between the previous two occurrences by counting workers in state SERVER_GRACEFUL no longer as busy, but instead in a new counter "GracefulWorkers" (or on HTML view as "workers gracefully restarting"). Also add the graceful counter as a new column to the existing HTML per process table for async MPMs. That should explain, how I resolved it. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 63300] mod_status lists BusyWorkers IdleWorkers keys twice
https://bz.apache.org/bugzilla/show_bug.cgi?id=63300 --- Comment #8 from Rainer Jung --- See also: https://svn.apache.org/viewvc?view=revision&revision=r1909429 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66578] New: pkg-config along ... checking for rustls version >= 0.8.2... FAILED
https://bz.apache.org/bugzilla/show_bug.cgi?id=66578 Bug ID: 66578 Summary: pkg-config along ... checking for rustls version >= 0.8.2... FAILED Product: Apache httpd-2 Version: 2.4.57 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Build Assignee: bugs@httpd.apache.org Reporter: davideperone1...@gmail.com Target Milestone: --- running this command ./configure --enable-ssl --enable-so --with-mpm=event --with-included-apr --prefix=/etc/httpd checking for rustls... checking for user-provided rustls base directory... none checking for pkg-config along ... checking for rustls version >= 0.8.2... FAILED no i've tried to install it with cargo install rustls with no success -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66499] 302 redirects when the :scheme header does not match the connection type
https://bz.apache.org/bugzilla/show_bug.cgi?id=66499 --- Comment #2 from Doug Tabacco --- Yeah while not *technically* a bug this appears to be an unexpected behavior change for cases where Apache is fronted by a reverse proxy handling TLS termination. Among other things, this causes the value of the REQUEST_URI variable sent by mod_proxy_fcgi to be different from versions of Apache prior to 2.4.55. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66578] pkg-config along ... checking for rustls version >= 0.8.2... FAILED
https://bz.apache.org/bugzilla/show_bug.cgi?id=66578 davideperone1...@gmail.com changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |CLOSED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66579] New: pkg-config along ... checking for rustls version >= 0.8.2... FAILED
https://bz.apache.org/bugzilla/show_bug.cgi?id=66579 Bug ID: 66579 Summary: pkg-config along ... checking for rustls version >= 0.8.2... FAILED Product: Apache httpd-2 Version: 2.4.57 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Build Assignee: bugs@httpd.apache.org Reporter: davideperone1...@gmail.com Target Milestone: --- running this command ./configure --enable-ssl --enable-so --with-mpm=event --with-included-apr --prefix=/etc/httpd checking for rustls... checking for user-provided rustls base directory... none checking for pkg-config along ... checking for rustls version >= 0.8.2... FAILED no i've tried to install it with cargo install rustls with no success -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66580] New: url contain %25(encoded for %) in path, httpd will return 400(bad request) if set AllowEncodedSlashes NoDecode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66580
Bug ID: 66580
Summary: url contain %25(encoded for %) in path, httpd will
return 400(bad request) if set AllowEncodedSlashes
NoDecode
Product: Apache httpd-2
Version: 2.4.57
Hardware: PC
OS: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_proxy
Assignee: bugs@httpd.apache.org
Reporter: yongqiang@nokia-sbell.com
Target Milestone: ---
Hi, we met a problem that if our url contain %25(encoded %) in path, then httpd
which act as a reverse proxy server will return 400(bad request) to client
after we upgrade to httpd-2.4.57, we use the flag AllowEncodedSlashes as
NoDecode to enable the slashes not decoded by httpd.
Below steps is about how to produce this problem:
I test it with manually with apache official docker image: httpd: 2.4.57, below
is my test steps:
1. Start a container from this image:
docker create --name apache -p 8080:80 httpd:2.4.57
docker start apache
2. Attach in to it and edit the httpd.conf
docker exec -ti apache bash
# add the configuration to file /usr/local/apache2/conf/httpd.conf
LogLevel debug
AllowEncodedSlashes NoDecode
# load proxy module
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
# include the proxy configuration
Include conf/extra/httpd-proxy.conf
3. Add a new configuration httpd-proxy.conf
# add new configuration file to /usr/local/apache2/conf/extra/
$ cat conf/extra/httpd-proxy.conf
# Proxy the requests to the backend server
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
4. Start a simple python http server like below
# cat app.py
from bottle import Bottle, response
app = Bottle()
@app.route('/api')
def hello_world():
response.content_type = 'application/json'
return '{"message": "Hello, World!"}'
if __name__ == '__main__':
app.run(debug=True)
5. Reload httpd
Kill -s SIGHUP 1
6. Send request via curl
$ curl http://localhost:80/%25x
400 Bad Request
Bad Request
Your browser sent a request that this server could not understand.
But this request can reach to endpoint, this 404 is returned by endpoint server
# curl http://localhost:80/%20x
Error: 404 Not Found
html {background-color: #eee; font-family: sans;}
body {background-color: #fff; border: 1px solid #ddd;
padding: 15px; margin: 15px;}
pre {background-color: #eee; border: 1px solid #ddd; padding:
5px;}
Error: 404 Not Found
Sorry, the requested URL
'http://localhost/%20x';
caused an error:
Not found: '/ x'
I also try to revert the changes in httpd-2.4.57, I found the problem is in
this change:
https://github.com/apache/httpd/commit/9b8cf1746bb004050b02a30bf0222479fbe405c2
When I revert this change, then the problem was gone.
I think this maybe is a bug for mod_proxy introduced by this change.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66580] url contain %25(encoded for %) in path, httpd will return 400(bad request) if set AllowEncodedSlashes NoDecode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66580 --- Comment #1 from Liu Yongqiang --- Created attachment 38546 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38546&action=edit Producing steps -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66580] url contain %25(encoded for %) in path, httpd will return 400(bad request) if set AllowEncodedSlashes NoDecode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66580 --- Comment #2 from Ruediger Pluem --- Created attachment 38547 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38547&action=edit Possible fix Does the attached patch fix your issue? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66580] url contain %25(encoded for %) in path, httpd will return 400(bad request) if set AllowEncodedSlashes NoDecode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66580 Ruediger Pluem changed: What|Removed |Added Status|NEW |NEEDINFO -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66580] url contain %25(encoded for %) in path, httpd will return 400(bad request) if set AllowEncodedSlashes NoDecode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66580 --- Comment #3 from Liu Yongqiang --- (In reply to Ruediger Pluem from comment #2) > Created attachment 38547 [details] > Possible fix > > Does the attached patch fix your issue? Yes, I tested your patch, and indeed it works, thanks. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66583] New: The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 Bug ID: 66583 Summary: The Apache2.4.57 service crash with php7.3 Every few days Product: Apache httpd-2 Version: 2.4.57 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: yl01152...@qq.com Target Milestone: --- Created attachment 38548 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38548&action=edit errorlog Problem phenomenon: The Apache service may experience process crashes every few days during operation server information uname -a Linux iZ6we4qu9q6rspmmez6kjpZ 4.19.91-27.1.al7.x86_64 #1 SMP Tue Feb 21 11:41:32 CST 2023 x86_64 x86_64 x86_64 GNU/Linux apachectl -v Server version: Apache/2.4.57 (codeit) Server built: Apr 6 2023 17:31:51 apachectl -V Server version: Apache/2.4.57 (codeit) Server built: Apr 6 2023 17:31:51 Server's Module Magic Number: 20120211:127 Server loaded: APR 1.7.2, APR-UTIL 1.6.3, PCRE 10.23 2017-02-14 Compiled using: APR 1.7.2, APR-UTIL 1.6.3, PCRE 10.23 2017-02-14 Architecture: 64-bit Server MPM: prefork threaded: no forked: yes (variable process count) Server compiled with -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_PROC_PTHREAD_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=256 -D HTTPD_ROOT="/etc/httpd" -D SUEXEC_BIN="/usr/sbin/suexec" -D DEFAULT_PIDLOG="run/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" apachectl -M Loaded Modules: core_module (static) so_module (static) http_module (static) cloudflare_module (shared) access_compat_module (shared) actions_module (shared) alias_module (shared) allowmethods_module (shared) auth_basic_module (shared) auth_digest_module (shared) authn_anon_module (shared) authn_core_module (shared) authn_dbd_module (shared) authn_dbm_module (shared) authn_file_module (shared) authn_socache_module (shared) authz_core_module (shared) authz_dbd_module (shared) authz_dbm_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_owner_module (shared) authz_user_module (shared) autoindex_module (shared) brotli_module (shared) cache_module (shared) cache_disk_module (shared) cache_socache_module (shared) data_module (shared) dbd_module (shared) deflate_module (shared) dir_module (shared) dumpio_module (shared) echo_module (shared) env_module (shared) expires_module (shared) ext_filter_module (shared) filter_module (shared) headers_module (shared) include_module (shared) info_module (shared) log_config_module (shared) logio_module (shared) macro_module (shared) mime_magic_module (shared) mime_module (shared) negotiation_module (shared) remoteip_module (shared) reqtimeout_module (shared) request_module (shared) rewrite_module (shared) setenvif_module (shared) slotmem_plain_module (shared) slotmem_shm_module (shared) socache_dbm_module (shared) socache_memcache_module (shared) socache_redis_module (shared) socache_shmcb_module (shared) status_module (shared) substitute_module (shared) suexec_module (shared) unique_id_module (shared) unixd_module (shared) userdir_module (shared) version_module (shared) vhost_alias_module (shared) watchdog_module (shared) dav_module (shared) dav_fs_module (shared) dav_lock_module (shared) lua_module (shared) mpm_prefork_module (shared) proxy_module (shared) lbmethod_bybusyness_module (shared) lbmethod_byrequests_module (shared) lbmethod_bytraffic_module (shared) lbmethod_heartbeat_module (shared) proxy_ajp_module (shared) proxy_balancer_module (shared) proxy_connect_module (shared) proxy_express_module (shared) proxy_fcgi_module (shared) proxy_fdpass_module (shared) proxy_ftp_module (shared) proxy_http_module (shared) proxy_hcheck_module (shared) proxy_scgi_module (shared) proxy_uwsgi_module (shared) proxy_wstunnel_module (shared) ssl_module (shared) systemd_module (shared) cgi_module (shared) php7_module (shared) apache coredump files download: https://chnprice-jp.oss-ap-northeast-1.aliyuncs.com/apache_log/core_20230427/httpd.core.11.11880.iZ6we7o48f3b3nwwdixy2iZ.1682586846 coredump gdb informaition: gdb -c httpd.core.11.11880.iZ6we7o48f3b3nwwdixy2iZ.1682586846 GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-120.1.al7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and re
[Bug 66583] The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 --- Comment #1 from jackyang --- /usr/src/debug/httpd-2.4.57/server/main.c 835 apr_pool_destroy(ptemp); 836 apr_pool_lock(pconf, 1); 837 838 ap_run_optional_fn_retrieve(); 839 840 ap_main_state = AP_SQ_MS_RUN_MPM; 841 rc = ap_run_mpm(pconf, plog, ap_server_conf); -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66580] url contain %25(encoded for %) in path, httpd will return 400(bad request) if set AllowEncodedSlashes NoDecode
https://bz.apache.org/bugzilla/show_bug.cgi?id=66580 Ruediger Pluem changed: What|Removed |Added Keywords||FixedInTrunk, ||PatchAvailable Status|NEEDINFO|RESOLVED Resolution|--- |LATER --- Comment #4 from Ruediger Pluem --- Committed to trunk as r1909464. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 43666] CGI works, but client denied error messages in error.log
https://bz.apache.org/bugzilla/show_bug.cgi?id=43666 --- Comment #4 from Viktor Štujber --- The issue is caused by server/util_script.c::ap_add_cgi_vars(). At the end, it needs to define the variable "PATH_TRANSLATED", as required by https://www.rfc-editor.org/rfc/rfc3875#section-4.1.6 - by tacking on the cgi subpath to DocumentRoot, even though the result is a nonsensical path that doesn't exist. To achieve this, it calls server/request.c::ap_sub_req_lookup_uri(), lets it do its thing, and just picks up the computed 'filename' from the result. The fact that this call is actually trying to access the fake path, and is tripping security checks as it does so, makes me suspect it is not the most appropriate tool for the job. Reproduces on a default httpd install on ubuntu, freebsd, windows. Reproduces with mod_cgi and mod_wsgi. Requires only minimal edits: 1. edit httpd.conf - comment out 'Require all granted' from default DocumentRoot directory. 2. edit httpd.conf - append "ScriptAlias /test /tmp/test.cgi" "Require all granted". 3. wget http://localhost/test/whatever 4. [authz_core:error] [pid 1861] [client 127.0.0.1:20266] AH01630: client denied by server configuration: /usr/local/www/apache24/test/whatever The call stack looks like this for httpd 2.4.57: 1. ap_log_rerror_(file="mod_authz_core.c", int line=879, module_index=6, level=3, status=0, r=0x00bc2f00, fmt="AH01630...", ...) in server/log.c(1366) 2. authorize_user_core(r=0x00bc2f00, int after_authn=0) in modules/aaa/mod_authz_core.c(879) 3. authorize_userless(r=0x00bc2f00) in modules/aaa/mod_authz_core.c(916) 4. ap_run_access_checker_ex(r=0x00bc2f00) in server/request.c(92) 5. ap_process_request_internal(r=0x00bc2f00) in server/request.c(339) 6. ap_sub_req_method_uri(method="GET", new_uri="/test", r=0x00bbeaf0, next_filter=NULL) in server/request.c(2289) 7. ap_sub_req_lookup_uri(new_uri="/test", r=0x00bbeaf0, next_filter=NULL) in server/request.c(2301) 8. ap_add_cgi_vars(r=0x00bbeaf0) in server/util_script.c(432) 9. cgi_handler(r=0x00bbeaf0) in modules/generators/mod_cgi.c(805) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66583] The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 --- Comment #2 from jackyang --- (In reply to jackyang from comment #0) > Created attachment 38548 [details] > errorlog > > Problem phenomenon: The Apache service may experience process crashes every > few days during operation > > server information > > uname -a > Linux iZ6we4qu9q6rspmmez6kjpZ 4.19.91-27.1.al7.x86_64 #1 SMP Tue Feb 21 > 11:41:32 CST 2023 x86_64 x86_64 x86_64 GNU/Linux > > apachectl -v > Server version: Apache/2.4.57 (codeit) > Server built: Apr 6 2023 17:31:51 > > apachectl -V > Server version: Apache/2.4.57 (codeit) > Server built: Apr 6 2023 17:31:51 > Server's Module Magic Number: 20120211:127 > Server loaded: APR 1.7.2, APR-UTIL 1.6.3, PCRE 10.23 2017-02-14 > Compiled using: APR 1.7.2, APR-UTIL 1.6.3, PCRE 10.23 2017-02-14 > Architecture: 64-bit > Server MPM: prefork > threaded: no > forked: yes (variable process count) > Server compiled with > -D APR_HAS_SENDFILE > -D APR_HAS_MMAP > -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) > -D APR_USE_PROC_PTHREAD_SERIALIZE > -D APR_USE_PTHREAD_SERIALIZE > -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT > -D APR_HAS_OTHER_CHILD > -D AP_HAVE_RELIABLE_PIPED_LOGS > -D DYNAMIC_MODULE_LIMIT=256 > -D HTTPD_ROOT="/etc/httpd" > -D SUEXEC_BIN="/usr/sbin/suexec" > -D DEFAULT_PIDLOG="run/httpd.pid" > -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" > -D DEFAULT_ERRORLOG="logs/error_log" > -D AP_TYPES_CONFIG_FILE="conf/mime.types" > -D SERVER_CONFIG_FILE="conf/httpd.conf" > > apachectl -M > Loaded Modules: > core_module (static) > so_module (static) > http_module (static) > cloudflare_module (shared) > access_compat_module (shared) > actions_module (shared) > alias_module (shared) > allowmethods_module (shared) > auth_basic_module (shared) > auth_digest_module (shared) > authn_anon_module (shared) > authn_core_module (shared) > authn_dbd_module (shared) > authn_dbm_module (shared) > authn_file_module (shared) > authn_socache_module (shared) > authz_core_module (shared) > authz_dbd_module (shared) > authz_dbm_module (shared) > authz_groupfile_module (shared) > authz_host_module (shared) > authz_owner_module (shared) > authz_user_module (shared) > autoindex_module (shared) > brotli_module (shared) > cache_module (shared) > cache_disk_module (shared) > cache_socache_module (shared) > data_module (shared) > dbd_module (shared) > deflate_module (shared) > dir_module (shared) > dumpio_module (shared) > echo_module (shared) > env_module (shared) > expires_module (shared) > ext_filter_module (shared) > filter_module (shared) > headers_module (shared) > include_module (shared) > info_module (shared) > log_config_module (shared) > logio_module (shared) > macro_module (shared) > mime_magic_module (shared) > mime_module (shared) > negotiation_module (shared) > remoteip_module (shared) > reqtimeout_module (shared) > request_module (shared) > rewrite_module (shared) > setenvif_module (shared) > slotmem_plain_module (shared) > slotmem_shm_module (shared) > socache_dbm_module (shared) > socache_memcache_module (shared) > socache_redis_module (shared) > socache_shmcb_module (shared) > status_module (shared) > substitute_module (shared) > suexec_module (shared) > unique_id_module (shared) > unixd_module (shared) > userdir_module (shared) > version_module (shared) > vhost_alias_module (shared) > watchdog_module (shared) > dav_module (shared) > dav_fs_module (shared) > dav_lock_module (shared) > lua_module (shared) > mpm_prefork_module (shared) > proxy_module (shared) > lbmethod_bybusyness_module (shared) > lbmethod_byrequests_module (shared) > lbmethod_bytraffic_module (shared) > lbmethod_heartbeat_module (shared) > proxy_ajp_module (shared) > proxy_balancer_module (shared) > proxy_connect_module (shared) > proxy_express_module (shared) > proxy_fcgi_module (shared) > proxy_fdpass_module (shared) > proxy_ftp_module (shared) > proxy_http_module (shared) > proxy_hcheck_module (shared) > proxy_scgi_module (shared) > proxy_uwsgi_module (shared) > proxy_wstunnel_module (shared) > ssl_module (shared) > systemd_module (shared) > cgi_module (shared) > php7_module (shared) > > apache coredump files download: > > coredump gdb informaition: > gdb -c httpd.core.11.11880.iZ6we7o48f3b3nwwdixy2iZ.1682586846 > GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-120.1.al7 > Copyright (C) 2013 Free Sof
[Bug 66583] The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 --- Comment #3 from Stefan Eissing --- If might be worth it checking with php. The 8.x release, for example, fixed a crash occuring with a recent httpd. See https://github.com/php/php-src/issues/10737 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66583] The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 jackyang changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |CLOSED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66583] The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 jackyang changed: What|Removed |Added Status|RESOLVED|CLOSED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66583] The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 jackyang changed: What|Removed |Added Resolution|CLOSED |INFORMATIONPROVIDED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66583] The Apache2.4.57 service crash with php7.3 Every few days
https://bz.apache.org/bugzilla/show_bug.cgi?id=66583 jackyang changed: What|Removed |Added Status|CLOSED |REOPENED Resolution|INFORMATIONPROVIDED |--- -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66499] 302 redirects when the :scheme header does not match the connection type
https://bz.apache.org/bugzilla/show_bug.cgi?id=66499 Doug Tabacco changed: What|Removed |Added CC||taba...@dougtabacco.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66417] Unable to restart the hosts due to slotmem issue in RH OS
https://bz.apache.org/bugzilla/show_bug.cgi?id=66417 --- Comment #2 from Sahithi Adduri --- tried various code fixes, but seemed unable to completely solve the issue. There is some speculation that the underlying kernel code that Apache relies on to clear shared memory may “fail silently”. So, we are possibly hitting a known bug in the Apache code or kernel bug, that only happens when there are a large number of shared memory segments that are deleted and re-created very quickly. This is true even in the more recent Apache release we are using: 2.4.54 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2023/04/30]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content | |39748|New|Enh|2006
[Bug 58467] Environment Variables in ProxyHTMLURLMap produces Warnings
https://bz.apache.org/bugzilla/show_bug.cgi?id=58467 Stefan G changed: What|Removed |Added Status|NEW |NEEDINFO --- Comment #8 from Stefan G --- I just stumbled upon this bug again. When will the fix hit the production version? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 59744] AH00717: Premature end of cache headers
https://bz.apache.org/bugzilla/show_bug.cgi?id=59744 --- Comment #6 from MASUREL Francois --- We observe the same errors in our Apache logs when our site is under heavy load. These missing headers seem to have our users see the HTML code in their browser instead of the rendered page. It's a bit annoying. We have no idea how it could be fixed sadly. Any help will be greatly appreciated. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 58467] Environment Variables in ProxyHTMLURLMap produces Warnings
https://bz.apache.org/bugzilla/show_bug.cgi?id=58467 Stefan G changed: What|Removed |Added Attachment #35617|0 |1 is obsolete|| CC||s.grei...@cadenas.de --- Comment #9 from Stefan G --- Created attachment 38552 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38552&action=edit possible fix I created a pull request on GitHub similar to the provided candidate fix. Maybe it gets accepted and we can close this bug after 8 years. Also I changed the docs in that PR. https://github.com/apache/httpd/pull/358 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 58467] Environment Variables in ProxyHTMLURLMap produces Warnings
https://bz.apache.org/bugzilla/show_bug.cgi?id=58467 Stefan G changed: What|Removed |Added Status|NEEDINFO|NEW -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 58467] Environment Variables in ProxyHTMLURLMap produces Warnings
https://bz.apache.org/bugzilla/show_bug.cgi?id=58467 Stefan G changed: What|Removed |Added Attachment #38552|0 |1 is obsolete|| --- Comment #10 from Stefan G --- Created attachment 38553 --> https://bz.apache.org/bugzilla/attachment.cgi?id=38553&action=edit backward compatible fix -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66594] New: Largest Contentful Paint for loading pages is poor
https://bz.apache.org/bugzilla/show_bug.cgi?id=66594 Bug ID: 66594 Summary: Largest Contentful Paint for loading pages is poor Product: Apache httpd-2 Version: 2.4.57 Hardware: PC URL: https://rutasindonesia.viajes/ Status: UNCONFIRMED Severity: normal Priority: P2 Component: mod_authn_core Assignee: bugs@httpd.apache.org Reporter: martacoll...@gmail.com Target Milestone: --- -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66594] Largest Contentful Paint for loading pages is poor
https://bz.apache.org/bugzilla/show_bug.cgi?id=66594 Eric Covener changed: What|Removed |Added Resolution|--- |INVALID OS||All Status|UNCONFIRMED |RESOLVED -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2023/05/07]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content | |39748|New|Enh|2006
[Bug 66596] New: Query parameter ($1) is not passed right, by an if statement and a proxy pass.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66596 Bug ID: 66596 Summary: Query parameter ($1) is not passed right, by an if statement and a proxy pass. Product: Apache httpd-2 Version: 2.4.41 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: lucas.hahm...@alta4.com Target Milestone: --- Component: Core Feature OS: Ubuntu 20.04.5 LTS (Focal Fossa) Summary: Query parameter ($1) is not passed right, by an if statement and a proxy pass. Description: We have a virtual host with the name "jira.alta4.com". This config was cut, full config at the end: ServerName some.url RewriteEngine On RewriteRule ^/?(.*) https://some.external.url/$1 [R=permanent,L] ProxyPass / http://some.internal.system:8080/ ProxyPassReverse / http://some.internal.system:8080/ If a request coming from one specific IP Adress, we want to ProxyPass it. All other requests must be routed to an external address. When i run this config, the value of $1 is set to /proxy:http://some.internal.system:8080/ and not to the original query "/test". Server built: 2022-06-14T13:30:55 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66597] New: HTTP/2 chunk requests conflict with proxy-sendcl option in mod_proxy_fcgi
https://bz.apache.org/bugzilla/show_bug.cgi?id=66597
Bug ID: 66597
Summary: HTTP/2 chunk requests conflict with proxy-sendcl
option in mod_proxy_fcgi
Product: Apache httpd-2
Version: 2.4.57
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy_fcgi
Assignee: bugs@httpd.apache.org
Reporter: dreamt_catsup...@simplelogin.com
Target Milestone: ---
In cases where an HTTP/2 request is chunked (sent without a CONTENT_LENGTH
header but with the END_STREAM flag (RFC 7540)).
In cases where the proxy-sendcl env variable is set:
"HTTP/1.0 required all HTTP requests that include a body (e.g. POST requests)
to include a Content-Length header. This environment variable forces the Apache
proxy to send this header to the backend server, regardless of what the Client
sent to the proxy..."
mod_proxy_fcgi also chunks the body. This can cause problems for the PHP-FPM
back-end, which is not expecting chunk fields since the content length is
specified.
It looks a side effect of https://bz.apache.org/bugzilla/show_bug.cgi?id=57087
It can easily be reproduce:
curl -v -k -H 'Content-Length:' --http2 -X POST https://127.0.0.1/ -d
'{"thisis":"atest"}'
The FCGI_STDIN will look:
12
{"thisis":"atest"}
0
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66537] large request serving times logged since upgrade to 2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66537 --- Comment #1 from Teodor Milkov --- I've experimented a bit with h2c, a straightforward HTTP/2 command-line client. This tool allows you to open a persistent connection (connect), send requests, and then close it (disconnect). I ran some tests using both the new Apache 2.4.57 and the older 2.4.54. Interestingly, there seems to have been a shift in the login behavior. Here's how I tested: I opened an HTTP/2 connection (connect), sent GET requests to a script that echoes and induces sleep between requests, and finally closed the connection (disconnect). With the older Apache version, every request within a connection was logged immediately, and the service time (%D) in access_log was approximately 1.5ms. However, with the new Apache, each request was logged either upon disconnect or when the next request was submitted within the same connection. Here, the service time (%D) in access_log included both the service time and idle time between the previous and the current request, or to disconnect. Notably, the timestamp of the request submission (%t) was logged correctly. Moreover, in a connect/get/disconnect scenario, the older Apache version logged %D at around 1.5ms, while the new Apache version logged a notably higher time of about 6.5ms. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66537] large request serving times logged since upgrade to 2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66537 --- Comment #2 from Stefan Eissing --- Thanks for the report. Will look into the issue. >From what I cant tell, the new mod_http2 does not seem to cleanup finished requests as timely as before. And the cleanup causes the access log to be written and the time counted. It seems cleanup sometimes happens after the *next* activity on the connection, which then gives overlong run times and late access logging. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66537] large request serving times logged since upgrade to 2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66537 --- Comment #3 from Stefan Eissing --- Opened <https://github.com/icing/mod_h2/issues/253> for this. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66537] large request serving times logged since upgrade to 2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66537 --- Comment #4 from Stefan Eissing --- Please see <https://github.com/icing/mod_h2/pull/254> for a fix. I reproduced the wrong behaviour in a test case. Hope this works in your environments too. Could you verify? Thanks. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66537] large request serving times logged since upgrade to 2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66537 Stefan Eissing changed: What|Removed |Added Status|NEW |NEEDINFO -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66597] HTTP/2 chunk requests conflict with proxy-sendcl option in mod_proxy_fcgi
https://bz.apache.org/bugzilla/show_bug.cgi?id=66597 dreamt_catsup403 changed: What|Removed |Added CC||dreamt_catsup403@simplelogi ||n.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66463] Socket Stuck on: proxy_fcgi:error (104)Connection reset by peer:
https://bz.apache.org/bugzilla/show_bug.cgi?id=66463 m...@danilo1984.com changed: What|Removed |Added CC||m...@danilo1984.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66537] large request serving times logged since upgrade to 2.4.56
https://bz.apache.org/bugzilla/show_bug.cgi?id=66537 Stefan Eissing changed: What|Removed |Added Resolution|--- |FIXED Status|NEEDINFO|RESOLVED --- Comment #5 from Stefan Eissing --- Fixed in r1909769 and proposed to backport to 2.4.x -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66499] 302 redirects when the :scheme header does not match the connection type
https://bz.apache.org/bugzilla/show_bug.cgi?id=66499 Stefan Eissing changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #3 from Stefan Eissing --- Fixed in r1909769 and proposed to backport to 2.4.x -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66599] New: DOS / Memory OOM from .htaccess
https://bz.apache.org/bugzilla/show_bug.cgi?id=66599
Bug ID: 66599
Summary: DOS / Memory OOM from .htaccess
Product: Apache httpd-2
Version: 2.4.57
Hardware: PC
OS: Linux
Status: NEW
Severity: major
Priority: P2
Component: Core
Assignee: bugs@httpd.apache.org
Reporter: respo...@ifastnet.com
Target Milestone: ---
Hi All,
This was highlighted from a clients site, he had a htaccess file containing
-
Header set Cache-Control "no-store"
RewriteEngine On
RewriteBase /
# If there are caps, set HASCAPS to true and skip next rule
RewriteRule [A-Z] - [E=HASCAPS:TRUE,S=1]
# Skip this entire section if no uppercase letters in requested URL
RewriteRule ![A-Z] - [S=28]
# Replace single occurance of CAP with cap, then process next Rule.
RewriteRule ^([^A]*)A(.*)$ $1a$2
RewriteRule ^([^B]*)B(.*)$ $1b$2
RewriteRule ^([^C]*)C(.*)$ $1c$2
RewriteRule ^([^D]*)D(.*)$ $1d$2
RewriteRule ^([^E]*)E(.*)$ $1e$2
RewriteRule ^([^F]*)F(.*)$ $1f$2
RewriteRule ^([^G]*)G(.*)$ $1g$2
RewriteRule ^([^H]*)H(.*)$ $1h$2
RewriteRule ^([^I]*)I(.*)$ $1i$2
RewriteRule ^([^J]*)J(.*)$ $1j$2
RewriteRule ^([^K]*)K(.*)$ $1k$2
RewriteRule ^([^L]*)L(.*)$ $1l$2
RewriteRule ^([^M]*)M(.*)$ $1m$2
RewriteRule ^([^N]*)N(.*)$ $1n$2
RewriteRule ^([^O]*)O(.*)$ $1o$2
RewriteRule ^([^P]*)P(.*)$ $1p$2
RewriteRule ^([^Q]*)Q(.*)$ $1q$2
RewriteRule ^([^R]*)R(.*)$ $1r$2
RewriteRule ^([^S]*)S(.*)$ $1s$2
RewriteRule ^([^T]*)T(.*)$ $1t$2
RewriteRule ^([^U]*)U(.*)$ $1u$2
RewriteRule ^([^V]*)V(.*)$ $1v$2
RewriteRule ^([^W]*)W(.*)$ $1w$2
RewriteRule ^([^X]*)X(.*)$ $1x$2
RewriteRule ^([^Y]*)Y(.*)$ $1y$2
RewriteRule ^([^Z]*)Z(.*)$ $1z$2
# If there are any uppercase letters, restart at very first RewriteRule in
file.
RewriteRule [A-Z] - [N]
RewriteCond %{ENV:HASCAPS} TRUE
RewriteRule ^/?(.*) /$1 [R=301,L]
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^\.]+)$ $1.html [NC,L]
DirectoryIndex index.html
ErrorDocument 403 https://www.mosascollection.uk/error/403
ErrorDocument 404 https://www.mosascollection.uk/error/404
ErrorDocument 500 https://www.mosascollection.uk/error/505
ErrorDocument 503 https://www.mosascollection.uk/error/503
Options -Indexes
---
and then when making a request to the site url,
wget mosascollection.uk///wp-includes/ID3/license.txt
httpd event would sit and consume ram till server swapped out, and then oom'd
Please not the file wp-includes/ID3/license.txt did NOT exist, and the /// may
be part of the cause.
This is obviously a DOS vector, and if any more information is required please
ask.
best regards
K
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66599] DOS / Memory OOM from .htaccess
https://bz.apache.org/bugzilla/show_bug.cgi?id=66599 K changed: What|Removed |Added CC||respo...@ifastnet.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66599] DOS / Memory OOM from .htaccess
https://bz.apache.org/bugzilla/show_bug.cgi?id=66599 --- Comment #1 from K --- Hi All, Commenting out -- # Replace single occurance of CAP with cap, then process next Rule. #RewriteRule ^([^A]*)A(.*)$ $1a$2 #RewriteRule ^([^B]*)B(.*)$ $1b$2 #RewriteRule ^([^C]*)C(.*)$ $1c$2 #RewriteRule ^([^D]*)D(.*)$ $1d$2 #RewriteRule ^([^E]*)E(.*)$ $1e$2 #RewriteRule ^([^F]*)F(.*)$ $1f$2 #RewriteRule ^([^G]*)G(.*)$ $1g$2 #RewriteRule ^([^H]*)H(.*)$ $1h$2 #RewriteRule ^([^I]*)I(.*)$ $1i$2 #RewriteRule ^([^J]*)J(.*)$ $1j$2 #RewriteRule ^([^K]*)K(.*)$ $1k$2 #RewriteRule ^([^L]*)L(.*)$ $1l$2 #RewriteRule ^([^M]*)M(.*)$ $1m$2 #RewriteRule ^([^N]*)N(.*)$ $1n$2 #RewriteRule ^([^O]*)O(.*)$ $1o$2 #RewriteRule ^([^P]*)P(.*)$ $1p$2 #RewriteRule ^([^Q]*)Q(.*)$ $1q$2 #RewriteRule ^([^R]*)R(.*)$ $1r$2 #RewriteRule ^([^S]*)S(.*)$ $1s$2 #RewriteRule ^([^T]*)T(.*)$ $1t$2 #RewriteRule ^([^U]*)U(.*)$ $1u$2 #RewriteRule ^([^V]*)V(.*)$ $1v$2 #RewriteRule ^([^W]*)W(.*)$ $1w$2 #RewriteRule ^([^X]*)X(.*)$ $1x$2 #RewriteRule ^([^Y]*)Y(.*)$ $1y$2 #RewriteRule ^([^Z]*)Z(.*)$ $1z$2 - fixed the DOS, I would 'guess' that its due to the 'ID' capital ID, being in the request uri, obviously this is not expected behavior, and on a shared hosting platform where apache is used could cause some big issues. best regards K -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66599] DOS / Memory OOM from .htaccess
https://bz.apache.org/bugzilla/show_bug.cgi?id=66599 --- Comment #2 from Eric Covener --- It is hard to tell the expected behavior of the convoluted ruleset, mod_rewrite provides an internal map function to lowercase input without doing it 1 character at a time and looping with [N]. Did the behavior change? Does the rewrite trace give any idea of what's happening? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66599] DOS / Memory OOM from .htaccess
https://bz.apache.org/bugzilla/show_bug.cgi?id=66599 --- Comment #3 from K --- Hi there, Please feel free to reproduce it using the rules / request supplied, all I know at this moment is if I upload that to any shared hosting provider using apache 2.4 then it will OOM the server where ran, and is hard to identify as mod_rewrite rules are ran as the nobody / httpd / apache user. best regards K -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66597] HTTP/2 chunk requests conflict with proxy-sendcl option in mod_proxy_fcgi
https://bz.apache.org/bugzilla/show_bug.cgi?id=66597 --- Comment #1 from Yann Ylavic --- (In reply to dreamt_catsup403 from comment #0) > mod_proxy_fcgi also chunks the body. This can cause problems for the PHP-FPM > back-end, which is not expecting chunk fields since the content length is > specified. It looks like proxy-sendcl is not taken into account, how do you set it? Does it work without HTTP/2, i.e. using HTTP/1.1 only? > It looks a side effect of > https://bz.apache.org/bugzilla/show_bug.cgi?id=57087 Before v2.4.47 (r1885607) proxy-sendcl was ignored in mod_proxy_fcgi, so it's possible that this change does not work for you but it didn't really introduce a regression.. > It can easily be reproduce: Could you please attach the logs with "LogLevel trace8"? Unfortunately there seems to be no (few?) debug logs for Content-Length vs Transfer-Encoding forwarding in mod_proxy_fcgi, so this might not help much. I could provide a patch for more visibility if you compile httpd by yourself.. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 66599] DOS / Memory OOM from .htaccess
https://bz.apache.org/bugzilla/show_bug.cgi?id=66599 --- Comment #4 from K --- Hi there, Also just for your info, this used over 50GB of ram on the one 'simply' request. best regards K -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
