Ipv6 tests with build 2.0.28.

[Digambar Rasal]

Hi all,I have installed Apache beta version 2.0.28 on Linux 
machine and I am ableto ping6 with the ip address of the 
machineping6 -I eth0 fe80::260:67ff:fe36:4b0 is working.So i can 
say that my linux configuration is supporting IPv6.But when i tried to 
access default page of apache withhttp://[fe80::260:67ff:fe36:4b0] 
:80its giving no default page but if i try same with localhost i am 
gettingapache default page.is it necessary to configure something 
extra for ipv6 as my all settingsare defaultBest 
RegardsDigambar RasalControlnet India Pvt 
LtdIndia+91-832-883601

need to export status_init from mod_status/scoreboard

[Stas Bekman]

status_init() in mod_status initializes status_flags, server_limit and 
thread_limit. This is all nice for mod_status since it gets loaded 
before any threads are started. Under mod_perl Apache::Scoreboard (the 
Perl interface for scoreboard) can be loaded directly by the spawned 
threads. Therefore to avoid race condition one has to handle this with 
apr_thread_init_once, add the logic for prefork and you end up with an 
ugly code.

Can we change mod_status or scoreboard to export these variables similar 
to ap_scoreboard_image or export functions that will return these 
variables, which will tremendously simplify things?

I'll create and post a patch if you think it's a goodness. If so please 
tell me the preferred way to do this.

also any chance somebody will respond/commit my other 
scoreboard/mod_status patches I've sent earlier?

Thanks

_
Stas Bekman JAm_pH  --   Just Another mod_perl Hacker
http://stason.org/  mod_perl Guide   http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]  http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

mod_autoindex with css support, patch

[Binary Runner]

Hi,

I've made a simple patch to Apache 2.x 
mod_autoindex. It adds a new directive specifying
a css file to use for the generated index.

As I'm total newbie I would know your opinions.
Thanks.

R.Matl




__
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com


autoindex_patch.tgz
Description: autoindex_patch.tgz

Re: [PATCH] First cut at factoring out the pools allocator

[Justin Erenkrantz]

On Tue, Mar 05, 2002 at 10:02:55AM +0100, Sander Striker wrote:
 Hi,
 
 Below a patch to apr and a patch to httpd
 to factor out the allocator from pools.  It
 is only the first cut, so crucial details
 like documentation are missing.
 
 I'd like some feedback on the general idea
 though.
 
 Hopefully this helps when implementing the
 bucket allocator.

+1.  I like the API.  Brian's suggestion is goodness, but shouldn't
stop this from going in.

Two slight implementation problems:

- apr_thread_mutex.h is now a dependency of apr_allocator.h.  That
  means it can't use APR_POOL_DECLARE_ACCESSOR since apr_pools.h
  requires this file.  So, I just expanded the declaration in
  apr_thread_mutex.h.  I'll leave it up to you how to resolve this
  (either expand it there or move the DECLARE macro somewhere else).
  I think if we put a big XXX in that file and expand it, we should
  be okay for now.  (Perhaps with a note near the POOL_DECLARE
  definition that apr_thread_mutex.h is a special exception.)

- I think APR_POOL_DEBUG isn't working.  Namely the
  apr_pool_create_ex prototype is wrong.

And, I think the API is fine considering that this gives the
bucket code a chance to use it.  So, please commit at your
earliest chance.  =)  -- justin

Re: [PATCH] Solaris sockets for support/ab.c (httpd-2_0_32-beta)

[Justin Erenkrantz]

On Wed, Mar 13, 2002 at 07:05:45AM -0500, Jeff Trawick wrote:
 Martin Ramshaw [EMAIL PROTECTED] writes:
 
  By default, Solaris (at least, Solaris 7 for sparc) restricts the number of
  file
  handles that may be used. See the comments in the attached patch file for
  more details.
 
 Lots of Unix-ish systems work the same way.
 
 Personally, I think it is better if you put ulimit -n unlimited in
 your shell init script rather than adding the logic to ab.

Yup, my thoughts too.  -- justin (wondering why I'm still up)

Re: [patch server/scoreboard.c] creating ws-thread_num

[Jeff Trawick]

Stas Bekman [EMAIL PROTECTED] writes:

 I don't think ws-thread_num has anything to do with server_limit. Am
 I wrong?
 
 Index: server/scoreboard.c
 ===
 RCS file: /home/cvspublic/httpd-2.0/server/scoreboard.c,v
 retrieving revision 1.60
 diff -u -r1.60 scoreboard.c
 --- server/scoreboard.c   27 Feb 2002 04:10:19 -  1.60
 +++ server/scoreboard.c   12 Mar 2002 09:55:52 -
 @@ -429,7 +429,7 @@
 
   if (status == SERVER_READY
old_status == SERVER_STARTING) {
 -ws-thread_num = child_num * server_limit + thread_num;
 +ws-thread_num = child_num * thread_limit + thread_num;

you're right, of course :)

Worker MPM does the calculation the same way.

committed...

Thanks!
-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: how to debug worker mpm httpd with gdb?

[Jeff Trawick]

My 2 cents:

Keep using Linux when a fast build time is imperative or you're
debugging non-threaded apps.

Use AIX or Solaris with native tools when you want to debug threaded
apps.

It sucks :(

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [patch modules/generators/mod_status.c]

[Jeff Trawick]

Stas Bekman [EMAIL PROTECTED] writes:

 On Mon, 11 Mar 2002, Stas Bekman wrote:
 
  this looks like a copy-n-paste porting bug. in httpd-2.0's scoreboard 
  stop/start timestamps are in apr_time_t (==usecs only).
  
  the problem wasn't noticed before since these structures are never set in 
  workers. Any ideas why? See mod_status's output for yourself.

because unlike apache 1.3, nobody calls ap_time_process_request() :)

(no idea why)

 here is one more porting leftover fix, including the previous one:
 
 Index: modules/generators/mod_status.c
 ===
 RCS file: /home/cvspublic/httpd-2.0/modules/generators/mod_status.c,v
 retrieving revision 1.54
 diff -u -r1.54 mod_status.c
 --- modules/generators/mod_status.c   4 Mar 2002 10:46:22 -   1.54
 +++ modules/generators/mod_status.c   11 Mar 2002 09:43:25 -
 @@ -570,13 +570,11 @@
  req_time = 0L;
  #endif /* HAVE_TIMES */
  #else
 -if (ws_record.start_time == 0L
 - ws_record.start_time == 0L)
 +if (ws_record.start_time == 0L)
  req_time = 0L;
  else
  req_time = (long)
 -(((ws_record.stop_time - ws_record.start_time) * 1000)
 -+ ((ws_record.stop_time - ws_record.start_time) / 1000));
 +((ws_record.stop_time - ws_record.start_time) / 1000);
  #endif
  if (req_time  0L)
  req_time = 0L;

I'll commit this shortly.

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: status of mod_status

[Jeff Trawick]

Stas Bekman [EMAIL PROTECTED] writes:

 oops, should have mentioned which code I was referring to.
 The ifdef HAVE_TIMES part of a code snippet seems to be irrelevant
 (includes my previously posted patch as well):
 
 Index: modules/generators/mod_status.c
 ===
 RCS file: /home/cvspublic/httpd-2.0/modules/generators/mod_status.c,v
 retrieving revision 1.54
 diff -u -r1.54 mod_status.c
 --- modules/generators/mod_status.c   4 Mar 2002 10:46:22 -   1.54
 +++ modules/generators/mod_status.c   11 Mar 2002 17:04:43 -
 @@ -558,26 +558,12 @@
   ws_record = ap_scoreboard_image-servers[i][j];
   ps_record = ap_scoreboard_image-parent[i];
 
 -#if defined(NO_GETTIMEOFDAY)
 -#ifdef HAVE_TIMES
 -if (ws_record.start_time == (clock_t)0)
 -req_time = 0L;
 -else {
 -req_time = ws_record.stop_time - ws_record.start_time;
 -req_time = (req_time * 1000) / (int)tick;
 -}
 -#else

I just committed the deletion of the NO_GETTIMEOFDAY support.

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [PATCH] First cut at factoring out the pools allocator

[Brian Pane]

Justin Erenkrantz wrote:

On Tue, Mar 05, 2002 at 10:02:55AM +0100, Sander Striker wrote:

Hi,

Below a patch to apr and a patch to httpd
to factor out the allocator from pools.  It
is only the first cut, so crucial details
like documentation are missing.

I'd like some feedback on the general idea
though.

Hopefully this helps when implementing the
bucket allocator.


+1.  I like the API.  Brian's suggestion is goodness, but shouldn't
stop this from going in.


+1.  I think we'll need to implement my suggestion (a variant
of the allocation function that reserves space for the internal
header struct but still stays within 8KB) in support of the
bucket free lists, but that that's a simple, additive change
that we can put in later--so +1 on committing Sander's new
allocator API now.

--Brian

RE: [PATCH] First cut at factoring out the pools allocator

[Sander Striker]

 From: Brian Pane [mailto:[EMAIL PROTECTED]]
 Sent: 13 March 2002 15:59

 Justin Erenkrantz wrote:
 
 On Tue, Mar 05, 2002 at 10:02:55AM +0100, Sander Striker wrote:
 
 Hi,
 
 Below a patch to apr and a patch to httpd
 to factor out the allocator from pools.  It
 is only the first cut, so crucial details
 like documentation are missing.
 
 I'd like some feedback on the general idea
 though.
 
 Hopefully this helps when implementing the
 bucket allocator.
 
 
 +1.  I like the API.  Brian's suggestion is goodness, but shouldn't
 stop this from going in.
 
 
 +1.  I think we'll need to implement my suggestion (a variant
 of the allocation function that reserves space for the internal
 header struct but still stays within 8KB) in support of the
 bucket free lists, but that that's a simple, additive change
 that we can put in later--so +1 on committing Sander's new
 allocator API now.

Ok, I'll try and get it in tonight.

I'm not entirely sure we need the extra allocation function though,
but we can decide on that later.

Sander

Re: [PATCH] Solaris sockets for support/ab.c (httpd-2_0_32-beta)

[Martin Ramshaw]

 On Wed, 13 Mar 2002 04:18:00AM -0800, Justin Erenkrantz wrote:
 On Wed, Mar 13, 2002 at 07:05:45AM -0500, Jeff Trawick wrote:
   Martin Ramshaw [EMAIL PROTECTED] writes:
  
   By default, Solaris (at least, Solaris 7 for sparc) restricts the
number of
   file
   handles that may be used. See the comments in the attached patch file
for
   more details.
 
  Lots of Unix-ish systems work the same way.
 
  Personally, I think it is better if you put ulimit -n unlimited in
  your shell init script rather than adding the logic to ab.

 Yup, my thoughts too.  -- justin (wondering why I'm still up)

I see.

So if I want to use 'ab' in a meaningful way on a 'Unix-ish system'
I should write a shell wrapper script.

Is it just me, or does that sound kind of lame ?

Thanks for the feedback.

Regards

[PATCH] ssl_engine_vars.c

[MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)]

'just did a cvs update and found that SSL_SESSION_id2sz in ssl_engine_vars.c
has fewer parameters than required.

-Madhu

Index: ssl_engine_vars.c
===
RCS file: /home/cvspublic/httpd-2.0/modules/ssl/ssl_engine_vars.c,v
retrieving revision 1.14
diff -u -r1.14 ssl_engine_vars.c
--- ssl_engine_vars.c   12 Mar 2002 21:10:18 -  1.14
+++ ssl_engine_vars.c   13 Mar 2002 16:51:37 -
 -282,10 +282,13 
 result = (char *)SSL_get_version(ssl);
 }
 else if (ssl != NULL  strcEQ(var, SESSION_ID)) {
+char buf[SSL_SESSION_ID_STRING_LEN];
+
 SSL_SESSION *pSession = SSL_get_session(ssl);
 result = apr_pstrdup(p, SSL_SESSION_id2sz(
 SSL_SESSION_get_session_id(pSession),
-
SSL_SESSION_get_session_id_length(pSession)));
+
SSL_SESSION_get_session_id_length(pSession),
+buf, sizeof(buf)));
 }
 else if (ssl != NULL  strlen(var) = 6  strcEQn(var, CIPHER, 6))
{
 result = ssl_var_lookup_ssl_cipher(p, c, var+6);

Re: need to export status_init from mod_status/scoreboard

[Aaron Bannert]

On Wed, Mar 13, 2002 at 05:12:58PM +0800, Stas Bekman wrote:
 status_init() in mod_status initializes status_flags, server_limit and 
 thread_limit. This is all nice for mod_status since it gets loaded 
 before any threads are started. Under mod_perl Apache::Scoreboard (the 
 Perl interface for scoreboard) can be loaded directly by the spawned 
 threads. Therefore to avoid race condition one has to handle this with 
 apr_thread_init_once, add the logic for prefork and you end up with an 
 ugly code.
 
 Can we change mod_status or scoreboard to export these variables similar 
 to ap_scoreboard_image or export functions that will return these 
 variables, which will tremendously simplify things?

+1 for accessor functions.

-aaron

Re: [PATCH] ssl_engine_vars.c

[Doug MacEachern]

On Wed, 13 Mar 2002, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:

 'just did a cvs update and found that SSL_SESSION_id2sz in ssl_engine_vars.c
 has fewer parameters than required.

whoops, my bad.  thanks, applied.

Re: [PATCH] Solaris sockets for support/ab.c (httpd-2_0_32-beta)

[Jeff Trawick]

Martin Ramshaw [EMAIL PROTECTED] writes:

  On Wed, 13 Mar 2002 04:18:00AM -0800, Justin Erenkrantz wrote:
  On Wed, Mar 13, 2002 at 07:05:45AM -0500, Jeff Trawick wrote:
Martin Ramshaw [EMAIL PROTECTED] writes:
   
By default, Solaris (at least, Solaris 7 for sparc) restricts the
 number of
file
handles that may be used. See the comments in the attached patch file
 for
more details.
  
   Lots of Unix-ish systems work the same way.
  
   Personally, I think it is better if you put ulimit -n unlimited in
   your shell init script rather than adding the logic to ab.
 
  Yup, my thoughts too.  -- justin (wondering why I'm still up)
 
 I see.
 
 So if I want to use 'ab' in a meaningful way on a 'Unix-ish system'
 I should write a shell wrapper script.

That is not true in general.  Plenty of people use ab on Unix and I've
never heard a complaint about not being able to get enough file
descriptors.

Anyway, I didn't mean a shell wrapper script.  I mean that you
could/should put ulimit -n unlimited in your
.profile/.bashrc/whatever.

 Is it just me, or does that sound kind of lame ?

Some thoughts:

The operating system has tools to adjust resource limits.  Why should
Apache and its support code duplicate that work?  We can't do a better
job than the OS and we end up with more code to maintain, most of it
non-portable.

If somebody wants to use ab to pound on a server with many concurrent
connections, getting ab enough file descriptors is only one of their
problems.  Here are some others that they may or may not encounter
depending on their OS and how they have changed the defaults:

1) configure enough file descriptors for the server (Apache has no
   such logic to adjust ulimit)

2) configure enough ephemeral ports on the client stack (on many OSs
   with the default configuration you can't run ab very long before ab
   can no longer connect to the server)

3) disable SYN attack code on the server stack so it doesn't get upset
   that so many SYNs for the same server port are coming from the same
   client 

4) configure enough mbufs on the client stack so that the stack can
   actually create as many sockets as you are telling ab that it needs
   (on my FreeBSD 3.4 box I ended up recompiling the kernel to achieve
   this :( )

If Apache and support utilities have logic to adjust resource limits,
developers can no longer adjust soft limits to force error paths.
(There are always hard limits; by changing soft limits and not
having Apache undo our change, we can easily simulate reaching the
hard limit.)

I hope this helps understand the big picture (at least as I see it).

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: need to export status_init from mod_status/scoreboard

[Stas Bekman]

Aaron Bannert wrote:
 On Wed, Mar 13, 2002 at 05:12:58PM +0800, Stas Bekman wrote:
 
status_init() in mod_status initializes status_flags, server_limit and 
thread_limit. This is all nice for mod_status since it gets loaded 
before any threads are started. Under mod_perl Apache::Scoreboard (the 
Perl interface for scoreboard) can be loaded directly by the spawned 
threads. Therefore to avoid race condition one has to handle this with 
apr_thread_init_once, add the logic for prefork and you end up with an 
ugly code.

Can we change mod_status or scoreboard to export these variables similar 
to ap_scoreboard_image or export functions that will return these 
variables, which will tremendously simplify things?

 
 +1 for accessor functions.

regarding status_flags, should the accessor return a copy of the whole 
structure or just a pointer to it?

where should the accessors reside: scoreboard or mod_status?
Assuming that someone may want to use them without loading mod_status
I think scoreboard is the right place and mod_status itself can use these.

_
Stas Bekman JAm_pH  --   Just Another mod_perl Hacker
http://stason.org/  mod_perl Guide   http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]  http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

ap_sub_req_lookup_dirent

[Bill Stoddard]

What is the purpose of calling ap_process_request_internal() in
ap_sub_req_lookup_dirent()?

Bill

RE: ap_sub_req_lookup_dirent

[Ryan Bloom]

We call that function in all of the ap_sub_req_lookup functions.  The
purpose is to run all of the hooks that are required for creating a
request successfully.

Ryan


 What is the purpose of calling ap_process_request_internal() in
 ap_sub_req_lookup_dirent()?
 
 Bill

Re: need to export status_init from mod_status/scoreboard

[Jim Jagielski]

Stas Bekman wrote:
 
 where should the accessors reside: scoreboard or mod_status?
 Assuming that someone may want to use them without loading mod_status
 I think scoreboard is the right place and mod_status itself can use these.
 

Scoreboard totally. mod_status would be just one possible user.
I can envision other modules enjoying that data :)

-- 
===
   Jim Jagielski   [|]   [EMAIL PROTECTED]   [|]   http://www.jaguNET.com/
  A society that will trade a little liberty for a little order
 will lose both and deserve neither - T.Jefferson

Re: ap_sub_req_lookup_dirent

[Bill Stoddard]

ap_process_request_internal() is called at the very end of ap_sub_req_lookup() and I 
don't
see that it is providing any additional information that is not already available 
prior to
the call (ie, we already have stat'ed the file and know all the finfo required by the
caller). The only useful thing that I see happening is authentication. Otherwise, we do
not want to run translate_name or most of the other hooks as far as I can see...

Bill

 We call that function in all of the ap_sub_req_lookup functions.  The
 purpose is to run all of the hooks that are required for creating a
 request successfully.

 Ryan


  What is the purpose of calling ap_process_request_internal() in
  ap_sub_req_lookup_dirent()?
 
  Bill

RE: ap_sub_req_lookup_dirent

[Ryan Bloom]

 ap_process_request_internal() is called at the very end of
 ap_sub_req_lookup() and I don't
 see that it is providing any additional information that is not
already
 available prior to
 the call (ie, we already have stat'ed the file and know all the finfo
 required by the
 caller). The only useful thing that I see happening is authentication.
 Otherwise, we do
 not want to run translate_name or most of the other hooks as far as I
can
 see...

We have to run all of the hooks, from translate_name through fixups for
all sub-requests.  While translate_name shouldn't do anything for a
lookup_dirent call, all of the auth hooks, type_checker, and fixups can
all modify the request.  By calling ap_process_request_internal the code
is simplified, because there is only one way to go through request
processing.  The previous solution had a different path for every
subrequest mechanism.

Ryan


 
 Bill
 
  We call that function in all of the ap_sub_req_lookup functions.
The
  purpose is to run all of the hooks that are required for creating a
  request successfully.
 
  Ryan
 
 
   What is the purpose of calling ap_process_request_internal() in
   ap_sub_req_lookup_dirent()?
  
   Bill
 
 

putting mod_scoreboard_send in core?

[Stas Bekman]

The Apache::Scoreboard distribution for 1.x includes 
mod_scoreboard_send.c, which allows you to collect the scoreboards from 
many machines for various purposes. This is a special standalone C 
version which doesn't require mod_perl.

There is a C code which freeze()s the scoreboard and sends it to the 
client, which can then be thaw()ed to retrieve the scoreboard.

Apache::Scoreboard is now going to be folded into the mod_perl 2.0 core, 
therefore we cannot distribute mod_scoreboard_send.c any longer since 
there is no Apache-Scoreboard distribution. And those who will want to 
use mod_scoreboard_send.c won't want to grab mod_perl sources for it.

We think that the best place for this module is in the core. I haven't 
ported it to 2.0 yet, and plan to do it shortly. It's a very small modules.

Where should it go: modules/generators/mod_scoreboard_send?

p.s. all this cool stuff is a courtesy of Doug MacEachern, I'm just 
porting it to 2.0 ;)

_
Stas Bekman JAm_pH  --   Just Another mod_perl Hacker
http://stason.org/  mod_perl Guide   http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]  http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

Strange autoindex behaviour

[Bill Stoddard]

I can't imagine that it is normal/desireable for autoindex to recurse through
subdirectories in the directory to be indexed.  For instance I am autoindexing 
c:/website.
c:/website has a number of subdirectories.  ap_process_request_internal() called out of
ap_sub_req_lookup_dirent() is recursing through the entire directory structures of the
directories under c:/website.  Is there a valid reason for the code to be behaving this
way?

Bill

Re: Strange autoindex behaviour

[Bill Stoddard]

Upon closer inspection... the code is looking for index.html and index.html.var in each
subdirectory. Havent tested to see how far down the code will recurse.. This is just
goofy.

Bill

 I can't imagine that it is normal/desireable for autoindex to recurse through
 subdirectories in the directory to be indexed.  For instance I am autoindexing
c:/website.
 c:/website has a number of subdirectories.  ap_process_request_internal() called out 
of
 ap_sub_req_lookup_dirent() is recursing through the entire directory structures of 
the
 directories under c:/website.  Is there a valid reason for the code to be behaving 
this
 way?

 Bill

PR 10163, location of config_vars.mk

[Jeff Trawick]

short form: 

I want to move config_vars.mk from top_builddir to
top_builddir/build/config_vars.mk.  Okay?

long form:

PR 10163 deals with some hard-coded paths that broke the makefile
created by apxs -g.  I just committed what ordinarily would make it
work, except for a basic problem:

. Apache build puts config_vars.mk in top_builddir
. Apache install puts config_vars.mk in prefix/build
. apxs wants to use snippets of Apache build support (e.g., rules.mk)
  which assume that config_vars.mk is not in the build subdirectory

To get apxs's use of rules.mk et al to work config_vars.mk needs to be
in a consistent place (in or out of the build subdirectory for both
Apache build and the installed copy of config_vars.mk).

The easiest fix is to install config_vars.mk into prefix, but that is
ugly.  Always putting it in the build subdirectory seems nicer.  But I
can't help but wonder why it isn't there already.  Are there any
problems with that?

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: ap_sub_req_lookup_dirent

[Bill Stoddard]

  ap_process_request_internal() is called at the very end of
  ap_sub_req_lookup() and I don't
  see that it is providing any additional information that is not
 already
  available prior to
  the call (ie, we already have stat'ed the file and know all the finfo
  required by the
  caller). The only useful thing that I see happening is authentication.
  Otherwise, we do
  not want to run translate_name or most of the other hooks as far as I
 can
  see...

 We have to run all of the hooks, from translate_name through fixups for
 all sub-requests.  While translate_name shouldn't do anything for a
 lookup_dirent call, all of the auth hooks, type_checker, and fixups can
 all modify the request.  By calling ap_process_request_internal the code
 is simplified, because there is only one way to go through request
 processing.  The previous solution had a different path for every
 subrequest mechanism.

 Ryan


I am not an expert in this area, but it appears that we skip running a lot of the 
hooks in
ap_process_request_internal depending on whether the request is a subrequest or not 
(and
the check for subrequests is very coarse grained, precluding the possibility of
selectively handling different subrequests differently. For instance, a dirent 
subrequest
should not call the quick handler ever... perhaps it is okay for other subrequests to 
call
quick_handler...

Bill

RE: Strange autoindex behaviour

[Ryan Bloom]

 Upon closer inspection... the code is looking for index.html and
 index.html.var in each
 subdirectory. Havent tested to see how far down the code will
recurse..
 This is just
 goofy.

That is goofy, but the reason it is happening, is because we redirect to
the index.html page from the fixups hook.  I can't remember if this used
to happen in 1.3 or not.

Ryan


 
 Bill
 
  I can't imagine that it is normal/desireable for autoindex to
recurse
 through
  subdirectories in the directory to be indexed.  For instance I am
 autoindexing
 c:/website.
  c:/website has a number of subdirectories.
 ap_process_request_internal() called out of
  ap_sub_req_lookup_dirent() is recursing through the entire directory
 structures of the
  directories under c:/website.  Is there a valid reason for the code
to
 be behaving this
  way?
 
  Bill
 

Re: putting mod_scoreboard_send in core?

[Doug MacEachern]

a few notes on this.. the purpose of mod_scoreboard_send was to download 
the scoreboard image on a remote machine.  the scoreboard image was then 
used on the client machine to generate fancy graphical images to make our 
boss feel like he knew what was going on.  sorta like a graphical 
mod_status, but could also combine stats of a server farm into one browser
window.

anyhoo, the module should not go in as-is, it was designed to incur as 
little overhead as possible, pretty much sends the binary data as-is.  and 
hence isn't portable since it uses native byte order rather than network 
order.  which was ok for us since the client machine was the same 
architecture as the servers.  and the concept might not apply at all to 
the 2.0 scoreboard, i haven't looked at it.  in general, the concept is to 
serialize the scoreboard in such a way that it can transfered over the 
network via http and thawed on another machine.  i'm sure there's a 
better way to do this than the mod_scoreboard_send thinger.

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Jeff Trawick]

Jeff Trawick [EMAIL PROTECTED] writes:

 This function is checking for several characters which, at least in
 ASCII, are supposedly not valid characters for filenames.  But some of
 these same characters can appear in valid non-ASCII filenames, and the
 logic to check for these characters breaks Apache's ability to serve
 those files.
 
 A user reported the inability to request a file with the Chinese
 character %b5%7c in the name.  The %7c byte tripped up the check for
 invalid ASCII characters.

I think this is an accurate statement regarding the use of non-ASCII
characters in filenames with Apache 1.3 on Win32.  Comments?

---cut here--
Names of file-based resources with Apache 1.3 on Win32

Apache 1.3 on Win32 assumes that the names of files served are comprised 
solely of characters from the US-ASCII character set.  It has no logic to
determine whether or not a possible file name contains invalid non-ASCII
characters.  It has no logic to properly match actual non-ASCII file names 
with names specified in the Apache configuration file.  Because Apache
does not verify that the characters in file names are all ASCII, files
files containing various non-ASCII characters in their names can be 
successfully served by Apache.  However, this is not recommended for the
following reasons:

1) Because Apache is unable to properly match actual non-ASCII file names
   with names in the Apache configuration file, taking into account any
   case folding or other transformations handled by the operating system
   when looking up files or otherwise matching file names, directives in
   the Apache configuration file may or may not be in force, depending
   on how the HTTP client specifies the resource.  This may be a security
   concern, depending on your configuration.

2) Because Apache assumes that file names are ASCII, some of the checks
   it makes when validating file names will flag certain non-ASCII
   characters as invalid.  For example, Apache on Win32 will flag a file
   name containing the ASCII character '|' (0x7C) as invalid.  This logic
   will flag any file name containing the byte 0x7C as invalid, even if
   that byte does not represent '|' in the local character set.  There 
   are other characters checked for as well.  Because of these checks,
   even if there are no security issues in your configuration, the full
   range of local characters cannot be used.

Because of the lack of proper support for non-ASCII characters in file
names, it is recommended that administrators not attempt to use any
non-ASCII characters in file names.  Any other configuration is 
unsupported.
--cut here
-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: putting mod_scoreboard_send in core?

[Sander van Zoest]

On Wed, 13 Mar 2002, Doug MacEachern wrote:

 in general, the concept is to serialize the scoreboard in such a way
 that it can transfered over the network via http and thawed on
 another machine.  i'm sure there's a better way to do this than
 the mod_scoreboard_send thinger.

I have done this in two ways with tools that are not in the httpd core.

- have SNMP polls to mod_nsmp(1) and then display it using MRTG, HP OpenView
  Scotty, or whatever

- use mod_status_xml(2) and do periodic GET and use XSLT/SVG to merge
  the content into a pretty graph/HTML page.

I really do not see why this needs to be in the httpd core.

1) the SNMPv3 capable http://www.covalent.net/products/managed/
   or http://www.simpleweb.org/software/packages/mod-snmp/
2) http://www.awe.com/mark/dev/mod_status_xml/ with some contributed
   changes.
--
Sander van Zoest  [EMAIL PROTECTED]
San Diego, CA, US http://Sander.vanZoest.com/

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Justin Erenkrantz]

On Wed, Mar 13, 2002 at 02:12:18PM -0500, Jeff Trawick wrote:
 Jeff Trawick [EMAIL PROTECTED] writes:
 
  This function is checking for several characters which, at least in
  ASCII, are supposedly not valid characters for filenames.  But some of
  these same characters can appear in valid non-ASCII filenames, and the
  logic to check for these characters breaks Apache's ability to serve
  those files.
  
  A user reported the inability to request a file with the Chinese
  character %b5%7c in the name.  The %7c byte tripped up the check for
  invalid ASCII characters.
 
 I think this is an accurate statement regarding the use of non-ASCII
 characters in filenames with Apache 1.3 on Win32.  Comments?

Doesn't 2.0 support this properly on Win32?  Couldn't that just be
our recommendation?  -- justin

mod_mime_magic question

[Alexander Tereschenko]

Hi, I'm developing an application that needs functionality almost the same
as Apache's mod_mime_magic module - to guess file MIME type from file. And
since I'm lazy I want to use mod_mime_magic module in my application. But I
have some questions:

1) licensing issues (what should I do to comply with Apache license)
2) I'm not C/C++ programmer, I'm programming in Pascal (under Win32) and I
ask someone to help me with this work (at least to explain what to do - I
have basic knowledge of C and probably will be able to make DLL)

My application is called Futuris Imager: http://futuris.plastiqueweb.com/

--
Alexander Tereschenko
http://futuris.plastiqueweb.com/

Dying tickles ! (from The Simpsons)

Re: Copyright year bumping

[Roy T. Fielding]

On Sat, Mar 09, 2002 at 12:20:23PM +0800, Stas Bekman wrote:
 Sander Striker wrote:
 Hi,
 
 Should we bump the copyright year on all the files?
 Anyone have a script handy?
 
 find . -type f -exec perl -pi -e 's|2000-2001|2000-2002|' {} \;

That would change a lot more, and a lot less, than we want.  I've committed
the change for 2.0 and will do 1.3 next.

Roy

Re: Strange autoindex behaviour

[Bill Stoddard]

Should we even be calling the fixup hook on a dirent subrequest?

Bill

 
  Upon closer inspection... the code is looking for index.html and
  index.html.var in each
  subdirectory. Havent tested to see how far down the code will
 recurse..
  This is just
  goofy.
 
 That is goofy, but the reason it is happening, is because we redirect to
 the index.html page from the fixups hook.  I can't remember if this used
 to happen in 1.3 or not.
 
 Ryan
 
 
  
  Bill
  
   I can't imagine that it is normal/desireable for autoindex to
 recurse
  through
   subdirectories in the directory to be indexed.  For instance I am
  autoindexing
  c:/website.
   c:/website has a number of subdirectories.
  ap_process_request_internal() called out of
   ap_sub_req_lookup_dirent() is recursing through the entire directory
  structures of the
   directories under c:/website.  Is there a valid reason for the code
 to
  be behaving this
   way?
  
   Bill
  
 
 

Re: Content-length returned from HEAD requests?

[Roy T. Fielding]

On Tue, Mar 12, 2002 at 10:57:50AM -0800, Brian Pane wrote:
 Aaron Bannert wrote:
 
 Is it valid for Content-length to be returned from these types
 of requests? daedalus is showing it, and I'm seeing it in current CVS.
 
 -aaron
 
 
 I don't think so, unless it's Content-Length: 0, due to this
 part of section 10.2.7 in RFC 2616:
 If a Content-Length header field is present in the response,
 its value MUST match the actual number of OCTETs transmitted in
 the message-body.

That section is on the 206 response, not a 200 response.

Section 4.3:

   For response messages, whether or not a message-body is included with
   a message is dependent on both the request method and the response
   status code (section 6.1.1). All responses to the HEAD request method
   MUST NOT include a message-body, even though the presence of entity-
   header fields might lead one to believe they do. All 1xx
   (informational), 204 (no content), and 304 (not modified) responses
   MUST NOT include a message-body. All other responses do include a
   message-body, although it MAY be of zero length.

4.4 Message Length

   The transfer-length of a message is the length of the message-body as
   it appears in the message; that is, after any transfer-codings have
   been applied. When a message-body is included with a message, the
   transfer-length of that body is determined by one of the following
   (in order of precedence):

   1.Any response message which MUST NOT include a message-body (such
 as the 1xx, 204, and 304 responses and any response to a HEAD
 request) is always terminated by the first empty line after the
 header fields, regardless of the entity-header fields present in
 the message.

Roy

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Jeff Trawick]

Justin Erenkrantz [EMAIL PROTECTED] writes:

 On Wed, Mar 13, 2002 at 02:12:18PM -0500, Jeff Trawick wrote:
  Jeff Trawick [EMAIL PROTECTED] writes:
  
   This function is checking for several characters which, at least in
   ASCII, are supposedly not valid characters for filenames.  But some of
   these same characters can appear in valid non-ASCII filenames, and the
   logic to check for these characters breaks Apache's ability to serve
   those files.
   
   A user reported the inability to request a file with the Chinese
   character %b5%7c in the name.  The %7c byte tripped up the check for
   invalid ASCII characters.
  
  I think this is an accurate statement regarding the use of non-ASCII
  characters in filenames with Apache 1.3 on Win32.  Comments?
 
 Doesn't 2.0 support this properly on Win32?  Couldn't that just be
 our recommendation?  -- justin

I *think* it works properly on Win32 in Apache 2.0, but I just don't
know :(  OtherBill?

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: PR 10163, location of config_vars.mk

[Roy T. Fielding]

On Wed, Mar 13, 2002 at 01:09:27PM -0500, Jeff Trawick wrote:
 short form: 
 
 I want to move config_vars.mk from top_builddir to
 top_builddir/build/config_vars.mk.  Okay?

+1

Roy

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Roy T. Fielding]

On Wed, Mar 13, 2002 at 02:12:18PM -0500, Jeff Trawick wrote:
 Jeff Trawick [EMAIL PROTECTED] writes:
 
  This function is checking for several characters which, at least in
  ASCII, are supposedly not valid characters for filenames.  But some of
  these same characters can appear in valid non-ASCII filenames, and the
  logic to check for these characters breaks Apache's ability to serve
  those files.
  
  A user reported the inability to request a file with the Chinese
  character %b5%7c in the name.  The %7c byte tripped up the check for
  invalid ASCII characters.
 
 I think this is an accurate statement regarding the use of non-ASCII
 characters in filenames with Apache 1.3 on Win32.  Comments?
 
 ---cut here--
 Names of file-based resources with Apache 1.3 on Win32
 
 Apache 1.3 on Win32 assumes that the names of files served are comprised 
 solely of characters from the US-ASCII character set.  It has no logic to
 determine whether or not a possible file name contains invalid non-ASCII
 characters.  It has no logic to properly match actual non-ASCII file names 
 with names specified in the Apache configuration file.  Because Apache
 does not verify that the characters in file names are all ASCII, files
 files containing various non-ASCII characters in their names can be 
 successfully served by Apache.  However, this is not recommended for the
 following reasons:

No, it doesn't.  It treats all names as raw bytes, regardless of charset,
but the filtering process of preventing some filesystem-specific magic
characters from creating security holes on a server prevents the use
of unfiltered 16-bit Unicode or similar wide character sets from being used
directly.  This is true in general for the Web -- wide character encodings
are not allowed to appear in URI under any circumstances.

The solution is to use UTF-8 encoding for non-ASCII characters and not
allow any access via wide character function calls.

Roy

[PATCH] Do not run fixups against dirent subrequests

[Bill Stoddard]

I really don't like this patch because it stinks of creeping hacks built upon hacks 
but it
should suffice to get a discussion going.

This patch fixes a bug where a directory index of c:/website causes subrequests to be
generated searching for index.html and index.html.var files under subdirs in 
c:/website.
(and the bug totally hoses up directory indexing when mod_cache is enabled).

Thoughts?

Bill

Index: request.c
===
RCS file: /home/cvs/httpd-2.0/server/request.c,v
retrieving revision 1.105
diff -u -r1.105 request.c
--- request.c 13 Mar 2002 19:41:56 - 1.105
+++ request.c 13 Mar 2002 21:33:39 -
 -302,8 +302,11 
 return decl_die(access_status, find types, r);
 }

-if ((access_status = ap_run_fixups(r)) != 0) {
-return access_status;
+/* Don't run fixups on a dirent subrequest */
+if (!file_req  !r-finfo.filetype) {
+if ((access_status = ap_run_fixups(r)) != 0) {
+return access_status;
+}
 }

 return OK;

New module for Apache 2.0?

[Ryan Bloom]

Hi guys,

I have mod_hf, which adds a header or footer to every page that the
server sends.  It is also a pretty good example of how write a filter
for 2.0.  Would anybody mind if I committed that to modules/fitlers?  If
not, I will just maintain it myself.

Ryan

--
Ryan Bloom  [EMAIL PROTECTED]
645 Howard St.  [EMAIL PROTECTED]
San Francisco, CA 

Re: New module for Apache 2.0?

[Jim Jagielski]

I'm 0 for in modules/filters and +1 for modules/experimental

:)

Ryan Bloom wrote:
 
 
 Hi guys,
 
 I have mod_hf, which adds a header or footer to every page that the
 server sends.  It is also a pretty good example of how write a filter
 for 2.0.  Would anybody mind if I committed that to modules/fitlers?  If
 not, I will just maintain it myself.
 
 Ryan
 
 --
 Ryan Bloom  [EMAIL PROTECTED]
 645 Howard St.  [EMAIL PROTECTED]
 San Francisco, CA 
 
 


-- 
===
   Jim Jagielski   [|]   [EMAIL PROTECTED]   [|]   http://www.jaguNET.com/
  A society that will trade a little liberty for a little order
 will lose both and deserve neither - T.Jefferson

Re: New module for Apache 2.0?

[Aaron Bannert]

On Wed, Mar 13, 2002 at 02:14:54PM -0800, Ryan Bloom wrote:
 I have mod_hf, which adds a header or footer to every page that the
 server sends.  It is also a pretty good example of how write a filter
 for 2.0.  Would anybody mind if I committed that to modules/fitlers?  If
 not, I will just maintain it myself.

If it's an example, I want to see it in our repository, useful or not.

If it becomes more than an example at some point, we could just move
it out of experimental or test or a new example modules dir or whatnot.

-aaron

Re: New module for Apache 2.0?

[Brian Pane]

Does it just add the header/footer at the start/end of the content,
or does it parse the HTML so that it can include them inside the
body.../body block?

If it parses the HTML, +1 on adding it to modules/filters.
If not, I'm not sure how generally useful it would be, but
+1 on including it in modules/example at the very least.
It would be really nice to have something less complex than
mod_include to use as an example of how to write a filter. :-)

--Brian

Ryan Bloom wrote:

Hi guys,

I have mod_hf, which adds a header or footer to every page that the
server sends.  It is also a pretty good example of how write a filter
for 2.0.  Would anybody mind if I committed that to modules/fitlers?  If
not, I will just maintain it myself.

Ryan

--
Ryan Bloom  [EMAIL PROTECTED]
645 Howard St.  [EMAIL PROTECTED]
San Francisco, CA 

Re: New module for Apache 2.0?

[Justin Erenkrantz]

On Wed, Mar 13, 2002 at 02:14:54PM -0800, Ryan Bloom wrote:
 
 Hi guys,
 
 I have mod_hf, which adds a header or footer to every page that the
 server sends.  It is also a pretty good example of how write a filter
 for 2.0.  Would anybody mind if I committed that to modules/fitlers?  If
 not, I will just maintain it myself.

Sounds cool.

I'd suggest modules/experimental (as that is where we stuck deflate
too and it is a filter).  -- justin

Re: [PATCH] Solaris sockets for support/ab.c (httpd-2_0_32-beta)

[Martin Ramshaw]

snip

I hope this helps understand the big picture (at least as I see it).

It does, and thank you for taking the time to explain this to me.

My hope was to be able to foist off benchmarking onto someone
else, which isn't really an option if too much configuration (i.e.
scripting)
is required.

My frustration was that (as you confirmed) a benchmarking effort
involves benchmarking the machine driving the benchmark (i.e.
running 'ab') as much as anything else. Of course, this is less of an
issue now that Solaris Intel is to be mothballed.

Unfortunately, benchmarking (MTBF, Average and distributed
response times, whether failure is graceful or not, suggested hardware
platform for desired performance, etc, etc) quickly turns into a study
in comparative operating systems.

NT starts rejecting connections at around 58 concurrent connections;
it turns out that NT is not a *true* multi-threaded OS at all but has an
internal limit of 64 concurrencies, some of which it needs itself.

My experience with other OS's is that they gracefully start rejecting
connections at a much higher level of concurrency.

Best regards

RE: New module for Apache 2.0?

[Ryan Bloom]

Currently, it doesn't parse the HTML for the body.../body block, but
it shouldn't be too hard to add that logic.

Ryan

--
Ryan Bloom  [EMAIL PROTECTED]
645 Howard St.  [EMAIL PROTECTED]
San Francisco, CA 

 -Original Message-
 From: Brian Pane [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, March 13, 2002 2:24 PM
 To: [EMAIL PROTECTED]
 Subject: Re: New module for Apache 2.0?
 
 Does it just add the header/footer at the start/end of the content,
 or does it parse the HTML so that it can include them inside the
 body.../body block?
 
 If it parses the HTML, +1 on adding it to modules/filters.
 If not, I'm not sure how generally useful it would be, but
 +1 on including it in modules/example at the very least.
 It would be really nice to have something less complex than
 mod_include to use as an example of how to write a filter. :-)
 
 --Brian
 
 Ryan Bloom wrote:
 
 Hi guys,
 
 I have mod_hf, which adds a header or footer to every page that the
 server sends.  It is also a pretty good example of how write a filter
 for 2.0.  Would anybody mind if I committed that to modules/fitlers?
If
 not, I will just maintain it myself.
 
 Ryan
 
 --
 Ryan Bloom  [EMAIL PROTECTED]
 645 Howard St.  [EMAIL PROTECTED]
 San Francisco, CA
 
 
 

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Jeff Trawick]

Roy T. Fielding [EMAIL PROTECTED] writes:

 On Wed, Mar 13, 2002 at 02:12:18PM -0500, Jeff Trawick wrote:
  Jeff Trawick [EMAIL PROTECTED] writes:
  
   This function is checking for several characters which, at least in
   ASCII, are supposedly not valid characters for filenames.  But some of
   these same characters can appear in valid non-ASCII filenames, and the
   logic to check for these characters breaks Apache's ability to serve
   those files.
   
   A user reported the inability to request a file with the Chinese
   character %b5%7c in the name.  The %7c byte tripped up the check for
   invalid ASCII characters.
  
  I think this is an accurate statement regarding the use of non-ASCII
  characters in filenames with Apache 1.3 on Win32.  Comments?
  
  ---cut here--
  Names of file-based resources with Apache 1.3 on Win32
  
  Apache 1.3 on Win32 assumes that the names of files served are comprised 
  solely of characters from the US-ASCII character set.  It has no logic to
  determine whether or not a possible file name contains invalid non-ASCII
  characters.  It has no logic to properly match actual non-ASCII file names 
  with names specified in the Apache configuration file.  Because Apache
  does not verify that the characters in file names are all ASCII, files
  files containing various non-ASCII characters in their names can be 
  successfully served by Apache.  However, this is not recommended for the
  following reasons:
 
 No, it doesn't.  It treats all names as raw bytes, regardless of charset,
 but the filtering process of preventing some filesystem-specific magic
 characters from creating security holes on a server prevents the use
 of unfiltered 16-bit Unicode or similar wide character sets from being used
 directly.  This is true in general for the Web -- wide character encodings
 are not allowed to appear in URI under any circumstances.
 
 The solution is to use UTF-8 encoding for non-ASCII characters and not
 allow any access via wide character function calls.

Thanks a bunch for your response.  I'm more than a little unclear on this
stuff.

Regarding your key comment treats all file names as raw bytes,
regardless of charset...  

I would agree with that for Unix, but on Win32, in an attempt to match
the semantics of the native filesystem (case preserving but not case
significant), Apache will perform case transformations on file names*.
This, along with the filtering code to check for specific ASCII
values, is why I claimed that it assumes ASCII.

*see ap_os_canonical_filename(), which is used to generate r-filename

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

[PATCH] SSL Session Caching stuff

[MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)]

Hi,
Good Afternoon !!. Another attempt at the SSL session caching stuff.. As
regards the patch, 

1. enables shmht, shmcb in Apache 2.0 (complete in terms of compiling - but
may not be fully complete in terms of functionality)

2. Can somebody please review and tell me what may be wrong in the
apr_shm_*, apr_rmm_* logic that I've put in the
ssl_scache_shmht.c/ssl_scache_shmcb.c. I have a feeling that I'm missing
something important - I'm not doing the apr_shm_attach() / apr_rmm_attach.

3. I was able to bring up the server and get the session caching on linux
(redhat 7.2), but not on HP-UX :-(. The difference b/w Linux and HP-UX is
that Linux uses MMAP_ANON and HP-UX uses SHMGET. I think there's something
wrong in the apr_shm_create() logic - still looking into it.

4. There might be some non-portable issues - it'll be great if somebody
could pl. point it out to me.

Thanks,
-Madhu



Index: modules/ssl/mod_ssl.h
===
RCS file: /home/cvspublic/httpd-2.0/modules/ssl/mod_ssl.h,v
retrieving revision 1.79
diff -u -r1.79 mod_ssl.h
--- modules/ssl/mod_ssl.h   13 Mar 2002 20:47:54 -  1.79
+++ modules/ssl/mod_ssl.h   13 Mar 2002 23:07:15 -
@@ -108,6 +108,8 @@
 #include apr_fnmatch.h
 #include apr_strings.h
 #include apr_dbm.h
+#include apr_rmm.h
+#include apr_shm.h
 #include apr_optional.h
 
 /* OpenSSL headers */
@@ -488,9 +490,8 @@
 int nSessionCacheMode;
 char   *szSessionCacheDataFile;
 int nSessionCacheDataSize;
-#if 0 /* XXX */
-AP_MM  *pSessionCacheDataMM;
-#endif
+apr_shm_t  *pSessionCacheDataMM;
+apr_rmm_t  *pSessionCacheDataRMM;
 apr_table_t*tSessionCacheDataTable;
 ssl_mutexmode_t nMutexMode;
 char   *szMutexFile;
@@ -679,22 +680,22 @@
 void ssl_scache_dbm_remove(server_rec *, UCHAR *, int);
 void ssl_scache_dbm_expire(server_rec *);
 void ssl_scache_dbm_status(server_rec *, apr_pool_t *, void (*)(char *, void 
*), void *);
-#if 0 /* XXX */
-void ssl_scache_shmht_init(server_rec *, pool *);
+
+void ssl_scache_shmht_init(server_rec *, apr_pool_t *);
 void ssl_scache_shmht_kill(server_rec *);
 BOOL ssl_scache_shmht_store(server_rec *, UCHAR *, int, time_t, SSL_SESSION 
*);
 SSL_SESSION *ssl_scache_shmht_retrieve(server_rec *, UCHAR *, int);
 void ssl_scache_shmht_remove(server_rec *, UCHAR *, int);
 void ssl_scache_shmht_expire(server_rec *);
-void ssl_scache_shmht_status(server_rec *, pool *, void (*)(char *, void *), 
void *);
-void ssl_scache_shmcb_init(server_rec *, pool *);
+void ssl_scache_shmht_status(server_rec *, apr_pool_t *, void (*)(char *, 
+void *), void *);
+
+void ssl_scache_shmcb_init(server_rec *, apr_pool_t *);
 void ssl_scache_shmcb_kill(server_rec *);
 BOOL ssl_scache_shmcb_store(server_rec *, UCHAR *, int, time_t, SSL_SESSION 
*);
 SSL_SESSION *ssl_scache_shmcb_retrieve(server_rec *, UCHAR *, int);
 void ssl_scache_shmcb_remove(server_rec *, UCHAR *, int);
 void ssl_scache_shmcb_expire(server_rec *);
-void ssl_scache_shmcb_status(server_rec *, pool *, void (*)(char *, void *), 
void *);
-#endif
+void ssl_scache_shmcb_status(server_rec *, apr_pool_t *, void (*)(char *, 
+void *), void *);
 
 /*  Pass Phrase Support  */
 void ssl_pphrase_Handle(server_rec *, apr_pool_t *);
@@ -768,4 +769,5 @@
 char*ssl_util_ptxtsub(apr_pool_t *, const char *, const char *, char *);
 void ssl_util_thread_setup(server_rec *, apr_pool_t *);
 
+#define APR_SHM_MAXSIZE (64 * 1024 * 1024)
 #endif /* __MOD_SSL_H__ */
Index: modules/ssl/ssl_engine_config.c
===
RCS file: /home/cvspublic/httpd-2.0/modules/ssl/ssl_engine_config.c,v
retrieving revision 1.35
diff -u -r1.35 ssl_engine_config.c
--- modules/ssl/ssl_engine_config.c 13 Mar 2002 20:47:54 -  1.35
+++ modules/ssl/ssl_engine_config.c 13 Mar 2002 23:07:15 -
@@ -95,9 +95,8 @@
 mc-nSessionCacheMode  = SSL_SCMODE_UNSET;
 mc-szSessionCacheDataFile = NULL;
 mc-nSessionCacheDataSize  = 0;
-#if 0 /* XXX */
 mc-pSessionCacheDataMM= NULL;
-#endif
+mc-pSessionCacheDataRMM   = NULL;
 mc-tSessionCacheDataTable = NULL;
 mc-nMutexMode = SSL_MUTEXMODE_UNSET;
 mc-szMutexFile= NULL;
@@ -828,16 +827,10 @@
 mc-nSessionCacheMode  = SSL_SCMODE_DBM;
 mc-szSessionCacheDataFile = ap_server_root_relative(mc-pPool, arg+4);
 }
-else if (((arglen  4)  strcEQn(arg, shm:, 4)) ||
- ((arglen  6)  strcEQn(arg, shmht:, 6)))
-{
-#if 0 /* XXX */
-if (!ap_mm_useable()) {
-return SSLSessionCache: shared memory cache 
-   not useable on this platform;
-}
+else if ((arglen  6)  strcEQn(arg, shmht:, 6)) {
+#if 

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Roy T. Fielding]

 Regarding your key comment treats all file names as raw bytes,
 regardless of charset...  
 
 I would agree with that for Unix, but on Win32, in an attempt to match
 the semantics of the native filesystem (case preserving but not case
 significant), Apache will perform case transformations on file names*.
 This, along with the filtering code to check for specific ASCII
 values, is why I claimed that it assumes ASCII.

ISO-8859-1 or UTF-8 both contain ASCII as a subset.  It is therefore more
accurate to say that it assumes some character encoding that is a superset
of ASCII, rather than just ASCII.  It keeps you from getting your butt
flamed by the i18n crowd as well.

 *see ap_os_canonical_filename(), which is used to generate r-filename

Hey, I prefer to keep my sanity.  I mentioned a while back that the way
to do this right is to define directives for the Directory container that
define when a directory tree is case insensitive, Unicode, etc., since
this has very little to do with the operating system.

Roy

Re: New module for Apache 2.0?

[Greg Stein]

On Wed, Mar 13, 2002 at 02:14:54PM -0800, Ryan Bloom wrote:
 
 Hi guys,
 
 I have mod_hf, which adds a header or footer to every page that the
 server sends.  It is also a pretty good example of how write a filter
 for 2.0.  Would anybody mind if I committed that to modules/fitlers?  If
 not, I will just maintain it myself.

-0 for modules/filters
+1 for modules/experimental

If you do a modules/example/, then experimental/mod_example.c should move,
too.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/

Re: putting mod_scoreboard_send in core?

[Stas Bekman]

Sander van Zoest wrote:
 On Wed, 13 Mar 2002, Doug MacEachern wrote:
 
 
in general, the concept is to serialize the scoreboard in such a way
that it can transfered over the network via http and thawed on
another machine.  i'm sure there's a better way to do this than
the mod_scoreboard_send thinger.

 
 I have done this in two ways with tools that are not in the httpd core.
 
 - have SNMP polls to mod_nsmp(1) and then display it using MRTG, HP OpenView
   Scotty, or whatever
 
 - use mod_status_xml(2) and do periodic GET and use XSLT/SVG to merge
   the content into a pretty graph/HTML page.

Both are cool, but compared to working with raw data they:

1. incur a huge overhead of creating xml or SNMP MIB compared to sending 
raw data.
2. won't let you use the same code one uses to work directly with 
scoreboard image.

How about adding a new mode for mod_status, so it'll send a raw image on 
demand? This will not require a new module and sounds like a good thing 
to do.

The scoreboard in 2.0 is not much different from 1.x so you can still 
freeze the raw data and thaw it later. Of course using the network 
byteorder needs to be added, which could be an option so those wanted 
the fastest retrieve times can still get the native byte ordering.




_
Stas Bekman JAm_pH  --   Just Another mod_perl Hacker
http://stason.org/  mod_perl Guide   http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]  http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

Re: ap_sub_req_lookup_dirent

[William A. Rowe, Jr.]

Huh?  Additional information not already available ???

Try authn/authz, for one.  Or, how about Do we have a handler that
can handle this resource?  Or, 'hmm... Files .bak are never to be
served.

We must run the entire process_request_internal to know that a file
listed in autoindex is servable.

If you wanted a toggle for the operator to say, Hey, who cares, give
me back the CPU cycle and they can see anything I'm foolish enough
to put in those directories!!!, I'd be +1 for such a directive.  And skip
the lookup altogether.

But that's -only- by choice, it should not be the default for the obvious
security-related reasons.

But you aren't describing anything that fancyindexing on 1.3 didn't
already do.  No surprise here.

Bill

At 11:48 AM 3/13/2002, you wrote:
ap_process_request_internal() is called at the very end of 
ap_sub_req_lookup() and I don't
see that it is providing any additional information that is not already 
available prior to
the call (ie, we already have stat'ed the file and know all the finfo 
required by the
caller). The only useful thing that I see happening is authentication. 
Otherwise, we do
not want to run translate_name or most of the other hooks as far as I can 
see...

Bill

  We call that function in all of the ap_sub_req_lookup functions.  The
  purpose is to run all of the hooks that are required for creating a
  request successfully.
 
  Ryan
 
 
   What is the purpose of calling ap_process_request_internal() in
   ap_sub_req_lookup_dirent()?
  
   Bill
 
 

Re: Strange autoindex behaviour

[William A. Rowe, Jr.]

The issue isn't mod_autoindex at all.

Mod_dir is now implemented in terms of a fast_internal_redirect.

This makes sense, when you consider that a subreq for /foo/
should return type text/html if that will be the results of a real
request for /foo/.

But in this -one- case, I see the issue/confusion.  I would be
very adverse to changing mod_dir back to returning whatever
goofy application/x-unix-dir we had in 1.3, but we could agree
to skip the subreq on a dir, if we can agree that requests for
/foo/ that will error out or are protected are then displayed
always.

I doubt most admins want /foo/ listed if it is a protected resource,
so the default needs to remain as-is with a full subreq lookup test.


   Upon closer inspection... the code is looking for index.html and
   index.html.var in each
   subdirectory. Havent tested to see how far down the code will
  recurse..
   This is just
   goofy.
 
  That is goofy, but the reason it is happening, is because we redirect to
  the index.html page from the fixups hook.  I can't remember if this used
  to happen in 1.3 or not.
 

I can understand the redirect, but why the directory recursion? Let me
look at what else using the dirent call...
--
===
Jim Jagielski   [|]   [EMAIL PROTECTED]   [|]   http://www.jaguNET.com/
   A society that will trade a little liberty for a little order
  will lose both and deserve neither - T.Jefferson

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[William A. Rowe, Jr.]

+1 ... feel free to profer that 2.0 introduces utf-8 convention
to access any filenames and resources in a predictable and
safe manner.  Since APR does 99% of that magic, backporting
that feature to 1.3 is not under consideration.

Bill

At 01:12 PM 3/13/2002, you wrote:
Jeff Trawick [EMAIL PROTECTED] writes:

  This function is checking for several characters which, at least in
  ASCII, are supposedly not valid characters for filenames.  But some of
  these same characters can appear in valid non-ASCII filenames, and the
  logic to check for these characters breaks Apache's ability to serve
  those files.
 
  A user reported the inability to request a file with the Chinese
  character %b5%7c in the name.  The %7c byte tripped up the check for
  invalid ASCII characters.

I think this is an accurate statement regarding the use of non-ASCII
characters in filenames with Apache 1.3 on Win32.  Comments?

---cut here--
Names of file-based resources with Apache 1.3 on Win32

Apache 1.3 on Win32 assumes that the names of files served are comprised
solely of characters from the US-ASCII character set.  It has no logic to
determine whether or not a possible file name contains invalid non-ASCII
characters.  It has no logic to properly match actual non-ASCII file names
with names specified in the Apache configuration file.  Because Apache
does not verify that the characters in file names are all ASCII, files
files containing various non-ASCII characters in their names can be
successfully served by Apache.  However, this is not recommended for the
following reasons:

1) Because Apache is unable to properly match actual non-ASCII file names
with names in the Apache configuration file, taking into account any
case folding or other transformations handled by the operating system
when looking up files or otherwise matching file names, directives in
the Apache configuration file may or may not be in force, depending
on how the HTTP client specifies the resource.  This may be a security
concern, depending on your configuration.

2) Because Apache assumes that file names are ASCII, some of the checks
it makes when validating file names will flag certain non-ASCII
characters as invalid.  For example, Apache on Win32 will flag a file
name containing the ASCII character '|' (0x7C) as invalid.  This logic
will flag any file name containing the byte 0x7C as invalid, even if
that byte does not represent '|' in the local character set.  There
are other characters checked for as well.  Because of these checks,
even if there are no security issues in your configuration, the full
range of local characters cannot be used.

Because of the lack of proper support for non-ASCII characters in file
names, it is recommended that administrators not attempt to use any
non-ASCII characters in file names.  Any other configuration is
unsupported.
--cut here
--
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[William A. Rowe, Jr.]

At 04:50 PM 3/13/2002, you wrote:
Roy T. Fielding [EMAIL PROTECTED] writes:

  On Wed, Mar 13, 2002 at 02:12:18PM -0500, Jeff Trawick wrote:
   Jeff Trawick [EMAIL PROTECTED] writes:
  
   I think this is an accurate statement regarding the use of non-ASCII
   characters in filenames with Apache 1.3 on Win32.  Comments?
  
   ---cut here--
   Names of file-based resources with Apache 1.3 on Win32
  
   Apache 1.3 on Win32 assumes that the names of files served are comprised
   solely of characters from the US-ASCII character set.  It has no logic to
   determine whether or not a possible file name contains invalid non-ASCII
   characters.  It has no logic to properly match actual non-ASCII file 
 names
   with names specified in the Apache configuration file.  Because Apache
   does not verify that the characters in file names are all ASCII, files
   files containing various non-ASCII characters in their names can be
   successfully served by Apache.  However, this is not recommended for the
   following reasons:
 
  No, it doesn't.  It treats all names as raw bytes, regardless of charset,
  but the filtering process of preventing some filesystem-specific magic
  characters from creating security holes on a server prevents the use
  of unfiltered 16-bit Unicode or similar wide character sets from being used
  directly.  This is true in general for the Web -- wide character encodings
  are not allowed to appear in URI under any circumstances.

Wrong.  Unix may allow any filename character excepting a '\0', but
Win32 does not.  Win32 filenames cannot be treated as 'raw bytes'.

Except that we have used utf-8 folding on -all- filename resources
through APR in 2.0.  Effectively, all APR Win32 API calls are made
in Unicode, using utf-8 - unicode folding [strict, as opposed to Microsoft's
preference for ignoring the security impact of accepting too-many-bytes
sequences.]

So no Unicode filename in 2.0 is unaccessible, but local code pages
cannot be used, since they are ambiguous.  Utf-8 is unambiguous, and
therefore ideal for this application.

To Roy's other comment on a case-insensitive directive, that doesn't
work as long as different OS's and network layers perform local code
page comparisons differently, canonicalization is the only way to know
that the file you've open()ed or stat()ed matches a given file that may
or may not be protected by our directives, including that case-sense
flag buried in the Directory block, as suggested :-)

A user recently observed in a bugs report that Microsoft has tacked
on their favorite FEFF unicode prefix in all utf-8 text files [folded into
utf-8, of course.]  While it's BS and preferable to ignore it, I will likely
get a patch in that skips those characters when parsing httpd.conf
or .htaccess files.  This assures that security applied to utf-8 files
is good as well.

The last remaining bit of the utf-8 exercise is to eliminate the last
of the 'tolower() is a good enough comparison' and 'strcasecmp
always works.'  Even on unix, these fns are always expressed in
local code pages, and we want these to always map to utf-8
comparison.  Worse, we want them to map to system internal
mappings, so that we are on the same page as the file system
when it comes to case folding.

In 1.3, we were not on the same page, the msvcrt treats the
0x80-0xff chars differently than the file system [another security
related reason they are really unsupported.]  I'd like that issue
really closed up in 2.0.  Canonicalization has helped a ton, but
there is still a bit of ambiguity in them thar strings.

Bill




  The solution is to use UTF-8 encoding for non-ASCII characters and not
  allow any access via wide character function calls.

Thanks a bunch for your response.  I'm more than a little unclear on this
stuff.

Regarding your key comment treats all file names as raw bytes,
regardless of charset...

I would agree with that for Unix, but on Win32, in an attempt to match
the semantics of the native filesystem (case preserving but not case
significant), Apache will perform case transformations on file names*.
This, along with the filtering code to check for specific ASCII
values, is why I claimed that it assumes ASCII.

*see ap_os_canonical_filename(), which is used to generate r-filename

--
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Jeff Trawick]

Here is an update to my previous statement based on comments from Roy
and Bill.  (And Roy, I'm going to get my butt flamed anyway.)  I'd
like to stick it at the end of Using Apache With Microsoft Windows
(http://httpd.apache.org/docs/windows.html), unless somebody can think
of a better place.

Names of file-based resources with Apache 1.3 on Win32

Apache 1.3 on Win32 assumes that the names of files served are comprised 
solely of characters from character sets which are a superset of ASCII,
such as UTF-8 or ISO-8859-1.  It has no logic to determine whether or not 
a possible file name contains invalid characters.  It has no logic to 
properly match actual non-ASCII file names with names specified in the 
Apache configuration file.  Because Apache does not verify that the 
characters in file names are all from a valid character set, files
containing various invalid characters in their names can be successfully 
served by Apache.  However, this is not recommended for the following 
reasons:

1) Because Apache is unable to properly match actual non-ASCII file names
   with names in the Apache configuration file, taking into account any
   case folding or other transformations handled by the operating system
   when looking up files or otherwise matching file names, directives in
   the Apache configuration file may or may not be in force, depending
   on how the HTTP client specifies the resource.  This may be a security
   concern, depending on your configuration.

2) Because Apache assumes that file names are from a character set which is
   a superset of ASCII, some of the checks it makes when validating file 
   names will flag certain non-ASCII characters as invalid.  For example, 
   Apache on Win32 will flag a file name containing the ASCII character '|'
   (0x7C) as invalid.  This logic will flag any file name containing the 
   byte 0x7C as invalid, even if that byte does not represent '|' in the 
   local character set.  There are other characters checked for as well.  
   Because of these checks, even if there are no security issues in your 
   configuration, many Unicode characters or other wide characters cannot 
   be used.

Because of the lack of proper support for non-ASCII characters in file
names, it is recommended that administrators not attempt to use any
non-ASCII characters in file names.  Any other configuration is 
unsupported.

Apache 2.0 introduces the UTF-8 convention to access any filenames and
resources in a predictable and safe manner.  The implementation of this
feature is too extensive to consider backporting to Apache 1.3.

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

[STATUS] (apache-1.3) Wed Mar 13 23:45:04 EST 2002

[Rodent of Unusual Size]

APACHE 1.3 STATUS:  -*-text-*-
  Last modified at [$Date: 2002/03/01 23:35:27 $]

Release:

   1.3.24-dev: In development.
   Jim proposes to TR around Mar 04 or so because of
   the Solaris pthread mutex fix and other fixes.
   1.3.23: Tagged Jan 21, 2002.
   1.3.22: Tagged Oct 8, 2001.  Announced Oct 12, 2001.
   1.3.21: Not released.
 (Pulled for htdocs/manual config mismatch. t/r Oct 5, 2001)
   1.3.20: Tagged and rolled May 15, 2001. Announced May 21, 2001.
   1.3.19: Tagged and rolled Feb 26, 2001. Announced Mar 01, 2001.
   1.3.18: Tagged and rolled Not released.
 (Pulled because of an incorrect unescaping fix. t/r Feb 19, 2001)
   1.3.17: Tagged and rolled Jan 26, 2001. Announced Jan 29, 2001.
   1.3.16: Not released.
 (Pulled because of vhosting bug. t/r Jan 20, 2001)
   1.3.15: Not released.
 (Pulled due to CVS dumping core during the tagging when it
  reached src/os/win32/)
   1.3.14: Tagged and Rolled Oct 10, 2000.  Released/announced on the 13th.
   1.3.13: Not released.
 (Pulled in the first minutes due to a Netware build bug)
   1.3.12: Tagged and rolled Feb. 23, 2000. Released/announced on the 25th.
   1.3.11: Tagged and rolled Jan. 19, 2000. Released/announced on the 21st.
   1.3.10: Not released.
 (Pulled at last minute due to a build bug in the MPE port)
1.3.9: Tagged and rolled on Aug. 16. Released and announced on 19th.
1.3.8: Not released.
1.3.7: Not released.
1.3.6: Tagged and rolled on Mar. 22. Released and announced on 24th.
1.3.5: Not released.
1.3.4: Tagged and rolled on Jan. 9.  Released on 11th, announced on 12th.
1.3.3: Tagged and rolled on Oct. 7.  Released on 9th, announced on 10th.
1.3.2: Tagged and rolled on Sep. 21. Announced and released on 23rd.
1.3.1: Tagged and rolled on July 19. Announced and released.
1.3.0: Tagged and rolled on June 1.  Announced and released on the 6th.
   
2.0  : In alpha development, see httpd-2.0 repository

RELEASE SHOWSTOPPERS:



RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:

* htpasswd.c and htdigest.c use tmpnam()... consider using
  mkstemp() when available.
Message-ID: [EMAIL PROTECTED]
Status:

* Dean's unescaping hell (unescaping the various URI components
  at the right time and place, esp. unescaping the host name).
Message-ID: [EMAIL PROTECTED]
Status:

* Martin observed a core dump because a ipaddr_chain struct contains
  a NULL-server pointer when being dereferenced by invoking httpd -S.
Message-ID: [EMAIL PROTECTED]
Status: Workaround enabled. Clean solution can come after 1.3.19

* long pathnames with many components and no AllowOverride None
  Workaround is to define Directory / with AllowOverride None,
  which is something all sites should do in any case.
Status: Marc was looking at it.

* Ronald Tschalär's patch to mod_proxy to allow other modules to
  set headers too (needed by mod_auth_digest)
Message-ID: [EMAIL PROTECTED]
Status:


Available Patches (Most likely, will be ported to 2.0 as appropriate):

   * Support for daemontools (already in 2.0):
   http://www.apache.org/dist/httpd/contrib/patches/1.3/daemontools.patch
   Message-ID: [EMAIL PROTECTED]
   Status:

   *  A rewrite of ap_unparse_uri_components() by Jeffrey W. Baker
 [EMAIL PROTECTED] to more fully close some segfault potential.
Message-ID: Pine.LNX.4.21.0102102350060.6815-20@desktop
Status:  Jim +1 (for 1.3.19), Martin +0

* Patch from C. Bottelier [EMAIL PROTECTED] to run
Apache without daemonizing the parent process. PR#7040
Status: fanf +1 (except it needs docs)

* Andrew Ford's patch (1999/12/05) to add absolute times to mod_expires
Message-ID: [EMAIL PROTECTED]
Status: Martin +1, Jim +1, Ken +1 (on concept)

* Raymond S Brand's path to mod_autoindex to fix the header/readme
  include processing so the envariables are correct for the included
  documents.  (Actually, there are two variants in the patch message,
  for two different ways of doing it.)
Message-ID: [EMAIL PROTECTED]
Status: Martin +1(concept)

* Jayaram's patch (10/27/99) for changes to mod_autoindex
 
Problem 1:

AddIcon (alttext,icon) ^^DIRECTORY^^ 
and 
AddIcon (alttext,icon) ^^BLANKICON^^ 
should be able to set the alternate text and icon file for any
directory/blankicon in a directory listing. This was not happening
because the alternate text for ^^DIRECTORY^^ and ^^BLANKICON^^ were
hardcoded to  DIR and respectively.
  Status: resolved in Apache 2.0

Problem 2:
-
IndexIgnore 

[STATUS] (httpd-2.0) Wed Mar 13 23:45:06 EST 2002

[Rodent of Unusual Size]

APACHE 2.0 STATUS:  -*-text-*-
Last modified at [$Date: 2002/03/12 14:41:29 $]

Release:

2.0.34  : in development
2.0.33  : tagged March 6, 2002.
2.0.32  : released Feburary 16, 2002.
2.0.31  : rolled Feburary 1, 2002.  not released.
2.0.30  : tagged January 8, 2002.  not rolled.
2.0.29  : tagged November 27, 2001.  not rolled.
2.0.28  : released November 13, 2001
2.0.27  : rolled November 6, 2001
2.0.26  : tagged October 16, 2001.  not rolled.
2.0.25  : rolled August 29, 2001
2.0.24  : rolled August 18, 2001
2.0.23  : rolled August 9, 2001
2.0.22  : rolled July 29, 2001
2.0.21  : rolled July 20, 2001
2.0.20  : rolled July 8, 2001
2.0.19  : rolled June 27, 2001
2.0.18  : rolled May 18, 2001
2.0.17  : rolled April 17, 2001
2.0.16  : rolled April 4, 2001
2.0.15  : rolled March 21, 2001
2.0.14  : rolled March 7, 2001
2.0a9   : released December 12, 2000
2.0a8   : released November 20, 2000
2.0a7   : released October 8, 2000
2.0a6   : released August 18, 2000
2.0a5   : released August 4, 2000
2.0a4   : released June 7, 2000
2.0a3   : released April 28, 2000
2.0a2   : released March 31, 2000
2.0a1   : released March 10, 2000

Please consult the following STATUS files for information
on related projects:

* srclib/apr/STATUS
* srclib/apr-util/STATUS
* docs/STATUS


CURRENT RELEASE NOTES:

* 34 status: Let's get all API changes and showstoppers in this one.
 Please.

FINAL RELEASE SHOWSTOPPERS:

* If any request gets to the core handler, without a flag that this 
  r-filename was tested by dir/file_walk, we need to 500 at the very 
  end of the ap_process_request_internal() processing.  This provides
  authors of older modules better compatibility, while still improving
  the security and robustness of 2.0. 
Status: still need to decide where this goes, OtherBill comments...
Message-ID: 065701c14526$495203b0$[EMAIL PROTECTED]
we need to look at halting this in the 'default handler' case,
and that implies pushing the 'handler election' into the request
internal processing phase from the run request phase.
Jim asks: would a stopgap be something bogus like adding another
flag to request_rec ala eos_sent and before we OK, if not set
force 500?
Jeff says: reviewing the original message and the one
follow-up (also from OtherBill) it looks like OtherBill had a
good handle on the problem, though I wonder why not just put a
simple check in default_handler to see if dir/file_walk has
been done (a footprint left by dir/file_walk doesn't have to
be in request_rec; a better place is core_request_config)

* We need to find out the right place to add the AddOutputFilterByType
  directive.  mod_mime?  No.  core with fixups?  That's what it is now.
  ap_pass_brigade() hook?  As a filter that runs at HTTP_HEADER stage?
  This needs to be resolved before the next public release.
Message-ID: 018701c1b99c$f0f24310$0a01230a@KOJ

* API changes planned for 2.0 that should happen before the
  GA release:
  * Free lists for bucket allocation
  * Pool allocator change

* We do not properly substitute the prefix-variables in the configuration
  scripts or generated-configs.  (i.e. if sysconfdir is etc,
  httpd-std.conf points to conf.)
Aaron says: This is not a showstopper, these problems have existed
for as long as I can remember. It would be nice to fix
them but they are not new.

* Address popular PRs
* Win32 doesn't install as service correctly [9863, 9914, 9961]
* Don't be stupid and cd to a blank directory when doing installs
  [PR 9993]

CURRENT VOTES:

* Should we always build binaries statically unless otherwise
  indicated?
Message-ID: [EMAIL PROTECTED]

  +1:  Ken
  -1:  Justin, Ian

* If the parent process dies, should the remaining child processes
  gracefully self-terminate. Or maybe we should make it a runtime
  option, or have a concept of 2 parent processes (one being a 
  hot spare).
  See: Message-ID: [EMAIL PROTECTED]

  Self-destruct: Ken, Martin
  Not self-destruct: BrianP, Ian, Cliff, BillS
  Make it runtime configurable: Aaron, Jim, Justin
  Have 2 parents: +1: Jim
  -1: Justin
  +0: Martin (while standing by, could it do
  something useful?)

* Make the worker MPM the default MPM for threaded Unix boxes.
  +1:   Justin, Ian, Cliff
  -0:   Aaron (premature decision, needs more discussion), Lars

RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP:

* mod_negotiation may be broken on 

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[Martin Ramshaw]

Apache 1.3 on Win32 assumes that the names of files served are
comprised solely of characters from character sets which are a superset
of ASCII, such as UTF-8 or ISO-8859-1.

Umm, I assume that ASCII as you refer to it is its 7-bit incarnation.

Its 8-bit incarnation is referred to as US-ASCII, ANSI-X3.1968 (or some
such), or more commonly ISO-8859-1 (also called latin-1).

Note that _all_ character sets are supersets of 7-bit ASCII, and most
are supersets of 8-bit ASCII (the exceptions being the various other
'latin' encodings - i.e. ISO-8859-2 through ISO-8859-16 which differ
in the various 'special' characters).

This has the lovely side-effect that English is always an option,
regardless of the actual encoding being used.

The difference is in the amount and position of the bytes. Wide character
sets will pad to the left or right (depending on whether little-endian or
big-endian order is in effect) with a null character. As well, various byte-
order markers may be present (ffef, feff, etc).

 It has no logic to determine whether or not a possible file name contains
 invalid characters.  It has no logic to properly match actual non-ASCII
file
 names with names specified in the Apache configuration file.  Because
 Apache does not verify that the characters in file names are all from a
valid
 character set, files containing various invalid characters in their names
can
 be successfully served by Apache.

I think you've missed the boat on this one. Asian versions of Windows will
all probably use characters that you don't consider as ASCII (i.e. they will
be wide - actually Microsoft have done a pretty good job of this). I think
what you meant to say was that only English (and, come to think of it, only
English versions of Windows) is recommended - with wide character
support promised in Apache 2.0.

Regards

Re: [1.3 PATCH/QUESTION] Win32 ap_os_is_filename_valid()

[William A. Rowe, Jr.]

At 12:29 AM 3/14/2002, you wrote:
 Apache 1.3 on Win32 assumes that the names of files served are
 comprised solely of characters from character sets which are a superset
 of ASCII, such as UTF-8 or ISO-8859-1.

Umm, I assume that ASCII as you refer to it is its 7-bit incarnation.

Note that _all_ character sets are supersets of 7-bit ASCII, and most
are supersets of 8-bit ASCII (the exceptions being the various other
'latin' encodings - i.e. ISO-8859-2 through ISO-8859-16 which differ
in the various 'special' characters).

This has the lovely side-effect that English is always an option,
regardless of the actual encoding being used.

Uhmm... you are only partially correct.

Yes - 7-bit ASCII exists in nearly all character sets unblemished,
were it not for multibyte encodings.

Some encodings are 7-bit clean, that is, their other characters do
not map into 0x00-0x7F.  Examples are utf-8 and most European
encodings.  Counterexamples, however, include many Asian sets
including shift-JIS where the 0x00-0x7F alternate meanings between
their ASCII encoding and shifted-state bytes.  The user of the
Chinese character set who first commented on this in bugs ran into
exactly this problem in certain shifted character combinations.

I think you've missed the boat on this one. Asian versions of Windows will
all probably use characters that you don't consider as ASCII (i.e. they will
be wide - actually Microsoft have done a pretty good job of this).

No... Jeff didn't miss anything.  Not only is this an issue with
unclean 7-bit encodings, but the 8-bit encodings are not normalized
correctly on Win32, and Win32 is case insensitive.  Essentially,
any Files or Directory blocks they use to protect file paths that
include 8-bit characters don't even map correctly for Windows-1252
or OEM-437.  Those are the sad but accurate facts.

For tolower/toupper/strcasecmp, I will have a patch sometime this
month to trust utf-8 and normalize appropriately, using the Win32
API which gives us some greater assurance that the mappings
correspond to filename processing semantics.  For 2.0, of course.