Re: Bug in mod_ratelimit?
I'd concur that this suggested change is lighter weight and less fragile.
On Fri, Jul 27, 2018, 12:56 Cory McIntire wrote:
> Hi Luca,
>
> Sorry for the delay in response.. we did look into it further..
>
> On of our devs had been looking into it and came up with the following:
>
> {quote}
> While it will probably resolve the issues we saw, I’d be hesitant to move
> forward with that patch as it modifies how all output filters work with
> HEAD requests,
> this is too large a change, especially when the bug(s) being addressesed
> are in a single module.
>
> I’d recommend making mod_ratelimit do the same “optimization” hack that
> other modules for HEAD requests instead, and keep the surface area for this
> bug fix isolated to mod_ratelimit only.
>
> Something like what mod_brotli does:
>
> if (r->header_only && r->bytes_sent) {
> ap_remove_output_filter(f);
> return ap_pass_brigade(f->next, bb);
> }
> {quote}
>
> If there are any further adjustments to this patch we’d be happy to take a
> look, just let us know.
>
> Thanks,
> Cory McIntire
> Release Manager - EasyApache
> cPanel, Inc.
>
>
> > On Jul 27, 2018, at 10:46 AM, Luca Toscano
> wrote:
> >
> > Hi Cory,
> >
> > 2018-07-20 13:47 GMT+02:00 Yann Ylavic :
> >> Hi Cory,
> >>
> >> On Thu, Jul 19, 2018 at 11:23 PM, Cory McIntire
> wrote:
> >>>
> >>> We’re going to revert to the 2.4.33 version of mod_ratelimit for now.
> >>>
> >>> HEAD requests with large amount of headers were still problematic in
> our testing with both versions of the patch applied.
> >>
> >> Thanks for letting us know.
> >>
> >> I think the right fix is the attached patch (tested with GET/HEAD with
> >> large header and/or body, seems to work).
> >> If by any chance you can give it a try...
> >
> > In the meantime, other people are testing Yann's last patch in
> > https://bz.apache.org/bugzilla/show_bug.cgi?id=62568 (it is attached
> > in there). If you could chime in whenever you have time and let us
> > know your thoughts it would be really great.
> >
> > Thanks in advance!
> >
> > Luca
>
>
>
>
Bug report for Apache httpd-2 [2018/07/29]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | | 8713|Inf|Min|2002-05-01|No Errorlog on PROPFIND/Depth:Infinity| | 8867|Opn|Cri|2002-05-07|exports.c generation fails when using a symlink to| |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11294|New|Enh|2002-07-30|desired vhost_alias option| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13599|Inf|Nor|2002-10-14|autoindex formating broken for multibyte sequences| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |14496|New|Enh|2002-11-13|Cannot upgrade any version on Windows. Must uninst| |14922|Inf|Enh|2002-11-28| is currently hardcoded to 'apache2' | |15719|Inf|Nor|2002-12-30|WebDAV MOVE to destination URI which is content-ne| |16761|Inf|Nor|2003-02-04|CustomLog with pipe spawns process during config | |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17107|New|Min|2003-02-16|Windows should not install printenv | |17114|New|Enh|2003-02-17|Please add strip and install-strip targets to Make| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |18325|New|Enh|2003-03-25|PAM support for suEXEC| |18334|Inf|Cri|2003-03-25|Server crashes when authenticating users against L| |19670|New|Enh|2003-05-05|content type header supplied upon PUT is thrown aw| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|New|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23167|Inf|Cri|2003-09-14|--enable-layout never goes to apr apr-util| |23181|New|Nor|2003-09-15|Status 304 (Not modified) and chunking leads to an| |23238|New|Cri|2003-09-18|non-async-signal-safe operations from signal handl| |23330|New|Enh|2003-09-22|Enhance ApacheMonitor to view and control Tomcat s| |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24031|New|Enh|2003-10-23|Passphrase protected private key in SSLProxyMachin| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25014|New|Enh|2003-11-26|A flexible interface for mod_log_config | |25201|New|Enh|2003-12-04|Provide Cache Purge operation | |25240|Inf|Enh|2003-12-05|SSL Library Error: 336105671 logged as information| |25435|New|Enh|2003-12-11|sethandler and directoryindex not playing nice| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |25543|Inf|Nor|2003-12-15|mod_proxy_ajp overwrites existing response headers| |25667|New|Nor|2003-12-19|Memory leak in function ssl_scache_dbm_retrieve().| |25863|New|Enh|2004-01-02|new per-host initialization hooks | |26142|New|Maj|2004-01-14|EnableSendFile Off for Windows XP Home| |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |26368|New|Min|2004-01-23|File extensions in AddDescription treated as part | |26446|New|Nor|2004-01-26|flush buckets followed by eos bucket emit multiple| |26478|New|Enh|2004-01-28|mod_dav does not expose a method for setting the D| |26835|New|Enh|2004-02-10|[PATCH] Mod_status Readability & Browser Side Tabl|
Fwd: [PHP-DEV] Re: apache2 buckets API masters needed
Hi all, I just noticed this mail on PHP internals (intern...@lists.php.net) and wanted to let the httpd dev list know in case anyone would be able to step up and lend them a hand. Thanks and regards, Rainer --- Begin Message --- Hi! > I need help from somebody who knows how to deal with the details of > Apache2 bucket brigade API for some issue in Apache2 SAPI. I suspect > there's a bug there that can lead to serious problems in certain > situations but not sure how to fix it because my knowledge of proper > ways to handle Apache2 buckets is limited. The details are in > https://bugs.php.net/bug.php?id=76582 - if you don't have access to it, > please tell me and I'll enable it or send you the details. Didn't get any substantial response on this in two weeks, so I wonder - is anybody still actively maintaining our Apache2 extension? It's not a good situation where interface for one of the most frequently deployed servers does not have anybody taking care of it. -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php --- End Message ---
