RE: cvs commit: httpd-2.0 CHANGES
Or even better: mod_include: Options +Includes (or IncludesNoExec) wasn't set, removing include filter. Paul E Wilt Senior Principal Software Engineer ProQuest Information and Learning - http://www.proquest.com mailto:[EMAIL PROTECTED] 300 North Zeeb Rd Phone: (734) 302-6777 Ann Arbor, MI 48106Fax: (734) 302-6779 - -Original Message- From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 09, 2003 4:06 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: cvs commit: httpd-2.0 CHANGES At 12:37 PM 12/9/2003, Stas Bekman wrote: Does this look good? ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, mod_include: Options +Includes (or IncludesNoExec) - wasn't set, passing data unmodified); + wasn't set, passing data unmodified, removing myself); +ap_remove_output_filter(f); Admins have to read this message in their logs, not coders. What about this: mod_include: Options +Includes (or IncludesNoExec) wasn't set, include filter removed
RE: Hi, dev, here´s the archive you requested
Title: Message Rich / httpd-dev list ... our virus checker detected a Trojan attached to this email! Scan type: Realtime Protection ScanEvent: Virus Found!Virus name: Trojan.SefexFile: message.zipmessage.htmLocation: Mail SystemComputer: WILT_PUser: Wilt PaulAction taken: Clean failed : Quarantine succeeded : Date found: Mon Oct 27 09:31:26 2003 You might want to check your system! Paul E Wilt Senior Principal Software Engineer ProQuest Information and Learning - http://www.proquest.com mailto:[EMAIL PROTECTED] 300 North Zeeb Rd Phone: (734) 302-6777 Ann Arbor, MI 48106 Fax: (734) 302-6779 - -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Sunday, October 26, 2003 9:44 PMTo: [EMAIL PROTECTED]Subject: Hi, dev, here´s the archive you requesteddOnT gIvE iT aWaY...iTs cOnFiDeNtIaL =)
RE: Reviewers wanted for second edition of Apache Pocket Referenc e
Andrew: I imagine you have been deluged with responses--I would be interested in reviewing your Pocket Reference. Most recently I reviewed Practical mod_perl (by Stas Bekman and Eric Cholet). Let me know if you want me to help on this. Paul E Wilt Senior Principal Software Engineer ProQuest Information and Learning - http://www.proquest.com mailto:[EMAIL PROTECTED] 300 North Zeeb Rd Phone: (734) 302-6777 Ann Arbor, MI 48106Fax: (734) 302-6779 - -Original Message- From: Andrew Ford [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 5:04 PM To: [EMAIL PROTECTED] Cc: Andrew Ford Subject: Reviewers wanted for second edition of Apache Pocket Reference I am hoping to get a second edition of the Apache Pocket Reference together for O'Reilly by the end of November and wondered whether anyone out there would like to act as technical reviewer for the new edition? (This edition will of course cover Apache version 2 as well as 1.3.) I would also welcome any comments based on the first edition of the book, especially pertaining to re-organization of the content.. Please reply by email directly to me. Andrew -- Andrew Ford, Director Ford Mason Ltd / Pauntley Press [EMAIL PROTECTED] South Wing Compton House ford-mason.co.uk Compton Green, Redmarley Tel: +44 1531 829900 pauntley-press.co.uk Gloucester, GL19 3JB Fax: +44 1531 829901 refcards.com Great Britain Mobile: +44 7785 258278
RE: cvs commit: apache-1.3/src CHANGES
Bill: Wasn't Jeff referring to the // single line comment in his message about watching for language? Paul E Wilt Senior Principal Software Engineer ProQuest Information and Learning - http://www.proquest.com mailto:[EMAIL PROTECTED] 300 North Zeeb Rd Phone: (734) 302-6777 Ann Arbor, MI 48106Fax: (734) 302-6779 - -Original Message- From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 3:50 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: cvs commit: apache-1.3/src CHANGES At 02:28 PM 9/18/2003, Jeff Trawick wrote: [EMAIL PROTECTED] wrote: Index: rfc1413.c === +/* Win32 timeouts are in msec, represented as int */ +msec = timeout * 1000; +setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, + (char *) msec, sizeof(msec)); +setsockopt(sock, SOL_SOCKET, SO_SNDTIMEO, + (char *) msec, sizeof(msec)); +#else +//XXX Needs to be implemented for non-winsock platforms watch your language :~P Question is - who else has threaded, non-winsock httpd-1.3 implementations? Does OS2? I thought we had one other threaded unixish exception, but a very quick grep for MULITTHREAD within src/os didn't reveal anything. Bill
RE: [PATCH] Re: apache-1.3.20 segfault?
Dean: Cool! We have been experiencing this exact core dump scenario with the NIMDA worm. We are using Apache 1.3.12 (don't ask!) and I poked around in the core files and saw the line of code you patched. I was going to get around to fixing it but have been been pegged with other work recently. Kudos to you! Paul E Wilt Principal Software Engineer __ XanEdu, Inc. (division of Proquest Information and Learning) http://www.xanedu.com mailto:[EMAIL PROTECTED] 300 North Zeeb Rd Phone: (734) 302-6545 (800) 218-5971 x6545 Ann Arbor, MI 48106Fax: (734) 975-6440 __ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 10:17 PM To: [EMAIL PROTECTED] Subject: [PATCH] Re: apache-1.3.20 segfault? On Thu, 20 Sep 2001, dean gaudet wrote: hrm, is the segfault described below a known bug? (i haven't tried it...) -dean -- Forwarded message -- From: Jeff Moe [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Serous TUX 2.4.9-J5 problem Apache 1.3.20 (and presumably earlier) has a similar bug. I noticed this during the recent worming. It may be related to Tux's problem. Here's how to reproduce it in Apache: 1) You need to redirect 404s to a 404 document: ErrorDocument 404 /fourofour.shtml 2) You need be parsing that file: AddHandler server-parsed .shtml 3) You need to send it a request like: http://server.com/test%2fing Apache will Segfault and you'll get a Document returned no data error in the browser. -Jeff yeah this segfault occurs with 1.3.20 and top of 1.3, but it appears you need something like: !--#include virtual=file -- in the fourofour.shtml. patch below fixes it. however i'm not so sure it's exactly the right fix... but there appear to be other examples where we test if filename != NULL. (boy am i rusty in apache code.) this bug has probably been here forever... i can't imagine any way to exploit it. -dean Index: include/httpd.h === RCS file: /home/cvs/apache-1.3/src/include/httpd.h,v retrieving revision 1.344 diff -u -r1.344 httpd.h --- include/httpd.h 2001/08/13 17:09:42 1.344 +++ include/httpd.h 2001/09/21 02:09:27 @@ -806,7 +806,7 @@ char *unparsed_uri;/* the uri without any parsing performed */ char *uri; /* the path portion of the URI */ -char *filename; +char *filename;/* filename if found, otherwise NULL */ char *path_info; char *args;/* QUERY_ARGS, if any */ struct stat finfo; /* ST_MODE set to zero if no such file */ Index: modules/standard/mod_include.c === RCS file: /home/cvs/apache-1.3/src/modules/standard/mod_include.c,v retrieving revision 1.129 diff -u -r1.129 mod_include.c --- modules/standard/mod_include.c 2001/07/13 19:45:52 1.129 +++ modules/standard/mod_include.c 2001/09/21 02:09:27 @@ -718,7 +718,7 @@ for (p = r; p != NULL !founddupe; p = p-main) { request_rec *q; for (q = p; q != NULL; q = q-prev) { - if ( (strcmp(q-filename, rr-filename) == 0) || + if ( (q-filename strcmp(q-filename, rr-filename) == 0) || (strcmp(q-uri, rr-uri) == 0) ){ founddupe = 1; break;