On Tue, 2002-07-02 at 21:09, Bill Stoddard wrote:
> .ap_rgetline_coreprotocol.c3.32 6 1.4 3428
I'll try the persistent-temp-brigade approach for ap_rgetline_core()
to see how much it helps.
> .get_filter_handle util_filter.c 4.62 2 1.1
> That's true. But & is definitely the one used by convention. (Maybe it'
> s
> in the CGI spec? Not sure on that one.) And that doesn't change the fact
> that this in this case ':' was used in place of both the '?' and the
> '&', which is definitely wrong.
No, it's just a different way of na
Shlib Subroutine Source File Ratio Enter % Cycles
=== = = ==
.memset memset.s 5.63 9 6.3 15311
Hummm... here is a snip from the flow trace...
1003923 2689 send
Here is a profile of 2.0.40-dev HEAD as of an hour or so ago. It is an
improvement over the earlier runs. Instruction count dropped from 58115 to
54888. Part of that was eliminating the duplicate ap_set_keepalive() call.
Bill
Space %Cycles
=
> Bill Stoddard wrote:
>
> >Subroutine Name Source File Ratio Enter %
> >Cycles
> >=== === = =
> >==
> >.core_input_filter core.c3.15 11
> 1.5 3628
> >.ap_rgetline_core
On Tue, 2 Jul 2002, Justin Erenkrantz wrote:
> Fix forthcoming (we're discussing alternatives on IRC now). -- justin
The results of said conversation:
Index: protocol.c
===
RCS file: /home/cvs/httpd-2.0/server/protocol.c,v
retriev
On Tue, Jul 02, 2002 at 02:12:38PM -0400, Jeff Trawick wrote:
> Cliff Woolley <[EMAIL PROTECTED]> writes:
>
> > On 2 Jul 2002, Jeff Trawick wrote:
> >
> > > Go Ask! In a simple test with a crude client, I got Content-Length:
> > > 16369 for that main page. But after removing the headers:
> > >
This patch adds some sanity checking to ensure we don't blow away a file
that is not a htpasswd file.
--
Thom May -> [EMAIL PROTECTED]
Memes don't exist.
Tell your friends.
--NTK
Index: support/htpasswd.c
===
RCS file: /ho
On Tue, Jul 02, 2002 at 03:22:51PM -0700, Ryan Morgan wrote:
>
> I sent a patch to the list a while back for that one:
>
> http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=101445378225873&w=2
All I can say is that when you don't hear about a patch, please
resubmit until you get feedback. --
I sent a patch to the list a while back for that one:
http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=101445378225873&w=2
On Tue, Jul 02, 2002 at 02:33:38PM -0700, Justin Erenkrantz wrote:
> On Tue, Jul 02, 2002 at 02:13:23PM -0700, Brian Pane wrote:
> > We may be able to replace some more a
On Tue, Jul 02, 2002 at 10:39:01PM +0100, Thom May wrote:
> found wasn't getting incremented when we update an exisiting record, thus an
> additional new record was getting created.
Committed. Thanks! -- justin
On Tue, Jul 02, 2002 at 10:43:30PM +0100, Thom May wrote:
> this seems a bit cleaner than doing a system(), also hopefully more
> maintainable.
Committed. Thanks! -- justin
On Tue, 2 Jul 2002, Aaron Bannert wrote:
> On Tue, Jul 02, 2002 at 05:08:17PM -0400, Cliff Woolley wrote:
> > You're supposed to encode a query string like so:
> > http://myserver.com/file.html?arg1=val1&arg2=val2&arg3=val3
>
> Is that actually part of the URI spec, or just a convention? I was
>
this seems a bit cleaner than doing a system(), also hopefully more
maintainable.
Cheers,
-Thom
--
Thom May -> [EMAIL PROTECTED]
I shaved more of my butt this time. it's got a few days
stubble growth, and it causes the most odd type of itching.
doogie: I would imagine that it is not
found wasn't getting incremented when we update an exisiting record, thus an
additional new record was getting created.
Cheers,
-Thom
--
Thom May -> [EMAIL PROTECTED]
Hello!
What is the voting period? From Mar 24th until?
until the candidate manoj wants to win is in the lead
* asuffield ducks
On Tue, Jul 02, 2002 at 02:13:23PM -0700, Brian Pane wrote:
> We may be able to replace some more ap_add_*_filter() calls with
> ap_add_*_filter_handle() to reduce the cost of the add_any_filter()
> trie lookup.
CORE_IN and CORE are added via ap_add_*_filter() (server/core.c:4063).
I'll bet that
On Tue, Jul 02, 2002 at 05:08:17PM -0400, Cliff Woolley wrote:
> You're supposed to encode a query string like so:
>
> http://myserver.com/file.html?arg1=val1&arg2=val2&arg3=val3
Is that actually part of the URI spec, or just a convention? I was
under the impression that the spec only says that
Bill Stoddard wrote:
>Subroutine Name Source File Ratio Enter %
>Cycles
>=== === = =
>==
>.core_input_filter core.c3.15 11 1.5 3628
>.ap_rgetline_coreprotocol.c
On Tue, 2 Jul 2002, Jerry Baker wrote:
> Garey Mills wrote:
> >
> > NOTE: The URL will not work as it stands because it points to a
> > web application and needs to have a session established. But I guarantee
> > that it does work in 1.3.23 and not in 1.3.26, both having mod_ssl and
> > a special
Garey Mills wrote:
>
> NOTE: The URL will not work as it stands because it points to a
> web application and needs to have a session established. But I guarantee
> that it does work in 1.3.23 and not in 1.3.26, both having mod_ssl and
> a special module called 'mod_webz' enabled.
The URL has spa
Hi -
Does anyone have any idea why the following URL would work in
1.3.23 and not work in 1.3.26?
http://sunsite2.berkeley.edu:4140/WebZ/html/urlwarn.html:sessionid=01-59496-1036819798:entityartTitle=:entityartAuthor=
:entityartJournal=UNIX Review:entityartNum=n. 11, :entityartVol=v. 13,
Hi all.
I've been a regular user of Apache now for about a year, 1.3 and more
recently 2.0. Recently Sony released a kit to turn their PlayStation 2
console into a fully featured Linux machine (hard drive, Ethernet etc etc).
This kit has been gaining great popularity amongst the Linux community,
Profiled serving a 500 byte file out of mod_mem_cache (CacheEnable mem /).
This analysis covers one complete request starting at ap_read_request and
ending with ap_graceful_stop_signalled.
I've hacked Apache 2 in several places...
The most notable hack is that I remove ap_http_header_filter and s
On Tue, 2 Jul 2002, Ryan Bloom wrote:
> Committed, thanks.
Due to the vast number of PR's about this, I've placed this patch in
/dist/httpd/patches/apply_to_2.0.39/
Thanks...
--Cliff
Committed, thanks.
Ryan
--
Ryan Bloom [EMAIL PROTECTED]
645 Howard St. [EMAIL PROTECTED]
San Francisco, CA
> -Original Message-
> From: Thom May [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, July 02, 2002 10:49 AM
Hi all,
Maybe this is something of interest.
Since the PNG versions of the Apache icons don't look very good (they
lack transparency), I've created new PNG versions from the Apache GIF
icons which do support transparency and look exactly the same as their
GIF equivalents.
Perhaps they qualify t
On Tue, Jul 02, 2002 at 03:05:25PM -0400, Rodent of Unusual Size wrote:
> [1.3]
>
> H'm. Suppose we have a globally-scoped
>
> Header set "X-Foo" "Bar"
> ErrorDocument 404 /cgi-bin/my404
>
> If we request a nonexistent document, we'll get the output from
> the 'my404' script, and the '
[1.3]
H'm. Suppose we have a globally-scoped
Header set "X-Foo" "Bar"
ErrorDocument 404 /cgi-bin/my404
If we request a nonexistent document, we'll get the output from
the 'my404' script, and the 'X-Foo' field will have been added
to the response header.
However, if we *don't* use a cu
Sounds borked... care to offer a patch to dev@httpd?
Bill
At 11:41 AM 7/2/2002, you wrote:
>Hi,
>
>Just wondering why the query for the AP_MPMQ_MAX_DAEMONS return 0
>instead of IMO 1?
>I mean there is on child after all, and I cannot use the
>find_child_by_pid.
>
>We are using that in mod_jk2, a
Cliff Woolley <[EMAIL PROTECTED]> writes:
> On 2 Jul 2002, Jeff Trawick wrote:
>
> > Go Ask! In a simple test with a crude client, I got Content-Length:
> > 16369 for that main page. But after removing the headers:
> >
> >-rw-rw-r-- 1 trawick trawick 27257 Jul 2 12:13 out
>
> Heh,
Uh, as the title really. I guess this is a bug - it certainly isn't the old
behaviour, as far as I can tell.
Cheers,
-Thom
--
Thom May -> [EMAIL PROTECTED]
*sigh* you'd think a distribution composed of 6000
packages distributed across 13 different architectures (in various stages
between pre-al
On 2 Jul 2002, Jeff Trawick wrote:
> Go Ask! In a simple test with a crude client, I got Content-Length:
> 16369 for that main page. But after removing the headers:
>
>-rw-rw-r-- 1 trawick trawick 27257 Jul 2 12:13 out
Heh, ask and ye shall receive I suppose. :-) Thanks Jeff. No
Hi,
Just wondering why the query for the AP_MPMQ_MAX_DAEMONS return 0
instead of IMO 1?
I mean there is on child after all, and I cannot use the
find_child_by_pid.
We are using that in mod_jk2, and obviously always getting -1.
MT.
Did anyone check this one out? (I haven't) It sounds
as though it would scratch some itches..
> My specific intention was to be able to require authentication for
> the file "thing.cgi" while advertising the url "thing", without
> requiring authentication for the directory in which "thing.cgi"
Pier Fumagalli wrote:
> Nope... I believe Dirk is referring to the fact that that is ONE of the
> exploits, but there are some others coming around... :( :( :(
There is hope though. As the exploit exists at the hop-by-hop level, and
because a significant portion of port 80 of the internet is hi
35 matches
Mail list logo
