[ Long message and proposal follows. Bear with me. There are a lot of words,
but that is because we need a lot of help/input! ;-) ]
So, this has come up in the past several times, and we discussed it again this
year at ApacheCon: How do we get the load balancer to make smarter, more
informed de
On Wed, Apr 29, 2015 at 10:48 PM, wrote:
>
> + * mod_proxy_http: Don't establish or reuse a backend connection before
> pre-
> + fetching the request body, so to minimize the delay between it is
> supposed
> + to be alive and the first bytes sent: this is a best effort to prevent
> t
On Wed, Apr 29, 2015 at 7:09 PM, Yann Ylavic wrote:
> On Thu, Apr 30, 2015 at 1:57 AM, Tom Browder wrote:
>>
>> apachectl
>> httpd: Syntax error on line 147 of /usr/local/apache2/conf/httpd.conf:
>> Cannot load modules/mod_session_crypto.so into server:
>> /usr/local/apache2/modules/mod_session_c
On Thu, Apr 30, 2015 at 1:57 AM, Tom Browder wrote:
>
> apachectl
> httpd: Syntax error on line 147 of /usr/local/apache2/conf/httpd.conf:
> Cannot load modules/mod_session_crypto.so into server:
> /usr/local/apache2/modules/mod_session_crypto.so: undefined symbol:
> ap_hook_session_encode
You pr
On Wed, Apr 29, 2015 at 6:30 PM, Tom Browder wrote:
> On Apr 29, 2015 6:08 PM, "Yann Ylavic" wrote:
...
>> Did you try --with-openssl=/opt/openssl in addition to --with-ssl?
>
> No, but I tried other variants--let me try that.
Okay, now httpd is using openssl/libcrypto.
However, when I try apac
On Apr 29, 2015 6:08 PM, "Yann Ylavic" wrote:
>
> On Thu, Apr 30, 2015 at 12:39 AM, Tom Browder
wrote:
> >
> > configure: error: Crypto was requested but no crypto library could be
> > enabled; specify the location of a crypto library using
> > --with-openssl, --with-nss, etc.
> > configure faile
On Thu, Apr 30, 2015 at 12:39 AM, Tom Browder wrote:
>
> One more requirement: I want to use mod_session_crypto so I have to
> '--enable-sesion-crypto' and, with Yann's options, I still get the
> error:
>
> configure: error: Crypto was requested but no crypto library could be
> enabled; specify th
On Wed, Apr 29, 2015 at 4:51 PM, Yann Ylavic wrote:
> Hi Tom,
>
> On Wed, Apr 29, 2015 at 11:10 PM, Tom Browder wrote:
>>
>> I'm just trying to work around the current build systems to meet a
>> specific goal and I would appreciate anyone who can tell me EXACTLY
>> how to:
>>
>> + use the latest
Hi Tom,
On Wed, Apr 29, 2015 at 11:10 PM, Tom Browder wrote:
>
> I'm just trying to work around the current build systems to meet a
> specific goal and I would appreciate anyone who can tell me EXACTLY
> how to:
>
> + use the latest openssl
> + use the latest apr and apr-util
> + use the latest h
On Wed, Apr 29, 2015 at 3:29 PM, William A Rowe Jr wrote:
> Just to point out the obvious, it would be a Very Bad Idea(tm) to build
> httpd against the dynamic apr-util linked statically to bits and pieces of the
...
I'm just trying to work around the current build systems to meet a
specific goal
On Fri, Apr 24, 2015 at 8:52 AM, Jim Jagielski wrote:
> Right now, the balancer manager allows for a member to be
> disabled/stopped, but it cannot *remove* that member...
> Seems to me that that would be good, especially since
> we could always re-use that slot.
>
That means you must fully impl
Just to point out the obvious, it would be a Very Bad Idea(tm) to build
httpd
against the dynamic apr-util linked statically to bits and pieces of the
libssl.a
and libcrypto.a, only to then attempt to build httpd with mod_ssl
compiled-in
against libssl.a/libcrypto.a again. Unix dl logic doesn't us
(sorry for the patches spam / confused proposal)
On Wed, Apr 29, 2015 at 6:07 PM, Yann Ylavic wrote:
> We could also avoid the note by setting r->clength = -1 instead in
> ap_content_length_filter().
Another candidate could be r->sent_bodyct = 1, eg:
Index: server/protocol.c
===
On Wed, Apr 29, 2015 at 2:46 PM, Eric Covener wrote:
> On Wed, Apr 29, 2015 at 8:19 AM, Yann Ylavic wrote:
>> Hence how about removing this whole block (is there any module today
>> "outsmarting" httpd that cannot be considered as buggy?) or least
>> disable it for forwarded responses, eg:
>>
>>
On 29.04.2015 15:06, Tom Browder wrote:
> On Wed, Apr 29, 2015 at 12:57 AM, Kaspar Brand
> wrote:
>> On 28.04.2015 14:04, Tom Browder wrote:
>>> I have no system installed openssl,
>>
>> Hmm, what platform is this? Are you sure there are no libcrypto/libssl
>> libraries somewhere under /usr?
>
>
On Wed, Apr 29, 2015 at 3:39 PM, Yann Ylavic wrote:
> On Wed, Apr 29, 2015 at 3:17 PM, Yann Ylavic wrote:
>> On Wed, Apr 29, 2015 at 2:46 PM, Eric Covener wrote:
>>> On Wed, Apr 29, 2015 at 8:19 AM, Yann Ylavic wrote:
Hence how about removing this whole block (is there any module today
>>>
On Wed, Apr 29, 2015 at 3:17 PM, Yann Ylavic wrote:
> On Wed, Apr 29, 2015 at 2:46 PM, Eric Covener wrote:
>> On Wed, Apr 29, 2015 at 8:19 AM, Yann Ylavic wrote:
>>> Hence how about removing this whole block (is there any module today
>>> "outsmarting" httpd that cannot be considered as buggy?)
On Wed, Apr 29, 2015 at 3:17 PM, Yann Ylavic wrote:
> Index: modules/http/http_filters.c
> ===
> --- modules/http/http_filters.c(revision 1676716)
> +++ modules/http/http_filters.c(working copy)
> @@ -1292,6 +1292,7 @@ AP_CORE
On Wed, Apr 29, 2015 at 2:46 PM, Eric Covener wrote:
> On Wed, Apr 29, 2015 at 8:19 AM, Yann Ylavic wrote:
>> Hence how about removing this whole block (is there any module today
>> "outsmarting" httpd that cannot be considered as buggy?) or least
>> disable it for forwarded responses, eg:
>>
>>
On Wed, Apr 29, 2015 at 12:57 AM, Kaspar Brand wrote:
> On 28.04.2015 14:04, Tom Browder wrote:
>> Maybe I need to play tricks with ld.so.conf and openssl?
>
> Depends on whether you built OpenSSL with or without shared libraries -
> what are the contents of the /opt/openssl/lib directory?
Well,
On Wed, Apr 29, 2015 at 8:19 AM, Yann Ylavic wrote:
> Hence how about removing this whole block (is there any module today
> "outsmarting" httpd that cannot be considered as buggy?) or least
> disable it for forwarded responses, eg:
>
> Index: modules/http/http_filters.c
>
Due to ap_http_header_filter():
/* This is a hack, but I can't find anyway around it. The idea is that
* we don't want to send out 0 Content-Lengths if it is a head request.
* This happens when modules try to outsmart the server, and return
* if they see a HEAD request. Apache
Thank You!!
Will review ASAP.
> On Apr 29, 2015, at 7:05 AM, Kaspar Brand wrote:
>
> On 27.04.2015 17:04, Stefan Eissing wrote:
>>> Am 25.04.2015 um 11:47 schrieb Kaspar Brand :
>>> Only tested in terms of "compiles both w/ and w/o HAVE_TLS_ALPN", so it
>>> certainly needs more eyes before a ba
On 27.04.2015 17:04, Stefan Eissing wrote:
>> Am 25.04.2015 um 11:47 schrieb Kaspar Brand :
>> Only tested in terms of "compiles both w/ and w/o HAVE_TLS_ALPN", so it
>> certainly needs more eyes before a backport proposal could be made.
>> There's also a "TODO: we should have a mod_ssl configurati
I am using apache(2.2.28) as reverse proxy
Please help me to handle following scenario..
mod_proxy_http is unable to read EOS bucket from previous output filter and it
(ap_get_brigade()) stays on blocking state forever.
response transfer encoding is chunk.
Missing EOS bucket could be
1. due t
On 28.04.2015 14:04, Tom Browder wrote:
> On Tue, Apr 28, 2015 at 6:45 AM, Eric Covener wrote:
>> about openssl 1.02 though -- what exactly do you see?
>
> I see this when attempting to start apache:
>
> /usr/local/apache2/bin/httpd: symbol lookup error:
> /usr/local/apache2/bin/httpd: undefined
26 matches
Mail list logo