Re: mod_speling changes in trunk and backport

Le 23/02/2016 20:24, Rainer Jung a écrit : There were two changes to mod_speling in trunk in 2013/2014. They were motivated by PR 44221: although the docs claim that using "CheckCaseOnly On" "limits the action of the spelling correction to lower/upper case changes. Other potential corrections

Re: conn_rec needs a context

On Wed, Mar 2, 2016 at 1:23 AM, Yann Ylavic wrote: > Hi, > > On Wed, Mar 2, 2016 at 1:09 AM, Graham Leggett wrote: >> >> Would it make sense to add a vector of contexts that same way we have a >> vector of configs, one slot for each module, which will

Re: conn_rec needs a context

Hi, On Wed, Mar 2, 2016 at 1:09 AM, Graham Leggett wrote: > > Would it make sense to add a vector of contexts that same way we have a > vector of configs, one slot for each module, which will allow any module to > add a context of it’s own to conn_rec without having to extend

conn_rec needs a context

Hi all, In order to get connections to have async behaviour, it must be possible for the process_connection hook to exit in the expectation of being called again when an async mpm is present - this is easy, the mpms already do that. The missing bit is that conn_rec needs a context so that when

Re: svn commit: r1727603 - in /httpd/httpd/trunk: CHANGES server/mpm/event/event.c

On Wed, Mar 2, 2016 at 12:59 AM, Yann Ylavic wrote: > On Fri, Jan 29, 2016 at 4:51 PM, wrote: >> >> +static void setup_slave_conn(conn_rec *c, void *csd) >> +{ >> +event_conn_state_t *mcs; >> +event_conn_state_t *cs; >> + >> +mcs =

Re: svn commit: r1727603 - in /httpd/httpd/trunk: CHANGES server/mpm/event/event.c

On Fri, Jan 29, 2016 at 4:51 PM, wrote: > Author: icing > Date: Fri Jan 29 15:51:25 2016 > New Revision: 1727603 > > URL: http://svn.apache.org/viewvc?rev=1727603=rev > Log: > event: slave connection init, vhost early config > > Modified: >

Re: state of h2 (long)

Yeah! I'll get that in tomorrow. Nice work! > Am 01.03.2016 um 22:13 schrieb Jacob Champion : > >> On Tue, Mar 1, 2016 at 11:08 AM, Jacob Champion wrote: >> I still don't have my OpenSSL build process for Windows down enough to >> test out an h2

Re: Backport of auto proxy(_util) exports?

G/M, As of last night the following additional exports from 2.4 mod_proxy builds all NetWare modules presently in the 2.4 modules/proxy dir: Index: modules/proxy/NWGNUproxy === --- modules/proxy/NWGNUproxy(revision 1733007) +++

Re: state of h2 (long)

On Tue, Mar 1, 2016 at 11:08 AM, Jacob Champion wrote: > I still don't have my OpenSSL build process for Windows down enough to > test out an h2 proxy, but that'll be my next trick. Looks like an HTTP/1.1 -> h2 proxy works for me as well on Windows, once I got a functioning

Re: state of h2 (long)

On Mon, Feb 29, 2016 at 1:55 PM, Jacob Champion wrote: > I'm only just figuring out how to actually test the proxy module at > runtime, though, so... caveat emptor. FWIW, with that patchset, I was able to get an h2c (plaintext) proxy working with the nghttp2.org test

RE: access control for dynamic hosts

Hello Rick, Forward doesn’t mean dynamic, however, and using one particular solution like that is misleading, IMO. Using “forward-dns” makes more sense to me. Yep, with such a name what it does is pretty clear. That said, how would you intend to handle multiple A records for the same

Re: state of h2 (long)

> On Mar 1, 2016, at 9:46 AM, Graham Leggett wrote: > > On 29 Feb 2016, at 10:33 PM, Jim Jagielski wrote: > >> I've been digging into how we could better leverage serf on the mod_proxy >> side w/o going the route of mod_serf itself... Agreed that using >>

RE: access control for dynamic hosts

Forward doesn’t mean dynamic, however, and using one particular solution like that is misleading, IMO. Using “forward-dns” makes more sense to me. That said, how would you intend to handle multiple A records for the same name: look them all up and store in a table, or support only one A record

Re: svn commit: r1733054 - in /httpd/httpd/trunk/modules: filters/mod_reqtimeout.c proxy/mod_proxy.h proxy/proxy_util.c

On Tue, Mar 1, 2016 at 4:29 PM, Eric Covener wrote: > > intentional? No :/ Reverted in r1733055 and re-commited in r1733056 already.

Re: svn commit: r1733054 - in /httpd/httpd/trunk/modules: filters/mod_reqtimeout.c proxy/mod_proxy.h proxy/proxy_util.c

On Tue, Mar 1, 2016 at 7:31 AM, wrote: > Author: ylavic > Date: Tue Mar 1 12:31:40 2016 > New Revision: 1733054 > > URL: http://svn.apache.org/viewvc?rev=1733054=rev > Log: > mod_proxy: follow up to r1729826 + r1729847 + r1732986. > Don't use magic constants. > > Modified: >

Re: access control for dynamic hosts

dyndns is a company name, but it seems to be synonymous for a lot of systems with dynamic-dns. That would make a recognizable option for a lot of people. - Y On Tue, Mar 1, 2016 at 10:00 AM, Eric Covener wrote: > On Tue, Mar 1, 2016 at 9:53 AM, wrote: >

Re: access control for dynamic hosts

On Tue, Mar 1, 2016 at 3:31 PM, Eric Covener wrote: > On Tue, Mar 1, 2016 at 8:19 AM, Yann Ylavic wrote: >> How about "Require dns" (and mod_authz_dns) for the name? > > I think it is reasonable to extend authz_host to disable the reverse > check when

Re: access control for dynamic hosts

On Tue, Mar 1, 2016 at 4:01 PM, Yann Ylavic wrote: > On Tue, Mar 1, 2016 at 3:31 PM, Eric Covener wrote: >> On Tue, Mar 1, 2016 at 8:19 AM, Yann Ylavic wrote: >>> How about "Require dns" (and mod_authz_dns) for the name? >> >> I

Re: access control for dynamic hosts

Hello Yann, [...] Looks good to me. It would have to be documented though, especially the difference with "Require host" and maybe their complementarity (wrt security). Sure, it needs a documentation, obviously. I will not commit anything without a doc. How about "Require dns" (and

Re: access control for dynamic hosts

On Tue, Mar 1, 2016 at 9:53 AM, wrote: > Maybe "Require ip" could be extended instead of using a new name: > > "Require ip myserver.apache.org" Unfortunately I think you need to pick an awkward name here so it cannot be confused/misused. Like "forward-dns" -- Eric

Re: access control for dynamic hosts

How about "Require dns" (and mod_authz_dns) for the name? I think it is reasonable to extend authz_host to disable the reverse check when requested (via some new first arg to require) Note that the inner working logic is different, but this is an implementation detail. What syntax would

Re: state of h2 (long)

On 29 Feb 2016, at 10:33 PM, Jim Jagielski wrote: > I've been digging into how we could better leverage serf on the mod_proxy > side w/o going the route of mod_serf itself... Agreed that using > pollsets et.al. would be useful. Maybe some of the motorz mpm logic > could be

Re: access control for dynamic hosts

On Tue, Mar 1, 2016 at 8:19 AM, Yann Ylavic wrote: > How about "Require dns" (and mod_authz_dns) for the name? I think it is reasonable to extend authz_host to disable the reverse check when requested (via some new first arg to require)

Re: access control for dynamic hosts

This would be a god send. I personally use a lot of dynamic hosts from my ISP, in that I’m unable to control the rDNS records of the IPs I’m assigned. Having an option for checks going ‘forward’ only would be terrific. — Jacob Perkins Product Owner cPanel Inc. jacob.perk...@cpanel.net

Re: access control for dynamic hosts

Hi Fabien, On Thu, Jan 14, 2016 at 9:38 AM, Fabien wrote: > > Would anyone have an opinion, please? > > Although I can just commit the proposed changes, a formal go would be nice. Looks good to me. It would have to be documented though, especially the difference with

Re: access control for dynamic hosts

This feature makes sense because it allows to allow a full domain, say "apache.org", any host of which the inverse dns resolves to the domain can then be allowed. But this also means that if the reverse dns is not controlled, say with the dynamic dns and a moving ip, ip control does not work,

Re: svn commit: r1732986 - /httpd/httpd/trunk/modules/proxy/proxy_util.c

On Tue, Mar 1, 2016 at 1:26 PM, Plüm, Rüdiger, Vodafone Group wrote: > >> From: Jim Jagielski [mailto:j...@jagunet.com] >> >> I'd prefer we use a define, eg: >> >> #define PROXY_WORKER_RFC1035_SIZE 512 >> >> rather than embedding magic numbers... > > +1 Agreed, much

RE: svn commit: r1732986 - /httpd/httpd/trunk/modules/proxy/proxy_util.c

> -Original Message- > From: Jim Jagielski [mailto:j...@jagunet.com] > Sent: Dienstag, 1. März 2016 12:58 > To: dev@httpd.apache.org > Cc: c...@httpd.apache.org > Subject: Re: svn commit: r1732986 - > /httpd/httpd/trunk/modules/proxy/proxy_util.c > > I'd prefer we use a define, eg: > >

Re: svn commit: r1732986 - /httpd/httpd/trunk/modules/proxy/proxy_util.c

I'd prefer we use a define, eg: #define PROXY_WORKER_RFC1035_SIZE 512 rather than embedding magic numbers... > On Feb 29, 2016, at 8:20 PM, yla...@apache.org wrote: > > Author: ylavic > Date: Tue Mar 1 01:20:06 2016 > New Revision: 1732986 > > URL:

Re: state of h2 (long)

I am very glad that someone is looking into this... if I can be of any help, let me know. > Am 29.02.2016 um 22:55 schrieb Jacob Champion : > > On Mon, Feb 29, 2016 at 9:35 AM, William A Rowe Jr > wrote: >> On Sun, Feb 28, 2016 at 1:37 PM, Gregg