r->useragent_addr is assigned on ap_read_request (http_core.c),
called from ap_process_http_(async_)connection
called from process_connection hook (APR_HOOK_REALLY_LAST).
The SEGV occured on process_connection hook, maybe before
ap_process_http_(async_)connection,
#11 0x7fd44f91fd4f in modper
Rainer,
There is a commercial apache-based reverse proxy in Switzerland
(with substantial market share) which is able to use / create
a client certificate _per_ session.
So the client connects to the RP, performs authentication. When
creating the session serverside, the RP creates a client cert
On 4/13/2016 2:22 PM, Rainer Jung wrote:
>
> We could pass the worker name from mod_proxy to mod_ssl via a
> connection note, similar to currently already passing the SNI name via
> the connection note proxy-request-hostname.
+1 on the connection note idea, but see below about having to inform th
I wrote the patch for ap_get_useragent_host, but am not familiar
with the details of the report. Researching...
On Wed, Apr 13, 2016 at 5:33 PM, Stefan Fritsch wrote:
> Hi,
>
> I got a report about a new crash in mod_perl tests with 2.4.20:
>
> (gdb) bt
> #0 apr_getnameinfo (hostname=hostna
Hi,
I got a report about a new crash in mod_perl tests with 2.4.20:
(gdb) bt
#0 apr_getnameinfo (hostname=hostname@entry=0x7fd4461ee368,
sockaddr=0x0, flags=flags@entry=0)
at /tmp/buildd/apr-1.5.2/network_io/unix/sockaddr.c:663
#1 0x55feaf0f513a in ap_get_useragent_host
(r=r@entry=0x7
On Monday 11 April 2016 18:12:43, Eric Covener wrote:
> On Mon, Apr 11, 2016 at 4:59 PM, wrote:
> > ServerLimit >= 10 * MaxRequestWorkers / ThreadsPerChild
>
> Hi Stefan -- I am curious -- prior to the recent patches, just
> having the extra capacity in ServerLimit didn't help / didn't help
> as
It's especially important when doing log processing on Apache Hadoop, if
you give uncompressed text files as input files to a Hadoop job, it'd split
large log files on newlines to be processed on multiple nodes. That split
should be done on a record boundary.
On Wed, Apr 13, 2016 at 5:16 PM, Yann
On Wed, Apr 13, 2016 at 11:08 PM, Eric Covener wrote:
> On Wed, Apr 13, 2016 at 5:05 PM, Daniel Lescohier
> wrote:
>> Isn't T_ESCAPE_LOGITEM also used by mod_log_config's use of
>> ap_escape_logitem? We rely on the API that data from HTTP requests that are
>> logged in our mod_log_config logfile
On Wed, Apr 13, 2016 at 5:05 PM, Daniel Lescohier
wrote:
> Isn't T_ESCAPE_LOGITEM also used by mod_log_config's use of
> ap_escape_logitem? We rely on the API that data from HTTP requests that are
> logged in our mod_log_config logfiles are newline-escaped, so that one line
> in the logfile is pa
Isn't T_ESCAPE_LOGITEM also used by mod_log_config's use of
ap_escape_logitem? We rely on the API that data from HTTP requests that
are logged in our mod_log_config logfiles are newline-escaped, so that one
line in the logfile is parsed as one log entry. Our parsers first split on
newline to get
The old behavior was expected, and very, very useful. It
was made that way for a reason.
+1 on reverting to old behavior...
> On Apr 13, 2016, at 4:04 PM, Yann Ylavic wrote:
>
> On Thu, Feb 25, 2016 at 11:27 AM, wrote:
>> Author: icing
>> Date: Thu Feb 25 10:27:27 2016
>> New Revision: 173227
On Thu, Feb 25, 2016 at 11:27 AM, wrote:
> Author: icing
> Date: Thu Feb 25 10:27:27 2016
> New Revision: 1732275
>
> URL: http://svn.apache.org/viewvc?rev=1732275&view=rev
> Log:
> merging pre_close_connection hook, prep_lingering_close and ap_update_child()
> additions from trunk
>
> Modified:
Currently newlines get backslash-escaped if written to the errorlog.
This is via server/gen_test_char.c and stems from an ancient vuln
about escape sequences in log files potentially affecting peoples
terminals when cat'ed.
On a few occasions I have worked with some libraries that return a
newline
Am 13.04.2016 um 19:49 schrieb Rainer Jung:
Am 13.04.2016 um 17:04 schrieb Graham Leggett:
On 13 Apr 2016, at 12:40 PM, Rainer Jung wrote:
I stumbled into a situation where a reverse proxy had two different
backends behind the same VHost of the proxy. Both backends demand
client certs as beco
Am 13.04.2016 um 17:04 schrieb Graham Leggett:
On 13 Apr 2016, at 12:40 PM, Rainer Jung wrote:
I stumbled into a situation where a reverse proxy had two different backends
behind the same VHost of the proxy. Both backends demand client certs as
becomes more and more common for services today
On 13 Apr 2016, at 12:40 PM, Rainer Jung wrote:
> I stumbled into a situation where a reverse proxy had two different backends
> behind the same VHost of the proxy. Both backends demand client certs as
> becomes more and more common for services today. Unfortunately the CA which
> issues the c
I need a change for httpd/mod_ssl that was committed to the project's source
code repository back on 2015-07-22 (
https://svn.apache.org/viewvc?view=revision&revision=1692258). I checked the
source tarball for the most current release, httpd 2.4.20, downloaded from
https://httpd.apache.org/down
> Am 13.04.2016 um 12:55 schrieb Yann Ylavic :
>
> On Wed, Apr 13, 2016 at 12:40 PM, Rainer Jung wrote:
>>
>> To me it looks like the "right" way of handling SSLProxy* config would be
>> per .
>
> ++1
+1
>
>> Did anyone else already encounter a similar problem? Any
>> thoughts or experiment
On Wed, Apr 13, 2016 at 12:40 PM, Rainer Jung wrote:
>
> To me it looks like the "right" way of handling SSLProxy* config would be
> per .
++1
> Did anyone else already encounter a similar problem? Any
> thoughts or experiments on how to solve this for the future?
Not sure how to handle this si
I stumbled into a situation where a reverse proxy had two different
backends behind the same VHost of the proxy. Both backends demand client
certs as becomes more and more common for services today. Unfortunately
the CA which issues the client certs in both cases is the same CA, but
the demande
20 matches
Mail list logo
