Re: libapreq subproject roll call

On Fri, Feb 16, 2024, 16:21 Ruediger Pluem wrote: > > > On 2/16/24 2:10 PM, Eric Covener wrote: > >> Will apreq 2.18 still be released? > > > > I think we should, but we need someone to do the release work and 3 > > active PMC members to approve it. Prior to the recent activity, the > > subproje

Re: libapreq2 status & security release

Anything I'm missing? In theory, no.  In practice I remember it being very difficult to test properly last time I tried to RM, with a recent Perl and httpd. I can't imagine it will be easier, so we should be aware, at time of voting on the release, how much (thoroughly) it is actually bein

Re: Countdown to 25 years - has httpd changed your life?

The httpd project was my springboard into so much: opensource communities & development, the HTTP protocol, SSL/TLS (and, taking it a step further: cyber security), web scripting (via CGI) and more complex applications (via the httpd module API). I got involved in 1999, and almost every step th

Re: SSL and Usability and Safety

On 5/3/2017 4:28 PM, Stefan Eissing wrote: > >> Am 03.05.2017 um 15:22 schrieb Dirk-Willem van Gulik : >> >>> >>> On 3 May 2017, at 15:14, Issac Goldstand wrote: >>> >>> On 5/3/2017 3:59 PM, Dirk-Willem van Gulik wrote: >>>>

Re: SSL and Usability and Safety

On 5/3/2017 4:22 PM, Dirk-Willem van Gulik wrote: > >> On 3 May 2017, at 15:14, Issac Goldstand wrote: >> >> On 5/3/2017 3:59 PM, Dirk-Willem van Gulik wrote: >>> >>>> On 3 May 2017, at 14:53, Issac Goldstand >>> <mailto:mar...@beamartyr.ne

Re: SSL and Usability and Safety

On 5/3/2017 3:59 PM, Dirk-Willem van Gulik wrote: > >> On 3 May 2017, at 14:53, Issac Goldstand > <mailto:mar...@beamartyr.net>> wrote: >> >> On 5/3/2017 12:46 PM, Dirk-Willem van Gulik wrote: >>> On 3 May 2017, at 10:03, Issac Goldstand >> <m

Re: SSL and Usability and Safety

On 5/3/2017 12:46 PM, Dirk-Willem van Gulik wrote: > On 3 May 2017, at 10:03, Issac Goldstand wrote: >> >> +1 on the idea >> >> So far I'm -0 about all of the proposed implementations for 2 reasons: >> >> 1) Mr and Mrs normal (whom are our primary cu

Re: SSL and Usability and Safety

+1 on the idea So far I'm -0 about all of the proposed implementations for 2 reasons: 1) Mr and Mrs normal (whom are our primary customers in the original proposal) usually download Apache from their distro or some other binary. Their Apache sources are usually not up-to-date, and in the scenari

Re: Underscores in hostnames

AFAIK, underscores are forbidden from being part of a host name as per RFC 1123 Sec 2.1/RFC 952 (Assummptions Sec 1) It's also spelled out in RFC 3986: " A registered name intended for lookup in the DNS (...) consists of a sequence of domain labels separated by ".", each domain label star

Re: Absorb win32-apxs into httpd distro?

On 12/14/2016 10:13 AM, William A Rowe Jr wrote: > Randy wrote http://www.apache.org/dist/perl/win32-bin/ > - but I'm wondering > who else here at httpd is interested in helping maintain and get this code > into our own distribution? I've shipped this fo

[RELEASE CANDIDATE] libapreq2-2.14 RC

After (almost) 6 years, the apreq team would like to release version 2.14 of libapreq. Please test and vote on the following tarball: https://home.apache.org/~issac/libapreq2-2.14.tar.gz https://home.apache.org/~issac/libapreq2-2.14.tar.gz.asc https://home.apache.org/~issac/libapreq2-2.14.tar.gz.

Re: apreq release

That was my knee-jerk reaction, too, but after digging, I saw that win32 really shouldn't be affected. On 11/16/2016 4:09 PM, Steve Hay wrote: > On 15 November 2016 at 09:26, Issac Goldstand wrote: >> Hi all, >> >> Someone (finally) noticed that apreq's test suite

Re: apreq release

ng mod_apreq2 and all the request cache/re-play bucket, POST > reading, file uploading, etc stuff, right? > > I really don't want to have to include mod_perl so my C modules can read POST > data and handle file uploads. > > Cheers, > > Brian > > >>

Re: apreq release

repos/asf/httpd/apreq/trunk/glue/perl/ I'll take a crack at seeing if I can fold it into mod_perl despite the rust. On 11/15/2016 2:45 PM, Andres Thomas Stivalet wrote: > Good news!! No idea why apreq hasn't just been merged into mod_perl > after all these years. > > A+++

Re: apreq release

ontroller under Apache 2.4? > > Will this be packaged and released to Debian Stretch before it goes > stable, or can you advise the package maintainers to update? > > Thanks. > Mark > > On Tue, Nov 15, 2016 at 1:26 AM, Issac Goldstand <mailto:mar...@beamartyr.net>> wrot

apreq release

Hi all, Someone (finally) noticed that apreq's test suite isn't compatible with Apache 2.4 and requested a change. Given that we haven't released an updated apreq in nearly 6 years, I'm inclined to make/test the changes to the test suite and immediately go to a release cycle. Does anyone want ti

Re: Thx and merit

Big +1 Thanks to all, and especially Stefan (and greenbytes GmbH) for his continued contribution to pushing http2 support forward! Issac On 10/14/2015 3:58 PM, Jim Jagielski wrote: > The ASF is all about recognizing and rewarding merit. The whole > "Apache Way" started here, with this project,

Re: Was there any concrete decision on apreq?

I think nothing. Most mod_perl users (I think) install apreq via Apache2::Request. That can continue to be maintained on CPAN, as is, linking against httpd instead of mod_apreq Or do you forsee a problem here? On 2/24/2015 9:56 AM, Steve Hay wrote: > What would this mean for mod_perl users? I,

Re: commercial support

On 11/23/2014 4:53 PM, Victor J. Orlikowski wrote: > On Nov 23, 2014, at 8:11 AM, Jeff Trawick > wrote: >> >> Docker would not be the right solution for someone who wants to use >> httpd over the long haul (future updates to httpd+libs while maintain >> existing config,

Re: commercial support

On 11/21/2014 4:21 PM, Victor J. Orlikowski wrote: > On Nov 21, 2014, at 9:01 AM, Jeff Trawick > wrote: >> >> * oh, and make it possible for 90% of the potential user base to be >> running 2.4.latest in several minutes without possibly interfering >> with existing softw

Re: Bash CVE-2014-6271 and CGI / HTTPD

On 29/09/2014 00:00, Rainer Jung wrote: > Am 28.09.2014 um 09:07 schrieb Issac Goldstand: >> -0 >> >> While I love the code that's been come up with, this would be akin to >> trying to have patched httpd to deal with Heartbleed. >> >> I can't see a

Re: Bash CVE-2014-6271 and CGI / HTTPD

-0 While I love the code that's been come up with, this would be akin to trying to have patched httpd to deal with Heartbleed. I can't see any real use-case where a user would get a patched httpd without getting a patched bash, too. Either they'll know, or they'll be getting this from their

Re: C99 bump prior to apr 2.0?

You can't, AFAIK, due to licensing. You need to include the *installer* that comes in VC's redist area and can run that installer from yours to install their runtime... Or you can statically link to the runtime, but I'm not sure we want to do that. On 04/09/2014 17:48, Wang, Andy wrote: > Is the

Re: [PATCH 51648 apreq2] Remove redundant Apache2::Cookie::httpcookie documentation

On 12/03/2014 14:42, Jeff Trawick wrote: > On Tue, Mar 11, 2014 at 10:51 AM, Lubomir Rintel > wrote: > > --- > Hi, > > please review and merge this. It seems to be an easyfix, but the > ticket [1] > seemengly generated no useful attention. > > > Hi,

Re: please sign new apache releases only with strong keys -- trimming the KEYS file

Not in this case. Revoking would be a statement by the key owner that the key is no good (something that would probably be smart to do, but at the same time way out of the PMC's control). Pruning the KEYS file is a statement by the PMC about what keys the PMC authorizes to sign artifacts. Issa

Re: AW: nginx goes open core

diger, Vodafone Group wrote: > > >> -Ursprüngliche Nachricht----- >> Von: Issac Goldstand >> Gesendet: Donnerstag, 22. August 2013 17:16 >> An: dev@httpd.apache.org >> Betreff: Re: nginx goes open core >> >> On 22/08/2013 17:48, Jim Jagielski wrot

Re: nginx goes open core

On 22/08/2013 17:48, Jim Jagielski wrote: > To me, this seems like a continued opportunity for httpd > to excel... > open core?

Re: Whereforeartthou, 2.5.0?

On 10/07/2013 19:43, Jim Jagielski wrote: > > On Jul 10, 2013, at 2:19 AM, William A. Rowe Jr. wrote: > >> >> So my proposal to be presented shortly as a vote would be to abandon the >> trunk into a sandbox to be mined for good changes, once 30 days after a >> vote is concluded without a relea

mpm_event problem on SmartOS

Hey folks, I've been working on a consulting gig for a company hosting on SmartOS (which I'm admittedly pretty unfamiliar with), and have been running into an odd issue on mpm_event. When doing a simple load test with ab, we keep running into this pattern: [Sun May 19 17:44:49.132658 2013] [mpm_

Re: URL scanning by bots

On 30/04/2013 21:38, Ben Laurie wrote: > On 30 April 2013 11:14, Reindl Harald wrote: >> Am 30.04.2013 12:03, schrieb André Warnier: >>> As a general idea thus, anything which impacts the delay to obtain a 404 >>> response, should >>> impact these bots much more than it impacts legitimate users/c

Re: mod_macro… backport to 2.4

On 09/03/2013 17:20, Jim Jagielski wrote: I've proposed copying/backporting mod_macro to 2.4 ! +1 Issac

Re: Apache 2.4 adoption

On 07/02/2013 09:47, Jan Kaluža wrote: [snip] The problem is that I have little experience with Perl or mod_perl. I'm trying to improve current situation, but I don't want to be the upstream, because I'm not active mod_perl (or even Perl) user. [snip] Maybe there is someone here who loves th

Re: Apache 2.4 adoption

On 07/02/2013 07:54, William A. Rowe Jr. wrote: [snip] I also wonder if this would have been different if the httpd project had offered an rpm or apt-get packages, for example? It seems like there will always be a significant lag between a new major.minor release and seeing it injected into the

Re: Password caching

On 05/01/2013 11:52, Igor Galić wrote: - Original Message - On Wednesday 02 January 2013, Eric Covener wrote: On Wed, Jan 2, 2013 at 4:02 PM, Stefan Fritsch wrote: On Wednesday 02 January 2013, Jim Jagielski wrote: For *real* improvement, wouldn't storing in socache be the optimal

Re: [VOTE] accept mod_macro as standard module in httpd

On 03/01/2013 04:06, Eric Covener wrote: I was preparing the IP clearance forms and noticed our original "vote" thread was more of a discussion. I wanted to record a formal vote here so I can link to it. Pending IP clearance... [+1] accept mod_macro as a standard module and responsibility for

Re: Volunteers to drive an MSI build

The discussion is moot. The ASF will not provide binary software. nd Yeah, try selling that to the AOO project and see what happens... Issac

Re: Volunteers to drive an MSI build

Program Files vs. drive root PF pros everything in there is protected from users other than admin PF cons everything in there is protected from users other than admin which In Vista/7/8 the administrator account is disabled but you can run things as admin if your user has admin privileges. mostl

Re: The Case for a Universal Web Server Load Value

On 15/11/2012 00:48, Tim Bannister wrote: On 14 Nov 2012, at 22:19, Ask Bjørn Hansen wrote: I know I am fighting the tide here, but it's really the wrong smarts to put in the load balancer. The backend should/can know if it can take more requests. When it can't it shouldn't and the load bal

Re: Volunteers to drive an MSI build

On 12/11/2012 18:03, Yehuda Katz wrote: William Rowe said he was working on a new WiX-based installer That would be great if Bill has the cycles to push it through - I know he's been uber-busy for a long while already, and he has the best working knowledge of windows installer-y things so far

Re: Volunteers to drive an MSI build

On 12/11/2012 15:15, Igor Galić wrote: to setup a Windows Server VM/buildbot - and am now looking for volunteers to step forward. - Just raise your hand here and update the the above ticket with your Apache ID. (Yes, you need to be a committer already) Raises hand...

Re: [PATCH] mod_systemd

+1 on concept, but Im on vacation so cant actually review the code Sent with AquaMail for Android http://www.aqua-mail.com On October 3, 2012 12:51:56 PM Jim Jagielski wrote: +1 On Oct 3, 2012, at 4:28 AM, Joe Orton wrote: > On Wed, Sep 26, 2012 at 11:10:07AM -0400, Jan Kaluza wrote: >> a

Re: Broken Link

I keep voulenteering to learn to package from him but somehow it never happens... Bill any chance of trying to do this again? Sent with AquaMail for Android http://www.aqua-mail.com On September 25, 2012 1:31:01 PM Jim Jagielski wrote: AFAIK, Bill's the only one who has ever generated the W

Re: [VOTE] Adopt the comments.a.o system to the 2.2 and 2.4 branch of the httpd docs

On 09/07/2012 01:12, Mads Toftum wrote: > On Sun, Jul 08, 2012 at 10:33:56PM +0200, Daniel Gruno wrote: >> [ ] +1: Adopt the comments.a.o system in the 2.2 and 2.4 branch of docs >> [ ] 0: I don't care >> [X] -1: Don't adopt the system, because >> > Only trunk is CTR. > Can you explain the rat

Empty cookies [Was Re: libapreq2 co-maintainer]

On 20/06/2012 14:19, Thomas Busch wrote: > On 20/06/2012 13:35, Thomas Busch wrote: >> The reason I'm asking is that the following bug >>> >>> https://rt.cpan.org/Public/Bug/Display.html?id=69866 >>> >>> hasn't been solved and is still causing Internal Server Error's on >>> a lot of mod_perl instal

Re: md5crypt passwords

On 21/06/2012 12:40, Ben Laurie wrote: > 4. Use something that is hard to optimise in hardware (ideally). And what about massive sites that need the crypto HW to manage the concurrent logins? Yes, you're making it harder on the hackers, but also potentially on our users. ...Or did I just put my

Re: packaging libapreq2 as a dependency

On 27/04/2012 05:12, Joe Schaefer wrote: > Now that some time has passed since Philip brought > apreq2 into trunk it's probably a good time to discuss > how best to incorporate it into httpd itself. Right > now the library files are in server/ which basically > means we're internally compiling lib

Re: Why aren't name-based vhosts not working properly under SSL?

Are you sure that your client supports SNI? On 16/04/2012 19:21, Tom Evans wrote: > On Mon, Apr 16, 2012 at 4:51 PM, Mikhail T. wrote: >> On 16.04.2012 11:40, Tom Evans wrote: >> >> They can. Excerpt from my httpd.conf: >> >> Your excerpt does not show different DocumentRoots -- nor any other >>

Re: A push for 2.4.2

On 15/03/2012 07:29, William A. Rowe Jr. wrote: > On 3/14/2012 2:36 PM, Jim Jagielski wrote: >> In the attempts to keep the momentum going, I'd like to push for >> a httpd 2.4.2 release Real Soon Now. > Then this afternoon I'll propose a 'really small patch' around > 'the win32 issue' and ask folks

Re: A push for 2.4.2

On 15/03/2012 07:29, William A. Rowe Jr. wrote: > On 3/14/2012 2:36 PM, Jim Jagielski wrote: >> In the attempts to keep the momentum going, I'd like to push for >> a httpd 2.4.2 release Real Soon Now. > Then this afternoon I'll propose a 'really small patch' around > 'the win32 issue' and ask folks

Re: httpd 2.4.1 vs mod_whatkilledus

After going through the thread in question, I disagree with your statement. The PHP dev team did a wonderful job in deciding to promote a patch against the shiny new PHP 5.4.0 that should work with httpd 2.4, they're trying to roadmap the patch in to the next release, and they're probably right i

Re: httpd 2.4.1 vs mod_whatkilledus

Assuming you mean mod_php - I'm sure that php with FastCGI works fine... Like any fresh software release, it can be expected that not every 3rd party module developer has gotten around to upgrading their code. Give it a bit of time; it'll happen. On 04/03/2012 03:53, Reindl Harald wrote: > > > A

Re: setting up testing

Very definitely localhost. The test suite will automatically configure and launch variously configured httpd instances for testing itself. On 01/03/2012 22:22, Jeff Trawick wrote: > On Thu, Mar 1, 2012 at 3:17 PM, Michael Felt wrote: >> One quick question: can I assume that the test is ideally in

Re: Windows builds available

On 29/02/2012 14:10, Steffen wrote: > No serious 2.4 bug reports received till now, which you do not > already know. All runs fine. Cool. You refer to reports from users on your forums, I assume? Issac

Re: Please get solved the issue DisableWin32AcceptEx (AcceptFilter none)

On 15/02/2012 23:56, Steffen wrote: > Only trying to help and sounding the concerns of the Apache Windows > Community. > > The issue seems too hard for you (and other HTTPD dev's) to solve, and > that > for years. Accept to go for help from eg. Microsoft or a Driver vendor. > > I think really tha

Re: Proposal: adoption of mod_firehose subproject

+1 on adopting On 13/12/2011 17:19, Graham Leggett wrote: > Hi all, > > I have concluded negotiation with the BBC to open source some httpd modules > that I wrote under the AL, and the BBC have very kindly agreed to donate the > code to the ASF[1], which I believe would fit well as subprojects o

Re: [Vote] .htaccess logic abuse

On 21/11/2011 18:19, Joe Orton wrote: > On Fri, Nov 18, 2011 at 04:38:14PM -0600, William Rowe wrote: >> After several prods, it seems the security@ and hackathon participants >> can't be drawn out of their shells on to dev@. So I'll simply call for >> a majority vote on the following statement...

Re: [Vote] .htaccess logic abuse

On 19/11/2011 00:38, William A. Rowe Jr. wrote: > Resource abuse of an .htaccess config in the form of > cpu/memory/bandwidth; > > [ ] Represents a security defect > [X] Is not a security defect The sysadmin knows best. If it's a problem, disable it (or the problematic type of directives via

Re: setting TZ env var

On 16/11/2011 01:06, William A. Rowe Jr. wrote: > On 11/15/2011 4:28 PM, Issac Goldstand wrote: >> >> I'd likely -1 anything that assumed without allowing the user to specify >> an override. > > what on earth is wrong with > > --- ../httpd-2.x/su

Re: setting TZ env var

On 15/11/2011 21:35, William A. Rowe Jr. wrote: > On 11/15/2011 10:06 AM, Paul Querna wrote: >> >> To merge to trunk I'd like to have it detect your active timezone, >> instead of forcing UTC+0, but if you changed timezones on your >> machine, you will need to restart httpd. >> >> Thoughts? > > If

Re: setting TZ env var

On 15/11/2011 18:06, Paul Querna wrote: > but is there any objections to > the concept of setting the timezone on process startup? > > This single change gives about a 2% performance boost in my testing. > > To merge to trunk I'd like to have it detect your active timezone, > instead of forcing UTC

Re: [VOTE] Release 2.3.15-beta as beta

On 11/11/2011 13:28, Stefan Fritsch wrote: > > Are the build problems on Windows a blocker? I think we verbally agreed that they weren't, so unless someone vetoes that statement on-list, we're good to go. Having said that, it's still on my personal to-do list (eventually) Issac

Re: BRANCHED : httpd 2.4.x

Jim++ Is there a consensus to do the apreq -> apr/perl/httpd split? IIRC, last time it came up, there were objections... Issac On 11/11/2011 09:42, Jim Jagielski wrote: > The 2.4.x httpd branch was created from the r1200449 point of > trunk… I've tried to backport pretty much all non-apreq pa

Re: [VOTE] Formal deprecation of 2.0.x branch

-0 I DO want the EOL, but not until after 2.4 has a couple of GAs, if only because folks might not update twice. Issac On 11/11/2011 09:13, "Plüm, Rüdiger, VF-Group" wrote: > +1 > > Regards > > Rüdiger > >> -Original Message- >> From: William A. Rowe Jr. >> Sent: Freitag, 11. Novembe

Re: [VOTE] Release 2.3.15-beta as beta

Bring it (the key) tonight :) On 09/11/2011 11:12, Jim Jagielski wrote: > 2010-11-04 is the day I created the new key… it's unexpired > (at least from what I can see ;) ) > > On Nov 9, 2011, at 7:52 AM, Rainer Jung wrote: > >> On 09.11.2011 07:43, Rainer Jung wrote: >>> Hi Jim, >>> >>> it looks li

Re: 2.3.15-dev

+1 On 08/11/2011 14:47, Jim Jagielski wrote: > So far 3 +1s and counting… > > On Nov 8, 2011, at 12:49 PM, Jim Jagielski wrote: > >> OK… let's polish this… "gem". >> >> I'd really like to T&R 2.3.15-dev, get some feedback quickly and >> let's push on for a quick 2.4.0 release!

Re: Who's at the Hackathon?

On 07/11/2011 09:22, Sander Temme wrote: > Folks, > > The httpd table now has: > > Jeff Trawick > Jean-Frederic Leclere > Stefan Fritsch > Rainer Jung > and myself I'll be around soonish > Who else is at the conference? Anybody joining tomorrow? > > Rainer brought a Euro power strip, so this tabl

Re: output filters unit-testing frame-work

Look for Apache::Test in CPAN. It's pretty much the standard Apache test framework today, and supports C and Perl (mod_perl) modules. Issac On 25/09/2011 16:47, Yehezkel Horowitz wrote: > > Hello > > > > I'm looking for a frame-work to perform unit-tests for Apache output > filters. > > >

EOL for 2.0

IIRC, we talked about making 2.0 EOL when we make the next release, but I don't think we ever formalized the decision. Does anyone have comments for or against announcing 2.0 End-Of-Life at a set time (say 3 months) following the release of 2.4? Issac

Re: Fwd: Mis-configured Rewrite Rule Exposed Filesystem

On 15/09/2011 22:16, William A. Rowe Jr. wrote: > On 9/15/2011 2:14 PM, Stefan Fritsch wrote: >>> In the same spirit as axing the regex match syntax >>> becoming . >> Should we start in 2.4 by logging a deprecation warning at level info >> for the syntax? > That was just a example of why your su

Re: MPM-Event, renaming MaxClients, etc.

On 21/06/2011 00:30, Roy T. Fielding wrote: > On Jun 20, 2011, at 12:01 PM, Stefan Fritsch wrote: >> On Monday 20 June 2011, William A. Rowe Jr. wrote: >>> On 6/20/2011 9:07 AM, Greg Ames wrote: On Sun, Jun 19, 2011 at 8:49 AM, Stefan Fritsch >>> > wrote: >>>

Re: 2.2.19 (and probably earlier) won't let you make non-ssl vhosts on 443?

On 26/05/2011 12:16, Reindl Harald wrote: > > Am 26.05.2011 11:10, schrieb Issac Goldstand: >> I just upgraded a machine from 2.2.8 to 2.2.19 and suddenly Apache >> wouldn't let me run non-SSL vhosts on port 443. A snippet like below: >> >> >> Document

2.2.19 (and probably earlier) won't let you make non-ssl vhosts on 443?

I just upgraded a machine from 2.2.8 to 2.2.19 and suddenly Apache wouldn't let me run non-SSL vhosts on port 443. A snippet like below: DocumentRoot /home/foo/httpdocs ServerName foo allow from all Options +Indexes Suddenly caused the following fatal startup error to be logged: [error] Serv

Re: RFC: aliasing/overriding virtualhosts/setting blocks

On 26/05/2011 11:28, Rainer Jung wrote: > On 24.05.2011 10:23, Issac Goldstand wrote: > >> My third thought was similar. Create a new settings container, and >> allow that to be used as a macro anywhere else: >> >> >> SomeOption >> SomeOtherOption >

Re: RFC: aliasing/overriding virtualhosts/setting blocks

Because when you've got tens or hundreds of vhosts, or generate the conf, that often becomes hell to manage. On 24/05/2011 14:44, Ondřej Surý wrote: > Why not: > > > include name-host.conf > > > > ssl_stuff > include name-host.conf > > > On 24

RFC: aliasing/overriding virtualhosts/setting blocks

A feature that I've kinda wanted for a long time has been the ability to alias and/or extend existing virtualhosts. Previously, this was just a minor pain that usually just came up when setting up a website with dual http and https. It was a bit more of a pain if the virtualhost config needed sub

IPv6 questions

Hi lists, Sorry for the noise and horrid manners, but I can't seem to find any knowledgeable IPv6 people in my day-to-day life. I'm looking to pick someone's brain about how to give access to "the rest of the internet" to machines which natively only run an IPv6 stack and live in the global IPv6

Re: test suite help

On 16/02/2011 16:43, William A. Rowe Jr. wrote: > On 2/15/2011 10:28 PM, Guenter Knauf wrote: >> Am 16.02.2011 00:22, schrieb Igor Galić: httpd-x.x/test isn't anything (and perhaps we should remove it entirely). >>> [snip] >>> >>> I coined that a couple of months ago, big +1 from my side.

Why is 1.3 still on the download page?

Am I getting senile, or didn't we vote on making 1.3 End-Of-Life already? If so, why is 1.3.42 still featured on our download page as a "current recommended release" a year later? Isn't it time to change that to a note saying something to the extent of "If you absolutely MUST continue using 1.3,

add dev mailing list to libapreq2 queue in CPAN rt

Hi RT maintainers, Could you guys have new tickets opened in the libapreq2 queue send notifications to apreq-...@httpd.apache.org to get wider visibility of new issues? Thanks, Issac

Re: official httpd VC9 builds

On 31/01/2011 17:36, William A. Rowe Jr. wrote: > On 1/31/2011 4:05 AM, Issac Goldstand wrote: >> I believe also that wrowe mentioned to me that we wanted to support >> command line (make) builds, and VC9 doesn't allow us to export makefiles. >> >> I'm +1 fo

Re: official httpd VC9 builds

t that would mean 3 (or 2) binary packages for windows which > could result in a lot of extra work :( > > How are the current binaries for windows made? Script or manual? > > ~Jorge > > > > On Mon, Jan 31, 2011 at 11:05 AM, Issac Goldstand > wrote: >> I belie

Re: official httpd VC9 builds

I believe also that wrowe mentioned to me that we wanted to support command line (make) builds, and VC9 doesn't allow us to export makefiles. I'm +1 for making both VC6 and VC9 builds from 2.4 and on, like PHP does. Issac On 31/01/2011 11:21, Jorge Schrauwen wrote: > Hi > > If I remember corr

Re: Sending http headers for 3xx responses

3xx is considered an "error" as far as headers are concerned, so use the err_headers Issac On 26/12/2010 10:58, cronfy wrote: > Hello. > > I am trying to create a module that would send some response headers > related to request. I've taken mod_expires code and adapted it for my > needs. Every

Re: How Apache httpd is tested after changes?

Tests are performed using the Apache::Test perl framework, available on CPAN. The test suite is in subversion at http://svn.apache.org/repos/asf/httpd/test/framework/trunk/ Once you have Apache::Test installed, just run perl Makefile.PL and then issue make test to run the suite. Issac On 21/1

Re: [RELEASE CANDIDATE] libapreq2 2.13 RC

from a C program? > Thanks. > > Pierre Laplante > Président SedNove > 595 Notre-Dame > Saint-Lambert, J4P-2K8 > > > > Le 2010-11-25 à 14:34, Issac Goldstand a écrit : > >> > After a year and a half, the apreq team would like to release version > 2.13 of lib

[RELEASE CANDIDATE] libapreq2 2.13 RC

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 After a year and a half, the apreq team would like to release version 2.13 of libapreq. Please test and vote on the following tarball: http://people.apache.org/~issac/libapreq2-2.13.tar.gz http://people.apache.org/~issac/libapreq2-2.13.tar.gz.asc h

Re: Proposed: PKI Authentication for secure web access

You can use self-signed client certs too. You just have to explicitly tell Apache what to trust and what not to trust. You can also use your own in-house CA, if applicable. Issac On 20/11/2010 22:55, Rob Lemaster wrote: > Thanks for that explanation Graham! > > I wasn't thinking in terms of C

Re: Proposed: PKI Authentication for secure web access

lol. In the meantime, it's still useful for implementation in closed organizations where it's easy to enforce client cert policies (and easy to use a CA model) On 21/11/2010 10:11, Rob Lemaster wrote: > This is good info. Thanks for your responses. So I guess the problem > isn't that the function

Re: Proposed: PKI Authentication for secure web access

On 20/11/2010 22:19, Rob Lemaster wrote: > Isn't mod_ssl used solely for HTTPS (browser-server encryption)? I > would like to use PKI for user authentication like you can in SSH on > top of the encryption provided by HTTPS. The most secure option I see > available for web authentication currently i

Re: svn commit: r1035412 - /httpd/apreq/trunk/glue/perl/t/apreq/cookie.t

What was wrong here? It ran fine by me as-is (and failed without the rest of the patch) On 15/11/2010 21:00, j...@apache.org wrote: > Author: joes > Date: Mon Nov 15 19:00:28 2010 > New Revision: 1035412 > > URL: http://svn.apache.org/viewvc?rev=1035412&view=rev > Log: > fix httponly test > > Mod

Plan to T&R 2.13

OK - having gotten a whole bunch of patches in the past few days after a long period of dead time, I voulenteer to RM the next apreq release and plan to T&R libapreq-2.13 this coming weekend unless objections are raised (or unless we get such a flood of patches that I have to postpone the release :

Re: [Vote] Retire 2.0.x branch?

On 18/10/2010 17:54, William A. Rowe Jr. wrote: > With a release on the way with a host of good bits, almost 2 years after its > previous release, it seems time that the group might consider the following > options... > > [ ] Leave 2.0.x open to maintenance > [X] Leave 2.0.x open to security/c

Re: [vote] Release mod_ftp 1.0.0 as GA

On 18/10/2010 10:40, William A. Rowe Jr. wrote: > On 10/7/2010 9:23 PM, William A. Rowe Jr. wrote: >> After some discussion on list about the numbering and quality of mod_ftp >> today, it seems this is an appropriate time to consider GA, candidate >> tarballs are up at http://httpd.apache.org/dev/

Re: [RELEASE CANDIDATE] Apache-Test-1.33 RC1

On 9/11/2010 4:32 PM, Torsten Förtsch wrote: > On Saturday, September 11, 2010 08:38:46 Fred Moyer wrote: >> http://people.apache.org/~phred/Apache-Test-1.33-rc2.tar.gz +1 Debian Lenny (5.0.6) Server version: Apache/2.2.14 (Unix) Server built: May 23 2010 23:00:52 Summary of my perl5 (revisi

Re: mod_authn_cache

I think I sent a patch to fix it up a year or so ago, when I needed it for 2.2. You can see the fully working (live in production for 6 months now, I think) code here. http://sourceforge.net/tracker/download.php?group_id=93106&atid=603134&file_id=350405&aid=2895850 As mentioned there, I wanted

Re: What's next for 2.2 and 2.3/trunk?

Noone seems to have stepped up for this, so I'll voulenteer. Is there a RELEASE file somewhere with the exact protocol? (If not, I'll add that to trunk before bundling up the next RC) On 6/1/2010 11:49 PM, Paul Querna wrote: On Tue, Jun 1, 2010 at 9:08 AM, Jim Jagielski wrote: Consideri

Re: RFC: drop support for OpenSSL < 1.0 in trunk/2.3?

On 6/1/2010 6:37 PM, Igor Galić wrote: * Solaris 10: 0.9.7 with backports... don't recall what's in the Coolstack but someone else may be able to tell us. The Coolstack and the Webstack both use the system's SSL bindings. Coolstack symlinks it: libssl.so.0.9.7 => /usr/sfw/l

Re: Fast by default

On 6/1/2010 3:30 AM, Bryan McQuade wrote: I had a conversation with a well known hosting provider recently and they told me they use the default Apache configuration for their shared hosting service. When I asked if they provide gzip as an option for their users, they said no, since it was not en

[SPAM] test + apology

Spam detection software, running on the system "heartofgold.mirimar.net", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for

[SPAM] Re: Reducing number of mod_lua hook directives

Spam detection software, running on the system "heartofgold.mirimar.net", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for

  1   2   3   >