t viewing it through github.
vh
Mads Toftum
--
http://flickr.com/photos/q42/
On Wed, Nov 24, 2021 at 11:19:17AM +0100, Yann Ylavic wrote:
> However what would be a discussion without a naming dispute, mod_rustls? :p
Agreed. At least as long as it's an experimental module. If it ever
moves beyond experimental, then a rename back to mod_tls might make
sense.
vh
M
On Sat, Dec 28, 2019 at 09:46:28AM +0100, Luca Toscano wrote:
> sorry for the travis spam, I hope to have improved the config via r1872045.
>
Would it perhaps make more sense sending this to the same list as commit
messages or perhaps a new list?
vh
Mads Toftum
--
http://flickr.com/photos/q42/
a long
time user of apr.
However, at the current level of httpd being a mostly dormant project
(has it been 10+ years since 3.x was even a topic)...
So, it's a -0 from the peanut gallery.
vh
Mads Toftum
--
http://flickr.com/photos/q42/
:)
>
To me it seems useful enough to put in the repo with the rest of the
test code or at least documenting somewhere on http://httpd.apache.org/dev/
If rolled into httpd test framework, it might make more sense to have a
make docker (or similar) that spins up an image with the source copied
in.
ce mod_ssl uses verbs in other
> config name.)
>
Looks better that way to me too.
vh
Mads Toftum
--
http://flickr.com/photos/q42/
s noisy for those who would rather avoid the automated mails.
vh
Mads Toftum
--
http://flickr.com/photos/q42/
On Fri, Oct 09, 2015 at 01:00:22PM +0200, Yann Ylavic wrote:
> On Fri, Oct 9, 2015 at 12:52 PM, Mads Toftum <m...@toftum.dk> wrote:
> > On Fri, Oct 09, 2015 at 12:42:44PM +0200, Yann Ylavic wrote:
> >> On Fri, Oct 9, 2015 at 12:21 PM, Rainer Jung <rainer.j.
od_ftp are named.
vh
Mads Toftum
--
http://flickr.com/photos/q42/
On Sun, Jul 08, 2012 at 10:33:56PM +0200, Daniel Gruno wrote:
[ ] +1: Adopt the comments.a.o system in the 2.2 and 2.4 branch of docs
[ ] 0: I don't care
[X] -1: Don't adopt the system, because
Only trunk is CTR.
vh
Mads Toftum
--
http://soulfood.dk
and apr-util in parallel, it will be easy enough to choose something
like --build-apr=../apr-1.4.5
I like that idea. Makes more sense than --with-included-apr. For extra
bonus points make --with-included-apr throw an error suggesting the use
of --build-apr=srclib/apr
vh
Mads Toftum
--
http
vendor, including my own.
If you did, then perhaps Solaris 10 was another option - that's around
for at least another 5 years with 2.0. :)
vh
Mads Toftum
--
http://soulfood.dk
warning seems a bit
harsh to 3rd party module vendors. My suggestion would be to do 2 now
and announce the switch to 3 for 12 months from now.
vh
Mads Toftum
--
http://soulfood.dk
and further from any more improvements to 2.0.
Totally agreed. Given the number of security related fixes in 2.2
lately, a new 2.0.x would be a very good thing.
vh
Mads Toftum
--
http://soulfood.dk
for
another 2.0.x soon.
vh
Mads Toftum
--
http://soulfood.dk
the To: rather
than adding yet another clumsy workaround for gmail oddities.
vh
Mads Toftum
--
http://soulfood.dk
fine
for ages.
vh
Mads Toftum
--
http://soulfood.dk
broken.
vh
Mads Toftum
--
http://soulfood.dk
'reply-all'? -- justin
ah, so you're the broken thing in this case ;) reply alone works just
fine in a client like mutt that respects reply-to.
vh
Mads Toftum
--
http://soulfood.dk
went and broke what's been there for ages.
vh
Mads Toftum
--
http://soulfood.dk
to get inspiration.
vh
Mads Toftum
--
http://soulfood.dk
provider is simply not designed for that as is evidenced by its poor
usability under those circumstances.
Agreed. The pid provider alone is not nearly as useful as the patch frm
OmniTI.
vh
Mads Toftum
--
http://soulfood.dk
On Wed, Aug 20, 2008 at 02:08:02PM +0200, Jorge Schrauwen wrote:
I like the idea of using --with-SNI and labeling it as experimental.
Yeah, good way to move forward.
Maybe leave it of by default though?
absolutely. It would seem rather odd to turn on experimental by default.
vh
Mads Toftum
Theo just announced dtrace probes for httpd:
http://www.opensolaris.org/jive/thread.jspa?threadID=59306tstart=0
I wouldn't mind seeing those (or something similar) make it into trunk.
vh
Mads Toftum
--
http://soulfood.dk
? the whole 2.x bunch or?
just my $.02
Mads Toftum
--
http://soulfood.dk
the overhead of
maintaining yet another branch? tbh. I'd much rather see work going
towards 3.x ;)
vh
Mads Toftum
--
http://soulfood.dk
On Tue, Feb 19, 2008 at 09:30:30AM -0500, Jim Jagielski wrote:
I propose mod_domain to match the IANA port number
assignment.
Seems more confusing than mod_named.
vh
Mads Toftum
--
http://soulfood.dk
similar but much more complex (?).
Yes. Being able to check a URL seems more useful than plain ping.
Even more useful would be recording the time a backend takes to answer a
request and using that to distribute requests.
vh
Mads Toftum
--
http://soulfood.dk
sense in a perlified version as part of
the test code.
vh
Mads Toftum
--
http://soulfood.dk
. None of our other modules have been modified to
use buckets. Does mod_ssl require the use of buckets?
Are you trying to port mod_ssl from 1.3.x to 2.2.x?
That's been done long ago and 2.x includes a port of mod_ssl.
vh
Mads Toftum
--
http://soulfood.dk
generator(s) (our modules) to have created a
brigade.
Ah. And everything works when mod_ssl is left out?
vh
Mads Toftum
--
http://soulfood.dk
think that'd be quite useful (especially going by Justins reluctance
to add it to apr-util which would have been my preferred location).
vh
Mads Toftum
--
http://soulfood.dk
think perhaps a directive like SSIProxyURL defaulting to off would be
an absolute minimal requirement to keep unsspecting people out of
trouble.
vh
Mads Toftum
--
http://soulfood.dk
was to get bucket brigedes.
vh
Mads Toftum
--
http://soulfood.dk
/httpd/httpd/branches/2.2.x/modules/experimental/mod_case_filter.c
vh
Mads Toftum
--
http://soulfood.dk
to this article, so it must be true) was
unfortunate, and undesirable.
+1 - I don't think a single users abuse should force us into making a
catch all policy. Part of the price of running a wiki is that you'll
have to deal with abuse from time to time.
vh
Mads Toftum
--
http://soulfood.dk
to be on solaris and have dtrace
where you could instrument httpd - along the lines of mod dtrace:
http://prefetch.net/projects/apache_modtrace/
vh
Mads Toftum
--
http://soulfood.dk
with Dutch things seem pretty silly random idea.
Now that people are talking about waka support and http as a module, D
seems more appropriate than ever.
vh
Mads Toftum
--
http://soulfood.dk
On Wed, Dec 06, 2006 at 01:30:26PM +0100, Lars Eilebrecht wrote:
I voted -1 at that time which is a veto.
My opinion hasn't changed and I still think that it is a very
stupid idea to add a feature that allows our users to do
something which is stupid and absurd.
I agree.
vh
Mads Toftum
On Wed, Dec 06, 2006 at 03:45:54PM +0100, Lars Eilebrecht wrote:
So, is that a -1 or -0?
A peanut gallery -1. I feel very strongly about pretending to implement
security measures that does not help one bit.
vh
Mads Toftum
--
http://soulfood.dk
for a
customer and would much prefer to see it supported ;)
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
On Tue, Sep 26, 2006 at 11:54:32AM -0500, William A. Rowe, Jr. wrote:
Most lists in the ASF don't do this for many good reasons, but I noticed
which is why I'm -1 to polluting the subject - there's plenty of X-
headers to work on.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water
PROTECTED] (or [EMAIL PROTECTED]) and to take end user
questions up with the
module author or [EMAIL PROTECTED] list.
I know that you and Nick follow the list, and I'm pretty sure that other
pmc members do as well (and otherwise maybe me with my member hat on
might do the trick).
vh
Mads
of
the participants.
+1 and volunteering to moderate.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
targeted worms that keep hitting my
apache installs seem to suggest that obscuring the server name will at
most lead to a false sense of security. Besides, if you really care, I'm
pretty sure it wouldn't be all that hard to guess what server it is by
looking at all the rest of the headers.
vh
Mads
. In particular:
http://developers.sun.com/prodtech/cc/downloads/index.jsp
yeah, it does mention FREE for SDN members - but that's just another
way of asking people to register before downloading.
(helios has been running studio 11 since november).
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water
of old versions is just like giving people enough
rope...
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
really like to see the current source stay as it is with mod_ssl
included. If anything, it shouldn't be too hard to produce a patch that
strips out mod_ssl at release time if we want to roll an extra non crypto
version for that handfull of countries.
vh
Mads Toftum
--
`Darn it, who spiked my coffee
On Mon, Apr 17, 2006 at 02:25:46PM +0200, Jorge Schrauwen wrote:
I've seen a mod_snmp somewhere:
http://www.mod-snmp.com/mod_snmp.html
don't know how if its free and for what version though.
SNMP module for Apache 1.3.x as you can see on www.mod-snmp.com
vh
Mads Toftum
--
`Darn it, who
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
On Mon, Apr 17, 2006 at 10:15:09AM -0700, Garrett Rooney wrote:
Perhaps, but AFAICT infra@ doesn't have this kind of thing lying
around at the moment, so unless someone is going to step up with
hardware people can use it's kind of a showstopper.
Correct.
vh
Mads Toftum
--
`Darn it, who
On Sat, Apr 01, 2006 at 11:28:15AM -0800, Paul Querna wrote:
2.2.1, embedding APR 1.2.6 and APR-Util 1.2.6, is available from:
http://httpd.apache.org/dev/dist/
Please Test and Vote on releasing 2.2.1 as GA.
Tests ok on Solaris 10 (U2-beta, sunstudio)
vh
Mads Toftum
--
`Darn it, who
think there's any 2.2-only features being used on a.o).
That's generally something only done for the latest and greatest - I
don't think 1.3 has been tested that way for years.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
in apr.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
of open connections (and having a way to decide how many). Making a
provider out of it might be good too - I can sertainly see cases where
other modules might want to make http requests without having to go the
proxy way.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
it seems to be
consistently in that line and they started to turn up after our last
httpd upgrade on ajax.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
or scripts rewritten to
something slightly more commonly used than zsh.
If someone were to contemplate making a general version of those
scripts - what would have a reasonable chance of getting accepted? perl?
ksh? C?
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
On Tue, Jan 10, 2006 at 09:51:36AM -0800, Paul Querna wrote:
Python!
Excellent choice - at least that way I won't have to even consider
trying ;)
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
alerted him to the fact (they showed up with failing
permissions in a cron job) - at least it is fixed now.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
On Wed, Dec 14, 2005 at 12:21:20PM -0800, Paul Querna wrote:
- progname=httpd] )
+ progname=d] )
Looks good although I wonder wether it wouldn't be better to go for
+ progname=D] )
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
CPAN for modules.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
be fairly simple
to handle that at the os level.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
for quite a while is likely to help along 2.2
adoption.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
from the peanut gallery - and it would make a good selling point for
people to upgrade from 2.0.x.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
:-).
It is - http://docs.sun.com/app/docs/doc/816-5166/6mbb1kpvk?a=view
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
to
support/ would be useful too, not automating the process as much as some
people has previously argued against, but still keeping the process of
signing certs fairly simple. Whatever we end up with, I'll work on
getting that into our docs before 2.2 is released.
vh
Mads Toftum
--
`Darn it, who spiked
to be able to integrate into the existing docs, then
this would be the way to go.
+1 for module usage documentation, anything elshe should be -1^Wstrongly
discouraged. But that said, doxygen is what is already used for the inline
api docs, so that's fine for documenting the functions.
vh
Mads
are there, but rather
that they're not clearly marked as experimental?
Then how about grouping the modules in an experimental section of --help
output? Or to take it even further, perhaps a --enable-experimental
flag?
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
to if they want to improve scalability.
big +1 - let's not toss all the cool new features before the release and
get into the same situation as 1.3 - 2.0 having trouble convincing
people that it was worth the upgrade.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
mod cache requestor
is currently stuck with curl? I wouldn't mind seeing serf or similar
functionality in apr - there seems to be plenty of uses for it.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
is:
SSLRequire committers in PeerExtList(1.3.6.1.4.1.18060.1);
SetEnvIf SSL_PeerExtList(etc) ...
+1 on concept /peanutgallery
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
,
relatively safe changes and complete rewrites of large chunks of code.
2.0 took very long to settle because it was very much a moving target, I
would hate for the same to keep happening with a 2.2 release.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
: );
ERR_print_errors_fp(stderr);
exit(1);
+1 from the peanut gallery.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
On Mon, Jun 27, 2005 at 08:05:27AM -0700, Paul Querna wrote:
The ASF has Helios, a quad opteron running solaris 10. httpd has
requested a Zone on there, but one has not been created yet...
Unless I hear any complaints, I'll create a zone later today or
tomorrow.
vh
Mads Toftum
--
`Darn
is too much trouble to be worth
enabling other than when requested explicitly - there's the whole crypto
regs issue and it does link in another lib, which is something that I
prefer limiting to when it is actually needed.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
box):
http://httpd.apache.org/docs-2.0/mod/perchild.html
This module is not functional. Development of this module is not
complete and is not currently active. Do not use perchild unless you
are a programmer willing to help fix it.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water
as if the user entered the certificate DN as
user and password as password.
There's an example in my mod_ssl talk from ApacheCon 2004 - see page 19
of http://cvs.apache.org/~mads/ac2004/MO18mod_ssl.pdf
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
with SSLVerifyClient)
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
the same by making sure that the date
is more recent on the output files.
Anyone able to elaborate on what these two files are for and wether or
not I really do need to install yacc?
You don't need to rebuild those files, so no need for yacc and friends.
vh
Mads Toftum
--
`Darn it, who
a specific
version, I could see where it would be nice to go the other way and
remove a specific cipher.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
was a mistake on my part - I wanted to say protocol but got
distracted ;)
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
there's more than enough mutilated httpd packages out there to
warrant such a list. Perhaps packagers@ would be better?
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
much further than that (ie. no need to
cover the joys of jarfiles ;)
just my $.02
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
would be useful for those
modules that doesn't need incubation, but are not quite at a state where
we would want to distribute them? It would probably also make tings easier
for bringing in new committers.
just my kr .02
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
be an idea to make the choice of
digest configurable - I can think of cases where the extra overhead of
a digest with fewer collisions would be worth the extra cycles.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
it, there was a great uproar when we suggested getting rid of
mod_asis and mod_imap, which are both essentially unused - so it doesn't
seem to make sense to go thrashing about in code that sees a fair bit of
use.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
to be trimming. I'd just rather not lose mod_rewrite in the
same way as the debugging log level of mod_ssl disappeared,
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
this?
Wouldn't adding the port to ServerName be what you need?
ServerName example.com:80
Iirc it is even suggested in the docs.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
to the mod_ssl mailinglist
(where this question belongs) that it doesn't affect 1.3
or is it simply that mod_ssl, prior to apache 2, is not the
responsibility of ASF?
It isn't an ASF project. Mod_ssl is a project run by Ralf Engelschall.
vh
Mads Toftum
--
`Darn it, who spiked my coffee
of httpd-test from a couple
of hours ago)
- t/modules/includes.t test 49 is failing; however, I think it's a bug in
httpd-test. That test is calling single_space(), but that function is
corrupting the response such that it fails (removes too many spaces).
The same error here.
vh
Mads
On Thu, Mar 04, 2004 at 07:41:54AM +0100, André Malo wrote:
I'd prefer the %{SSL:...} variant and using ssl_var_lookup_ssl. All other
Agreed. It makes sense to me to make a specific point out of where those
variables came from.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water
with prefork and worker - seems to work well. All that seems
to be missing are the config directives.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
+1 after testing - my only reservation is that
BTFile and WKUFile could probably use more verbose naming.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
the trace looks similar with mod_whatkilledus_13. Without either of
them it looks fine.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
, a new directive
EnableExceptionHook {on|off}
which defaults to off must be used to tell sig_coredump() to call such
hooks.
Any objections?
No objections at all.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
- but runtime configurable would certainly
be nice.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
- that way it will be
simple for anyone who cares about security to enable the module, and for
those who don't care for the quite significant added overhead, it will be
easy to turn on if they suspect a problem.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
; then
module_selection=$i
module_default=shared
else
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
On Mon, Dec 08, 2003 at 04:32:28PM -0500, Jeff Trawick wrote:
but APU_0_9_BRANCH for apr-util
$ cat srclib/apr/CVS/Tag
TAPR_0_9_BRANCH
$ cat srclib/apr-util/CVS/Tag
TAPU_0_9_BRANCH
(ouch)
Ups, my bad - I wonder why cvs didn't barf when I did that - I'll fix
my mess soon.
vh
Mads
1 - 100 of 122 matches
Mail list logo