Re: PCRE status?

> We're upgraded to the latest PCRE now (thanks for Cliff to fixing the > Win32 build). Thanks. > I checked with the PCRE maintainer and learned that the next release is > several months away. In the meantime, that leaves me with two options > for speeding up ap_regexec(): > > * Commit a ch

1.3.24 +1

Tarball tested on RH Linux 2.2.16-22 with no problems. +1 Roy

Re: [PATCH] convert worker MPM to leader/followers design

What Brian describes is a fatal flaw in the current Worker MPM code. In order to veto his change, you will be expected to review the code first and then propose a better solution. Until then, choose a better way than -1 to make reservations. If Brian needs to create a new MPM to fix this kind of

Re: an old Darwin issue... what is the solution?

See also Roy

Re: [PATCH] convert worker MPM to leader/followers design

On Thursday, April 11, 2002, at 04:45 AM, Jim Jagielski wrote: > Roy T. Fielding wrote: >> >> If Brian needs to create a new MPM to fix this kind of problem, then >> I will remove the worker MPM from the code base as soon as the new one >> is committed. I don&#

Re: [PATCH] convert worker MPM to leader/followers design

> Ok, now we're on the same page. I see this as a problem as well, but I > don't think this is what is causing the problem described earlier in this > thread. Considering how unlikely it is that all of the threads on one > process are on long-lived connections, I don't see this as a critical > sho

Re: [PATCH] convert worker MPM to leader/followers design

> I do not believe that we have a scalability problem in the worker MPM. > I believe we have a scalability problem in our testing tool. I agree > that there is a problem that can cause some new connections to appear > to hang under certain unlikely conditions, but I do not believe this can > cause

Re: [PATCH] Move 100-Continue into HTTP_IN

We have to do more work than this. The 100 has to be sent before attempting to read the first chunk (if chunked) or only if C-L > 0 (if length). Also, the code that reads the chunk length is failing to check for errors. Also, the code that reads the chunk end is failing to read the trailers.

Re: eWeek: Apache 2.0 Beats IIS at Its Own Game

Nice article. However, looking at their test results, I'd say they are only measuring the limits of their test tool. At least it is nice to see that they have similar performance up to the test limitation. Roy > http://www.eweek.com/article/0,3658,s=702&a=25458,00.asp

Re: Move perchild to experimental?

+1 Roy

Re: Can't force http 1.0

On Monday, April 22, 2002, at 11:11 AM, Joshua Slive wrote: > Bill Stoddard wrote: > >>> SetEnv force-response-1.0 >>> >>> According to the docs here: >>> http://httpd.apache.org/docs/env.html#special >>> The point of that was to deal with silly proxies that belched when they >>> saw "HTTP/1.1"

Re: cvs commit: httpd-2.0/server core.c

I don't understand why you didn't simply reverse the test and enclose the frequent case inside the if {} block. I assume it was just to avoid indenting a large block of code, which is not sufficient justification for a goto. A goto often has unforeseen effects on high-level optimizations that ca

Re: REQUEST_CHUNKED_DECHUNK question

On Thursday, April 25, 2002, at 03:27 PM, Justin Erenkrantz wrote: > On Thu, Apr 25, 2002 at 04:39:18PM -0400, Bill Stoddard wrote: >>> From http_protocol.c... >> >> * 1. Call setup_client_block() near the beginning of the request >> *handler. This will set up all the necessary properties,

Re: Bumping tags

>> Well then why are the patches in the tree??? I'm not sure I like the >> idea of >> tagging and then tagging just some files. Seems like if we haven't got a >> stable HEAD we shouldn't be tagging. We got into this whole business of >> tagging often as a way of avoiding having this sort of thing

Re: cvs commit: httpd-2.0/server/mpm/worker worker.c

On Wednesday, May 1, 2002, at 01:49 PM, Aaron Bannert wrote: >> And, consider my position on your calloc change in this patch as a >> veto. If you want to remove calloc, then you should do so throughout >> the code rather than in sporadic places that may make maintaining the >> code a nightmar

Re: [Patch] Concept: have MPM identify itself in Server header

I do not believe that the Server string should be used to describe implementation details of the server software. I know we already do that, over my objections. Roy

Re: Stripping Content-Length headers

On Sunday, May 5, 2002, at 11:25 AM, Justin Erenkrantz wrote: > On Sun, May 05, 2002 at 08:03:24PM +0200, Graham Leggett wrote: >> I understand the Content Length filter is responsible for sorting out >> Content-Length, and that chunked encoding will be enabled should the >> length be uncalcula

Re: cvs commit: httpd-2.0 STATUS

> if (ap_status_drops_connection(r->status) || > (r->main && ap_status_drops_connection(r->main->status))) { > return OK; > } > > The idea is that if our status code is such that we're trying to > avoid reading the body, we shouldn't actually read it. We need > the r->main

Re: cvs commit: httpd-2.0 STATUS

> Sounds good, but I disagree with your STATUS code. It is a 400, not a > 413. The request is completely invalid, not too large. It would be too > large if we had set a limit on the size of requests, but that isn't the > problem. The problem is that they have sent an invalid chunk. No, it is

Re: apr_time_t --> apr_time_usec_t

On Monday, June 10, 2002, at 03:22 PM, Cliff Woolley wrote: > On Mon, 10 Jun 2002, Roy T. Fielding wrote: > >> I know of one existing bug in httpd that I would consider a >> showstopper, if I were RM, due to the way APR handles time. > > Are you going to tell me what

Re: apr_time_t --> apr_time_usec_t

>>> If-Modified-Since doesn't work because an HTTP time based on >>> seconds x10 is being compared to a file modification time >>> based directly on microseconds. >> >> I thought I fixed that already!? Oh boy, did the patch not get >> committed? >> It might be sitting in the PR waiting for s

Re: cvs commit: apr/include apr_time.h

There is no reason for them to be all-uppercase. I hate it when people use uppercase for functions, including macro functions. All-uppercase is a convention for symbolic constants, not functions. Roy

Re: [patch] reduce conversions of apr_time_t

Why do that when it is more effective to just blow away apr_time_t and use the already-portable time_t when we want to store seconds? I have no need for microseconds outside of struct tm (which does need a more portable apr structure type). Roy

[PATCH httpd 1.2] chunk size overflow

This patch should be sufficient to fix the security hole for most versions of Apache httpd 1.2. Should we put it up on dist/httpd? Roy --- apache-1.2/src/http_protocol.c Thu Jan 4 01:21:10 2001 +++ apache-1.2/src/patched_http_protocol.c Thu Jun 20 18:13:04 2002 @@ -1535,6 +1535

Re: [PATCH httpd 1.2] chunk size overflow

> This patch should be sufficient to fix the security hole for most > versions of Apache httpd 1.2. Should we put it up on dist/httpd? It turns out that this small patch is sufficient to plug the hole on all 1.2 and 1.3.* versions up until 1.3.24 if mod_proxy is in use. I have placed it in the r

Re: CAN-2002-0392 : what about older versions of Apache?

fix to our own code is necessary and sufficient to solve the problem. Roy T. Fielding, Chairman, The Apache Software Foundation ([EMAIL PROTECTED]) <http://www.apache.org/> Please see <http://httpd.apache.org/info/security_bulletin_20020620.txt> This

Re: Karma please

User rasmus already has karma. apache-2.0 is not what you are looking for, try the module httpd-2.0. Roy On Sunday, June 23, 2002, at 05:30 PM, Rasmus Lerdorf wrote: > Could someone karma me for apache-2.0 please? > > -Rasmus >

Re: CAN-2002-0392 : what about older versions of Apache?

> I don't remember seeing any +1's for this patch on the list. I don't remember needing any. There were no -1 with explanations. There certainly hasn't been any effort spent, aside from my own, to address the needs of those who cannot upgrade. You guys punted, so I picked up the ball and finish

Re: CAN-2002-0392 : what about older versions of Apache?

> I did not remove your patch, I am merely looking for some other opinions. So am I. Where are they? > Have you so soon forgotten that this bug has been in the codebase for > over 4 years? Common sense tells us that this big of a fuckup needs to > be thoroughly reviewed, and by someone other th

Re: CAN-2002-0392 : what about older versions of Apache?

On Tuesday, June 25, 2002, at 02:05 PM, Arliss, Noah wrote: > Hopefully this is not a redundant question.. Does this patch cover issues > in > mod_proxy as well, or were the issues introduced in 1.3.23 and later? They were introduced later. The patch says that it is not sufficient for the rele

Re: URL parsing changed between 1.3.23 and 1.3.26?

> That's true. But & is definitely the one used by convention. (Maybe it' > s > in the CGI spec? Not sure on that one.) And that doesn't change the fact > that this in this case ':' was used in place of both the '?' and the > '&', which is definitely wrong. No, it's just a different way of na

Re: cvs commit: apache-1.3/src/main http_protocol.c

WTF? -1 Jim, that code is doing an error check prior to the strtol. It is not looking for the start of the number, but ensuring that the number is non-negative and all digits prior to calling the library routine. A simple check of *lenp would have been sufficient for the blank case. I need t

Re: cvs commit: httpd-2.0/modules/experimental mod_mem_cache.c

On Thursday, July 18, 2002, at 12:49 PM, [EMAIL PROTECTED] wrote: >} > -if (sconf->max_cache_object_size >= sconf->max_cache_size) { > +if (sconf->max_cache_object_size >= sconf->max_cache_size*1000) { >ap_log_error(APLOG_MARK, APLOG_CRIT, 0, s, >

Re: cvs commit: httpd-2.0 acinclude.m4

-1. Please revert the change. The purpose of the check is to identify incompatible APIs, not security holes. Roy

Re: cvs commit: httpd-2.0 acinclude.m4

>> -1. Please revert the change. The purpose of the check is to identify >> incompatible APIs, not security holes. > > should apache be allowed to be built against a version of OpenSSL that > has a > known problem - I don't think so. But if everybody thinks against - then, > so > be it. Peopl

Re: cvs commit: httpd-2.0 acinclude.m4

> -1. Please revert the change. The purpose of the check is to identify > incompatible APIs, not security holes. I have a patch to turn it into a warning -- will commit once tested. Roy

Re: cvs commit: httpd-2.0 acinclude.m4

> Cool. I believe something is better than nothing :). > > (I'm sure you're already aware of this - but thought it'd be better to let > you know) > I believe my patch went into r1.127 - and has been labelled for the 2.0.40 > release. So, you might want to bump the label before it's released. It h

Re: Why can't ap_send_error_response() count on charset?

>> Can you try it again with current cvs HEAD? I'm not familiar with the >> W3C >> Validator test, but I would hope that if it saw a good http Content-Type >> header, >> it wouldn't need the stuff in the html meta line. > > Me too but I found a problem/feature due to the validator so I just wro

Re: HTTP headers on 'trailing slash' redirects?

>> Seems to me that a URL pointing to a directory always has to end with a >> slash, and therefor it is permanent. Why would it be temporary? > > Hmm... I'm not entirely sure, to be honest. I wouldn't really > consider myself experienced in any way with the inner workings of web > servers. > Howev

Re: cvs commit: apache-1.3/src/modules/standard mod_digest.c

> +/* There's probably a better way to do this, but for the time > being... > + * > + * Right now the parsing is very 'slack'. Actual rules from RFC > 2069 are: The relevant spec is RFC 2617. Were there significant changes since 2069? Roy

Re: cvs commit: apache-1.3/src/modules/standard mod_digest.c

> Not in this section. Comma separation made clearer (but no explicit > wording on white space eating) - and our old code was still at fault > when isinsting that any non alpanumeric MUST be quoted. Odd that the BNF doesn't require that -- it cannot be parsed unambiguously without the quotes. ..

Re: Cached response: 304 send as 200

On Wednesday, September 11, 2002, at 06:04 PM, Graham Leggett wrote: > Kris Verbeeck wrote: > The response: HTTP/1.0 200 Date: Tue, 10 Sep 2002 09:45:39 GMT Server: web server Connection: close etag: "b9829-2269-3cd12aa1" >>> >>> Another

Re: PHP POST handling

Output filters cannot handle methods -- only input filters can do that. It sounds to me like you guys are just arguing past each other -- the architecture is broken, not the individual modules. Just fix it. Greg is right -- the default handler is incapable of supporting any method other than GET

Re: [Patch]: ap_cache_check_freshness 64 bit oddities

> At first glance, I think there's an even more fundamental problem: > the code in ap_cache_check_freshness() appears to be mixing times > measured in microseconds (the result of ap_cache_current_age()) > with times measured in seconds (everything that it gets from the > HTTP header). And does th

Re: [1.3 PATCH^H^H^H^H^HBUG] chunked encoding problem

I'm sure there's a great reason for setting B_EOUT flag here, but it sure does suck if you have data waiting to be sent to the client since setting B_EOUT convinces ap_bclose() not to write any more data. It is only set when the connection is aborted or the fd is gone, both indicating that we can

Re: [1.3 PATCH^H^H^H^H^HBUG] chunked encoding problem

On Friday, October 18, 2002, at 07:44 PM, Roy T. Fielding wrote: I'm sure there's a great reason for setting B_EOUT flag here, but it sure does suck if you have data waiting to be sent to the client since setting B_EOUT convinces ap_bclose() not to write any more data. It is onl

distributing encryption software

Ryan asked for a clarification about whether or not we have the ability to redistribute SSL binaries for win32. Last year, the board hired a lawyer to give us an opinion on whether we can distribute encryption software, or hooks to such software. The exact opinion we got back is, unfortunately, no

Re: workaround for encoded slashes (%2f)

Your patch will simply let the %2F through, but then a later section of code will translate them to / and we've opened a security hole in the main server. I'd rather move the rejection code to the place where a decision has to be made (like the directory walk), but I have no time to do it myself.

Re: strace of SPECWeb99 static workload

One of them is probably here (in function ap_meets_conditions). Is there any reason we cannot use r->request_time here? I can't tell for sure right now, but the original concern was that dynamically generated pages that are forked into a cache (something done by RobH for IMDB) would have a modifi

Re: workaround for encoded slashes (%2f)

Your patch will simply let the %2F through, but then a later section of code will translate them to / and we've opened a security hole in the main server. I'd rather move the rejection code to the place where a decision has to be made (like the directory walk), but I have no time to do it myself.

Re: Apache 1.3 and invalid headers

Does anyone know what the behaviour of Apache 1.3 is under the circumstances where the HTTP request or response contains an invalid request header? Specifically, when the Connection header contains something other than 'close'? There is nothing invalid about that -- connection is completely exte

Re: karma and cvs commit messages

Since we renamed the repository to httpd from httpd-2.0 (there is a symlink for now), the CVSROOT/avail file doesn't match the repository name, and therefore I can't commit. Can we fix that so I can commit to the new "httpd" repository directly? Why the heck was that done? Too many things get sc

Re: cvs commit: httpd-2.0 STATUS

On Monday, November 25, 2002, at 04:58 PM, Aaron Bannert wrote: I guess I just didn't read that much in to it. I just want to see us move forward without getting bogged down in misinterpreted emails and already acknowledged mistakes, and to do that I'm trying to stay objective (eg. a Vote). To m

Re: FW: Older version of apache2

So you suggest initially populating old/ and then symlinking the now-current version in the main download directory at the old/ target, instead? It would still initially download the package twice, and then simply unlink it later on, right? Or what's the right approach here? I suggest moving th

Re: svn commit: r691418 [1/2] - in /httpd/httpd/trunk: ./ docs/manual/mod/ modules/filters/

On Sep 5, 2008, at 4:04 PM, Basant Kumar kukreja wrote: Just a note : sed original code also have AT&T copyright. http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/ ucbcmd/sed/sed1.c http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/ ucbcmd/sed/sed0.c http://src.opensol

Re: httpd win64 "project" sources/makefiles [was:...binaries]

On Nov 3, 2008, at 6:06 AM, Marc Noirot wrote: What about going one step further and using a tool able to generate Makefiles and IDE files for [name some of your favorite IDEs] ? I'm thinking about something like CMake ... http://lwn.net/Articles/188693/ http://www.cmake.org/ +1 But it s

Re: AuthzMergeRules blocks everything in default configuration

IIRC, trunk contains (or contained) a security problem with regard to backward compatibility with 2.x configs. I won't consider it releasable until that has been fixed one way or another, and I can't tell from this mail thread whether the actual fix was committed or not. I thought that Chris com

Re: AuthzMergeRules blocks everything in default configuration

On Dec 1, 2008, at 3:16 PM, Chris Darroch wrote: Roy T. Fielding wrote: IIRC, trunk contains (or contained) a security problem with regard to backward compatibility with 2.x configs. I won't consider it releasable until that has been fixed one way or another, and I can't tell

Re: changing mod_wombat's name

On Dec 7, 2008, at 1:07 PM, Paul Querna wrote: Brian McCallister wrote: I know some folks are attached to the wombat moniker, but the name is likely to confuse users, particularly now that it is in trunk. The obvious name, mod_lua, is a bit tricky as there are about half a dozen projects named

Authz directives

I am a little frustrated by the changes to authorization since 2.2. I don't understand why they were needed in the first place, nor why we need two different but equally incomprehensible ways to configure the same things. I totally understand the desire to make the implementation more modular and

Re: mod_fcgid incubation?

On Dec 10, 2008, at 4:51 AM, Jim Jagielski wrote: On Dec 9, 2008, at 4:56 PM, Nick Kew wrote: It's unfortunate there's no clear copyright statement, but would it not be reasonable to assume Copyright Pan Qingfeng and deal with him? Contact other contributors as a courtesy, but not let it worry u

Re: Authz directives

On Dec 9, 2008, at 10:45 AM, Chris Darroch wrote: This is all fairly simple, I think, especially if MatchNotAny/RequireNone is removed as well so that Require retains its apparent meaning everywhere. See if the patch below meets your expectations; if so, I'll commit it and update the docs

Re: mod_fcgid license questions

On Dec 31, 2008, at 6:31 PM, Chris Darroch wrote: pqf wrote: version 1.10 ( Jul 3rd 2006 ) 1. Use poll() instead of select() in UNIX. It becomes problematic on apache2 with large number of logfiles. Apache2 calls poll() (when OS supports it), and in that case it doesn't need to be reco

Re: Configuration change for c...@httpd?

On Jan 2, 2009, at 10:33 AM, Joe Schaefer wrote: From: Justin Erenkrantz To: dev@httpd.apache.org Sent: Friday, January 2, 2009 1:28:27 PM Subject: Re: Configuration change for c...@httpd? On Fri, Jan 2, 2009 at 9:55 AM, Joe Schaefer wrote: Shrug, I can try completely removing the To: header,

Re: Configuration change for c...@httpd?

On Jan 2, 2009, at 8:04 PM, Justin Erenkrantz wrote: On Fri, Jan 2, 2009 at 5:08 PM, Roy T. Fielding wrote: I am completely uninterested in "fixing" the config just because some person reflexively does a reply-all and then doesn't edit their own destination addresses. There is

Re: accept mod_fcgid codebase into httpd project

+1 Roy

warning in mod_unixd.c

mod_unixd.c:306: warning: no previous prototype for 'unixd_setup_child' (in case someone feels like fixing it before I wake up) Roy

Re: svn commit: r739150 - /httpd/httpd/trunk/os/unix/unixd.h

On Jan 30, 2009, at 3:07 PM, Ruediger Pluem wrote: On 01/30/2009 03:48 AM, field...@apache.org wrote: Author: fielding Date: Fri Jan 30 02:48:08 2009 New Revision: 739150 URL: http://svn.apache.org/viewvc?rev=739150&view=rev Log: revert r711228: the ap_unixd_setup_child prototype needs to go

Re: svn commit: r739150 - /httpd/httpd/trunk/os/unix/unixd.h

On Jan 30, 2009, at 3:30 PM, Roy T. Fielding wrote: On Jan 30, 2009, at 3:07 PM, Ruediger Pluem wrote: On 01/30/2009 03:48 AM, field...@apache.org wrote: +AP_DECLARE(int) ap_unixd_setup_child(void); /* mod_cgid needs this */ + Hm. This break compilation of trunk as this symbol is now

Re: svn commit: r739382 - in /httpd/httpd/trunk: ./ include/ modules/filters/ modules/http/ modules/mappers/ modules/proxy/ server/

On Jan 31, 2009, at 1:53 AM, Ruediger Pluem wrote: This causes the server to crash in case where no r->handler is set (e.g. in the case of a non existing resource). Bummer. I suppose it would be too difficult to fix the couple hundred places where strcmp is used on r->handler without checkin

Re: [summary] accept mod_fcgid codebase into httpd project

On Jan 27, 2009, at 9:44 AM, Chris Darroch wrote: The httpd-mod_fcgid.xml file is my first whack at the IP clearance template. I renamed this .xml.utf8 this morning because I realized it has some non-ASCII UTF-8 character sequences in it. I don't know if those will pass through the Incuba

notes on filters in 2.2.x

I spent a while looking at mod_deflate and various filter related issues in 2.2.x/trunk, but I had to context switch away before I could create such a large fix. This message is to write down my conclusions so that I can remember them and maybe fix the silly thing when I get a chance, or maybe en

Re: Open Projects

On Mar 6, 2009, at 4:58 PM, ntwrkd wrote: I haven't heard back from faxing my developer app to the ASF. Would I even be able to contribute? Anyone can contribute by posting fixes in email or bugzilla. A CLA is only required by us when we think a given contribution is significant enough to meri

Re: [summary] accept mod_fcgid codebase into httpd project

On Feb 18, 2009, at 1:13 PM, Chris Darroch wrote: Roy T. Fielding wrote: I'd suggest that we import the code into SVN by starting not with this temporary package, but with a cvs2svn export of the SourceForge commit history. The relicensing can then follow as a single subsequent c

mod_fcgid

On Mar 17, 2009, at 3:44 PM, Chris Darroch wrote: Roy T. Fielding wrote: Done. I set all of Ryan Pan's commits to svn:author=pqf (for consistency), loaded the whole thing under httpd/mod_fcgid and fixed the eol-style to native. Please relicense the directory and files first before m

Re: svn commit: r760167 - in /httpd/httpd/trunk: CHANGES server/util_script.c

-1 (veto) Filling obscure areas of the server with stupid hacks that modify the request structure because of something the content generator *might* do is harmful to overall stability. 204 and 304 are already handled elsewhere (or, if not, they should be handled elsewhere). Roy On Mar 30,

Re: svn commit: r768504 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS docs/manual/mod/mod_ssl.xml modules/proxy/mod_proxy_http.c modules/ssl/mod_ssl.c modules/ssl/ssl_engine_config.c modules/ssl/ss

On May 4, 2009, at 12:22 PM, Ruediger Pluem wrote: During my work on the SNI backport I noticed that during my preparation of the backport patch for this proposal one import line fell through the cracks that was contained in r760866. The following patch would fix this missing initialization:

Re: svn commit: r771998

On May 7, 2009, at 10:57 PM, William A. Rowe, Jr. wrote: In any case, I have a better solution. mod_so is not a URI mapper, nor is mod_watchdog. I created a modules/core/ tree; fixed. Why do people always want to use "core" as a directory name? "sys" or "systemic" would be better, or just m

board report due Monday

Does anyone have anything special that they would like me to pass on to the ASF board? I could request a budget for our thousand-open-bugs-bash party. Roy

Re: 204/304 follow-up

On May 17, 2009, at 12:54 PM, Edward Z. Yang wrote: Hello Roy, Two months ago a patch was committed to Apache which prevented Apache from sending content body when forbidden by the HTTP protocol, namely 204 and 304 response. You vetoed this patch, and said that the patch applied to the incorre

Re: 204/304 follow-up

On May 18, 2009, at 11:53 AM, Nick Kew wrote: The case under discussion was errors generated by a script and propagated by the server without reference to ap_send_error_response. Fix the script. Roy

Re: 204/304 follow-up

On May 18, 2009, at 2:19 PM, Nick Kew wrote: On Mon, 18 May 2009 12:23:38 -0700 "Roy T. Fielding" wrote: On May 18, 2009, at 11:53 AM, Nick Kew wrote: The case under discussion was errors generated by a script and propagated by the server without reference to ap_send_error_respo

incubator proposal for (what was once) Inktomi Traffic Server

I think this is an interesting opportunity to compare different implementations and share code where desirable. I haven't seen anyone comment on the proposal yet. Roy Begin forwarded message: From: Leif Hedstrom Date: June 12, 2009 9:17:59 AM PDT To: gene...@incubator.apache.org Subject:

Re: mod_deflate DoS using HEAD

On Jul 14, 2009, at 10:02 AM, Nick Kew wrote: That, on the other hand, stands. In the case of an HTTP/1.0 request, we'd be closing the connection to signal end-of-response. Not on a HEAD request. Roy

William Rowe Jr. is now V.P., Apache HTTP Server

hat it was unanimously approved by the board: WHEREAS, the Board of Directors heretofore appointed Roy T. Fielding to the office of Vice President, Apache HTTP Server, and WHEREAS, the Board of Directors is in receipt of the resignation of Roy T. Fielding from the office of Vice President, A

Re: mod_ssl and Transfer-Encoding: chunked wastes ~58 bytes per chunk.

On Aug 19, 2009, at 9:53 AM, Alex Stapleton wrote: (This has been cross posted to us...@. I apologise if this mail isn't relevant to the dev list.) First some background. We use Apache HTTPD 2.0 over a high-latency, high packet loss GPRS WAN. The cost per byte is tangible. We use SSL. We also u

Re: mod_ssl and Transfer-Encoding: chunked wastes ~58 bytes per chunk.

On Aug 20, 2009, at 2:01 AM, Alex Stapleton wrote: 2009/8/19 Roy T. Fielding : On Aug 19, 2009, at 9:53 AM, Alex Stapleton wrote: (This has been cross posted to us...@. I apologise if this mail isn't relevant to the dev list.) First some background. We use Apache HTTPD 2.0 over a

Re: svn commit: r808906 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS

On Aug 28, 2009, at 7:44 AM, j...@apache.org wrote: Submitted by: rpluem Reviewed/backported by: jim Hi Jim, Could you please return to the traditional way of noting this, namely Submitted by: Ruediger Pluem Reviewed by: jim, minfrin We already know who backported it (the committer) and i

Re: svn commit: r808906 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS

On Aug 28, 2009, at 1:20 PM, Jim Jagielski wrote: I'll update my rev of the svn.merge script to do that... But the 'Reviewed by: ...' stuff would require a cut-paste from STATUS, which defeats the whole purpose of grabbing the orig svn logs and using that, but I can maybe figure out some way of

Re: [Bug 47087] Incorrect request body handling with Expect: 100-continue if the client does not receive a transmitted 300 or 400 response prior to sending its body

On Aug 29, 2009, at 11:03 PM, Graham Dumpleton wrote: 2009/8/30 Nick Kew : On 27 Aug 2009, at 17:22, bugzi...@apache.org wrote: It appears that Apache is violating this paragraph from RFC 2616: - Upon receiving a request which includes an Expect request- header field with the "

Re: [vote] release httpd-2.2.14?

Oh, for crying out loud, get a grip folks. There is no "standard" md5 file format. It isn't even a good way to validate the build in the first place -- the signature file exists for that purpose. If you don't like the file format, write a friggin perl script to read whatever is there and feed i

Re: [PATCH] roll.sh output equal checksum files independent of OS

On Sep 24, 2009, at 2:11 PM, Guenter Knauf wrote: Hi, here's based on input from Rainer and Rüdiger my last trial unless I get further positive comments instead of disappointing ones ... highlighted: http://people.apache.org/~fuankg/testchecksum/testchecksums.sh.html plaintext: http://people.

Re: [Fwd: SvnPubSub websites -- need more volunteers]

On Oct 3, 2009, at 7:36 PM, William A. Rowe, Jr. wrote: Paul Querna wrote: On Sat, Oct 3, 2009 at 6:14 PM, Guenter Knauf wrote: Hi Paul, Paul Querna schrieb: all the files are now sourced from svn: woah, so that means all files are now to

Re: svn commit: r821452 - /httpd/mod_fcgid/trunk/modules/fcgid/fcgid_pm_unix.c

On Oct 4, 2009, at 2:57 PM, William A. Rowe, Jr. wrote: Guenter Knauf wrote: Hi, Jeff Trawick schrieb: you mentioned in another thread that somebody sent this to you; in that case the commit log should show Submitted by: xxx yyy http://zzz.com>> Reviewed by: (you) I know, I know; but my fr

Re: svn commit: r822094 - /httpd/mod_fcgid/trunk/modules/fcgid/fcgid_conf.c

On Oct 6, 2009, at 1:00 PM, Jeff Trawick wrote: On Tue, Oct 6, 2009 at 3:40 PM, Chris Darroch wrote: Jeff Trawick wrote: Beyond beta, I think we have something that is clearly better than the 2007 mod_fcgid 2.2 release and should get out the door soon as a GA (as long as testing doesn't

Re: svn commit: r826805 - in /httpd/httpd/trunk: CHANGES docs/manual/programs/htpasswd.xml support/htpasswd.c

On Oct 19, 2009, at 1:53 PM, s...@apache.org wrote: Author: sf Date: Mon Oct 19 20:53:04 2009 New Revision: 826805 URL: http://svn.apache.org/viewvc?rev=826805&view=rev Log: Change the default algorithm for htpasswd to MD5 on all platforms. Crypt with its 8 character limit is not useful anym

Re: Obsolete modules in 2.3

I personally find it useful to continue having support for features that were once used in the past, specifically to test things that once worked to see if they still work with the current version of Apache. Therefore, I do not consider these modules to be obsolete. Unless they are somehow broken

Re: svn commit: r895930 - /httpd/httpd/trunk/docs/conf/mime.types

BTW, I think it is time to comment out all of the media types we don't actually use, since (looking at mod_mime.c) the performance impact might be getting relevant to start-time even if they are not added to the hash. I'll do that tomorrow if nobody objects. Roy

Re: mod_dav inconsistent behaviour for GET requests

On Jan 29, 2010, at 10:46 AM, Stefan Fritsch wrote: > On Friday 29 January 2010, Plüm, Rüdiger, VF-Group wrote: >> Thanks for clarification. I guess I understand your intension >> better now. So basicly you want those providers that do not >> implement GET by themselves to enforce the usage of the

Re: svn commit: r923712 - in /httpd/httpd/trunk/docs/manual: ./ mod/

On Mar 16, 2010, at 5:48 AM, rbo...@apache.org wrote: > Author: rbowen > Date: Tue Mar 16 12:48:31 2010 > New Revision: 923712 > > URL: http://svn.apache.org/viewvc?rev=923712&view=rev > Log: > In as much as we can be said to have consensus on anything at all, we > appear to have consensus that w

  1   2   3   4   5   6   >