Re: mod_http2 on Windows (was: Re: Status for 2.4.20)

On Thu, Mar 24, 2016 at 9:31 AM, Yann Ylavic wrote: > >> nghttp2_session.c(160) : warning C4996: 'vsnprintf': This function or > >> variable may be unsafe. Consider using vsnprintf_s instead. To disable > >> deprecation, use _CRT_SECURE_NO_WARNINGS. > > [sarcasm] > Microsoft being unable to provi

Re: mod_http2 on Windows (was: Re: Status for 2.4.20)

On Thu, Mar 24, 2016 at 8:49 AM, Jan Ehrhardt wrote: > William A Rowe Jr in gmane.comp.apache.devel (Thu, 24 Mar 2016 07:58:45 > -0500): > >Precisely, Jan. We don't know where these truncation errors lead - do > they > >portentially open security holes? They cetain

Re: apr_global_mutex_create vs apr_proc_mutex_create

proc_mutex can only be used to block on a cross process event. It can be used in a threaded server, but cannot be held in multiple threads, you might use it to block in a single thread queue per-process. Thread_mutex will not block between processes, this is used for the mutex-per-process logic s

Re: 2.4.20 Change dsp: Win32-specific build files.

t convert our .dsp files. > That's not true, I convert them. > > Steffen > > > > From: William A Rowe Jr Sent: Wednesday, March 23, 2016 9:23 PM > To: httpd Subject: * Re: 2.4.20 Change dsp: Win32-specific build > files. > > On Wed, Mar 23, 2016 at 11:12 AM

mod_http2 on Windows (was: Re: Status for 2.4.20)

On Mar 23, 2016 22:19, "Jan Ehrhardt" wrote: > > William A Rowe Jr in gmane.comp.apache.devel (Wed, 23 Mar 2016 08:00:19 > -0500): > >On Wed, Mar 23, 2016 at 7:42 AM, William A Rowe Jr > >wrote: > > > >> Again, a C89 regression breaking the candida

Re: 2.4.20 Change dsp: Win32-specific build files.

On Wed, Mar 23, 2016 at 11:12 AM, Steffen wrote: > I went earlier back, so I did a .dsp/GUI build with no issues. > > Build with SVN revision 1736328. > > Running looks also fine sofar. > Glad to hear, thanks for testing. I've updated the commit log message to more clearly explain the intent an

Re: 2.4.20 Change dsp: Win32-specific build files.

On Mar 23, 2016 3:15 AM, "Steffen" wrote: > > Saw that wrowe did a change win make files in 2.4. branche. > > The comment says the the .dsp flies are entirely ! unusable. > > I can tell that they are entirely usable with V9-VC14. What was the issue ? They were directly usable on VC98. They wer

Re: Status for 2.4.20

On Wed, Mar 23, 2016 at 7:42 AM, William A Rowe Jr wrote: > > branches/2.4.x/modules/http2/h2_filter.c > > Again, a C89 regression breaking the candidate, but in an experimental > module that we don't promise will always build. nghttp2 is filled with C99 > code, AIUI

Re: Status for 2.4.20

On Mar 23, 2016 6:23 AM, "Steffen" wrote: > > Just did a export; > > Diff with the vote 2.4.19 one: > > branches/2.4.x/modules/cache/mod_socache_shmcb.c Correct. I'm not claiming this is win32-specific, it only happens to show up on that and other edge cases. > branches/2.4.x/modules/http2/h2_f

Re: fate of mod_lbmethod_rr (was: Re: [VOTE] Release Apache httpd 2.4.19 as GA)

On Tue, Mar 22, 2016 at 4:15 PM, Jeff Trawick wrote: > On Tue, Mar 22, 2016 at 5:03 PM, William A Rowe Jr > wrote: > >> On Tue, Mar 22, 2016 at 3:38 PM, Jeff Trawick wrote: >> >>> On Tue, Mar 22, 2016 at 3:55 PM, William A Rowe Jr >>> wrote: >>>

Re: Need hints from those building mod_http2 and mod_proxy_http2 on Windows

I've had success with Jeff's minimalist nghttp build schema. A larger effort at a cmake for the full stack (lib+apps) has been in the works for a month or two now, haven't had a chance to try it. On Mar 22, 2016 6:27 PM, "Jan Ehrhardt" wrote: > Jeff Trawick in gmane.comp.apache.devel (Tue, 22 Ma

Re: About the relevance of bitfields usage (was: fate of mod_lbmethod_rr...)

On Tue, Mar 22, 2016 at 5:08 PM, Yann Ylavic wrote: > > > Common sense tells me that alignment should be preserved, but unless we > can > > trust the spec to ensure that assumption, we should err on the side of > > caution. > > So let's not use bitfields, there are other ways to do it, and macros

Re: About the relevance of bitfields usage (was: fate of mod_lbmethod_rr...)

e, Mar 22, 2016 at 10:03 PM, William A Rowe Jr > wrote: > > > > If devs want to promote an API and then continuously break ABI on trunk, > > I'm way beyond arguing with such individuals. Just a few choice examples > > which had necessitated major MMN bumps that did

Re: [VOTE] Release Apache httpd 2.4.19 as GA

On Tue, Mar 22, 2016 at 3:38 PM, Jeff Trawick wrote: > On Tue, Mar 22, 2016 at 3:55 PM, William A Rowe Jr > wrote: > >> Can anyone get mod_lbmethod_rr.c to build? >> > > That's funny actually. The very first version README.cmake in trunk says > that mod_lbm

Re: svn commit: r1736242 - /httpd/httpd/branches/2.4.x/modules/proxy/examples/mod_lbmethod_rr.dsp

I think the argument will quickly become moot... see other thread. I also don't expect we will persist .dsp on trunk for very much longer, /shrug On Tue, Mar 22, 2016 at 3:56 PM, Yann Ylavic wrote: > On Tue, Mar 22, 2016 at 9:00 PM, wrote: > > Author: wrowe > > Date: Tue Mar 22 20:00:08 2016

fate of mod_lbmethod_rr (was: Re: [VOTE] Release Apache httpd 2.4.19 as GA)

On Tue, Mar 22, 2016 at 3:38 PM, Jeff Trawick wrote: > On Tue, Mar 22, 2016 at 3:55 PM, William A Rowe Jr > wrote: > >> Can anyone get mod_lbmethod_rr.c to build? >> > > That's funny actually. The very first version README.cmake in trunk says > that mod_lbm

Re: svn commit: r1736243 - /httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c

Without objection, I'll be committing the backport in an hr or so for the morning T&R... this hardly seems to merit a vote, but any objections are welcome. On Tue, Mar 22, 2016 at 3:06 PM, wrote: > Author: wrowe > Date: Tue Mar 22 20:06:32 2016 > New Revision: 1736243 > > URL: http://svn.apache

Re: [VOTE] Release Apache httpd 2.4.19 as GA

On Tue, Mar 22, 2016 at 2:58 PM, Reindl Harald wrote: > > Am 22.03.2016 um 20:55 schrieb William A Rowe Jr: > >> Can anyone get mod_lbmethod_rr.c to build? >> > > my Fedora 23 rpm-spec builds without any issue or change - most modules > external sub-apckages and t

Re: [VOTE] Release Apache httpd 2.4.19 as GA

Finally, just confirming we have decided that C99 is now the minimum supported compiler feature set- used for the vardic macros in h2_filter.c? On Mon, Mar 21, 2016 at 12:37 PM, Jim Jagielski wrote: > The pre-release test tarballs for Apache httpd 2.4.19 can be found > at the usual place: > >

Re: [VOTE] Release Apache httpd 2.4.19 as GA

Can anyone get mod_lbmethod_rr.c to build? I'm seeing 'name' : is not a member of 'proxy_balancer' errors, as well as ap_proxy_retry_worker() undefined (converted into an optional function, perhaps?) On Mon, Mar 21, 2016 at 12:37 PM, Jim Jagielski wrote: > The pre-release test tarballs for Apac

Re: [VOTE] Release Apache httpd 2.4.19 as GA

Note that mod_socache_shmcb.c introduced UINT_MAX without including limits.h... whoops. Investigating. On Mon, Mar 21, 2016 at 12:37 PM, Jim Jagielski wrote: > The pre-release test tarballs for Apache httpd 2.4.19 can be found > at the usual place: > > http://httpd.apache.org/dev/dist/

Re: [Patch] Ensure HTTP1 filters are only added on HTTP1 requests

On Wed, Mar 16, 2016 at 3:58 AM, Stefan Eissing < stefan.eiss...@greenbytes.de> wrote: > Hmm, I can tell you for certain that modules encountering HTTP/2 > connections > in 2.4 do not find the filters as they may expect. > Right, that's by design. Existing protocol modules assume a particular st

Re: [Patch] Ensure HTTP1 filters are only added on HTTP1 requests

My concern is that this can't and shouldn't change on 2.4.x. I love the concept and it is correct, however there are enough modules relying on the fact that they must remove the http protocol filters that changing the default behavior is effectively breaking binary ABI. Thoughts? Cheers, Bill

Re: [PATCH] Add "FreeListen" to support IP_FREEBIND

On Tue, Mar 8, 2016 at 11:38 AM, Tim Bannister wrote: > On 8 Mar 2016, at 10:43, Jan Kaluža wrote: > > On 03/08/2016 10:25 AM, Yann Ylavic wrote: > >> On Tue, Mar 8, 2016 at 9:46 AM, Yann Ylavic > wrote: > >>> On Tue, Mar 8, 2016 at 9:28 AM, Jan Kaluža wrote: > > I have chosen FreeLi

Re: [PATCH] Add "FreeListen" to support IP_FREEBIND

On Mar 7, 2016 21:59, "Yehuda Katz" wrote: > > On Mon, Mar 7, 2016 at 9:06 PM, William A Rowe Jr wrote: >> >> On Mar 7, 2016 13:54, "Jan Kaluža" wrote: >> > >> > On 03/07/2016 04:17 PM, Jim Jagielski wrote: >> >> >>

Re: [PATCH] Add "FreeListen" to support IP_FREEBIND

On Mar 7, 2016 13:54, "Jan Kaluža" wrote: > > On 03/07/2016 04:17 PM, Jim Jagielski wrote: >> >> Intstead of adding YAD (yet another directive ;) ), would it >> be possible to somehow leverage Listen itself, maybe with some >> sort of flag? > > > Yes, that would be quite possible. I was thinking a

Re: Suexec permissions question

I think this can be summarized as follows; Httpd starts as root, changes to httpd user account. AppDev user account is compiled-in to suexec as run-if-owner matches that user account. Suexec invokes AppDev's script with the appropriate userid of AppRun account in lieu of AppDev user. AppRun use

Re: svn commit: r1733279 - in /httpd/httpd/branches/2.4.x: ./ STATUS server/core.c server/util_mutex.c

On Wed, Mar 2, 2016 at 8:31 AM, Stefan Eissing wrote: > I can do that. However - smartass mode on - if one uses the actual > "svn merge -c NNN,NNN", subversion will track that and > > svn mergeinfo --show-revs merged ^/httpd/httpd/trunk . > > in a 2.4.x checkout will show it. But I am not tryin

Re: state of h2 (long)

On Sun, Feb 28, 2016 at 1:37 PM, Gregg Smith wrote: > Hi Stefan, > > I've had a real lack of time lately to do much on trunk's mod_http2 on the > windows side. The new mod_proxy_http2 requires a few functions from > mod_http2 and with what time I have had I have been unsuccessful figuring > out h

Re: svn commit: r1729495 [2/2] - in /httpd/httpd/branches/2.4.x: ./ modules/aaa/ modules/arch/win32/ modules/core/ modules/examples/ modules/filters/ modules/http2/ modules/loggers/ modules/lua/ modul

This looks busted anyways, the author broke the atomic behavior of log messages :( Fix the underlying bug. Each AP# string should have exactly one string value, for later internationalization. There is no way, without the APLOGNO, that this second message can be translated. Cheers, Bill On

Re: svn commit: r1729929 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/http_core.h include/httpd.h server/core.c

On Feb 12, 2016 04:45, "Yann Ylavic" wrote: > > On Fri, Feb 12, 2016 at 10:49 AM, William A Rowe Jr wrote: > > On Feb 12, 2016 2:24 AM, "Yann Ylavic" wrote: > >> > >> I see this TODO about bitfield, but never seen it done in your > >

Re: svn commit: r1729929 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/http_core.h include/httpd.h server/core.c

On Feb 12, 2016 2:24 AM, "Yann Ylavic" wrote: > > On Fri, Feb 12, 2016 at 2:04 AM, wrote: > > Author: wrowe > > Date: Fri Feb 12 01:04:58 2016 > > New Revision: 1729929 > > > > +/** Originator's DNS name, if known. NULL if DNS hasn't been checked, > > + * "" if it has and no address w

Re: svn commit: r1729901 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/http_core.h include/httpd.h server/core.c

On Thu, Feb 11, 2016 at 6:20 PM, Rainer Jung wrote: > one type of failure remains: > > .../server/core.c: In function 'ap_get_remote_host': > .../server/core.c:959:17: error: cannot take address of bit-field > 'double_reverse' > do_double_reverse(&conn->double_reverse, > conn->re

Re: svn commit: r1729901 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/http_core.h include/httpd.h server/core.c

I was just about to do the same, but revert and recommit just to simplify the (anticipated) later backport. The bitfield is a bugger. Apparently my make clean; make wasn't building the source tree I thought it was, sigh... Bill On Thu, Feb 11, 2016 at 6:20 PM, Rainer Jung wrote: > I fixed two

Re: svn commit: r1729876 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS docs/manual/mod/core.xml include/ap_mmn.h include/http_core.h server/core.c

On Thu, Feb 11, 2016 at 1:06 PM, wrote: > Author: jim > Date: Thu Feb 11 19:06:16 2016 > New Revision: 1729876 > > URL: http://svn.apache.org/viewvc?rev=1729876&view=rev > URL: > http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/include/ap_mmn.h?rev=1729876&r1=1729875&r2=1729876&view=diff >

Re: Shouldn't ap_get_remote_host use req->useragent_addr?

On Thu, Feb 11, 2016 at 10:14 AM, William A Rowe Jr wrote: > On Thu, Jan 7, 2016 at 9:06 AM, Eric Covener wrote: > >> On Thu, Jan 7, 2016 at 9:25 AM, Jan Kaluža wrote: >> > When httpd is running behind a reverse proxy and mod_remoteip is >> configured, >>

Re: Shouldn't ap_get_remote_host use req->useragent_addr?

On Thu, Jan 7, 2016 at 9:06 AM, Eric Covener wrote: > On Thu, Jan 7, 2016 at 9:25 AM, Jan Kaluža wrote: > > When httpd is running behind a reverse proxy and mod_remoteip is > configured, > > the correct client IP is logged (using %a in the LogFormat), but the > proxy > > IP is used by 'Require h

Re: ABI report

This is excellent, thanks for the effort! You should note that there was no binary compatibility between 2.2.x final and 2.4.x. And there will be no binary compatibility between 2.next (3.0?) and 2.4.x. The interesting branches to compare for 2.2.next and 2.4.next to anticipate any binary breaka

httpd-2.4 --enable-load-all-modules side-effect

./configure [...] "--with-mods-shared=all" \ "--enable-mods-shared=all" \ "--enable-mpms-shared=all" \ "--enable-load-all-modules" \ "--with-mpm=worker" \ While this should be great for testing a variety of modules and is very helpful for building it all, the resulting httpd.conf isn't quite helpf

Re: Improper string concatenation in mod_alias allows code execution out of bounds defined in apache config file.

On Mon, Feb 8, 2016 at 11:21 AM, William A Rowe Jr wrote: > I think my text below should have stated; > > Note that unexpected expansion occurs when trailing slashes are > not balanced between the source url and target path. For example, > Alias / /usr/share/htdocs >

Re: Improper string concatenation in mod_alias allows code execution out of bounds defined in apache config file.

are/htdocs-private/ The statement could use some word-smithing. On Mon, Feb 8, 2016 at 10:37 AM, William A Rowe Jr wrote: > Thanks Eric, now looping back to > > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_alias.c?revision=153384&view=co > to see if this

Re: Improper string concatenation in mod_alias allows code execution out of bounds defined in apache config file.

supposed to be in the first place :) On Mon, Feb 8, 2016 at 10:26 AM, Eric Covener wrote: > quite old: http://svn.apache.org/viewcvs?rev=326143&view=rev > > On Mon, Feb 8, 2016 at 11:25 AM, William A Rowe Jr > wrote: > > On Mon, Feb 8, 2016 at 10:20 AM, William A Rowe J

Re: Improper string concatenation in mod_alias allows code execution out of bounds defined in apache config file.

On Sat, Feb 6, 2016 at 5:20 AM, Bartłomiej Żogała wrote: > 5. Some day he wanted the blog to be visible from example.com/ root but > with mod_alias instead mod_rewrite. So he changed line "Alias /wp > /usr/share/wordpress" to "Alias / /usr/share/wordpress". Instead wordpress > he received 403 fo

Re: const char *--> char * clean-up

On Thu, Feb 4, 2016 at 3:49 PM, Christophe JAILLET < christophe.jail...@wanadoo.fr> wrote: > Hi, > > in order to avoid the ugliness of things like: > r->protocol = (char*)"HTTP/1.0"; > does the following proposal makes sense to you? > This patch is needed on trunk, yes. Does turning a "char

Re: Worker states for balancer members

On Feb 3, 2016 6:25 AM, "Jim Jagielski" wrote: > > > > On Feb 3, 2016, at 3:10 AM, Plüm, Rüdiger, Vodafone Group < ruediger.pl...@vodafone.com> wrote: > > > > > > > >> -Original Message- > >> From: Jim Jagielski [mailto:j...@jagunet.com] > >> Sent: Dienstag, 2. Februar 2016 22:44 > >> To:

Re: event mpm and slave connections

If you can give me a few days (not httpd'ing again until late Sun eve) - this is very close to the issues we have in mod_ftp with the data connection/request aside the control connection. The right patch will improve both sets of dirty hacks :) Thanks for the proposal! Bill On Fri, Jan 29, 2016

Re: collaboration request - apache server automation testing with swat tool

On Fri, Jan 29, 2016 at 6:35 AM, Alexey Melezhik wrote: > Hi Bill! > > Any news? ( Please see my previous reply ...) > Intr Intrigued :) But my responses will be delayed, I personally won't have time to look further myself until other backlogged commitments to httpd are caught up some more. B

Re: Missing reference...

That might be 2/2, I thought he was originally chatting with his sister... On Wed, Jan 27, 2016 at 10:56 PM, Yehuda Katz wrote: > On Wed, Jan 27, 2016 at 10:51 PM, William A Rowe Jr > wrote: > >> I noted that https://en.wikipedia.org/wiki/Apache_HTTP_Server >> doesn'

Re: Missing reference...

On Wed, Jan 27, 2016 at 10:56 PM, Yehuda Katz wrote: > On Wed, Jan 27, 2016 at 10:51 PM, William A Rowe Jr > wrote: > >> I noted that https://en.wikipedia.org/wiki/Apache_HTTP_Server >> doesn't contain a "References in Popular Culture" section... >>

Missing reference...

I noted that https://en.wikipedia.org/wiki/Apache_HTTP_Server doesn't contain a "References in Popular Culture" section... ... does anyone have the link to Bill's Foxtrot panels about Jason grabbing his copy of Apache 2.0 Beta?

Re: collaboration request - apache server automation testing with swat tool

On Wed, Jan 27, 2016 at 2:53 PM, Alexey Melezhik wrote: > Hi! I am the author of swat - https://github.com/melezhik/swat - > perl/curl based DSL for web services test automation. > I'd like to contribute in at apache server automated testing. Please > take a look at _simple_ example of swat test

Re: BalancerMembers (workers): stopped and disabled

What semantics do you suggest for each? True that they have been effectively identical (and redundant) so far... On Jan 26, 2016 12:41, "Jim Jagielski" wrote: > Currently, the idea and "logic" associated w/ stopped and disabled > workers are kind of similar. There is a higher concept that one is

Fwd: [jira] [Apache Infrastructure] Participation in Code Signing by HTTP Server project, as I am offering to resume builds, not that these are either better or worse than other third part builds.

Just an FYI, I've raised a ticket with infra expressing interest in code signing. Not that these would be any better or worse than the other great third party builds out there. And we still have some license clarifications if we include compiled lgpl or especially gpl bindings. This is also pred

Re: mod_fcgid and broken doc links

On Mon, Jan 18, 2016 at 3:29 PM, Jim Jagielski wrote: > > > On Jan 18, 2016, at 3:28 PM, William A Rowe Jr > wrote: > > > > On Fri, Jan 15, 2016 at 7:44 AM, Jim Jagielski wrote: > > > > > On Jan 14, 2016, at 5:19 PM, William A Rowe Jr > wrote: > &g

Re: mod_fcgid and broken doc links

On Fri, Jan 15, 2016 at 7:44 AM, Jim Jagielski wrote: > > > On Jan 14, 2016, at 5:19 PM, William A Rowe Jr > wrote: > > > > Good point with your example, this is something that should > > be benchmarked and the winner-take-all, loser bumped from the > > trun

Re: mod_mime_magic, gzipped tarballs and Docker

On Mon, Jan 18, 2016 at 5:13 AM, Jan Kaluža wrote: > On 01/08/2016 07:44 PM, William A Rowe Jr wrote: > >> Do we have to repeat the softmagic call if checkzmagic resolves to >> x-gzip/x-deflate and the internal content type needs to be deciphered? >> > > That&#

Re: mod_fcgid and broken doc links

On Thu, Jan 14, 2016 at 6:19 AM, Jim Jagielski wrote: > > > On Jan 13, 2016, at 12:28 PM, William A Rowe Jr > wrote: > > > > I can see us moving those modules into trunk (not 2.4), retaining the > > mmn tests for 2.2 and 2.4 compat, and then deriving an fcgid re

Re: mod_fcgid and broken doc links

On Jan 13, 2016 15:50, "Rich Bowen" wrote: > > Yes, it would be nice to merge them, from the perspective of explaining > things to users. Guess I am still confused what you suggest to merge... Docs or both docs and code... Also curious about released vs unreleased with respect to docs. Our poin

Re: mod_fcgid and broken doc links

On Tue, Jan 12, 2016 at 12:13 PM, Rich Bowen wrote: > mod_fcgid is in a separate repo from the main httpd tree, due to > historical reasons. I presume there are good reasons for this. JimJag > suggested on IRC it's due to its independent release cycle. > > Be that as it may, because it uses the s

Re: mod_mime_magic, gzipped tarballs and Docker

:57 AM, Yann Ylavic wrote: > On Fri, Jan 8, 2016 at 5:30 PM, Yann Ylavic wrote: > > On Fri, Jan 8, 2016 at 3:17 PM, William A Rowe Jr > wrote: > >> > >> Agreed it is configuration, but cant we simply tweak our recommended > >> conf/magic > >

Re: mod_mime_magic, gzipped tarballs and Docker

On Fri, Jan 8, 2016 at 3:27 AM, Yann Ylavic wrote: > > On Fri, Jan 8, 2016 at 8:49 AM, Jan Kaluža wrote: > > > > Content-Type: application/x-tar > > Content-Encoding: x-gzip > > > > So, the mod_mime_magic is saying here that the body is tarball encoded by > > gzip. > > AIUI, mod_mime_magic does

Re: graceful restart

On Tue, Jan 5, 2016 at 10:27 AM, Eric Covener wrote: > On Tue, Jan 5, 2016 at 11:26 AM, William A Rowe Jr > wrote: > > If not there is clearly a fourth state, AP_MPMQ_CHILD_STOPPING we > should > > report. > > +1 > Better yet, an AP_MPMQ_CHILD_STATE that

Re: graceful restart

On Tue, Jan 5, 2016 at 8:24 AM, Eric Covener wrote: > On Tue, Jan 5, 2016 at 9:21 AM, Stefan Eissing > wrote: > > To the Knowledgable out there: how can I detect that the server is > gracefully restarting? > > > > Backlground is that HTTP/2 > > 1. is sometimes in the state of being IDLE, but una

Re: Better ap_casecmpstr[n]?

On Tue, Dec 29, 2015 at 10:35 AM, Jim Jagielski wrote: > > > On Dec 29, 2015, at 11:28 AM, Yann Ylavic wrote: > > > > On Tue, Dec 29, 2015 at 5:16 PM, Jim Jagielski wrote: > >> In a sep thread on dev@apr, OtherBill appears to be trying to > >> determine the "right" name for the APR impl... maub

Re: svn commit: r1721121 - in /httpd/httpd/trunk/modules/http2: h2_h2.c h2_io.c h2_io.h h2_mplx.h h2_push.c h2_request.c h2_request.h h2_session.c h2_session.h h2_stream.c h2_stream.h h2_task.c h2_tas

> > On 12/21/2015 2:54 AM, ic...@apache.org wrote: > >> Author: icing >> Date: Mon Dec 21 10:54:38 2015 >> New Revision: 1721121 >> >> URL: http://svn.apache.org/viewvc?rev=1721121&view=rev >> Log: >> byte savings by using bit fields, new env vars HTTP2 and H2PUSH, set to >> on when enabled on requ

Re: [ANNOUNCEMENT] Apache HTTP Server 2.4.18 Released

All a@a.o must be moderated (from non-@apache addresses it hits the bit bucket). Enjoying some time with kids and dealing with only critical work email so this one escaped my attention, but if another ASF member wanted to moderate, volunteers are always welcome. Usually I catch these within the ho

Re: variables

On Wed, Dec 16, 2015 at 5:40 AM, Stefan Eissing < stefan.eiss...@greenbytes.de> wrote: > > Subprocesses get their environment via r->subprocess_env, filled via the > "fixups" hook. This is the usual way how we involve modules in request > processing. But, as I read it, subprocess_env gets filled w

Re: OpenSSL 0.9.8/1.0.0 on Trunk

As an alternative, we can flag removing pre openssl 1.0.1 support as a showstopper in STATUS and leave it be for a while longer to make backports a bit easier. Thoughts? On Dec 14, 2015 12:35, "Ruediger Pluem" wrote: > > > On 12/14/2015 07:15 PM, William A Rowe Jr wro

OpenSSL 0.9.8/1.0.0 on Trunk

W.r.t. http://svn.apache.org/r1719967 - I'm +1 for the backport. I'd like to propose we remove all support from *trunk* for OpenSSL < 1.0.1 effective now... https://mta.openssl.org/pipermail/openssl-announce/2014-December/00.html We don't deprecate support on maintenance branches (e.g. 2.2/2.

Re: Upgrade Summary

On Fri, Dec 11, 2015 at 2:55 PM, Jacob Champion wrote: > On 12/11/2015 12:12 PM, William A Rowe Jr wrote: > >> On Fri, Dec 11, 2015 at 1:13 PM, Jacob Champion > <mailto:champio...@gmail.com>> wrote: >> >> On 12/11/2015 02:36 AM, Bert Huijben wrote: >

Re: Upgrade Summary

On Fri, Dec 11, 2015 at 1:13 PM, Jacob Champion wrote: > On 12/11/2015 02:36 AM, Bert Huijben wrote: > >> -Original Message- >>> From: Stefan Eissing [mailto:stefan.eiss...@greenbytes.de] >>> Protocol implementations should make up their minds in the "propose" >>> phase, I think, >>> beca

Re: Upgrade Summary

On Wed, Dec 9, 2015 at 9:22 PM, Jacob Champion wrote: > On 12/09/2015 05:19 PM, William A Rowe Jr wrote: > >> >> _If_ all the other protocols worked like WebSocket and required >> authnz before an upgrade could succeed, it wouldn't make sense for >>

Re: Upgrade Summary

On Wed, Dec 9, 2015 at 6:50 PM, Jacob Champion wrote: > On 12/09/2015 03:19 PM, William A Rowe Jr wrote: > >> Because the request body is inbound already at some state of completion >> or incomplete transmission, it is competing with the TLS handshake, which >> is a bidir

Re: Upgrades

On Wed, Dec 9, 2015 at 6:16 PM, Tim Bannister wrote: > On 9 Dec 2015, at 23:19, William A Rowe Jr wrote: > > > Because the request body is inbound already at some state of completion > > or incomplete transmission, it is competing with the TLS handshake, which > > is a

Re: Upgrade Summary

On Wed, Dec 9, 2015 at 1:57 PM, Jacob Champion wrote: > On 12/09/2015 09:17 AM, William A Rowe Jr wrote: > >> On Tue, Dec 8, 2015 at 9:10 PM, Roy T. Fielding > <mailto:field...@gbiv.com>> wrote: >> >> This should be easily handled by adding a filt

Re: [VOTE] Release Apache httpd 2.4.18 as GA

On Wed, Dec 9, 2015 at 1:02 PM, Jan Ehrhardt wrote: > Jim Jagielski in gmane.comp.apache.devel (Tue, 8 Dec 2015 15:38:41 -0500): > >The pre-release test tarballs for Apache httpd 2.4.18 can be found > >at the usual place: > > > > http://httpd.apache.org/dev/dist/ > > > >I'm calling a VOTE o

Re: mod_http2 and rejecting HTTP/1 requests...

I think I know where this author was misguided... On Dec 9, 2015 11:19, "William A Rowe Jr" wrote: > > And then I'm reading a really nonsensical comment in this FAQ... > > https://http2.github.io/faq/#implementation-questions > Can I implement HTTP/2 without impl

Re: mod_http2 and rejecting HTTP/1 requests...

Ignore this bit below; I was reading 2817 against 7230 and hadn't driven down into the 7231 spec yet, and apparently forgot to snip it before clicking send... the insistence on 426 vs poor advise to use 505 still stands On Wed, Dec 9, 2015 at 11:19 AM, William A Rowe Jr wrote: > > Th

Re: Upgrade Summary

On Tue, Dec 8, 2015 at 9:10 PM, Roy T. Fielding wrote: > > On Dec 8, 2015, at 2:07 AM, Stefan Eissing > wrote: > > > > Open: > > 1. Protocols like Websocket need to take over the 101 sending themselves > in the "switch protocol" phase. (correct, Jacob?). Should we delegate the > sending of the 1

mod_http2 and rejecting HTTP/1 requests...

Back to h2c, RFC7231 spells out 6.5.15 . 426 Upgrade Required The 426 (Upgrade Required) status code indicates that the server refuses to perform the request using the current protocol but might be willing to do so after the client upg

Re: On the Upgrade request body limit

On Tue, Dec 8, 2015 at 4:17 PM, Yann Ylavic wrote: > On Tue, Dec 8, 2015 at 11:00 PM, William A Rowe Jr > wrote: > > > > Define complex, robust. Request (upgrade: somespec) -> 100 continue -> > > request body <- [ http/1.1 response | 101 - switching proto

Re: Upgrade Summary

On Tue, Dec 8, 2015 at 3:43 PM, Jacob Champion wrote: > On 12/08/2015 01:03 PM, Jacob Champion wrote: > >> - The module that won the proposal is given one last chance to check the >> incoming request and fail the upgrade with an immediate HTTP response. >> > > And to add to this, for completeness

Re: On the Upgrade request body limit

On Tue, Dec 8, 2015 at 2:22 PM, Jacob Champion wrote: > I wrote this in response to Stefan's note on the zero-length request body > limit for h2c Upgrades, then realized it would further fragment the > (already massive) conversation, so here it is. > And I agree to keep the other thread as clean

Protocol API @bug warnings for 2.4.18?

On Tue, Dec 8, 2015 at 9:21 AM, Stefan Eissing wrote: > > > On Tue, Dec 8, 2015 at 8:34 AM, Stefan Eissing < > stefan.eiss...@greenbytes.de> wrote: > > +1 for deferring any upgrade changes > > > > Agreed, as spelled out in my top-post, simplest path to 2.4.18, and these > > interesting discussion

Re: Upgrade when !ap_request_has_body(r) only for 2.4.18? (was: svn commit: r1718595 - /httpd/httpd/branches/2.4.x/STATUS)

On Tue, Dec 8, 2015 at 8:34 AM, Stefan Eissing wrote: > +1 for deferring any upgrade changes that do not fix real issues - like > the one proposed for backport by Bill - to 2.4.19 > Agreed, as spelled out in my top-post, simplest path to 2.4.18, and these interesting discussions over the past da

Re: Upgrade when !ap_request_has_body(r) only for 2.4.18? (was: svn commit: r1718595 - /httpd/httpd/branches/2.4.x/STATUS)

On Tue, Dec 8, 2015 at 7:37 AM, Yann Ylavic wrote: > On Tue, Dec 8, 2015 at 2:30 PM, wrote: > > Author: ylavic > > Date: Tue Dec 8 13:30:30 2015 > > New Revision: 1718595 > > > > URL: http://svn.apache.org/viewvc?rev=1718595&view=rev > > Log: > > Comment about ap_request_has_body() check for U

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

Sorry it took so long to respond to this earlier post, some of this might have already been covered... On Mon, Dec 7, 2015 at 1:03 PM, Stefan Eissing wrote: > > Think about CORS restrictions and other stuff. > - I think its the protocol handlers job to deal with any request body. > Strongly dis

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 7:25 PM, Jacob Champion wrote: > On 12/07/2015 03:49 PM, William A Rowe Jr wrote: > >> Just to confirm, the purpose of splitting this up into two separate >> calls to the same function is solely to deal with "OPTIONS *", which >>

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Dec 7, 2015 19:29, "Yann Ylavic" wrote: > > On Tue, Dec 8, 2015 at 1:58 AM, William A Rowe Jr wrote: > > On Mon, Dec 7, 2015 at 6:35 PM, Yann Ylavic wrote: > >> > >> The body of the first request is never Upgraded, so why would we read > >> i

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:35 PM, Yann Ylavic wrote: > On Tue, Dec 8, 2015 at 1:27 AM, William A Rowe Jr > wrote: > > On Mon, Dec 7, 2015 at 6:15 PM, Yann Ylavic > wrote: > >> > >> On Tue, Dec 8, 2015 at 1:07 AM, Yann Ylavic > wrote: > >> > >

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:15 PM, Yann Ylavic wrote: > On Tue, Dec 8, 2015 at 1:07 AM, Yann Ylavic wrote: > > > > the body ought to be > > set aside for any (relevant) TLS response (which needs the > > handshake...). > > Hmm, no need to set aside, *unless* with must produce a response > before the

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:07 PM, Yann Ylavic wrote: > On Mon, Dec 7, 2015 at 5:38 PM, William A Rowe Jr > wrote: > > > > https://tools.ietf.org/html/rfc7230#section-6.7 makes things more > > interesting, it calls out that 101-continue and the request body read > &

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:05 PM, William A Rowe Jr wrote: > On Mon, Dec 7, 2015 at 2:54 PM, Stefan Eissing < > stefan.eiss...@greenbytes.de> wrote: > >> ok, after some more thinking. if a tls+http/1.1 upgrade together with >> Expect is indeed a use case, then, to make

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 2:54 PM, Stefan Eissing wrote: > ok, after some more thinking. if a tls+http/1.1 upgrade together with > Expect is indeed a use case, then, to make that work, sending the 101 needs > to become the task of the switch protocol handler itself. Then the order in > which interme

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 5:21 PM, Jacob Champion wrote: > On 12/07/2015 02:40 PM, William A Rowe Jr wrote: > >> Not "noise" at all... I'm imagining a mod_echo protocol example that >> looks much like your use case... >> >> 1st call to core_upgrade_

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 4:10 PM, Jacob Champion wrote: > On 12/07/2015 11:55 AM, Jacob Champion wrote: > >> > - moving things to post read sounds tempting, however I'm not sure if >> we want to upgrade on non-authed request or not, for example. I am not >> sure what else we do in post read, maybe

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 4:12 PM, William A Rowe Jr wrote: > On Mon, Dec 7, 2015 at 2:39 PM, Stefan Eissing < > stefan.eiss...@greenbytes.de> wrote: > >> There can be no 100 after a 101. After a 101, the downstream speaks the >> new protocol, immediately. >> >

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

schrieb William A Rowe Jr : > > On Mon, Dec 7, 2015 at 2:15 PM, Jacob Champion > wrote: > >> On Dec 7, 2015 8:43 AM, "William A Rowe Jr" wrote: >> > >> > https://tools.ietf.org/html/rfc7230#section-6.7 makes things more >> interesting, it call

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 2:15 PM, Jacob Champion wrote: > On Dec 7, 2015 8:43 AM, "William A Rowe Jr" wrote: > > > > https://tools.ietf.org/html/rfc7230#section-6.7 makes things more > interesting, it calls out that 101-continue and the request body read > prece

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

tal new feature release. WDTY? On Mon, Dec 7, 2015 at 10:38 AM, William A Rowe Jr wrote: > Hi folks, sorry for the late interruption after we have already shipped > 2.4.16, but there seems to be an issue that merits revisiting before the > 2.4.16 API schema is widely adopted. > >

<    7   8   9   10   11   12   13   14   15   16   >