On May 6, 2015 9:09 PM, William A Rowe Jr wr...@rowe-clan.net wrote:
On May 6, 2015 8:12 PM, Noel Butler noel.but...@ausics.net wrote:
On 07/05/2015 09:22, William A Rowe Jr wrote:
For trunk, I propose we drop TLSv1 and TLSv1.1 protocols and simply
adopt the recommended cipher list
On May 6, 2015 8:12 PM, Noel Butler noel.but...@ausics.net wrote:
On 07/05/2015 09:22, William A Rowe Jr wrote:
For trunk, I propose we drop TLSv1 and TLSv1.1 protocols and simply
adopt the recommended cipher list illustrated below (!SSLv3) in the default
extra/httpd-ssl.conf source
On May 5, 2015 4:31 PM, olli hauer oha...@gmx.de wrote:
Perhaps it is also a good time do kick SSLv2 support from 2.2.x ;)
We are deliberately not that disruptive to users. Our goal is to push more
secure code at users, but not at the risk of their electing to not update,
due to such blunt
On Tue, May 5, 2015 at 2:47 AM, Yann Ylavic ylavic@gmail.com wrote:
On Tue, May 5, 2015 at 3:19 AM, wr...@apache.org wrote:
Author: wrowe
Date: Tue May 5 01:19:20 2015
New Revision: 1677721
URL: http://svn.apache.org/r1677721
[]
Modified:
On Tue, May 5, 2015 at 12:06 PM, Yann Ylavic ylavic@gmail.com wrote:
On Tue, May 5, 2015 at 6:26 PM, William A Rowe Jr wr...@rowe-clan.net
wrote:
On Tue, May 5, 2015 at 2:47 AM, Yann Ylavic ylavic@gmail.com
wrote:
On Tue, May 5, 2015 at 3:19 AM, wr...@apache.org wrote:
Also
On Tue, May 5, 2015 at 8:08 AM, Eric Covener cove...@gmail.com wrote:
On Tue, May 5, 2015 at 9:03 AM, Yann Ylavic ylavic@gmail.com wrote:
But is there real 2.2.x user with OpenSSL 0.9.8a?
I'm no expert (we use a proprietary toolkit and SSL module where I
spend most of my time), but
On Tue, May 5, 2015 at 11:26 AM, William A Rowe Jr wr...@rowe-clan.net
wrote:
openssl ciphers -v 'ALL:!HIGH:!MEDIUM' | grep exp
After further scrutiny...
openssl ciphers -v 'ALL:!HIGH:!MEDIUM:!LOW' | grep exp
export falls under 'none of the above'.
On Tue, May 5, 2015 at 12:35 PM, Eric Covener cove...@gmail.com wrote:
On Tue, May 5, 2015 at 1:28 PM, William A Rowe Jr wr...@rowe-clan.net
wrote:
Was hoping for md4 vs. aes128 comparisons, (and AES-NI isn't everywhere,
but will be, soon enough).
While I agree md4 is less desirable
On Mon, May 4, 2015 at 6:01 AM, Yann Ylavic ylavic@gmail.com wrote:
On Fri, May 1, 2015 at 9:01 PM, Jim Riggs apache-li...@riggs.me wrote:
I may go ahead and write up a patch this weekend to change them all
(*Match and RewriteRule) and then we can all debate it over on bugz too!
- Original Message -
Subject: Re: Disable SSLv3 by default
From: Arkadiusz Miśkiewicz ar...@maven.pl
Date: 10/17/14 1:57 pm
To: dev@httpd.apache.org
On Friday 17 of October 2014, Kaspar Brand wrote:
On 17.10.2014 12:02, Takashi Sato wrote:
SSLv3 is now insecure (CVE-2014-3566,
The key issue I had with the lack of optional functions on the old NPN
backport is addressed, that's great. Looks promising!
NPN is now irrelevant with ALPN, I presume?
On Wed, Apr 29, 2015 at 6:05 AM, Kaspar Brand httpd-dev.2...@velox.ch
wrote:
On 27.04.2015 17:04, Stefan Eissing wrote:
Am
On Mon, May 4, 2015 at 4:26 PM, William A Rowe Jr wr...@rowe-clan.net
wrote:
- Original Message -
Subject: Re: Disable SSLv3 by default
From: Arkadiusz Miśkiewicz ar...@maven.pl
Date: 10/17/14 1:57 pm
To: dev@httpd.apache.org
On Friday 17 of October 2014, Kaspar Brand wrote
On Thu, Apr 2, 2015 at 4:46 PM, William A. Rowe Jr. wr...@rowe-clan.net
wrote:
On Tue, 31 Mar 2015 10:49:47 -0400
Jim Jagielski j...@jagunet.com wrote:
BTW: Would it make sense to consider a release of 2.4.13 in April
to coincide w/ ApacheCon?
We've historically produced a release
On Fri, Apr 24, 2015 at 8:52 AM, Jim Jagielski j...@jagunet.com wrote:
Right now, the balancer manager allows for a member to be
disabled/stopped, but it cannot *remove* that member...
Seems to me that that would be good, especially since
we could always re-use that slot.
That means you
Just to point out the obvious, it would be a Very Bad Idea(tm) to build
httpd
against the dynamic apr-util linked statically to bits and pieces of the
libssl.a
and libcrypto.a, only to then attempt to build httpd with mod_ssl
compiled-in
against libssl.a/libcrypto.a again. Unix dl logic doesn't
On Apr 20, 2015 2:32 AM, Joe Orton jor...@redhat.com wrote:
On Thu, Apr 16, 2015 at 06:42:04AM +0200, Kaspar Brand wrote:
On 15.04.2015 18:36, Stefan Sperling wrote:
However, the actual issue here is that mod_ssl is squatting the SSL_
namespace.
Historically this may have made sense (it
I think in trunk we should properly bail if the same quote char does not
occur as termination.
I don't think we should second-guess the admin's intent.
On Fri, Apr 17, 2015 at 6:43 AM, Yann Ylavic ylavic@gmail.com wrote:
Hi,
currently ap_getword_conf() considers a word is quoted when
On Wed, Apr 15, 2015 at 11:42 PM, Kaspar Brand httpd-dev.2...@velox.ch
wrote:
On 15.04.2015 18:36, Stefan Sperling wrote:
However, the actual issue here is that mod_ssl is squatting the SSL_
namespace.
Historically this may have made sense (it seems mod_ssl and OpenSSL have
shared
On Tue, 31 Mar 2015 10:49:47 -0400
Jim Jagielski j...@jagunet.com wrote:
Apologies for not hacking on motorz lately... will ramp up :)
BTW: Would it make sense to consider a release of 2.4.13 in April
to coincide w/ ApacheCon?
We've historically produced a release at the beginning of the
On Wed, 1 Apr 2015 00:36:23 +0200
Graham Leggett minf...@sharp.fm wrote:
Hi all,
I am picking apart some strange behaviour where use of the Alias
directive inside a Location along with a file path that doesn’t exist
(/_thumbs/i/dont/exist.jpg) triggers a loop of redirects to
On Fri, 13 Mar 2015 08:28:35 +1000
Noel Butler noel.but...@ausics.net wrote:
Time to think about EOL'ing 2.2 maybe since its 10 years old and 2.4
has been current stable best production recommendation for what,
about 3.5 years or so now, that would see adoption rates grow ;)
That would be
On Thu, 12 Mar 2015 12:54:16 -0400
Eric Covener cove...@gmail.com wrote:
I stumbled on this link that Bill had shared previously and went back
to look at previous snapshots:
March 2014: 2.0: 4.1%, 2.4: 4.3%
On Sat, 14 Feb 2015 10:45:34 -0600
Daniel Ruggeri drugg...@primary.net wrote:
Hi, Rich;
I dig it. I'm all for presenting and helping to make ApacheCon
great but I won't be able to make it on day 1 since I'll probably be
somewhere in the air over the Gulf of Mexico mid-day. If you are
On Tue, 10 Feb 2015 16:06:14 -0700
Leif Hedstrom zw...@apache.org wrote:
On Feb 10, 2015, at 12:36 PM, Rich Bowen rbo...@rcbowen.com wrote:
Here's my proposed httpd (and related) track. If anyone has any
objections, changes, suggestions, whatever, please speak up. Thanks.
Day
I'd look at mod_info as an example of both walking the config tree and
examining hook states.
On Sun, Feb 1, 2015 at 12:19 PM, Paul Duplys paul.dup...@gmail.com wrote:
Hi,
it seems that the configuration of the web server is stored in
ap_directive_t * ap_conftree configuration tree. I
On Wed, 28 Jan 2015 12:45:59 +0100
Steffen i...@apachelounge.com wrote:
In Changes I miss the revert r1642852 ?
It probably went unmentioned, because it appears to never hit CHANGES
in the first place (and 2.4.11 was not released), so the change had
never appeared to end users of released
On Wed, 28 Jan 2015 23:16:06 +0100
Steffen i...@apachelounge.com wrote:
There was an issue with 2.4.11 and in 2.4.12 there is nothing
mentioned in the change file what is reverted. There must be in
2.4.11 a change which was causing a issue, and the changes from
2.4.11 are included. So the
On Mon, 26 Jan 2015 16:43:29 -0500
Jim Jagielski j...@jagunet.com wrote:
I'll give the vote another 24 hours... I don't consider the
UTC/logging issue enough to hold the release, unless it appears
a symptom of a more serious problem, but want to give us some
more time to try to get a handle
Hi Nick, Noel,
I presume you are each running mod_php (and not php's fcgi sapi)?
Are you doing so with prefork mpm, or the win32/worker mpm? Did
you build php TS?
Did you update any aspect of php between your 2.4.10 and 2.4.12
test cases?
On Mon, 26 Jan 2015 11:23:20 +1000
Noel Butler
On Thu, 22 Jan 2015 18:08:20 +
Lu, Yingqi yingqi...@intel.com wrote:
Hi Jim,
Thanks for the update!
A quick question on the review and testing procedure. Right now, Yann
Ylavic already made available a 2.4 version of the patch. The link is
included at http://svn.apache.org/r1651967 .
On Mon, 19 Jan 2015 16:28:46 -0600
William A. Rowe Jr. wr...@rowe-clan.net wrote:
On Sun, 18 Jan 2015 23:00:10 -0500
Eric Covener cove...@gmail.com wrote:
On Thu, Oct 30, 2014 at 4:34 AM, jkal...@apache.org wrote:
+/* core_dir_config is Directory*, but the requested
On Sun, 18 Jan 2015 23:00:10 -0500
Eric Covener cove...@gmail.com wrote:
On Thu, Oct 30, 2014 at 4:34 AM, jkal...@apache.org wrote:
Author: jkaluza
Date: Thu Oct 30 08:34:12 2014
New Revision: 1635428
URL: http://svn.apache.org/r1635428
Log:
core: Do not match files when using
Have you determined that kernel32.lib is in the link list? Wondering also
about double vs. single underscore. Something might just be downright strange
in the win32 api headers in use.
Edward Lu chaos...@gmail.com wrote:
Using Visual Studio 2013 command line tools, on Windows Server 2012
I'm confused. Piped logging did work just fine on Windows, unless something
has broken it.
The design goal was simply to support multiple processes some day. And the
code in question was proof-of-concept, that we could perform fd inheritance al
la *nix. But the cross process locking for
I overlooked 2 other viable options
[ ] Roll -win32-src-r2.zip with apr-util 1.5.2 (pre-breakage) and
corresponding binaries
[ ] Roll -win32-src-r2.zip with apr-util 1.5.4 (upon release) and
corresponding binaries
wr...@rowe-clan.net wrote:
Finally returned to VC6, having replaced my older
No... only if the patch is restructured to preserve all existing structure
members at their current offsets. New struct members at the end of an existing
structure is the definition of a minor mmn bump. If third party module authors
allocate ap structs, it is their job to track against mmn
The 1.5 apr-util (and apr) branches are actively maintained. You have forward
binary compatibility since 1.0 used in the early 2.1-dev days. Because 1.4.x
was not receiving attention (and was missing new API's used for httpd-2.4) the
project determined it would bundle 1.5 rather than the
And to answer the question, VC6 for httpd 2.2 is simply for msvcrt.DLL
compatibility and no-surprises upgrades. It is suboptimal, but not as
suboptimal as MS's active disdain for msvcr###.dll users.
Wang, Andy aw...@ptc.com wrote:
On Wed, 2014-09-03 at 09:27 -0700, wr...@rowe-clan.net wrote:
that there are differences, by design.
I guess I should not do these tests after midnight - as I just saw that I had
commented out the --enable-load-all-modules. You had already shared this
wisdom!
My apologies. :(
On Thu, Aug 21, 2014 at 8:29 PM, William A. Rowe Jr. wr...@rowe-clan.net
wrote:
On Fri, 8 Aug
. They do
not look to all being tested.
FYI only - as I do not believe I have a vote to give.
I would like to mention, re: the tests, that most, if not all, pass with
httpd-2.4.9
On Fri, Aug 22, 2014 at 8:59 PM, William A. Rowe Jr. wr...@rowe-clan.net
wrote:
The pre-release candidate Apache
On Thu, 21 Aug 2014 15:10:02 -0400
Jeff Trawick traw...@gmail.com wrote:
* Place a patch for 2.4.10 in patches/apply_to_
* Refer to the 2.4.10 patch after the description of the vulnerability
within the 2.2.next announcement.
Rather than maintaining these any longer in dist/, we have
On Thu, 21 Aug 2014 12:39:40 -0400
Jim Jagielski j...@jagunet.com wrote:
OK... created a CentOS5 system w/ libtool 1.5.26 and
autoconf 2.69, so I can RM 2.2.x!
Excellent! Sorry I missed your note, claws mail client doesn't
re-sort by last-post date in threaded mode. Someday, I'll find
a mail
The pre-release candidate Apache httpd 2.2.28 can be found in;
http://httpd.apache.org/dev/dist/
+/-1
[ ] Release 2.2.28 (apr 1.5.1, apr-util 1.5.3)
Please take note of APR subversion version bump from 1.5.0 to 1.5.1.
Vote to conclude 13:30 GMT Monday, provided enough voters have
On Fri, 22 Aug 2014 08:14:13 -0400
Jim Jagielski j...@jagunet.com wrote:
I propose to TR 2.2.28 on Tuesday; this gives people today,
the weekend, and Monday to ensure 2.2.28 is in good enough
shape to release.
My bad, I had already tagged and rolled before I caught up with this
thread, again
/release.html
So I'm withdrawing this candidate from consideration, and have time
for one more re-roll this morning in about 45 minutes, provided that
nobody caught any other quirks in the candidate.
Bill
On Fri, 22 Aug 2014 08:38:02 -0500
William A. Rowe Jr. wr...@rowe-clan.net wrote:
The pre-release
The pre-release candidate Apache httpd 2.2.29 - with simply a rebuild
of the docs/manual/ since 2.2.28, can be found in;
http://httpd.apache.org/dev/dist/
+/-1
[ ] Release 2.2.29 (apr 1.5.1, apr-util 1.5.3)
Please take note of APR subversion version bump from 1.5.0 to 1.5.1
since
On Wed, 20 Aug 2014 16:35:34 +0100
Ben Reser b...@reser.org wrote:
I'd do the rolling myself but I'm not 100% clear on what needs to
happen. So if someone can do a little hand holding I'll be happy to
do the release myself. I'm generally familiar with how the ASF does
releases since I do the
we
be baselining for 2.2.x?
On Tue, 12 Nov 2013 11:56:39 -0600
William A. Rowe Jr. wr...@rowe-clan.net wrote:
Libtool 1.5.26 and autoconf 2.67 were used for 2.2.25 release; any
later 1.5 libtool or 2.6x series autoconf aught to work but you
would want to pre- buildconf and review any
On Fri, 8 Aug 2014 10:55:17 +0200
Michael Felt mamf...@gmail.com wrote:
*Please excuse my laziness* - because I am sure there is a way to get
all modules activated in both 2.2.X and 2.4.X - only that they are
slightly different - and I am sure you have documented it somewhere
(and even
.
Christophe JAILLET christophe.jail...@wanadoo.fr wrote:
Le 19/07/2014 22:44, William A. Rowe Jr. a écrit :
If it violates 80 col formatting style rule, absolutely do not shift
the APLOGNO macro to the first line.
Sure.
Moreover, when submitting patches, I'll take care to only propose things
Spanning lines in regex tests is trivial.
If it violates 80 col formatting style rule, absolutely do not shift the
APLOGNO macro to the first line.
Christophe JAILLET christophe.jail...@wanadoo.fr wrote:
Hi,
I was wondering if logged message, at least APLOG_ERR or APLOG_EMERG and
APLOG_CRIT,
There are a stack of other bug fixes, particularly to mod_deflate that deserve
consideration. Spending my eve and tomorrow morning reviewing these.
(FYI; once you have the 3 +1's to your backport proposal, feel free to apply it
yourself, if you have the free cycles.)
Ben Reser b...@reser.org
If you have the similar tool chain revs as .27, terrific! Otherwise, I'll tag
in the a.m.
+1 from me, of course.
Jim Jagielski j...@jagunet.com wrote:
If so, I can RM.
Combined with typical ssl session shmcb ... That single process still has
session keys of other prefork processes, as well as the common ssl session
ticket key and ssl cert keys. In practice the benefits of prefork are
somewhat limited to casual attacks.
This is a once-per-request query, so a note shouldn't be a bad thing.
But I'm wondering if we need a multi-state (and eventually, fold that
into 2.6/3.0 req_req instead)?
Many users have requested that mod_proxy honor -configured- proxypass
backends' 100 responses and defer the 100 response to
On Mon, 17 Mar 2014 05:40:19 -0500
William A. Rowe Jr. wmr...@gmail.com wrote:
I've been running behind too... But expect to have all my platforms
checked out Monday. Since there are no negative votes we'll keep
this open a bit longer.
Apologies for the delay, this has been pushed
Apache HTTP Server 2.2.27 Released
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.27 of the Apache HTTP
Server (Apache). This version of Apache is principally a security
and bug fix
to me.
On Wednesday, March 26, 2014 6:17 PM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
On Mon, 17 Mar 2014 05:40:19 -0500
William A. Rowe Jr. wmr...@gmail.com wrote:
I've been running behind too... But expect to have all my platforms
checked out Monday. Since
a win32 httpd 2.2 installer.
Thanks everyone!
On Tue, Mar 18, 2014 at 6:09 AM, Yann Ylavic ylavic@gmail.com wrote:
On Thu, Mar 13, 2014 at 9:55 PM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
The pre-release candidate Apache httpd 2.2.27 can be found in;
http
?
On Thu, Mar 13, 2014 at 4:55 PM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
The pre-release candidate Apache httpd 2.2.27 can be found in;
http://httpd.apache.org/dev/dist/
+/-1
[ ] Release 2.2.27 (apr 1.5.0, apr-util 1.5.3)
Please take note of APR minor
On Mon, 17 Mar 2014 13:25:32 +0100
Rainer Jung rainer.j...@kippdata.de wrote:
On 17.03.2014 10:59, Plüm, Rüdiger, Vodafone Group wrote:
I try to find a slot to vote on 2.2.x later today, but I guess it
will be in the evening my local time (GMT+1).
Same here, some builds and tests still
First, big props and thank yous to Rüdiger for a flurry of svn tree
and backport maintenance, I owe you 1 beers/coffees :)
Trouble. From www.apache.org/dist/apr/ as near as I can tell the APR
project discontinued the 1.4.x branch by removing it from their package
distributions. It seems
On Thu, Mar 13, 2014 at 2:37 PM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
Trouble. From www.apache.org/dist/apr/ as near as I can tell the APR
project discontinued the 1.4.x branch by removing it from their package
distributions. It seems inconceivable that we would ship something
The pre-release candidate Apache httpd 2.2.27 can be found in;
http://httpd.apache.org/dev/dist/
+/-1
[ ] Release 2.2.27 (apr 1.5.0, apr-util 1.5.3)
Please take note of APR minor version bump from 1.4.8 to 1.5.0.
Votes please - up, down or sideways... vote to conclude 21:00 GMT
On Wed, 12 Mar 2014 00:30:57 +
Dr Stephen Henson shen...@opensslfoundation.com wrote:
On 11/03/2014 21:46, Gregg Smith wrote:
On 3/11/2014 1:29 PM, Rainer Jung wrote:
On 11.03.2014 17:34, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.8 can be found
at the
On Thu, 20 Feb 2014 02:42:46 -0600
William A. Rowe Jr. wr...@rowe-clan.net wrote:
With no objection, I will tag and roll 2.2 branch for release a week
from Friday, with the intent to announce both the proper 2.4 'current'
and the 2.2 'legacy' at the same time in tandem with Jim's efforts
In working through this code, I realized that you may have multiple cookie
headers of multiple values for the same cookie name.
Mark Thomas looked at the spec for me and determined they would be entirely
permissible by RFC 6265 S4.2.2. But today we simply log one and done.
I don't want to hold
On Mar 7, 2014 4:50 PM, Yann Ylavic ylavic@gmail.com wrote:
On Fri, Mar 7, 2014 at 10:25 PM, William A. Rowe Jr. wmr...@gmail.com
wrote:
In working through this code, I realized that you may have multiple
cookie
headers of multiple values for the same cookie name.
Mark Thomas looked
So I am happy to agree with the semicolon list delimiter for logging.
On Mar 7, 2014 5:09 PM, Yann Ylavic ylavic@gmail.com wrote:
On Sat, Mar 8, 2014 at 12:06 AM, William A. Rowe Jr. wmr...@gmail.com
wrote:
On Mar 7, 2014 4:50 PM, Yann Ylavic ylavic@gmail.com wrote:
On Fri, Mar
On Wed, Mar 5, 2014 at 11:38 AM, Lu, Yingqi yingqi...@intel.com wrote:
1. If I understand correctly (please correct me if not), do you suggest
duplicating the listen socks inside the child process with SO_REUSEPROT
enabled? Yes, I agree this would be a cleaner implementation and I actually
ruediger.pl...@vodafone.com wrote:
-Original Message-
From: William A. Rowe Jr. [mailto:wmr...@gmail.com]
Sent: Donnerstag, 6. März 2014 06:58
To: dev@httpd.apache.org
Subject: Re: [PATCH ASF bugzilla# 55897]prefork_mpm patch with
SO_REUSEPORT support
If you want
Yingqi,
as one of the 'Windows folks' here, your idea is very intriguing, and
I'm sorry that other issues have distracted me from giving it the
attention it deserves.
If you want to truly re-architect the MPM, by all means, propose it as
another MPM module. If it isn't adopted here, please
Tom,
this code is shared with all the other pipe features in httpd, I
believe the docs at
http://httpd.apache.org/docs/current/logs.html#piped will explain why
the shell was
not invoked, and provides an example of how to invoke your pipe script
with shell.
You can use the docs commentary system
Note the -start and -stop functionality of the framework. Is this
script supposed to live for the duration of a test? Or will this
script coexist next to the running server? The server can be started
and left there, ready for multiple test invocations even across
machines, so it would be
On Wed, Feb 26, 2014 at 2:45 PM, Ruediger Pluem rpl...@apache.org claimed:
Even if they use IP/Port based virtual hosting the SNI name and supplied host
header should be consistent.
For all incoming forward proxy requests your statement is complete nonsense.
The Host: header consistently
On Mon, 24 Feb 2014 10:18:25 -0500
Eric Covener cove...@gmail.com wrote:
We had a cancellation for one of the httpd talks for Denver, any
proposals to fill the slot that either didn't make the first cut or
didn't get submitted at all?
An alternative option might be an ask / stump the
On Mon, Feb 24, 2014 at 10:57 AM, Yann Ylavic ylavic@gmail.com wrote:
This could be a worthwhile idea and I have seen your patch in bugzilla.
For ease of commenting I would like you to post it here such that inline
comments could
be made (I would have some).
Here it is (thanks for
Understood and this would explain assigning them to MOD_SSL_LIBS etc. But
added to MOD_LIBS? That struck me as very odd.
On Feb 22, 2014 1:41 AM, Kaspar Brand httpd-dev.2...@velox.ch wrote:
On 20.02.2014 04:18, William A. Rowe Jr. wrote:
Can anyone offer background as to why httpd 2.4 branch
Nobody else seems to have responded, so here's a ++1!
Good forward progress, and I'll offer a complimentary 2.2 release in
tandem to keep people in sync with regression fixes and security
questions.
On Tue, Feb 4, 2014 at 7:58 AM, Jim Jagielski j...@jagunet.com wrote:
I'd like to TR and release
With no objection, I will tag and roll 2.2 branch for release a week
from Friday, with the intent to announce both the proper 2.4 'current'
and the 2.2 'legacy' at the same time in tandem with Jim's efforts.
We obviously need to clean up the TLS/hostname mess we've left for the
2.2.26 adopters,
Output from ldd /user/local/bin/httpd ?
mod_ssl and aprutil-1.so aught to have the right rpath to resolve. One of
your other libs is bound to openssl, as I warned you before about
libldap/lber.
Tom, please start a new thread, this is a discuss thread for planning a
2.4.8 release. Thanks.
On Wed, Feb 19, 2014 at 5:54 PM, Tom Browder tom.brow...@gmail.com wrote:
On Wed, Feb 19, 2014 at 11:21 AM, Tom Browder tom.brow...@gmail.com
wrote:
On Wed, Feb 19, 2014 at 10:53 AM, Dr Stephen
Odd, there is something going on here. I am wondering if this fails to
resolve zlib libraries? Also don't concern yourself with the 0.9.7 check,
you met it (=) with 1.0.1. Somehow, it didn't resolve the ssl library
files initially given
adding -L/usr/local/ssl/lib to LDFLAGS
setting LIBS to
also match. Please also answer the questions about os/rev level etc.
On Wed, Feb 19, 2014 at 6:41 PM, Tom Browder tom.brow...@gmail.com wrote:
On Wed, Feb 19, 2014 at 7:37 PM, William A. Rowe Jr. wmr...@gmail.com
wrote:
Odd, there is something going on here. I am wondering if this fails
I've noticed that openssl default builds do not necessarily add -lz to the
lib/pkgconfig/openssl.pc when they might be needed. In any case I'm going
to guess you perhaps hadn't installed the zlib1g-dev package?
On Wed, Feb 19, 2014 at 7:09 PM, Dr Stephen Henson
shen...@opensslfoundation.com
You could try tweaking the deployed /usr/local/lib/pkgconfig/openssl.pc
file to include -lz in Libs: (just after -ldl), and then re-./configure
On Wed, Feb 19, 2014 at 7:52 PM, Tom Browder tom.brow...@gmail.com wrote:
On Wed, Feb 19, 2014 at 8:39 PM, William A. Rowe Jr. wmr...@gmail.com
wrote
interestingly, openssl 1.0.1f make install_docs totally fails at
man1/cms.1 with 'expected text after =item, not a number' under Fedora 20.
Not that I attempt that arch for anything of substance.
On Wed, Feb 19, 2014 at 8:11 PM, William A. Rowe Jr. wmr...@gmail.comwrote:
You could try tweaking
On Wed, Feb 19, 2014 at 8:51 PM, Dr Stephen Henson
shen...@opensslfoundation.com wrote:
On 20/02/2014 02:40, William A. Rowe Jr. wrote:
First insight, did you ./config openssl, or ./config shared? It seems near
impossible to use static openssl. apr-util configure will fail since
I believe that Kaspar and Ruediger are still entirely at odds with my
position, but this 'enhancement' should never have been unilaterally
applied as it was to 2.2.26 and must be reverted (even as the feature
is 'fixed' with corrections they have blessed), e.g. the comparison
must be constrained
Can anyone offer background as to why httpd 2.4 branch ./configure likes
checking for OpenSSL... checking for user-provided OpenSSL base
directory... /usr/local/ssl adding -I/usr/local/ssl/include to
CPPFLAGS setting MOD_CFLAGS to -I/usr/local/ssl/include
setting ab_CFLAGS to
, William A. Rowe Jr. wmr...@gmail.com wrote:
First insight, did you ./config openssl, or ./config shared? It seems near
No option which I think means static.
impossible to use static openssl. apr-util configure will fail since
pkgconfig isn't consulted properly. httpd configure would also likely
implementation of an idea suggested by William A. Rowe
Jr.
- This one could bring a slight improvement in behavior to some
unlikely use cases.
- https://issues.apache.org/bugzilla/show_bug.cgi?id=55886
- This one is analysis on the question of what should appear in the
client field
On Mon, 6 Jan 2014 15:01:58 -0500
Jim Jagielski j...@jagunet.com wrote:
On Jan 6, 2014, at 2:40 PM, Blaise Tarr blaise.t...@gmail.com wrote:
So mod_rewrite is not recognizing the unix: prefix as being
valid. I temporarily commented out the call of fully_qualify_uri(r)
at
On Tue, 31 Dec 2013 13:27:30 -0500
Daniel Kahn Gillmor d...@fifthhorseman.net wrote:
On 12/31/2013 01:19 PM, Graham Leggett wrote:
It is also a statement of what keys have historically been used to
sign past artifacts, and that is just as important.
These are distinct things, though. It
On Sat, 14 Dec 2013 10:25:00 +0100
Kaspar Brand httpd-dev.2...@velox.ch wrote:
On 14.12.2013 09:36, William A. Rowe Jr. wrote:
ProxyPass is not involved in the SSL forward proxy case at all, as I
already tried to point out.
Good, we've finally agreed. This entire thread has been on forward
On Sat, 14 Dec 2013 10:25:00 +0100
Kaspar Brand httpd-dev.2...@velox.ch wrote:
On 14.12.2013 09:36, William A. Rowe Jr. wrote:
I beg to differ. We are left with a question of whether you are
responsible to defend the current behavior, or whether I can simply
rely on RFC2817 to document
On Mon, 16 Dec 2013 22:18:46 +0100
Rainer Jung rainer.j...@kippdata.de wrote:
On 16.12.2013 20:25, William A. Rowe Jr. wrote:
On Sat, 14 Dec 2013 10:25:00 +0100
Kaspar Brand httpd-dev.2...@velox.ch wrote:
Just unload mod_proxy_http and mod_ssl
from the configuration, and you'll find
On Mon, 16 Dec 2013 22:29:39 -0600
William A. Rowe Jr. wr...@rowe-clan.net wrote:
On Sat, 14 Dec 2013 10:25:00 +0100
Kaspar Brand httpd-dev.2...@velox.ch wrote:
On 14.12.2013 09:36, William A. Rowe Jr. wrote:
I beg to differ. We are left with a question of whether you are
responsible
On Sat, 14 Dec 2013 09:04:53 +0100
Kaspar Brand httpd-dev.2...@velox.ch wrote:
I won't defend the checks introduced with r757373 under all
circumstances, but they are definitely not the cause for this
purported defect.
I beg to differ. We are left with a question of whether you are
On Fri, 13 Dec 2013 07:05:13 +0100
Kaspar Brand httpd-dev.2...@velox.ch wrote:
On 12.12.2013 20:06, William A. Rowe Jr. wrote:
On Thu, 12 Dec 2013 09:28:16 +
Plüm, Rüdiger, Vodafone Group ruediger.pl...@vodafone.com wrote:
The reason is that you can define SSL parameters in Virtual
1401 - 1500 of 6128 matches
Mail list logo