On Wed, 12 Jun 2013 21:27:18 +0200
Stefan Fritsch wrote:
> On Wednesday 12 June 2013, William A. Rowe Jr. wrote:
> > On Wed, 12 Jun 2013 05:41:35 -0700 (PDT)
> >
> > In principal, we do not change defaults in a released branch.
>
> That's not true. It doesn
On Wed, 12 Jun 2013 21:24:31 +0200
Reindl Harald wrote:
>
> well, on Redhat systems in "/etc/sysconfig/httpd" put the line
> "OPENSSL_NO_DEFAULT_ZLIB=1" did disable it before httpd
> offered a option, but IHMO any server software should
> come with as much as secure defaults if they do not hurt
On Wed, 12 Jun 2013 05:41:35 -0700 (PDT)
Petr Sumbera wrote:
> Hi guys,
>
> shouldn't Apache 2.2 contain the same change which went for 2.4?
>
> http://svn.apache.org/viewvc?view=revision&revision=1400962
In principal, we do not change defaults in a released branch.
This was altered after 2.4
Historically on unix it was syntactic... would you rather control access in
filepath space or uri space? It seemed pretty simple to grant read access, versus the so that was
an early preference still used by some admins.
With case-insensitive filesystems it became a real problem. Granting
acce
+1... this thread is sufficient for voting :)
On Fri, Jun 7, 2013 at 11:41 AM, Guenter Knauf wrote:
> On 07.06.2013 18:26, Rainer Jung wrote:
>
>> mod_lua is still marked experimental because we did not yet expect it to
>> be complete or the APIs to be stable. So we did expect and wanted to
>>
On Mon, 03 Jun 2013 10:00:39 +0200
Reindl Harald wrote:
>
> unbelieveable - there where *two* of this
> useless unsubscribe-threads within a few
> days - what about read the welcome messages
> and/or list-headers?
Yes, most unbelievable, regular participants again spamming the entire
1000+ subsc
On Wed, 29 May 2013 17:06:14 +0100
Joe Orton wrote:
> On Wed, May 29, 2013 at 11:37:14AM -0400, Matthew Steele wrote:
> > Oops, yes, RUN_ALL semantics are desired; the misleading API
> > description is my fault, sorry. (I confess I never really
> > understood why RUN_ALL hooks accept both OK and
On Tue, 28 May 2013 09:13:46 +0530
kalyan sita wrote:
> I am able to debug the httpd -X process using eclipse gdb debugger
> But I am not able to profile the same.
> I am able to profile only a command line application .
> Can anyone pl help me out in profile the application with httpd -X
> proc
Works for me. 2.4 branch was quite busy this holiday weekend, it probably
needs a bit of time to stabilize.
On Tue, May 28, 2013 at 6:26 AM, Jim Jagielski wrote:
>
> On May 24, 2013, at 4:22 PM, William A. Rowe Jr.
> wrote:
>
> > On Wed, 22 May 2013 14:20:03 -0400
> &
On Wed, 22 May 2013 14:20:03 -0400
Jim Jagielski wrote:
> I would be nice, imo, to start thinking about a 2.4.5
> release Real Soon Now. We have lots of stuff added and
> fixed in 2.4.5-dev and even more fun stuff in STATUS.
>
> I'll RM.
What is your thought on RSN? Sometime Thurs-Sat timefram
On Fri, 24 May 2013 21:53:50 +0200
Guenter Knauf wrote:
> On 24.05.2013 21:37, Ben Reser wrote:
> > The build system should be able to compile with the major tool
> > chains, nobody expects to know how to work around weird autoconf,
> > make, gcc, etc quirks on Linux. I don't say this to be dism
On Fri, 24 May 2013 12:43:23 -0700
Ben Reser wrote:
> On Fri, May 24, 2013 at 8:23 AM, William A. Rowe Jr.
> wrote:
>
> > Also wondering where the OS/X download lives? It will build on any
> > OS/X box with a deployed toolchain, but I imagine many OS/X users
> > d
On Fri, 24 May 2013 21:02:04 +0200
Guenter Knauf wrote:
>
> also given that currently only Daniel and I (and Gregg with some
> testing) care about mod_lua I would like that we make an exception
> for this module so that we can backport any further modifications and
> fixes directly to the 2.4.x
On Fri, 24 May 2013 21:42:58 +0200
Guenter Knauf wrote:
> I dont know who has access / maintains the httpd buildbot, but I
> would like to have it build with maintainer mode; this could be
> useful to avoid that code we dont want slips in, f.e. var
> declarations after statements ...
We could do
On Fri, 24 May 2013 08:52:05 -0400
Jim Jagielski wrote:
> Maybe the real question is where exactly do we stand with
> Windows right now...
>
> We haven't had (complimentary) binary builds for Windows in
> quite awhile and, afaict, there are really no people focusing
> on Windows compatibility an
On Fri, 24 May 2013 09:26:34 -0400
Jim Jagielski wrote:
>
> On May 24, 2013, at 9:08 AM, Jeff Trawick wrote:
> >
> > Lots of us are employees of or otherwise manage to siphon money
> > from these companies. Make a pitch... (And some of us are happy
> > to freelance ;) )
>
> I'll be honest:
On Wed, 22 May 2013 14:20:03 -0400
Jim Jagielski wrote:
> I would be nice, imo, to start thinking about a 2.4.5
> release Real Soon Now. We have lots of stuff added and
> fixed in 2.4.5-dev and even more fun stuff in STATUS.
>
> I'll RM.
+1 and once this head-cold is clear, I'm now seeing dayli
On Tue, 14 May 2013 15:55:55 +0530
kalyan sita wrote:
> Hi William,
> Your reply helped me . I launched httpd -X and used gdb httpd -X> and the debugger went into child_main function of prefork.c
> and it is remaining in while loop in the same function. What I would
> want is to see what module
On Thu, 9 May 2013 14:08:45 +0530
kalyan sita wrote:
> I am trying to attach the eclipse debugger to find how different
> modules of apache source code are invoked.
> But I could only debug httpd binary and others present in bin
> directory. What I want is what exactly happens when a php script i
On Wed, 08 May 2013 19:08:56 -0500
Daniel Ruggeri wrote:
> On 5/8/2013 3:29 PM, Rainer Jung wrote:
> > Careful: I didn't test it but we delete the pid file during web
> > server shutdown. That might remove /dev/null then.
> >
> > On a quick look through the code I had the impression you can not
>
On Mon, 6 May 2013 23:42:27 +0100
Tom Jones wrote:
> We use process supervision and don't have a use for pid files. We
> are running multiple httpd instances, and have the config management
> to create a writable configured place for each instance to put its
> pid file.
Surely you have the very
On Fri, 03 May 2013 01:53:01 +0200
Guenter Knauf wrote:
> On 02.05.2013 10:22, André Warnier wrote:
> >
> > But I am a bit at a loss as to what to do next. I could easily
> > enough install such a change on my own servers (they are all
> > running mod_perl). But then, if it shows that the bots d
The only time I know of that the abspath is required should be DocumentRoot
and paths.
On Tue, Apr 16, 2013 at 9:43 AM, Guenter Knauf wrote:
> On 02.03.2013 04:19, Guenter Knauf wrote:
>
>> Hi all,
>> in httpd-ssl.conf.in we use always @exp_ for all paths like f.e.
>> @exp_sysconfdir@ and @exp
On Thu, 11 Apr 2013 01:55:57 +0200
Guenter Knauf wrote:
> I've now tested on Windows, and I can see all previously mentioned
> issues there too; in addition the attached script which works fine on
> NetWare crashes the Windows httpd ...
Backtrace, please?
A strange idea, but did you happen to
On Mon, 11 Mar 2013 14:41:48 +
Dwayne Miller wrote:
> I'm rejoining this list after several years of inactivity. I'm
> joining primarily in regards to this thread.
>
> I would like to help if possible.
We are starting from scratch with 2.4.x. Several key reasons;
- Long past time to shi
I would suggest you want to attach this patch to the bugzilla ticket.
NTLM does not honor HTTP/1.0 or 1.1 so it is highly unlikely to be accepted
into the Apache distribution, but as you point out, this does not mean that
there aren't others who would appreciate your patch.
On Feb 26, 2013 9:56 AM
On Mon, 18 Feb 2013 18:02:57 -0600
"William A. Rowe Jr." wrote:
> The tarball candidates for Apache httpd 2.2.24 can be found at
> the usual place:
>
> http://httpd.apache.org/dev/dist/
[X] +1 for GA: Happy Birthday, 2.2.24.
On Mon, 18 Feb 2013 15:34:15 -0500
Jim Jagielski wrote:
> The pre-release test tarballs for Apache httpd 2.4.4 can be found
> at the usual place:
>
> http://httpd.apache.org/dev/dist/
> [X] +1: Good to go
Glad for no bundled apr-util, this will make things so much easier
if we are only e
On Mon, 18 Feb 2013 18:02:57 -0600
"William A. Rowe Jr." wrote:
> The tarball candidates for Apache httpd 2.2.24 can be found at
> the usual place:
>
> http://httpd.apache.org/dev/dist/
Note these have been replaced 2013-02-20 21:19 on the /dev/dist
space as a
On Wed, 20 Feb 2013 12:58:07 -0500
Jim Jagielski wrote:
> +1: OSX 10.8.2, Fedora 16 and 18 (x86_64) and CentOS 6 (x86_64)
So what is your thinking on the apr-util 1.5.1 crypt mess?
Should we re-roll 2.4.4 deps and either re-roll 2.2.24 with a
corrected roll-release script to pull in 1.4.1? Or
On Wed, 20 Feb 2013 16:42:56 +1000
Noel Butler wrote:
> On Tue, 2013-02-19 at 23:31 -0600, William A. Rowe Jr. wrote:
>
>
>
> >
> > Note he mentioned SHA512, not crypt(). I don't know that this makes
> > a difference on that architecture.
> >
>
On Wed, 20 Feb 2013 02:20:55 +0100
Rainer Jung wrote:
> On 20.02.2013 01:39, Noel Butler wrote:
> > On Tue, 2013-02-19 at 12:03 +0100, Rainer Jung wrote:
>
> OK, so we know it is correctly retrieving the hash and the aces
> control really fails in the apu password_validate.
>
> Next: Could you
16:44:43 -0600
"William A. Rowe Jr." wrote:
> I've found the following data summary very useful in terms of
> drill-down capability;
>
> http://w3techs.com/technologies/details/ws-apache/2.2/all
> http://w3techs.com/technologies/details/ws-apache/2.4/all
>
On Tue, 19 Feb 2013 14:11:59 +1000
Noel Butler wrote:
> On Tue, 2013-02-19 at 13:35 +1000, Noel Butler wrote:
>
>
> > reports: APR-util Version: 1.5.1
>
>
> I note the APR version in -deps is only 1.4.6, but APR-utils is 1.5.1
> could this be the issue?
No. APR doesn't care about the APR-u
The tarball candidates for Apache httpd 2.2.24 can be found at
the usual place:
http://httpd.apache.org/dev/dist/
Please VOTE for releasing this Apache httpd 2.2.24 candidate as GA.
[ ] +1 for GA: Happy Birthday, 2.2.24.
[ ] -1: Exterminate. (What broke?)
Vote will last the normal 72
On Mon, 18 Feb 2013 21:53:16 +0100
Rainer Jung wrote:
> On 18.02.2013 21:47, Rainer Jung wrote:
> > On 18.02.2013 21:36, Eric Covener wrote:
> >
> > The regression in 2.2.23 is that RewriteBase started to get merged
> > in 2.2.23. It wasn't before. This seems to have broken certain
> > setups. P
On Mon, 18 Feb 2013 15:36:17 -0500
Eric Covener wrote:
> > Ok, so 2.2.23 had not suffered this regression yet? If not, we
> > should just move ahead and then can consider any improved behavior
> > in 2.2.x. There are no changes to mod_rewrite in 2.2.x since 2.2.23
> > was tagged.
>
> 2.2.23 has
On Mon, 18 Feb 2013 14:15:45 -0500
Eric Covener wrote:
> On Mon, Feb 18, 2013 at 2:00 PM, Rainer Jung
> wrote:
> > On 18.02.2013 19:02, Eric Covener wrote:
> >> I am on the road right now, but a user reported that my fix to make
> >> rewritebase merging opt-in is busted and breaks normal overrid
On Fri, 15 Feb 2013 04:48:42 -0600
"William A. Rowe Jr." wrote:
>
> I plan to tag between late Friday 15 Feb eve, and Saturday. The
> remaining STATUS items only have a vote or two, or are contested
> and can't really be expected to hit this tag. It might be a bit
&
On Fri, 15 Feb 2013 10:29:53 -0800
Gregg Smith wrote:
>
> Nothing political, it was from experience of years past when I was
> handed a benchmark script. I am eating crow here as I see nothing
> different when using fcgid from my test years ago. I am seeing
> different results in mod_php and no
On Fri, 15 Feb 2013 19:39:17 +0100
Ruediger Pluem wrote:
> >
> > I guess with the 2.2.23 question you meant what to include in a
> > 2.2.23 build done right now? Since we plan to have 2.2.24 soon (and
> > I guess you are going to provide Windows binaries for 23 and 24),
> > I'd say 2.2.23 is most
On Fri, 15 Feb 2013 13:06:22 +0100
Rainer Jung wrote:
> On 05.02.2013 23:12, William A. Rowe Jr. wrote:
>
> Don't know how windows handles the use of two versions of a DLL in
> the same process.
They must have different file names (not paths); e.g. a versioned dll
filename li
On Fri, 15 Feb 2013 10:38:40 -0500
Mark Stosberg wrote:
>
> I'd like feedback on whether the following behavior is a bug, or
> intentionally inconsistent.
>
> I was looking at the environment variables generated by this case:
>
>Browser URL: /file%3Fa=b?c=d
>
>'QUERY_STRING' => 'a=b&c
On Tue, 5 Feb 2013 11:46:55 -0600
"William A. Rowe Jr." wrote:
> On Fri, 1 Feb 2013 09:15:46 -0500
> Jim Jagielski wrote:
>
> > I think it's about time for 2.4.4... just a handful
> > of proposed backports are still open. I propose we
> > do a T
On Tue, 5 Feb 2013 23:47:03 -0600
"William A. Rowe Jr." wrote:
>
> > On 2/5/2013 2:12 PM, William A. Rowe Jr. wrote:
> > > In catching up with building 2.2.23 and getting somewhere with
> > > 2.4.3 (soon to be .24 and .4 from today's emai
On Wed, 06 Feb 2013 14:26:33 -0800
Gregg Smith wrote:
>
> mod_fcgid alleviates both compiler/OpenSSL problems since it's
> running php in it's own process true, but at the cost of speed. I'm
> not sure I would consider that "optimal," but it works!
I'd like to counter some FUD - do you have a s
On Sun, 10 Feb 2013 08:25:35 -0800 (PST)
Joe Schaefer wrote:
> Here's a sledgehammer patch to ap_rgetline_core()
> to replace r->input_filters with r->proto_input_filters.
> This would still mean protocol filters behind ap_http_filter
> would need to punt on these calls, but that's a lot
> more r
On Wed, 6 Feb 2013 10:22:45 + (GMT)
p...@talk21.com wrote:
> How many Linux distros ship httpd 2.4?
>
> Fedora 18 is their first release to include httpd 2.4. Since Fedora
> is often an early adopter of new releases, I expect 2.4 hasn't
> trickled down to other distributions yet, e.g. RHEL,
On Tue, 05 Feb 2013 16:43:13 -0800
Gregg Smith wrote:
> On 2/5/2013 2:12 PM, William A. Rowe Jr. wrote:
> > In catching up with building 2.2.23 and getting somewhere with 2.4.3
> > (soon to be .24 and .4 from today's email notes), I'm left with one
> > quandary.
On Tue, 05 Feb 2013 16:43:13 -0800
Gregg Smith wrote:
> On 2/5/2013 2:12 PM, William A. Rowe Jr. wrote:
> > In catching up with building 2.2.23 and getting somewhere with 2.4.3
> > (soon to be .24 and .4 from today's email notes), I'm left with one
> > quandary.
On Tue, 05 Feb 2013 16:48:08 -0500
"Mikhail T." wrote:
> On 05.02.2013 16:37, Nick Kew wrote:
> > But in general, querying another module, or knowing anything about
> > its cleanups, would be a violation of modularity. If it's
> > legitimate for a module to expose its inner workings, it can do s
On Tue, 05 Feb 2013 17:47:48 -0500
"Mikhail T." wrote:
> BTW, is modp->module_index a reliable indication of order in which
> modules are processed? In other words, of module1's index is smaller
> than that of module2, does that mean, module1's hooks will be invoked
> prior to module2's? Or must
I've found the following data summary very useful in terms of
drill-down capability;
http://w3techs.com/technologies/details/ws-apache/2.2/all
http://w3techs.com/technologies/details/ws-apache/2.4/all
while their breakdown/segmentation tabulations provide some
interesting data such as;
http://w3
In catching up with building 2.2.23 and getting somewhere with 2.4.3
(soon to be .24 and .4 from today's email notes), I'm left with one
quandary.
The 2.2 builds all used OpenSSL 0.9.8 and that's where I would leave
it, while 2.4 builds aught to use 1.0.1. That, and libxml2 and lua
are the packa
On Sat, 02 Feb 2013 13:18:11 -0800
Gregg Smith wrote:
> Hello,
>
> Since the Next Protocol Negotiation addition, mod_ssl cannot be
> compiled on Windows since the AP namespace is for imports.
>
> Are there any objections to this which allows the NPN hooks to be
> exported in
> Windows.
>
> If
On Fri, 1 Feb 2013 09:15:46 -0500
Jim Jagielski wrote:
> I think it's about time for 2.4.4... just a handful
> of proposed backports are still open. I propose we
> do a T&R the end of next week with a release the
> week after that. I'll be RM.
>
> Comments?
+1, it's been a while, thanks for RM'
Sorry, I'm not ignoring the list (entirely). Seems Thunderbird and my ISP
have decided not to dance anymore and it looks like I'm spending Thursday
doing some fundamental email restructuring (sigh). Hopefully I'll have the
list traffic back sometime by Friday, thanks to Jeff, Reindl, and Steffen
Candidate binaries are available from http://httpd.apache.org/dev/dist/ -
these do not yet constitute ASF releases. Win32 specific artifacts
(x86 binary distribution and -win32-src.zip) will follow sometime later
this evening.
Feedback and edits to the draft announcement are greatly appreciated,
On 8/20/2012 3:36 PM, Gregg Smith wrote:
> Hi Joe,
>
> There seems to be a problem with this commit.
> mod_ssl.c
> .\mod_ssl.c(288) : error C2491: 'modssl_run_npn_advertise_protos_hook' :
> definition of
> dllimport function not allowed
> .\mod_ssl.c(294) : error C2491: 'modssl_run_npn_proto_nego
On 8/18/2012 2:32 PM, wr...@apache.org wrote:
> --- httpd/httpd/branches/2.2.x/STATUS (original)
> +++ httpd/httpd/branches/2.2.x/STATUS Sat Aug 18 19:32:38 2012
> @@ -145,7 +145,7 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
>http://svn.apache.org/viewvc?view=revision&revision=1225476
>
On 8/17/2012 1:10 PM, Rainer Jung wrote:
> On 17.08.2012 19:22, William A. Rowe Jr. wrote:
>> This list is frankly too long to consider for a T&R today, which will happen
>> later this afternoon or early evening as I mentioned several days ago.
>>
>> Rainer, ca
[Not sure what happened but this didn't appear to make it to the list...]
Folks, since enabling and disabling tls v1.1 and v1.2 proved important with
mitigating the last openssl vulnerability, I'd really like to get this fix in
and consider it a showstopper.
http://openssl.org/news/secadv_2012051
This list is frankly too long to consider for a T&R today, which will happen
later this afternoon or early evening as I mentioned several days ago.
Rainer, can you draw our attention to the backports most critical to closing
any security issues present in 2.2, so we can give those proper review?
Folks, since enabling and disabling tls v1.1 and v1.2 proved important in
mitigating the last openssl vulnerability, I'd really like to get this fix in.
Could you please review my revisions and commentary, especially sf and kbrand
who had raised the issues to address, and vote?
It wasn't clean ou
On 8/15/2012 8:23 PM, pqf wrote:
> But since someone said remove this sleep(), the server work fine without
> bottleneck(Maybe
> he didn't notise the warm up issue?), so I thought remove the sleep() is a
> good idea. But
> reduce the time of sleep() is fine to me too.
> Any other idea?
Can we in
On 8/14/2012 4:17 PM, Jim Jagielski wrote:
> With my Mom's hospitalization and stuff, this kinda slipped...
Sorry to hear, hope she is recovering :(
> I propose this Friday: Aug 17th.
+1 - I'll address anything wrong for mak/dep files. Jeff's brilliant
catch of that regression in core.c to the w
On 8/8/2012 4:45 AM, Ben Laurie wrote:
> On Wed, Aug 8, 2012 at 2:47 AM, Guenter Knauf wrote:
>> Am 08.08.2012 07:39, schrieb Kaspar Brand:
>>
>>> On 06.08.2012 22:08, William A. Rowe Jr. wrote:
>>>>
>>>> On 8/5/2012 10:10 PM, Kaspar Brand wrote
On 8/9/2012 11:26 AM, Claudio Caldato (MS OPEN TECH) wrote:
> Better patch, fixed minor issue after another code review.
Sadly, it won't fix the defect.
Yes, you are successfullly performing a blocking initial read.
And the pipe remains unblocked for the rest of the connection, so any
further bl
On 8/8/2012 8:56 PM, Ben Laurie wrote:
> On Wed, Aug 8, 2012 at 5:03 PM, Joe Orton wrote:
>> On Wed, Aug 08, 2012 at 08:00:25AM +0200, Kaspar Brand wrote:
>>> My thinking was that people should explicitly tell configure that they
>>> want to link with the libs in a build directory (so that they do
On 8/8/2012 9:03 AM, Joe Orton wrote:
> On Wed, Aug 08, 2012 at 08:00:25AM +0200, Kaspar Brand wrote:
>> My thinking was that people should explicitly tell configure that they
>> want to link with the libs in a build directory (so that they don't
>> "accidentally" use a directory which might only t
On 8/5/2012 10:10 PM, Kaspar Brand wrote:
> On 05.08.2012 14:38, Guenter Knauf wrote:
>> Am 05.08.2012 10:10, schrieb Kaspar Brand:
>>> 1) use --with-ssl-builddir for linking with the static OpenSSL libraries
>>> in that directory (and ignore --with-ssl in this case)
>> what about splitting into tw
On 8/5/2012 8:32 AM, Steinar H. Gunderson wrote:
> On Sun, Aug 05, 2012 at 11:05:59AM -0400, Jeff Trawick wrote:
>> Great! I'll do something about the remaining patch "before long".
>
> When the time comes, do we have any hopes of getting this back from trunk to
> 2.4, or would it need to wait fo
On 8/1/2012 5:01 PM, Reindl Harald wrote:
>
> there is simply no need for UTF8 in servrnames
> the nslookup you see is only a user-view
>
> there are only ASCII chars in dns and http-config
> without any special char and that is why IDN exists
>
> ServerAlias xn--wrmlach-n2a.at www.xn--wrmlach-n
On 4/7/2012 2:00 AM, Reindl Harald wrote:
>
>
> Am 07.04.2012 08:33, schrieb William A. Rowe Jr.:
>> So we have live registrars, no longer "experimental", who are now
>> registering domains in punycode. Make of it what you will.
>>
>> Do we want to re
On 7/31/2012 1:05 PM, William A. Rowe Jr. wrote:
> On 7/14/2012 9:42 PM, Gregg Smith wrote:
>> On 7/14/2012 9:35 PM, Gregg Smith wrote:
>>> On 7/13/2012 7:31 PM, William A Rowe Jr wrote:
>>>> I dont care about EOL'ed XP users needing to provision it, but wha
On 7/31/2012 3:27 PM, Jeff Trawick wrote:
> On Tue, Jul 31, 2012 at 4:11 PM, William A. Rowe Jr.
> wrote:
>> On 7/18/2012 8:49 AM, Jeff Trawick wrote:
>>> On Thu, Jun 14, 2012 at 1:49 PM, Claudio Caldato (MS OPEN TECH)
>>> wrote:
>>>> I have a
On 7/18/2012 8:49 AM, Jeff Trawick wrote:
> On Thu, Jun 14, 2012 at 1:49 PM, Claudio Caldato (MS OPEN TECH)
> wrote:
>> I have a dev available now so we are ready to start.
>>
>> I have been out of the loop for a while so I’ll start by looking at
>> https://issues.apache.org/bugzilla/show_bug.cgi?
On 7/15/2012 3:24 AM, Tom Browder wrote:
> On Sun, Jul 15, 2012 at 5:04 AM, Christophe JAILLET
> wrote:
>> Hi,
>>
>> looking around for static analysis tools, I arrived on a commercial software
>> that states that is has already found some mistakes in httpd.
>
> Christophe brings up a good point.
On 7/14/2012 9:42 PM, Gregg Smith wrote:
> On 7/14/2012 9:35 PM, Gregg Smith wrote:
>> On 7/13/2012 7:31 PM, William A Rowe Jr wrote:
>>> I dont care about EOL'ed XP users needing to provision it, but what is the
>>> group
>>> concensus about having 2008
On 7/30/2012 3:11 PM, Tim Bannister wrote:
> On 30 Jul 2012, at 23:00, William A. Rowe Jr. wrote:
>
>> Exactly my point. If you configure a utf-8 hostname, we know in fact it is
>> a punycode encoding of that value, which is why I believe it makes sense to
>> represen
On 7/14/2012 4:20 AM, Eric Covener wrote:
> On Fri, Jul 13, 2012 at 10:31 PM, William A Rowe Jr
> wrote:
>> With 2.4... once we clear up the socket misbehavior in AcceptFilter none
>> node, its time to reinvent the msi installer.
>>
>> First question before us is
On 7/30/2012 2:47 PM, Reindl Harald wrote:
>
>
> Am 30.07.2012 22:54, schrieb William A. Rowe Jr.:
>> What is less clear is what precautions we should take when functioning as
>> a forward proxy with proxy uri string contents, or presenting user-provided,
>> non-canon
On 4/7/2012 2:59 AM, Tim Bannister wrote:
> On 7 Apr 2012, at 07:33, William A. Rowe Jr. wrote:
>
>> So we have live registrars, no longer "experimental", who are now
>> registering domains in punycode. Make of it what you will.
>>
>> Do we want to recog
With 2.4... once we clear up the socket misbehavior in AcceptFilter none
node, its time to reinvent the msi installer.
First question before us is host scripting language. One option is utf8
enabled awk and custom dll's as in the 2.2 package.
Another option with one downside is to script t
On 6/29/2012 6:25 PM, Chris Darroch wrote:
>
> If this looks OK, I'd love to commit and move on to the next
> patch ... assuming I can keep paddling near the shore and avoid those
> dangerous undertows! Thanks and cheers,
Looks sensible to me.
On 6/24/2012 3:34 AM, Stefan Fritsch wrote:
> On Sunday 24 June 2012, Graham Leggett wrote:
>>
>> Ideally, like we have a generic synchronous encryption API, we
>> should have a generic hash API too, so that the user can use
>> whatever hash that the underlying toolkit provides.
>
> I rather like
On 6/23/2012 3:42 PM, Stefan Fritsch wrote:
>
> bcrypt [1] and scrypt [2] seem to be much more difficult to port to
> hardware or GPUs than sha256/512_crypt [3-5]. We can't make the
> operation too expensive on normal CPUs or we create a DoS problem if
> someone does lots of requests with wrong
On 6/8/2012 10:55 AM, Daniel Gruno wrote:
> On 06/08/2012 05:45 PM, Joe Schaefer wrote:
>> Well not quite, we'd still have had a problem with storing and
>> archiving those logs even if we hadn't made them available to
>> committers, because they violate our password retention policies.
>
> My poi
On 6/7/2012 1:56 PM, Jeff Trawick wrote:
> On Thu, Jun 7, 2012 at 2:18 PM, William A. Rowe Jr.
> wrote:
>> On 6/6/2012 2:46 PM, Jeff Trawick wrote:
>>> On Tue, May 29, 2012 at 1:36 PM, Daniel Shahaf
>>> wrote:
>>>>
>>>> Perhaps it woul
On 5/10/2012 7:18 AM, Rich Bowen wrote:
>
>>
>> 1) Are the 2.0 docs at their end-of-life soon? (or should this be
>> declared by dev@?)
>
> This should be based on statistics, not gut feelings. However, my gut feeling
> is that the
> time is nigh. How long has it been since 2.2.0?
If we agree t
On 5/3/2012 6:14 PM, Igor Gali? wrote:
>
> - Chris Darroch wrote:
>>
>> Hence this patch, which adds a UseCanonicalName XHost option in
>> which X-Forwarded-Host is checked first, and if non-blank, is used
>> in place of Host to determine the server name. (The Host header is
>> left as-is, th
On 5/3/2012 5:57 PM, Chris Darroch wrote:
>
> Hence this patch, which adds a UseCanonicalName XHost option in
> which X-Forwarded-Host is checked first, and if non-blank, is used
> in place of Host to determine the server name. (The Host header is
> left as-is, though.)
That describes your use
On 5/6/2012 4:39 PM, Joe Schaefer wrote:
> Over on docs@ one of the recent conversations was
> around moving the site documentation to the CMS,
> starting first with the httpd site as a testbed.
> After several hours of hacking on the site that
> has now been accomplished, so we'd please like every
On 5/3/2012 10:39 AM, Guenter Knauf wrote:
>>
>> Vote:
>> [x] change gen_test_char.c to always compile without APR
>> [ ] leave it as it is because ...
> just for the records (and to pop up this again now one week latter) here's my
> own vote;
> then so far sf, wrowe and me +1 for the change and n
> Vote:
> [X] change gen_test_char.c to always compile without APR
for 2.4 forwards.
On 5/3/2012 8:47 AM, Jim Jagielski wrote:
> I'm curious what the status of 2.4.x-on-Windows is... What else
> can we do to speed this along?
Can't speak for anyone but myself; I am just recovering from a month of
changing machines
over and over again due to a dead critical/primary laptop. Now th
On 5/1/2012 7:03 PM, Fred Moyer wrote:
> On OS X 10.7, gcc 4.2.1, with apr-1.4.5 and apr-util 1.4.1, I
> encounter the following error attempting to build httpd 2.4.2. I
> didn't see any architecture specific code in
> srclib/apr/include/apr_file_info.h. Any thoughts?
>
> ./configure --prefix=/Use
On 5/1/2012 4:00 PM, Guenter Knauf wrote:
> Hi Eric,
> Am 01.05.2012 16:30, schrieb Eric Covener:
>> Even 2.0 seems to just generate libmod_foo.exp then pass the generated
>> file to the linker, but I wouldn't go out of your way removing them
>> from 2.0 and 2.2 if they aren't bothering anyone.
> h
I hope many of you already saw this and might be considering attending
to present whatever short topics you would like during the BarCamp about
our projects!
I'd asked and there is no plan -yet- for any Hackathon activity, but Tim
indicated it might be able to happen. Would anyone be up for a Hac
On 4/29/2012 6:25 PM, Guenter Knauf wrote:
> Am 29.04.2012 22:59, schrieb Eric Covener:
>> AFAICT AIX/libtool uses export files generated during the build, but
>> does not use the checked in ones.
> well, thats the point: if those in svn were used then a lot would be missing
> since all
> newer mo
1601 - 1700 of 6469 matches
Mail list logo