;https://svn.apache.org/repos/asf/httpd/httpd/tags/tags/2.4.61-rc1-candidate>
and at <https://github.com/apache/httpd/tree/2.4.61-rc1-candidate>.
+1 Fedora 40
Thanks for all the hard work !!
Giovanni
OpenPGP_signature.asc
Description: OpenPGP digital signature
httpd-2.4.60-rc4.tar.gz
sha512:
4e2a72b4f66bd3436222bd44940ae248e8423551ab78a803ce001feddf521ec2f85bddd678b2368ac1f0ec50045848b3ff1ff7579e73d407cf33605068c5
*httpd-2.4.60-rc4.tar.gz
The SVN candidate source is found at tags/2.4.60-rc4-candidate.
+1 on OpenBSD 7.5 and Fedora 40
Thanks for RMing.
Giovanni
OpenPGP_sign
candidate tarball httpd-2.4.59-rc1 as 2.4.59:
+1
tested on OpenBSD 7.5 (LibreSSL 3.9.0) and Fedora39
Thanks for RMing
Giovanni
OpenPGP_signature.asc
Description: OpenPGP digital signature
ilds and works fine on OpenBSD 7.4 and Fedora 38.
Thanks for the RM.
Giovanni
OpenPGP_signature.asc
Description: OpenPGP digital signature
On Wed, Jun 07, 2023 at 06:19:13PM +0200, Yann Ylavic wrote:
> On Wed, Jun 7, 2023 at 4:36 PM Ruediger Pluem wrote:
> >
> > On 6/7/23 1:56 PM, Yann Ylavic wrote:
> > > Hi Giovanni;
> > >
> > > On Wed, Jun 7, 2023 at 12:02 AM wrote:
> > >>
&
rsion to Git and leverage the
features of Github (for now Actions and PR).
Thanks for calling the vote
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
ub would also make the project more attractive for others contributions
I think.
So, even if I personality really don't care for myself, I would +1 the sake of
the project.
+1 for me to switch to git, code review will be easier.
Just a question, how will security diffs be managed in Gi
f (!tmp_sockname)
+return DECLINED;
I think we should log an error before we return as in this case the cgi daemon
will not start.
correct, just added a ap_log_error line, thanks.
Thanks
Giovanni
if (strlen(tmp_sockname) > sizeof(server_addr->sun_path) - 1) {
httpd-2.4.57-rc1.tar.gz
sha512:
730560d4aab3699aa59716bb75858f8432a902aeab3c380b4d3e0f6813e9ae4e278d3b7fdf63a4e94c07b5100933d8684d76f6095f3d60d48ea0f1458c9ed0b4
*httpd-2.4.57-rc1.tar.gz
The SVN candidate source is found at tags/2.4.57-rc1-candidate.
+1
tested on Fedora 37 and OpenBSD 7.3
Thanks of RMing
Giovanni
OpenPGP_signatur
h the above. This was already true for the expression in the commit.
> But for SSL_do_handshake only the return value 1 indicates success, all
> values <= 0 indicate failure.
> https://www.openssl.org/docs/man1.1.1/man3/SSL_do_handshake.html
> Hence the proposal would be
>
> if (!SSL_renegotiate(ssl) || (SSL_do_handshake(ssl) != 1) ||
> !SSL_is_init_finished(ssl))
>
good catch, thanks.
Giovanni
> >
> >> ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02225)
> >>"Re-negotiation request failed");
> >> ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, r->server);
> >>
> >>
> >>
> >
>
> Regards
>
> Rüdiger
>
thub: closes #182
Hi Giovanni, thanks for taking care of the PRs, that is really great to
see.
FYI when you are committing code written by someone else it is customary
to include "Submitted by:" in the commit message to give them due
credit, like:
Submitted by: Name of Person
will
On 3/10/23 16:33, Eric Covener wrote:
Saw another report on users@
Any thoughts on something like this to just allow spaces?
http://people.apache.org/~covener/patches/rewrite-lax.diff
that makes sense, any other possible char that we should allow other then
spaces ?
Giovanni
(this is
ould have fixed it) and a
literal with a space in the substitution has to be quite rare (famous last
words)
I wonder how many websites might have a snippet similar to:
RewriteRule ^/search/(.*)$ /search.php?term=$1 [PT,L,QSA]
Giovanni
I just looked at the mod_rewrite.c source differen
httpd-2.4.56-rc1.tar.gz
sha512:
68b1e8c3e3436e6947c0ccfeee6fea83254560e4d43bddbc79a4206d804a6dda6662cf5734e0b2f4019ab5c1fff40141a16dd7698e8fe72b7fd343fbebd42724
*httpd-2.4.56-rc1.tar.gz
+1
tested on Fedora 37 and OpenBSD 7.2 and 7.3-beta
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
on OpenBSD 7.2 and CentOS8-Stream (x86_64),
thank you for RMing.
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
-
Is this considered a blocker ?
This can be workarounded by building with different "-Werror" options.
Giovanni
signature.asc
Description: PGP signature
On 11/8/22 11:14, Joe Orton wrote:
The Project Management Committee (PMC) for the Apache HTTP Server has
invited Emmanuel Dreyfus to become a committer and we are pleased to
announce that they have accepted.
Welcome, Emmanuel!
Welcome Emmanuel, glad to see you here.
Giovanni
kaddr_info_get(&sa, hostname, APR_UNSPEC, port, 0,
>> p);
>> +stat = apr_sockaddr_info_get(&sa, hostname, APR_UNSPEC,
>> port, 0, p);
>> +if (stat != APR_SUCCESS) {
>> + ap_log_perror(APLOG_MARK, APLOG_CRI
OpenBSD-current.
Giovanni
> Otherwise, speak up!
>
> Kind Regards,
> Stefan
>
>> Am 07.06.2022 um 12:00 schrieb Stefan Eissing :
>>
>> +1 from me on my macOS machine.
>>
>>> Am 07.06.2022 um 10:58 schrieb Joe Orton :
>>>
>>> On M
4.54-rc2.tar.gz
>
> The SVN candidate source is found at tags/2.4.54-rc2-candidate.
>
+1
tested on Fedora 36, OpenBSD 7.1 and OpenBSD-current
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
ource is found at tags/2.4.53-rc2-candidate.
>
+1 from me, works on OpenBSD 7.0, 7.1-beta and Fedora 35.
Thanks
Giovanni
signature.asc
Description: PGP signature
reopen that thread/discussion because I'm pessimistic we can get
> > anywhere on it.
>
> I think we are far beyond that point where staying with svn/bugzilla is
> actively
> hurting the project for little or no benefit.
>
> I'd +1 a switch just to get real issue management and PRs.
>
+1 to switch.
Giovanni
signature.asc
Description: PGP signature
ags/candidate-2.4.52-rc1.
>
> Kind Regards,
> Stefan
>
+1 for release,
works fine on Fedora 35, OpenBSD 7.0 and Debian 11.
Regards
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
ease out is better than definitely having no
> release IMO.
>
+1
let's try to cook a release.
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
2.4.50-rc1.tar.gz
>
> The SVN candidate source is found at tags/candidate-2.4.50-rc1.
>
> Kind Regards,
> Stefan
>
+1 for release, thanks for RMing.
All works fine on OpenBSD-6.9, OpenBSD-7.0 and CentOS8.
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
4.49-rc1 as 2.4.49:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
+1, works fine on Fedora 34 and OpenBSD 6.9.
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
rom me too to make test/ CTR for 2.4.x, let's make this a proper
> vote thread.
>
> (I would hold off a week or so on enabling the h2 tests in Travis for
> 2.4.x until we are confident they are stable in trunk CI runs)
>
+1
Regards
Giovanni
signature.asc
Description: PGP signature
eems
> like the kind of potential gadget in future desynch/smuggling kind of
> attacks that shouldn't be on by default today.
>
+1, httpd 0.9 is old enough and it's time to deprecate it.
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
;
> ## Reporting a Vulnerability
>
> For information on how to report a new security problem please see
> [here](http://httpd.apache.org/security_report.html)
> =
>
> Any objections?
>
On Wed, May 19, 2021 at 07:43:51PM +0200, Christophe JAILLET wrote:
> Le 18/05/2021 à 14:57, Giovanni Bechis a écrit :
> > On 5/18/21 1:53 PM, Joe Orton wrote:
> >> On Tue, May 18, 2021 at 01:30:25PM +0200, Ruediger Pluem wrote:
> >>>
> >>>
> &
On 5/18/21 1:53 PM, Joe Orton wrote:
> On Tue, May 18, 2021 at 01:30:25PM +0200, Ruediger Pluem wrote:
>>
>>
>> On 5/18/21 11:52 AM, Giovanni Bechis wrote:
>>> On 5/17/21 11:36 PM, Christophe JAILLET wrote:
>>>> Hi, all;
>>>> Please
> The SVN tag is '2.4.48' at r1889975.
>
-1 for me.
new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor
EVP_PKEY_X448 are defined.
I have asked LibreSSL guys if they will add EVP_PKEY_* constants to evp.h.
Giovanni
The following patch is a workaroun
> The SVN tag is '2.4.47' at r1889091.
>
+1, works fine on Fedora33 and OpenBSD 6.9.
Thanks for taking up the RM.
Giovanni
OpenPGP_signature
Description: OpenPGP digital signature
headers_out, "Content_Encoding");
> + apr_table_unset(r->headers_out, "Content_Length");
> + apr_table_unset(r->headers_out, "Content_MD5");
> + apr_table_unset(r->headers_out, "Content_Range");
> + apr_table_unset(r->headers_out, "ETag");
> + apr_table_unset(r->headers_out, "TE");
> + apr_table_unset(r->headers_out, "Trailer");
> + apr_table_unset(r->headers_out, "Transfer_Encoding");
>
> Maybe I am missing some context, but header names use dash, not underscore.
> I.e Content-Encoding, not Content_Encoding.
>
fixed in r1881624, thanks.
Giovanni
.4.46.tar.gz
>
> The SVN tag is '2.4.46' at r1880505.
>
+1, tested on Fedora32 and OpenBSD-current.
Giovanni
SVN tag is '2.4.45' at r1880411.
>
+1, builds and works fine on Fedora 32 and OpenBSD current.
Thanks for the release
Giovanni
gt; -return APR_SUCCESS;
>> +return (j && *pjson) ? APR_SUCCESS : APR_EINVAL;
>> }
>>
>> static size_t load_file_cb(void *data, size_t max_len, void *baton)
>
> This does not seem to hurt, but how does it help? json_create() always
> succeeds in our server, since failed pool allocations lead to an abort. Did I
> miss something?
>
there is similar code in md_json and it doesn't hurt at least.
Giovanni
sl calling getpid() and time() it is IMO far better to fail to
> start up.
>
> So maybe we should still call RAND_status() and fail startup if the PRNG
> is not initialized correctly?
>
I think we should fail startup, it's better to fail then to give the user a
false sense of security and use a poor PRNG.
Giovanni
> bash uses '=' for the default value too, looks quite readable/meaningful to
>> me..
>
> '=' seems to be a good candidate as I would suppose that it is rarely used in
> variable names.
>
I like both the idea and the '=' choice, +1.
Giovanni
0|1;
>>goto cleanup;
>> ?
>
>Would look like the attached, FWIW..
+1, best of both words.
Giovanni
It reads ok, I think there could be other cases later in the code where
X509_free(issuer) should be called (after if(cinf) IMHO).
Giovanni
On 4/7/20 9:36 AM, Stefan Eissing wrote:
> Oops. Reading my merged change, I see that we do not free the "X590 *issuer"
&g
[ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
Works fine on both Fedora 31 and OpenBSD 6.6-current.
Thanks
Giovanni
r new releases, PMCs MUST supply SHA-256 and/or SHA-512"
(https://www.apache.org/dev/release-distribution#sigs-and-sums).
Giovanni
r,
> > - "token: '%s' - q: '%s'", token, q);
> > + "token: '%s' - q: '%s'", token ?: "NULL", q);
>
> Is this syntax standard? This looks like a GNU extension
show_bug.cgi?id=64178.
Giovanni
in this draft:
"A host MAY keep an idle connection open for longer than the time that it
indicates, but it SHOULD attempt to retain a connection for at least as long as
indicated."
https://tools.ietf.org/id/draft-thomson-hybi-http-timeout-01.html#keep-alive
Regards
Giovanni
> Or is it exactly the other way around? Does event close it after
> x s - 100 ms and hence earlier than announced?
>
> Regards
>
> Rüdiger
>
On 2/14/20 6:05 PM, Marion & Christophe JAILLET wrote:
> Hi,
>
> purely speculative, but does a:
> apr_table_set(headers, "Connection", "close");
>
> around line 812 of md_oscp.c also makes sense?
>
I think it makes absolutely sense.
G
47 matches
Mail list logo