httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: Agenda for 1.2b7
Date Wed, 29 Jan 1997 16:34:57 GMT
1.2b7 status as of 0930 MST:

  * Committed since 1.2b6:
	* FIN_WAIT_2 page to documentation
	* mod_info corruption bug

  * Some mirrors are out-of-date, Brian will investigate

Agenda for 1.2b7-dev
====================
Patches ready for testing, voting:

  * mod_rewrite sizeof() bug
	Status: marc posted patch; no commit without +1s, no +1s


Should be done before 1.2b7:

  * mod_log_config patch for conditional logging
	Status: contrib, not in server

  * user and server get confused over what should be a virtual host
	and what is the main server, resulting in access to something
	other than the name defined in the virtualhost directive (but
	with the same IP address) failing.  
		Status: should be looked at, may not be a nice way to fix 
			since it is likely not technically a bug.

  * closing connections on 304 responses
	Status: Dean posted patch, Alexei +1

  * Improvements in chunked performance by reducing buffer count sent
       Status: no patch; Dean may do

  * conflicting definitions for is_proxy_available
	status: marc posted patch, on hold until see about latest
	version?

  * http_monitor doesn't understand scoreboard format (PR#134)
	Status: Paul Sutton posted patch 9 Jul(!); probably needs a 
	repost and some +1s.

  * Satisfy Any can be changed if .htaccess exists
        If you give Satisfy Any in access.conf for a particular directory,
        and have a .htaccess in that directory, Satisfy mode reverts
        to Satisfy All even if the .htaccess has _no_ authentication
        directives.

  * Apache doesn't output the full headers on a 2xx or 3xx status
       If Apache returns a 2xx or 3xx status it does not output all
       the response headers it should do. This patch also updates the
       headers it outputs to match HTTP/1.1.
       Patch mailed on 3 Nov. [Paul Sutton]

       Status: Paul reposted patch


  * try to integrate Ralf's mod_rewrite source with that in the Apache
    tree and upgrade source in apache tree to latest(?)
	Status: need to know how much is changed

  * error compiling on NeXT:
	In file included from http_main.c:108:
	/NextDeveloper/Headers/bsd/netinet/tcp.h:57: duplicate member `th_off'
	/NextDeveloper/Headers/bsd/netinet/tcp.h:58: duplicate member `th_x2'

	Status: unknown

  * suexec sets environ to local variable, possibly to overwrite
    memory by too many environ variables

	status: Jason looking at it; patch soon, also needs patching
	in server

  * clients sending extra CRLF after post; buffers not flushed
		status: Dean posted "take 2" patch

  * infinite loop in mod_imap due to parsing bug
		status: Marc found problem, wants input on which way to solve

  * _const in mod_rewrite.c
		status: removed in latest version from Ralph, upgrade?
  

  * Marc says Apache won't compile with HAVE_SNPRINTF defined as things
    are now because not everything includes conf.h.
       Status: Fix it when we have a platform which has snprintf.


  * warnings in regex
       Status: Roy would like to see this fixed since it makes Apache
               a mess on Solaris when using -Wall.

  * warning on SunOS4, http_log.c:164, pointer from int without cast
       Status: Marc analyzed

  * core dump if an error in .htaccess & subrequest
       Status: no patch yet
       Info: <lampa@fee.vutbr.cz> reports that if sub_req_lookup_uri() is
             called, then per_dir_config in subrequest is not initialized
             until directory_walk is done. If any error is encountered during
             this time, log_reason() will core dump, since it calls
             get_remote_host() with r->per_dir_config. 
       Solution: Initialize per_dir_config in set_sub_req_protocol()
             (see initialization of regular request in read_request()!).

  * Solaris 2.6 apparently has a getwd() or getcwd() prototype, see PR#89
       Status: easy to fix, but will require testing by 2.6beta person

  * suexec setuid() before directory checks for nfs mounted filesystems, PR#70
       Status: no patch yet

  * MAXPATHLEN undefined in suexec on some systems
	Status: randy looking into it(?)

  * new header_parse API hook is called too often
       Status: RobH posted patch, had second thoughts.  He
       suggests that mod_browser be optimised by detecting if it has been
       called already and returning early if it has.

  * lingering_close generates the following error message
      shutdown: Transport endpoint is not connected - lingering_close
    using 1.2b6 (only a few a day).  I think this is what 
    happens when a client disconnects during transmission, which
    is a normal condition for web servers.  I suggest not logging
    an error if errno == ENOTCONN.
      Marc says that this may not be "normal", it may be if the client
    sends a RST to terminate the connection (as per recent discussion on
    end2end-interest) and it gets here before we get to that point in
    lingering_close.
       Status: no patch, waiting to see if it it improves debugging.

  * accept errors EPROTO and ECONNABORTED should not be logged
       Status: no patch, ditto above, but will require ifdefs

  * directory redirect returns 302 not 301, see PR 77
       Status: easy to fix, but will require testing

  * SO_DEBUG in proxy_ftp.c may not be portable, see PR 116, 104
       Status: Chuck says it is a leftover, will fix

  * bugs in mod_negotiation (serious)
       Status: reported by lampa@fee.vutbr.cz on Jan 6 to apache-bugs.
               It is a very good, detailed report with patches.

  * 3 seconds delay in CGI execution on SunOS 4.x, see PR 122
       Status: no patch.
       Info: Pages containing script output show up with a delay of 3
             seconds (there was no such delay in Apache 1.1.1). 
             [rindfuss@medea.wz-berlin.de] tracked the problem down to
             source file alloc.c, function free_proc_chain. This function
             contains a conditional call to sleep(3), which causes the delay.

       for (p = procs; p; p = p->next) {
          if (p->kill_how == kill_after_timeout) {
            /* Subprocess may be dead already.  Only need the timeout if not. */
            if (kill (p->pid, SIGTERM) != -1)  
              need_timeout = 1;
          } else if (p->kill_how == kill_always) {
            kill (p->pid, SIGKILL);
          }
        }
 
        /* Sleep only if we have to... */
  
        if (need_timeout) sleep (3);

        [RobH: So CGI included as SSI hangs around for longer and needs
               to be SIGTERM'ed.  Why?]

        [Roy: note also that a call to sleep will blow-out any other timeout]



Planning/design items:

    * Should we change the default timeout of 1200?
    * do we want a half-hearted attempt at fixing logfile opening security
      holes?  


Mime
View raw message