httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <>
Subject updated status for 1.2b7
Date Sun, 16 Feb 1997 00:38:51 GMT
I have tried to update this to current status.  Please let me know what I
have missed.

1.2b7 status as of Sat Feb 15 17:33:30 MST 1997:

  * Committed since 1.2b6:
	* FIN_WAIT_2 page to documentation
	* mod_info corruption bug
	* mod_rewrite sizeof() bug
	* allow keepalive on 304 responses
	* full headers on 2xx or 3xx status
	* fix extra CRLF -> buffers not flushed problem
	* output all HTTP/1.1 header fields on responses
	* mod_info bug fix for if sizeof(char) != 1, not that that can
	* fix for Rlimit* giving a SEGV when given only one argument
	* mod_rewrite update
	* suexec free()ing memory while still needed
	* httpd_monitor now understands current scoreboard format
	* tweak byteserving code to work around Netscape bug (PDF plugin)
	* autocreate Makefile in support directory
	* be sure to kill timeout in util_script
	* Bad handling of lang_index == -1 in is_variant_better()
	* handle_multi() doesn't return content_language of negotiated file (breaks old code).
	* directory redirect now returns 302  instead of 301
	* fix util_snprintf and unsigned ints on Alpha
	* fix conflicting definitions for is_proxy_available
	* fix problem with mod_cgi generated internal redirects trying
	  to read the request message-body twice.
	* reduce timeout on lingering close and remove blocked read
	* add content-length header to multipart/byterange responses
	* HI-UX patch
	* chunked encoding performance improvements
	* Dean's other perf improvements
	* suexec fixes (NFS, portability, array overrun)
	* fix mod_status display
	* log errors from call_exec
	* fix core dump when documentroot is CGI
	* use pfopen/pfclose in mod_asis and http_core
	* fix SEGV if r->per_dir_config not initialized
	* A/UX and SCO3 timeval cleanups
	* fix CGI outputting Location
	* remove unused pcalloc in call_exec
	* don't disable Nagle if no TCP_NODELAY
        * core dump in sub_req_lookup_file() if invalid directive in .htaccess 

Agenda for 1.2b7-dev

Patches ready for testing, voting:

  * Roy's big fixes to main loop, lingering_close patch

  * fix vbprintf and NULL pointers
	Status: Ken posted patch, +1 Marc

  * update bug report page to not have email form
	Status: +1 Roy, Dean, Marc (but some changes suggested), patch
		reposted with changes.  Needs input from people handling
		current bug reports.
	New status: reposted, still need input from people handling bug
		reports via mail right now.  

  * mod_include is slow.  Marc posted an output buffering patch
    that shouldn't help but does.

  * Satisfy Any can be changed if .htaccess exists
        If you give Satisfy Any in access.conf for a particular directory,
        and have a .htaccess in that directory, Satisfy mode reverts
        to Satisfy All even if the .htaccess has _no_ authentication

	Status: Ed posted patch, +1 from Paul Sutton, Dean

  * user and server get confused over what should be a virtual host
	and what is the main server, resulting in access to something
	other than the name defined in the virtualhost directive (but
	with the same IP address) failing.  
		Status: should be looked at, may not be a nice way to fix 
			since it is likely not technically a bug.

	New status: Dean posted patch, Ben +1-but-hasn't tested, may
		or may not be whole problem, Randy +1.

  * fix -Wall warnings in regex library
	Status: patch posted, Roy +1 Marc likes idea but needs a little work

  * add setlocale (PR#76)
	Status: ken posted patch, Marc scared...  Leave the whole thing
		for after 1.2?

  * Dean's rfc2068 fixes (several parts)
	Status: Roy +1 (on only one part?)

  * Roy's don't propogate EXTRA_CFLAGS to regex
	Status: Alexei -1, alternate solution?

  * fixing server-generated HTML [Ken]
	Status: Chuck, Roy says DTD wrong.  Perhaps just rest of patch
	but no DOCTYPE?

  * correct irix 5.3 -Wall warnings
	Status: Dean posted patch, Marc +1

  * server can hang on HUP
	Status: Marc posted patch, -1 Chuck because of sleep(2)... but I 
	don't like the alternatives.

  * infinite loop in mod_imap due to parsing bug
	Status: marc posted another patch

Should be done or at least looked at before 1.2b7:

  * status report shows PIDs in empty slots, user supplied some sort 
    of patch
    Message-ID: <>

  * status module available from .htaccess files

  * MSIE and byte ranges.  Sigh.

  * let's fix the Solaris 2.6 and HPUX getwd junk the right way.  
    Either get rid of the (one) call to getwd or use ap_getwd and 
    #define it appropriately in conf.h

  * CGIs don't get PIPE under FreeBSD; under Solaris they get a TERM
    and then a PIPE in close succession.  Hmm.  Marc will look when
    he gets a chance.

  * redo lingering_close to check for old sockets to close out before
    accept() in child.  
	Status: Marc will look into

  * if "options IncludesNOEXEC" set in directory, no CGI will work
    Message-Id: <>

  * Solaris "accept: Too many levels of remote in path" [marc]

  * possible proxy timeout problem [rasmus]

  * escaping '{''s in SSI has changed.  Bug?
    Message-ID: <>

  * <!--#exec cmd="prog args\ with\ spaces"-->
    doesn't work anymore. It passes THREE arguments
    to prog ("args", "with" and "spaces), instead of
    ONE argument ("args with spaces"). []  

  * Questionable performace of  mod_dir() with negotiation
  * invoke_handler() doesn't handle mime arguments in content-type

  * Memory hog in handle_multi()

  * Variant list in r->notes is deleted if request is comming through mod_dir()

  * handle_multi() doesn't copy request headers for negotiated request

  * If start twice, overwrites the PID file PR#152

  * some better suexec docs would be really nice, detailing some of the
    security risks and compromises discussed
	Status: I think Randy said something about doing it at one point,
		but no one can write what  I think should be there better
		than me, if I ever have time.  Randy says he thinks 
		Jason is perhaps doing them.

  * identitycheck and hostnamelookups not allowed in .htaccess but
    documentation says they are.  Update the documentation or perhaps
    make them work as documented.

  * redirect of index file causes SEGV [Marc]
	Status: have a way to stop the core dump, but that doesn't make
	it work properly.
	See also: Message-ID: <>

  * 64-bit issues; general cleanup, sizeof(void *) != sizeof(int)

  * Randy says "seems that the processes on a Unixware machine are
    eventually all dying off. Mind you, I have not seen this, but
    that is what is being reported.  Sounds like perhaps the server is not 
    respawning new children after MaxRequestsPerChild has been reached."

  * mod_proxy returns incorrect results when given a 'Location:'
    redirect (PR#137)

  * http_request.c: directory_walk() misses some <Directory ...> directives
    (PR#131).  I'm not sure the way things are done is really incorrect, 
    but should be looked at.

  * error compiling on NeXT:
	In file included from http_main.c:108:
	/NextDeveloper/Headers/bsd/netinet/tcp.h:57: duplicate member `th_off'
	/NextDeveloper/Headers/bsd/netinet/tcp.h:58: duplicate member `th_x2'

	Status: unknown, NeXT versions may be hell to figure out

  * Marc says Apache won't compile with HAVE_SNPRINTF defined as things
    are now because not everything includes conf.h.
       Status: Fix it when we have a platform which has snprintf.  Jim
	will look at; perhaps just include conf.h everywhere

  * warnings in regex
       Status: Roy would like to see this fixed since it makes Apache
               a mess on Solaris when using -Wall.  Roy will make patch.

  * warning on SunOS4, http_log.c:164, pointer from int without cast
       Status: Marc analyzed

  * Solaris 2.6 apparently has a getwd() or getcwd() prototype, see PR#89,153
       Status: easy to fix, but will require testing by 2.6beta person
       Status: moving unistd.h include earlier fixes it, Roy posted 
	patch, but is it the best fix?

  * new header_parse API hook is called too often
       Status: RobH posted patch, had second thoughts.  He
       suggests that mod_browser be optimised by detecting if it has been
       called already and returning early if it has.

  * lingering_close generates the following error message
      shutdown: Transport endpoint is not connected - lingering_close
    using 1.2b6 (only a few a day).  I think this is what 
    happens when a client disconnects during transmission, which
    is a normal condition for web servers.  I suggest not logging
    an error if errno == ENOTCONN.
      Marc says that this may not be "normal", it may be if the client
    sends a RST to terminate the connection (as per recent discussion on
    end2end-interest) and it gets here before we get to that point in
       Status: no patch, waiting to see if it it improves debugging.

  * accept errors EPROTO and ECONNABORTED should not be logged
       Status: no patch, ditto above, but will require ifdefs
       New status: oops, looks like Marc didn't look at it close enough.
		   Probably no patch needed.

  * SO_DEBUG in proxy_ftp.c may not be portable, see PR 116, 104
       Status: Chuck says it is a leftover, will fix

  * bugs in mod_negotiation (serious)
       Status: reported by on Jan 6 to apache-bugs.
               It is a very good, detailed report with patches.

  * 3 seconds delay in CGI execution on SunOS 4.x, see PR 122
       Status: no patch.
       Info: Pages containing script output show up with a delay of 3
             seconds (there was no such delay in Apache 1.1.1). 
             [] tracked the problem down to
             source file alloc.c, function free_proc_chain. This function
             contains a conditional call to sleep(3), which causes the delay.

       for (p = procs; p; p = p->next) {
          if (p->kill_how == kill_after_timeout) {
            /* Subprocess may be dead already.  Only need the timeout if not. */
            if (kill (p->pid, SIGTERM) != -1)  
              need_timeout = 1;
          } else if (p->kill_how == kill_always) {
            kill (p->pid, SIGKILL);
        /* Sleep only if we have to... */
        if (need_timeout) sleep (3);

        [RobH: So CGI included as SSI hangs around for longer and needs
               to be SIGTERM'ed.  Why?]

        [Roy: note also that a call to sleep will blow-out any other timeout]

Planning/design items:

    * Should we change the default timeout of 1200?
	Status: discussion ongoing, +1 concept Jim, Randy, Marc

    * do we want a half-hearted attempt at fixing logfile opening security
	Status: Jim & Randy say no  How about check to be sure directory
		is owned by the user that started httpd and not group
		or world writable?

    * should the bug report page be in CVS?  Should it be in the htdocs
      tree or a seperate place?  Should it be distributed with Apache?
      The same holds for everything on the Apache web site.  Marc would
      like to see it all in CVS, but not necessarily distributed
      with Apache.

    * should perhaps start to think about exactly how we want to 
      handle contrib patches/programs in 1.2.  Directory on the web site?  
      Include in distribution?

Contrib stuff / future:

    * Chris Adams <> patch to mod_log_config to add %m
      and %c.

    * "Large groups cause authentication errors" on FreeBSD
      []; problem looks to be MAX_STRING_LEN buffer
      in groups_for_user.  

  * mod_log_config patch for conditional logging
	Status: contrib, not in server

    * Jim has patch for time taken to handle a request in status module

  * Ed has an updated patch for limiting connections per IP

  * mod_include is still slow.

  * Some mirrors are out-of-date, Brian will investigate

  * add some setlocale stuff?

View raw message