httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chuck Murcko <ch...@topsail.org>
Subject Re: [TAO] the status flows on
Date Thu, 06 Mar 1997 06:16:11 GMT
Dean Gaudet wrote:
> 
> 1.2b8 status as of Wed Mar  5 13:54:08 PST 1997
> 
>   * Committed since 1.2b7:
> 
>     * HP MPE/iX fixes
>     * replace bcopy with memmove for ANSIfriendliness
>     * UXP/DS(V20) port
>     * MachTen fine tuning
>     * PR#186: Make declaration of add_env_variable agree with definiton.
>     * PR#210: Missing semicolon.
>     * Correctly handle Swedish filenames
>     * buff.c header include fixes
>     * create_argv() fixes
>     * remove cleanups from bpushfd()
> 
> Agenda for 1.2b8-dev
> ====================
> 
> Ready for committing:
> 
>     * Ken's [PATCH] fixup for missing header_parser slots in modules
>         Message-Id: <97022418312686@decus.org>
>         Missed mod_proxy, but Chuck already committed a fix for that.
>         Status: Chuck +1, Dean +1, Marc +1
> 
> Patches available:
> 
>     * charset mod_neg iso-8859-1 fixup
>         Message-ID: <Pine.LNX.3.95.970220120145.7803B-200000@aardvark.localnet>
>         Status: Paul posted patch, Dean +1

+1 here. Works.

> 
>     * Marc's [PATCH] support/Makefile.tmpl and LIBS (fwd)
>         Message-ID: <Pine.BSF.3.95.970225181855.23741S-100000@alive.znep.com>
>         Status: Dean +1

Ditto. +1.

> 
>     * user and server get confused over what should be a virtual host
>         and what is the main server, resulting in access to something
>         other than the name defined in the virtualhost directive (but
>         with the same IP address) failing.
>                 Status: should be looked at, may not be a nice way to fix
>                         since it is likely not technically a bug.
> 
>         Status: Dean posted patch, Ben +1-but-hasn't tested, may
>                 or may not be whole problem, Randy +1.
> 
>         New Status: Ralf posted s [PATCH]: mod_rewrite 3.0.0 RELEASE
>             Message-Id: <199703051948.UAA00874@en1.engelschall.com>
>         This patch supercedes the mod_rewrite portion of Dean's patch.
> 
>         So Dean posted a combined patch:
>             Message-ID: <Pine.LNX.3.95dg2.970305135026.6656N-100000@twinlark.arctic.org>
> 
>     * Petr's [PATCH] PR#160 -- invoke_handler() doesn't handle mime arguments
>         Message-ID: <Pine.LNX.3.95dg2.970219231621.30416I-200000@twinlark.arctic.org>
>         Status: Dean +1, Randy +1

+1. Also works.

> 
>     * Marc's [PATCH] log long headers
>         Message-ID: <Pine.BSF.3.95.970226193239.2526D-100000@alive.znep.com>
>         Status: Chuck +1, Dean +1
> 
>     * Ken's [PATCH] PR#146,187 is_url() not HTTP/1.1 conformant
>         Message-Id: <97022713073856@decus.org>
>         Status: Dean +1

Seems OK here. +1.

> 
>     * Dean's patch for [BUG]: "ErrorDocument appears to break in 1.2b7"
>             on Solaris 2.x
>         and [BUG]: "errordocument gets overriden" on Irix
>         Message-ID: <Pine.LNX.3.95dg2.970226000702.27668A-100000@twinlark.arctic.org>
>         Posted, one bug reporter says it works fine.  Ken +1.
>         This one should probably go up on a "patches for 1.2b7" page.
> 
>     * memory management goof in alloc.c
>         Message-ID: <Pine.NEB.3.95.970226155556.322J-100000@localhost.imdb.com>
>         Status: Patch from Kai Risku <krisku@tf.hut.fi>

This is serious, and the patch works. +1.

> 
>     * Garey's PR #59 fix for OS/2
>         Message-Id: <9703030137.AA0292@main.slink.com>
>

+1, but all I can say is it doesn't break anything here. Any OS/2 folks
trying this out?
 
>     * multiviews not behaving properly with path info (PR#40)
>         Petr posted an explanation that this is probably
>         not a bug, but just not sufficient logging.
>         Dean agrees, and posted a patch:
> 

OK here. +1.
       
<Pine.LNX.3.95dg2.970304142908.29145P-200000@twinlark.arctic.org>
> 
> No patches yet:
> 
>   * HPUX 10 select
> 
>   * 3 seconds delay in CGI execution on SunOS 4.x, see PR 122
>        Status: no patch.
>        Info: Pages containing script output show up with a delay of 3
>              seconds (there was no such delay in Apache 1.1.1).
>              [rindfuss@medea.wz-berlin.de] tracked the problem down to
>              source file alloc.c, function free_proc_chain. This function
>              contains a conditional call to sleep(3), which causes the delay.
> 
>        for (p = procs; p; p = p->next) {
>           if (p->kill_how == kill_after_timeout) {
>             /* Subprocess may be dead already.  Only need the timeout if not. */
>             if (kill (p->pid, SIGTERM) != -1)
>               need_timeout = 1;
>           } else if (p->kill_how == kill_always) {
>             kill (p->pid, SIGKILL);
>           }
>         }
> 
>         /* Sleep only if we have to... */
> 
>         if (need_timeout) sleep (3);
> 
>         [RobH: So CGI included as SSI hangs around for longer and needs
>                to be SIGTERM'ed.  Why?]
> 
>         [Roy: note also that a call to sleep will blow-out any other timeout]

Showstopper. Gotta fix this. We really *didn't* use to have this
problem.

> 
>     * SIGTERM to parent on UnixWare kills it but leaves children as
>       zombies, requiring reboot.  SIGHUP reloads it fine when it's
>       running
>       (no PR#, 1.2b6, 21/2/1997, <talbion@xl.ca>)

See comments below on UnixWare.

> 
>   * Marc has changed his mind and wants to have a check to be sure
>     log directory(ies) isn't writable by anyone except the user starting
>     the server.  The posting in bugtraq only highlites the problem.
>     Needs override.  See NCSA code for sample implem.
>         Status: Marc busy writing, Ed +1 on putting in to b7
> 
>   * wrong response to proxy request without proxy
>         Message-ID:  <9702201640.aa07198@paris.ics.uci.edu>

??? I have to find this one, and check it out.

> 
>   * redo lingering_close to check for old sockets to close out before
>     accept() in child.
>         Status: doesn't look to be overly clean to do in the current
>         framework.  Will not have time to do implementation for this
>         beta in any case.  If it turns out to be a big issue,
>         could go in later.  (1.2.1?)
> 
>   * CGIs don't get PIPE under FreeBSD; under Solaris they get a TERM
>     and then a PIPE in close succession.  Hmm.  Marc will look when
>     he gets a chance.
> 
>   * Solaris "accept: Too many levels of remote in path" [marc]
> 
>   * some better suexec docs would be really nice, detailing some of the
>     security risks and compromises discussed
>         Status: I think Randy said something about doing it at one point,
>                 but no one can write what  I think should be there better
>                 than me, if I ever have time.  Randy says he thinks
>                 Jason is perhaps doing them.
> 
>   * redirect of index file causes SEGV [Marc]
>         Status: have a way to stop the core dump, but that doesn't make
>         it work properly.
>         See also: Message-ID: <Pine.BSF.3.91.970210204402.12197B-100000@localhost.imdb.com>

Urgh. This is a showstopper. Lots of sites do this.

> 
>   * 64-bit issues; general cleanup, sizeof(void *) != sizeof(int)
> 
>   * Randy says "seems that the processes on a Unixware machine are
>     eventually all dying off. Mind you, I have not seen this, but
>     that is what is being reported.  Sounds like perhaps the server is not
>     respawning new children after MaxRequestsPerChild has been reached."

I believe Joe D. has the real answer to the UnixWare problems. I think
we should implement that, and add a docs section explaining the other
options those poor UWare guys should consider. I'll do this. The huge
SCO patch he mentions affects all kinds of system things.

> 
>   * error compiling on NeXT:
>         In file included from http_main.c:108:
>         /NextDeveloper/Headers/bsd/netinet/tcp.h:57: duplicate member `th_off'
>         /NextDeveloper/Headers/bsd/netinet/tcp.h:58: duplicate member `th_x2'
> 
>         Status: got a login in a NeXT OpenStep 4.x machine to test,
>         looks like an interaction between gcc and the header
>         files.  It is trying to include definitions for both big and
>         little endian platforms, and that no work.
> 
>   * Marc says Apache won't compile with HAVE_SNPRINTF defined as things
>     are now because not everything includes conf.h.
>        Status: Fix it when we have a platform which has snprintf.  Jim
>         will look at; perhaps just include conf.h everywhere
> 
>   * new header_parse API hook is called too often
>        Status: RobH posted patch, had second thoughts.  He
>        suggests that mod_browser be optimised by detecting if it has been
>        called already and returning early if it has.
>         Roy says see also the suggestion by Doug MacEachern regarding
>         addition of is_main_request() test so that any module can avoid this.
> 
>     * With no limits on <Directory />, a UserDir of "./" allows "~root/"
>       to walk down the entire filesystem.
>       (no PR#, 1.1.3, 21/2/1997, "Michael Douglass" <mikedoug@texas.net>)
>         - "don't do that", but should probably be noted in the UserDir
>           documentation and the Security Tips page.  That the default
>           access is "if the server can reach it, it can serve it" should
>           definitely be noted.  (<Directory> description and security
>           tips?)
>         - perhaps a future DisallowUserDir directive, a la ftp.deny,
>           listing usernames not accessible through ~name?
> 
>     * UnixWare 2.1.1 needs USE_FCNTL_SERIALIZE_ACCEPT to keep from
>       locking up.
>       (no PR#, 1.2b6, reported by <jrd@cc.usu.edu>)
>         - reporter says "UW 2.1.1 requires installation of UW patch
>           ptf3123 for proper operation of accept()".  The patch is
>           available from ftp.sco.com
>         - He also says that defining NO_LINGCLOSE reduces FIN_WAIT_2
>           incidences in this environment
>         - Chuck told the reporter "it" (presumably the USE_FCNTL define)
>           will be in 1.2b8, and info about the OS patch will be put in the
>           online docs.

That's right. I'll post a patch for USE_FCNTL_SERIALIZE_ACCEPT and add
docs somewhere appropriate for the NO_LINGCLOSE and the SCO patch. I'd
advise considering this the only definitive answer we have to the
UnixWare wackiness. Joe reports Apache running fine after he did this
stuff.

> 
>     * SIGHUP on Solaris 2.x causes server to die with "bind: Address
>       already in use" and "httpd: could not bind to address 131.188.2.47
>       port 80".  Server is Listen-ing on four IP addresses at port 80;
>       the one above is the last Listen directive.  Three virtual hosts
>       declared as well as main/default server.
>       (no PR#, 1.2b7, 24/2/1997, <Erich.Meier@informatik.uni-erlangen.de>)
>         - was also reported by same user against 1.2b4

This is nasty, too. It will probably crop up on other SVR4s. I'd
consider this a showstopper.

> 
>     * Type map can't find appropriate document for language on Solaris
>       2.x.  (I can't gistify this one; full details in message ID
>       <Pine.NEB.3.95.970224200751.8617F-100000@localhost.imdb.com>.)
>       Reporter has provided tar.gz file of config info.
>       (no PR#, 1.2b7, 24/2/1997, <ejr@cise.ufl.edu>)
> 
>     * Make of server fails during ld phase on AIX 3.2.5 with undefined
>       symbol ".flock"
>       (no PR#, 1.2b7. 24/2/1997, <weible@mail.pittstate.edu>)
> 
>     * <IMG SRC="a CGI"> crates [sic] zombies on FreeBSDLinux
>       (see <Pine.NEB.3.95.970225130439.346B-100000@localhost.imdb.com>
>       for the details; I'm not going to try to decode 'em)  Reporter
>       says hackers have told it the cause lies in an error in the loop
>       structure in alloc.c's fork()/signal()/wait() handling
>       (no PR#, 1.1.1/1.2.something (?), 23/2/1997, <sk@www.russia.net>)
>         - Marc said it *might* be related to the kindercide issue
> 
>     * unescape_url() doesn't convert "+" to " "
>       (no PR#, 1.2b7, 25/2/1997, <richter@ecos.de>)
>         - Ralf thinks this should be done by the CGI, not by the server
> 
> Planning/design items:
> 
>     * should the bug report page be in CVS?  Should it be in the htdocs
>       tree or a seperate place?  Should it be distributed with Apache?
>       The same holds for everything on the Apache web site.  Marc would
>       like to see it all in CVS, but not necessarily distributed
>       with Apache.
>       Roy says: It would be nice if all of the non-archive parts
>       of the project tree were in a separate cvs module -- it would
>       sure make updating Hyperreal a lot easier (and safer).
> 
>     * should perhaps start to think about exactly how we want to
>       handle contrib patches/programs in 1.2.  Directory on the web site?
>       Include in distribution?
> 
> Contrib stuff / future:
> 
>   * PR#161 -- mod_dir performance with negotiation
>         Status: Petr posted patch, Dean +1 on part
>         Petr posted query about how it should be redone.
> 
>   * Chris Adams <cadams@ro.com> patch to mod_log_config to add %m and %c.
> 
>   * "Large groups cause authentication errors" on FreeBSD
>       [salari@cs.ubc.ca]; problem looks to be MAX_STRING_LEN buffer
>       in groups_for_user.
> 
>   * mod_log_config patch for conditional logging
>         Status: contrib, not in server
> 
>   * Jim has patch for time taken to handle a request in status module
> 
>   * Ed has an updated patch for limiting connections per IP
> 
>   * mod_include is still slow.
> 
>   * Some mirrors are out-of-date, Brian will investigate
> 
>   * add some setlocale stuff?
> 
>   * update bug report page to not have email form
>         Status: +1 Roy, Dean, Marc (but some changes suggested), patch
>                 reposted with changes.  Needs input from people handling
>                 current bug reports.
>         New status: reposted, still need input from people handling bug
>                 reports via mail right now.
> 
>   * status module available from .htaccess files; Ken posted patch
> 
>   * status report shows PIDs in empty slots, user supplied some sort
>      of patch; behavior now is correct, but perhaps some cleanup of
>      how the results are displayed could be done after 1.2...
>      Message-ID: <Pine.NEB.3.95.970212030312.13867I-100000@localhost.imdb.com>
> 
>   * mod_template.c illustration of command handler call semantics for
>     the different directive argument types (et alia).  +1 Dirk, Chuck,
>     but needs work.  I'll try to flesh this out in the next few days if
>     these mean "+1 to including in distribution".
> 
>   * Marc proposed keeping a list of things broken for HTTP/1.1; on the
>       Web or part of the distribution?
>       (no PR#, 1.2, 21/2/1997, "Marc Slemko" <marcs@znep.com>)
>         - Chuck likes the idea (hopefully will reduce redundant
>           reports); thinks it should be on the Web
>         - Ken thinks it should be in the htdocs tree so it hits both

I'm good with Ken's idea, +1.

> 
>   * Rob's "DONE" status response check for die()
>         Message-ID: <Pine.NEB.3.95.970218164813.7072E-100000@localhost.imdb.com>
>         Roy says it's a feature... Dean agrees, thinks we should slate
>         something for 2.0 that can handle this cleanly.
> 
>   * config/178: Module with server_config but no per-dir config will
>         seggy in set_flag_slot
>         Status: patch given in report, +1 Roy,
>         Dean say no... Ken agrees with Dean.

There are also more proxy things to do. I hope to finish cleaning up all
but the really bizarre ones before 1.2b9 or release - this weekend.

This list looks like a b9 will be necessary.
-- 
chuck
Chuck Murcko
The Topsail Group, West Chester PA USA
chuck@topsail.org

Mime
View raw message