httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dean Gaudet <dgau...@arctic.org>
Subject [STATUS]
Date Sat, 22 Mar 1997 23:59:33 GMT
1.2b8 status as of Sat Mar 22 15:58:58 PST 1997

  * Committed since 1.2b7:

    * HP MPE/iX fixes
    * replace bcopy with memmove for ANSIfriendliness
    * UXP/DS(V20) port
    * MachTen fine tuning
    * PR#186: Make declaration of add_env_variable agree with definiton.
    * PR#210: Missing semicolon.
    * Correctly handle Swedish filenames
    * buff.c header include fixes
    * create_argv() fixes
    * remove cleanups from bpushfd()
    * help avoid virtual host confusion
    * PR#40: include path_info for error when file doesn't exist
    * PR#59: os/2: allow for cgi files without the .EXE extension
    * missing header_parser slots in modules
    * PR#146, PR#187: is_url() not HTTP/1.1 conformant
    * log long headers in case it is an attack
    * PR#194: ErrorDocument broken due to an optimization in 1.2b7
    * PR#190: Reduced IdentityCheck timeout to 30 seconds
    * PR#160: invoke_handler() doesn't handle mime arguments
    * memory management goof in alloc.c
    * support/Makefile.tmpl and LIBS
    * deal with long hostnames at gethostname() call
    * clear memory allocated for listeners
    * PR#212: improved handling of ip addresses in VirtualHost
    * mod_neg iso-8859-1 fixup and other cleanups
    * workaround a compiler bug that causes sunos 4.x to panic
    * don't count starting servers as idle
    * document dangers of "UserDir ./" and need to protect <Directory />
    * problem with proper per-connection counting
    * infinite loop with trailing slash and type map
    * vhost error log not set when initialized
    * improved modules/Makefile generation
    * PR#234,143: per_dir_config incorrectly set for name-based vhosts
    * tighten email on anonymous logging
    * big header table sending and persistence fixes
    * mod_rewrite 3.0.1
    * garbage_coll() not called in proxy if filsystem full
    * PR#105: continue after DNS errors and document vhosts better
    * errno cleanup

Agenda for 1.2b8-dev
====================

Patches available:

    * Ken's [PATCH] bug reporting changes
	<97031518460353@decus.org>
	Status: Dean +1, Roy +1

    * Dean's wild-guess patch for 3 second CGI problem
	<Pine.LNX.3.95dg2.970319110547.4097C-100000@twinlark.arctic.org>
	I've sent this to rindfuss@medea.wz-berlin.de, and rfrancis@dti.net
	so we at least get an idea if this is what's wrong.

    * Dean's [PATCH] add is_initial_req() function
	<Pine.LNX.3.95dg2.970320002841.1643E-100000@twinlark.arctic.org>
	(This is for module authors to be able to deal with being called
	more than once per request.)
	Ok I withdraw this, Roy or Doug you make a patch that looks right :)

    * Roy's [PATCH] "make clean" bombs if no subdirectory modules are used
	<9703210239.aa20619@paris.ics.uci.edu>
	Status: Chuck +1

    * Dean's [PATCH] handle multiple Configurations without warning
	<Pine.LNX.3.95dg2.970311124347.18177R-100000@twinlark.arctic.org>
	Status: Chuck +1

Showstoppers with no patches yet:

  * 3 seconds delay in CGI execution on SunOS 4.x, see PR 122
       Status: no patch.
       Info: Pages containing script output show up with a delay of 3
             seconds (there was no such delay in Apache 1.1.1).
             [rindfuss@medea.wz-berlin.de] tracked the problem down to
             source file alloc.c, function free_proc_chain. This function
             contains a conditional call to sleep(3), which causes the delay.

       for (p = procs; p; p = p->next) {
          if (p->kill_how == kill_after_timeout) {
            /* Subprocess may be dead already.  Only need the timeout if not. */
            if (kill (p->pid, SIGTERM) != -1)
              need_timeout = 1;
          } else if (p->kill_how == kill_always) {
            kill (p->pid, SIGKILL);
          }
        }

        /* Sleep only if we have to... */

        if (need_timeout) sleep (3);

        [RobH: So CGI included as SSI hangs around for longer and needs
               to be SIGTERM'ed.  Why?]

        [Roy: note also that a call to sleep will blow-out any other timeout]

  * redirect of index file causes SEGV [Marc]
	Status: have a way to stop the core dump, but that doesn't make
	it work properly.
	See also: <Pine.BSF.3.91.970210204402.12197B-100000@localhost.imdb.com>

  * SEGV under FreeBSD, Next with lingering_close
	<3331034D.167EB0E7@topsail.org>
    
  * PR#214: access control for proxy appears to be broken

Documentation Changes that should make 1.2:

  * mod_template.c illustration of command handler call semantics for
    the different directive argument types (et alia).  +1 Dirk, Chuck,
    but needs work.  I'll try to flesh this out in the next few days if
    these mean "+1 to including in distribution".  +1 from Ralf.
    ... and more work ...
    And Ken says check it all out at <http://Template.Remulak.DECUS.Org:9000/>

  * some better suexec docs would be really nice, detailing some of the
    security risks and compromises discussed
	Status: I think Randy said something about doing it at one point,
		but no one can write what  I think should be there better
		than me, if I ever have time.  Randy says he thinks
		Jason is perhaps doing them.

No patches yet:

  * -DNO_LINGCLOSE default for those operating systems that require it.
    Chuck says UnixWare and Next.  Jim adds SunOS 4.  Dean says IRIX
    needs it too until/unless SGI provides a patch.

  * libucb problems with readdir() under Solaris and other SVR4

  * [BUG]: "SSI stopped working in 1.2b7" on Solaris 2.x (fwd)
    <Pine.NEB.3.95.970305212036.7053A-100000@localhost.imdb.com>

  * Marc has changed his mind and wants to have a check to be sure
    log directory(ies) isn't writable by anyone except the user starting
    the server.  The posting in bugtraq only highlites the problem.
    Needs override.  See NCSA code for sample implem.
	Status: Marc busy writing, Ed +1 on putting in to b7

  * wrong response to proxy request without proxy
	<9702201640.aa07198@paris.ics.uci.edu>

  * redo lingering_close to check for old sockets to close out before
    accept() in child.
	Status: doesn't look to be overly clean to do in the current
	framework.  Will not have time to do implementation for this
	beta in any case.  If it turns out to be a big issue,
	could go in later.  (1.2.1?)

  * CGIs don't get PIPE under FreeBSD; under Solaris they get a TERM
    and then a PIPE in close succession.  Hmm.  Marc will look when
    he gets a chance.

  * Solaris "accept: Too many levels of remote in path" [marc]

  * error compiling on NeXT:
	In file included from http_main.c:108:
	/NextDeveloper/Headers/bsd/netinet/tcp.h:57: duplicate member `th_off'
	/NextDeveloper/Headers/bsd/netinet/tcp.h:58: duplicate member `th_x2'

	Status: got a login in a NeXT OpenStep 4.x machine to test,
	looks like an interaction between gcc and the header
	files.  It is trying to include definitions for both big and
	little endian platforms, and that no work.

  * Type map can't find appropriate document for language on Solaris
    2.x.  (I can't gistify this one; full details in message ID
    <Pine.NEB.3.95.970224200751.8617F-100000@localhost.imdb.com>.)
    Reporter has provided tar.gz file of config info.
    (no PR#, 1.2b7, 24/2/1997, <ejr@cise.ufl.edu>)

  * <IMG SRC="a CGI"> crates [sic] zombies on FreeBSDLinux
    (see <Pine.NEB.3.95.970225130439.346B-100000@localhost.imdb.com>
    for the details; I'm not going to try to decode 'em)  Reporter
    says hackers have told it the cause lies in an error in the loop
    structure in alloc.c's fork()/signal()/wait() handling
    (no PR#, 1.1.1/1.2.something (?), 23/2/1997, <sk@www.russia.net>)
      - Marc said it *might* be related to the kindercide issue
    
  * SONY NEWS port.  See both:
    <Pine.BSI.3.95.970310012527.10327F-100000@taz.hyperreal.com>
    <Pine.BSI.3.95.970310012855.10327K-100000@taz.hyperreal.com>
    Needs work to turn it into a patch

  * [BUG]: "mod_dld problem: variable in httpd_config.c counted wrong"on Irix
    <Pine.NEB.3.95.970314021405.27809E-100000@localhost.imdb.com> and
    <Pine.NEB.3.95.970315215558.12699A-400000@localhost.imdb.com>
    Dirk says he's got something to fix it that needs some work.

UnixWare:

    Chuck thinks all of these are solved using the method presented by
    Joe D.  Chuck will implement/document?

    * SIGTERM to parent on UnixWare kills it but leaves children as
	zombies, requiring reboot.  SIGHUP reloads it fine when it's
	running. (no PR#, 1.2b6, 21/2/1997, <talbion@xl.ca>)

    * Randy says "seems that the processes on a Unixware machine are
	eventually all dying off. Mind you, I have not seen this, but
	that is what is being reported.  Sounds like perhaps the server is not
	respawning new children after MaxRequestsPerChild has been reached."

    * UnixWare 2.1.1 needs USE_FCNTL_SERIALIZE_ACCEPT to keep from
	locking up.
	(no PR#, 1.2b6, reported by <jrd@cc.usu.edu>)
	- reporter says "UW 2.1.1 requires installation of UW patch
	    ptf3123 for proper operation of accept()".  The patch is
	    available from ftp.sco.com
	- He also says that defining NO_LINGCLOSE reduces FIN_WAIT_2
	    incidences in this environment
	- Chuck told the reporter "it" (presumably the USE_FCNTL define)
	    will be in 1.2b8, and info about the OS patch will be put in the
	    online docs.

Contrib stuff / future:
  
  * Start digital signing the distributions.

  * PR#161 -- mod_dir performance with negotiation
	Status: Petr posted patch, Dean +1 on part
	Petr posted query about how it should be redone.

  * Chris Adams <cadams@ro.com> patch to mod_log_config to add %m and %c.

  * "Large groups cause authentication errors" on FreeBSD
      [salari@cs.ubc.ca]; problem looks to be MAX_STRING_LEN buffer
      in groups_for_user.

  * mod_log_config patch for conditional logging
	Status: contrib, not in server

  * Jim has patch for time taken to handle a request in status module

  * Ed has an updated patch for limiting connections per IP

  * mod_include could use boyer-moore searching for <!--# and/or it could
    mmap the file.

  * Some mirrors are out-of-date, Brian will investigate

  * add some setlocale stuff?

  * status module available from .htaccess files; Ken posted patch

  * status report shows PIDs in empty slots, user supplied some sort
     of patch; behavior now is correct, but perhaps some cleanup of
     how the results are displayed could be done after 1.2...
     <Pine.NEB.3.95.970212030312.13867I-100000@localhost.imdb.com>

  * Marc proposed keeping a list of things broken for HTTP/1.1; on the
      Web or part of the distribution?
      (no PR#, 1.2, 21/2/1997, "Marc Slemko" <marcs@znep.com>)
        - Chuck likes the idea (hopefully will reduce redundant
    	  reports); thinks it should be on the Web
        - Ken thinks it should be in the htdocs tree so it hits both
	- Chuck gives +1 to Ken's idea, so does Ralf

  * Rob's "DONE" status response check for die()
	<Pine.NEB.3.95.970218164813.7072E-100000@localhost.imdb.com>
	Roy says it's a feature... Dean agrees, thinks we should slate
	something for 2.0 that can handle this cleanly.

  * config/178: Module with server_config but no per-dir config will
	seggy in set_flag_slot
	Status: patch given in report, +1 Roy,
	Dean say no because the patch confuses per-server and per-directory
	configs... Ken agrees with Dean.

  * tem@global2000.net provided a patch for mod_imap to make it more
    friendly with MS FrontPage map files.  Available in
    <Pine.LNX.3.95dg2.970305235225.28934H-200000@twinlark.arctic.org>

  * Dean's gif89 and expires hack
    <Pine.LNX.3.95dg2.970310005317.427P-100000@twinlark.arctic.org>

  * mod_userdir needs a DisallowUserDir directive, a la ftp.deny, to
    restrict user names that can be accessed.  Ken says maybe
    "UserDir disabled [user [...]]".

  * get_local_host and NIS patch fo SunOS 4
    <Pine.NEB.3.95.970320210733.4149H-100000@localhost>

  * internationalized documentation

  * pagecounter extension to mod_include
    <Pine.BSI.3.95.970322151230.29235I-100000@taz.hyperreal.com>


Mime
View raw message