httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: [STATUS] Thu May 29 08:22:10 EDT 1997
Date Thu, 29 May 1997 16:45:31 GMT

I'll +1 this change although I can't quite make out what module it 
affected. I had no problem with the patch in my current config.

Could someone confirm that I am to roll the tarball?

I'll apply this patch when I roll the release.




> Only real diff is handling Ken's suggested patch... If someone else
> wants to +1 it before the tarball, that's cool (so it can be included).
> In fact, that might be prefered.
> 
> 1.2b11 status as of Thu May 29 08:22:10 EDT 1997
> 
>   * Code changes committed since 1.2b10:
> 
>     * ErrorDocument CGI responding to error from another CGI fixed
>     * PR#512: signal redefinition problem on QNX
>     * CGIWrap Problems (restore old PATH_INFO definition)
>     * I hate messed up initializers (in USE_FCNTL_SERIALIZED_ACCEPT)
>     * PR#501: escape html in server-status
>     * PR#506: no DefaultType means no Content-Type
>     * error responses have wrong headers (part 1)
>     * Clarified comment about USERDIR_SUFFIX in suexec.h
>     * HP-UX/cc compiler fix (minus oops)
>     * internal redirect must inherit the_request
>     * added comments and check the_request in original_uri()
>     * Allow consistant use of whitespace in Configuration
>     * PR#502: timeout problems (second try)
>     * mod_dir HTTP_NOT_ACCEPTABLE fixup
>     * error responses have wrong headers (part 2)
>     * mod_dir/576: Port 0 being added in directory redirects
>     * placement of $(REGLIB) after $(LIBS) in Makefile.tmpl
>     * Roy's SEGV and missing Location patch
>     * SIGTERM problem under OS/2 problem fixed. Due to buggy MPE
>       patch.
>     * PR#610: Mult v-hosts on single connection
>     * PR#574,614: Proxy reports "Address not found" for servers that exist
>     * Virtual hosts on different ports now works correctly
>     * Correct logging with timeouts
>     * PR#502: timeout was problem with IdentityCheck On
>     * Allow #perl SSI to use routines governed by mod_perl
> 
> The Plan
> ========
> 
>   * Immediate release of 1.2b11 tarball (Roy says he'll do). Adjust
>     code to reflect 1.2b12 status. Allow only documentation cvs commits
>     unless absolutely required (ie: 1.2b12 code will become 1.2). Allow
>     for one week of testing of 1.2b11 and, if all goes well, Final
>     release of 1.2 by June 5, 1997.
> 
>   * Ken's patch allowing rfc1413_timeout to be a global int should
>     be voted on commited asap.
>     Status: Ken votes -1 on releasing tarball until appproved
>             Jim votes +1 on the patch but doesn't see the validity
> 	     of a veto (but could just be cranky).
> 
> Documentation Changes that would be nice for 1.2 but we're
> not gonna hold-up for them:
> -------------------------------------------
> 
>   * some better suexec docs would be really nice, detailing some of the
>     security risks and compromises discussed
> 	Status: I think Randy said something about doing it at one point.
> 		Randy says he thinks Jason is perhaps doing them.
>                 [And Roy says: either somebody needs to document how it
>                  works (I don't know), or I'll go through and remove the
>                  documentation about how "good" it is to use it.]
> 	New Status: not really worth holding 1.2 on
> 
>   * Document problems with mismatch on FD_SETSIZE=1024?
> 
>   * Deal with Martin Kraemer's documentation notes:
> 	<199704081013.MAA02907@deejai.mch.sni.de>
> 	<199704081045.MAA02997@deejai.mch.sni.de>
> 
> Post 1.2:
> 
>   * Workout path/goals for 2.0. Release 1.2.1 asap with below
>     fixes and improvements?
> 
>   * PR#543: /cgi-bin/foo/bar%2fbaz
>     unescape_url in util.c is forbidding %2f in PATH_INFO.
>     The problem is that we use the %2f check to avoid security problems
>     with stupid scripts.  Roy thinks the best solution would be to
>     decode all %2f's before doing any processing on the path, and thus
>     reduce %2f... to /.. before doing the path checks.  This makes it
>     impossible to have a filename containing slash, but no big deal.
> 
>   * Marc's [PATCH] PR#566: mod_status dumps core in inetd mode
>     <Pine.BSF.3.95.970509234507.24957B-100000@alive.znep.com>
>     <9705111840.aa01864@paris.ics.uci.edu>
>     Status: +1 Marc (post-1.2), Roy (with minor change), Dean
> 
>   * Dean's solaris 256 FILE * problem
>     <Pine.LNX.3.95dg3.970507121700.11214J-100000@twinlark.arctic.org>
>     Status: Dean seeing if it works for user, maybe add to FAQ
> 
>   * Various minor tweaks to port to different platforms:
>     PR#383, PR#388, PR#399, PR#333, PR#327, PR#445, PR#511
> 
>   * Fix mod_negotiation to follow latest TCN draft
>     Petr Lampa wants to work on this.
> 
>   * Doug MacEachern's [PATCH] merge dbm auth configs
>         Status: The question is, should we be merging auth configs?
>                 Ken says not by default and not unless it's configurable.
> 
>   * redo lingering_close to check for old sockets to close out before
>     accept() in child.
> 	Status: doesn't look to be overly clean to do in the current
> 	framework.  Will not have time to do implementation for this
> 	beta in any case.  If it turns out to be a big issue,
> 	could go in later.  (1.2.1?)
> 
>   * Marc wants to have a check to be sure
>     log directory(ies) isn't writable by anyone except the user starting
>     the server.  The posting in bugtraq only highlites the problem.
>     Needs override.  See NCSA code for sample implem.
> 	Status: Marc busy writing
> 
>   * error compiling on NeXT:
> 	In file included from http_main.c:108:
> 	/NextDeveloper/Headers/bsd/netinet/tcp.h:57: duplicate member `th_off'
> 	/NextDeveloper/Headers/bsd/netinet/tcp.h:58: duplicate member `th_x2'
> 
> 	Status: got a login in a NeXT OpenStep 4.x machine to test,
> 	looks like an interaction between gcc and the header
> 	files.  It is trying to include definitions for both big and
> 	little endian platforms, and that no work.
> 
>   * Type map can't find appropriate document for language on Solaris
>     2.x.  (I can't gistify this one; full details in message ID
>     <Pine.NEB.3.95.970224200751.8617F-100000@localhost.imdb.com>.)
>     Reporter has provided tar.gz file of config info.
>     (no PR#, 1.2b7, 24/2/1997, <ejr@cise.ufl.edu>)
>         Status: Dean might have fixed this one (the table overlay bug)
> 	[Dean has mailed the submitter to ask them to test 1.2b8 or b9]
> 
>   * SONY NEWS port.  See both:
>     <Pine.BSI.3.95.970310012527.10327F-100000@taz.hyperreal.com>
>     <Pine.BSI.3.95.970310012855.10327K-100000@taz.hyperreal.com>
>     Jim working on a patch, but not until after 1.2 release
> 
>   * Jim has patch for time taken to handle a request in status module
> 
>   * status report shows PIDs in empty slots, user supplied some sort
>      of patch; behavior now is correct, but perhaps some cleanup of
>      how the results are displayed could be done after 1.2...
>      <Pine.NEB.3.95.970212030312.13867I-100000@localhost.imdb.com>
> 
> Should be added to the bugdb:
> 
>   * "Large groups cause authentication errors" on FreeBSD
>       [salari@cs.ubc.ca]; problem looks to be MAX_STRING_LEN buffer
>       in groups_for_user.
> 
> Contrib stuff / future:
>   
>   * Start digital signing the distributions.
> 
>   * Chris Adams <cadams@ro.com> patch to mod_log_config to add %m and %c.
> 
>   * mod_log_config patch for conditional logging
> 	Status: contrib, not in server
> 
>   * Ed has an updated patch for limiting connections per IP
> 
>   * mod_include could use boyer-moore searching for <!--# and/or it could
>     mmap the file.
> 
>   * add some setlocale stuff?
> 
>   * status module available from .htaccess files; Ken posted patch
> 
>   * Rob's "DONE" status response check for die()
> 	<Pine.NEB.3.95.970218164813.7072E-100000@localhost.imdb.com>
> 	Roy says it's a feature... Dean agrees, thinks we should slate
> 	something for 2.0 that can handle this cleanly.
> 
>   * tem@global2000.net provided a patch for mod_imap to make it more
>     friendly with MS FrontPage map files.  Available in
>     <Pine.LNX.3.95dg2.970305235225.28934H-200000@twinlark.arctic.org>
> 
>   * Dean's gif89 and expires hack
>     <Pine.LNX.3.95dg2.970310005317.427P-100000@twinlark.arctic.org>
> 
>   * mod_userdir needs a DisallowUserDir directive, a la ftp.deny, to
>     restrict user names that can be accessed.  Ken says maybe
>     "UserDir disabled [user [...]]".
> 
>   * get_local_host and NIS patch fo SunOS 4
>     <Pine.NEB.3.95.970320210733.4149H-100000@localhost>
> 
>   * internationalized documentation
> 
>   * pagecounter extension to mod_include
>     <Pine.BSI.3.95.970322151230.29235I-100000@taz.hyperreal.com>
> 
>   * mod_expires improvements from "Miguel A.L. Paraz" <map@iphil.net>
>     at <http://www.iphil.net/~map/apache/>
> 
>   * add is_initial_req() function
> 
>   * mod_dir: send HEIGHT/WIDTH tags to improve performance for user see
>     PR#393 for a patch that provides this
> 
>   * A CIDRized access list patch such as the one supplied in
>     <Pine.BSI.3.95.970414120047.22654L-200000@taz.hyperreal.com>
> 
>   * PR#344: 64-bit cleanups
> 
> 
> -- 
> ====================================================================
>       Jim Jagielski            |       jaguNET Access Services
>      jim@jaguNET.com           |       http://www.jaguNET.com/
>                   "Not the Craw... the CRAW!"




Mime
View raw message