httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: [STATUS] Thu May 29 08:22:10 EDT 1997
Date Thu, 29 May 1997 16:51:44 GMT
Randy Terbush wrote:
> 
> 
> I'll +1 this change although I can't quite make out what module it 
> affected. I had no problem with the patch in my current config.
> 
> Could someone confirm that I am to roll the tarball?

Yes.

> 
> I'll apply this patch when I roll the release.

Great!!

> 
> 
> 
> 
> > Only real diff is handling Ken's suggested patch... If someone else
> > wants to +1 it before the tarball, that's cool (so it can be included).
> > In fact, that might be prefered.
> > 
> > 1.2b11 status as of Thu May 29 08:22:10 EDT 1997
> > 
> >   * Code changes committed since 1.2b10:
> > 
> >     * ErrorDocument CGI responding to error from another CGI fixed
> >     * PR#512: signal redefinition problem on QNX
> >     * CGIWrap Problems (restore old PATH_INFO definition)
> >     * I hate messed up initializers (in USE_FCNTL_SERIALIZED_ACCEPT)
> >     * PR#501: escape html in server-status
> >     * PR#506: no DefaultType means no Content-Type
> >     * error responses have wrong headers (part 1)
> >     * Clarified comment about USERDIR_SUFFIX in suexec.h
> >     * HP-UX/cc compiler fix (minus oops)
> >     * internal redirect must inherit the_request
> >     * added comments and check the_request in original_uri()
> >     * Allow consistant use of whitespace in Configuration
> >     * PR#502: timeout problems (second try)
> >     * mod_dir HTTP_NOT_ACCEPTABLE fixup
> >     * error responses have wrong headers (part 2)
> >     * mod_dir/576: Port 0 being added in directory redirects
> >     * placement of $(REGLIB) after $(LIBS) in Makefile.tmpl
> >     * Roy's SEGV and missing Location patch
> >     * SIGTERM problem under OS/2 problem fixed. Due to buggy MPE
> >       patch.
> >     * PR#610: Mult v-hosts on single connection
> >     * PR#574,614: Proxy reports "Address not found" for servers that exist
> >     * Virtual hosts on different ports now works correctly
> >     * Correct logging with timeouts
> >     * PR#502: timeout was problem with IdentityCheck On
> >     * Allow #perl SSI to use routines governed by mod_perl
> > 
> > The Plan
> > ========
> > 
> >   * Immediate release of 1.2b11 tarball (Roy says he'll do). Adjust
> >     code to reflect 1.2b12 status. Allow only documentation cvs commits
> >     unless absolutely required (ie: 1.2b12 code will become 1.2). Allow
> >     for one week of testing of 1.2b11 and, if all goes well, Final
> >     release of 1.2 by June 5, 1997.
> > 
> >   * Ken's patch allowing rfc1413_timeout to be a global int should
> >     be voted on commited asap.
> >     Status: Ken votes -1 on releasing tarball until appproved
> >             Jim votes +1 on the patch but doesn't see the validity
> > 	     of a veto (but could just be cranky).
> > 
> > Documentation Changes that would be nice for 1.2 but we're
> > not gonna hold-up for them:
> > -------------------------------------------
> > 
> >   * some better suexec docs would be really nice, detailing some of the
> >     security risks and compromises discussed
> > 	Status: I think Randy said something about doing it at one point.
> > 		Randy says he thinks Jason is perhaps doing them.
> >                 [And Roy says: either somebody needs to document how it
> >                  works (I don't know), or I'll go through and remove the
> >                  documentation about how "good" it is to use it.]
> > 	New Status: not really worth holding 1.2 on
> > 
> >   * Document problems with mismatch on FD_SETSIZE=1024?
> > 
> >   * Deal with Martin Kraemer's documentation notes:
> > 	<199704081013.MAA02907@deejai.mch.sni.de>
> > 	<199704081045.MAA02997@deejai.mch.sni.de>
> > 
> > Post 1.2:
> > 
> >   * Workout path/goals for 2.0. Release 1.2.1 asap with below
> >     fixes and improvements?
> > 
> >   * PR#543: /cgi-bin/foo/bar%2fbaz
> >     unescape_url in util.c is forbidding %2f in PATH_INFO.
> >     The problem is that we use the %2f check to avoid security problems
> >     with stupid scripts.  Roy thinks the best solution would be to
> >     decode all %2f's before doing any processing on the path, and thus
> >     reduce %2f... to /.. before doing the path checks.  This makes it
> >     impossible to have a filename containing slash, but no big deal.
> > 
> >   * Marc's [PATCH] PR#566: mod_status dumps core in inetd mode
> >     <Pine.BSF.3.95.970509234507.24957B-100000@alive.znep.com>
> >     <9705111840.aa01864@paris.ics.uci.edu>
> >     Status: +1 Marc (post-1.2), Roy (with minor change), Dean
> > 
> >   * Dean's solaris 256 FILE * problem
> >     <Pine.LNX.3.95dg3.970507121700.11214J-100000@twinlark.arctic.org>
> >     Status: Dean seeing if it works for user, maybe add to FAQ
> > 
> >   * Various minor tweaks to port to different platforms:
> >     PR#383, PR#388, PR#399, PR#333, PR#327, PR#445, PR#511
> > 
> >   * Fix mod_negotiation to follow latest TCN draft
> >     Petr Lampa wants to work on this.
> > 
> >   * Doug MacEachern's [PATCH] merge dbm auth configs
> >         Status: The question is, should we be merging auth configs?
> >                 Ken says not by default and not unless it's configurable.
> > 
> >   * redo lingering_close to check for old sockets to close out before
> >     accept() in child.
> > 	Status: doesn't look to be overly clean to do in the current
> > 	framework.  Will not have time to do implementation for this
> > 	beta in any case.  If it turns out to be a big issue,
> > 	could go in later.  (1.2.1?)
> > 
> >   * Marc wants to have a check to be sure
> >     log directory(ies) isn't writable by anyone except the user starting
> >     the server.  The posting in bugtraq only highlites the problem.
> >     Needs override.  See NCSA code for sample implem.
> > 	Status: Marc busy writing
> > 
> >   * error compiling on NeXT:
> > 	In file included from http_main.c:108:
> > 	/NextDeveloper/Headers/bsd/netinet/tcp.h:57: duplicate member `th_off'
> > 	/NextDeveloper/Headers/bsd/netinet/tcp.h:58: duplicate member `th_x2'
> > 
> > 	Status: got a login in a NeXT OpenStep 4.x machine to test,
> > 	looks like an interaction between gcc and the header
> > 	files.  It is trying to include definitions for both big and
> > 	little endian platforms, and that no work.
> > 
> >   * Type map can't find appropriate document for language on Solaris
> >     2.x.  (I can't gistify this one; full details in message ID
> >     <Pine.NEB.3.95.970224200751.8617F-100000@localhost.imdb.com>.)
> >     Reporter has provided tar.gz file of config info.
> >     (no PR#, 1.2b7, 24/2/1997, <ejr@cise.ufl.edu>)
> >         Status: Dean might have fixed this one (the table overlay bug)
> > 	[Dean has mailed the submitter to ask them to test 1.2b8 or b9]
> > 
> >   * SONY NEWS port.  See both:
> >     <Pine.BSI.3.95.970310012527.10327F-100000@taz.hyperreal.com>
> >     <Pine.BSI.3.95.970310012855.10327K-100000@taz.hyperreal.com>
> >     Jim working on a patch, but not until after 1.2 release
> > 
> >   * Jim has patch for time taken to handle a request in status module
> > 
> >   * status report shows PIDs in empty slots, user supplied some sort
> >      of patch; behavior now is correct, but perhaps some cleanup of
> >      how the results are displayed could be done after 1.2...
> >      <Pine.NEB.3.95.970212030312.13867I-100000@localhost.imdb.com>
> > 
> > Should be added to the bugdb:
> > 
> >   * "Large groups cause authentication errors" on FreeBSD
> >       [salari@cs.ubc.ca]; problem looks to be MAX_STRING_LEN buffer
> >       in groups_for_user.
> > 
> > Contrib stuff / future:
> >   
> >   * Start digital signing the distributions.
> > 
> >   * Chris Adams <cadams@ro.com> patch to mod_log_config to add %m and %c.
> > 
> >   * mod_log_config patch for conditional logging
> > 	Status: contrib, not in server
> > 
> >   * Ed has an updated patch for limiting connections per IP
> > 
> >   * mod_include could use boyer-moore searching for <!--# and/or it could
> >     mmap the file.
> > 
> >   * add some setlocale stuff?
> > 
> >   * status module available from .htaccess files; Ken posted patch
> > 
> >   * Rob's "DONE" status response check for die()
> > 	<Pine.NEB.3.95.970218164813.7072E-100000@localhost.imdb.com>
> > 	Roy says it's a feature... Dean agrees, thinks we should slate
> > 	something for 2.0 that can handle this cleanly.
> > 
> >   * tem@global2000.net provided a patch for mod_imap to make it more
> >     friendly with MS FrontPage map files.  Available in
> >     <Pine.LNX.3.95dg2.970305235225.28934H-200000@twinlark.arctic.org>
> > 
> >   * Dean's gif89 and expires hack
> >     <Pine.LNX.3.95dg2.970310005317.427P-100000@twinlark.arctic.org>
> > 
> >   * mod_userdir needs a DisallowUserDir directive, a la ftp.deny, to
> >     restrict user names that can be accessed.  Ken says maybe
> >     "UserDir disabled [user [...]]".
> > 
> >   * get_local_host and NIS patch fo SunOS 4
> >     <Pine.NEB.3.95.970320210733.4149H-100000@localhost>
> > 
> >   * internationalized documentation
> > 
> >   * pagecounter extension to mod_include
> >     <Pine.BSI.3.95.970322151230.29235I-100000@taz.hyperreal.com>
> > 
> >   * mod_expires improvements from "Miguel A.L. Paraz" <map@iphil.net>
> >     at <http://www.iphil.net/~map/apache/>
> > 
> >   * add is_initial_req() function
> > 
> >   * mod_dir: send HEIGHT/WIDTH tags to improve performance for user see
> >     PR#393 for a patch that provides this
> > 
> >   * A CIDRized access list patch such as the one supplied in
> >     <Pine.BSI.3.95.970414120047.22654L-200000@taz.hyperreal.com>
> > 
> >   * PR#344: 64-bit cleanups
> > 
> > 
> > -- 
> > ====================================================================
> >       Jim Jagielski            |       jaguNET Access Services
> >      jim@jaguNET.com           |       http://www.jaguNET.com/
> >                   "Not the Craw... the CRAW!"
> 
> 
> 


-- 
====================================================================
      Jim Jagielski            |       jaguNET Access Services
     jim@jaguNET.com           |       http://www.jaguNET.com/
                  "Not the Craw... the CRAW!"

Mime
View raw message