httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodent of Unusual Size <Ken.C...@Golux.Com>
Subject Re: [STATUS] (apachen) Sun Jan 25 23:45:17 EST 1998
Date Mon, 26 Jan 1998 15:48:46 GMT
Rodent of Unusual Size wrote:
> 
> Apache 1.3 STATUS:
>
> Plan:
> 
>     Let's shoot for release of 1.3b4 on January 31, 1998.
>     Concern: Should we hold off on any new code changes
>      in order to try to get 1.3.0 out the door asap? Once
>      that's done, we can split off 2.0 from the present CVS
>      tree and start working on that, while putting some
>      patches into 1.3.1b1-dev. Let's get 1.3.0 out soon so
>      we can really start playing with the code, which isn't
>      wise when we're trying to push a release out.

Sounds reasonable, but here are some things that I think we need to
make decisions concerning before 1.3.0.  (The Win32 issues [install,
src tree, CGI bug, ...] are obviously show-stoppers.)

> Needs patch:
> 
>     * proxy security fixes from 1.2.5 need to be brought forward
> 
>     * DoS created by the lame hostname lookup code in check_fulluri, which
>         should be part of the proxy and not in the core
>
> Open issues:
> 
>     * What do we call the binary: apache or httpd? Under UNIX
>       it's httpd, under Win32 it's apache. Maybe rename it
>       to apache-httpd?
>         apache-httpd: Ken +1
> 
>     * Release builds: Should we provide Configuration or not?
>       Should we 'make all suexec' in src/support?
>         Ken +1 (possible suexec path issue, though)
> 
> Win32 specific issues:
> 
>  Open issues:
> 
>     * Should ApacheCore.dll be merged back into the main server
>       image?  May make debugging easier..
> 
>  In progress:
> 
>     * DDA's adding a tray application to the Windoze version for ease of
>       status/management.
>         <01BCDB29.2C04DEB0@caravan.individual.com>
>         <01BCDB2A.F8C09010@caravan.individual.com>
>         Status: Ken +1, Sameer +1, Martin +1, Ben +1 (as long as
>         we get a single executable)
>         Paul: No like Win95 specific stuff
>         Ken: What's W95-specific about it?
> 
>     * some errors printed by CGIs to stderr don't end up making it
>       to the server log unless an extra debugging message is added
>       after they run? (PR#1725 indicates this may not be just Win32)
> 
>     * bad use of chdir in some places; it isn't thread-specific
> 
>     * install
>         - make installshield work
>         - config in cvs tree?
>         - install docs, etc.?
>         - location for install
>
>     * CGIs
>         - hangs on multiple CGI execution?  PR#1607,1129
>             Marc can't repeat...
>         - docs on how they work w/scripts
>         - use registry to find interpreter?
>         - WTF is the buffering coming from?
>             - we don't have a way to make non-blocking files on NT!
> 
>     * documentation:
>         - running the server without admin
>         - how CGIs work
>         - update README.NT
>         - short/long name handling
>         - better status page on current state of NT for users
> 
>     * who should run the service?  Who exactly is the "system account"?
> 
>     * need a crypt() of some sort.
>         - sources are easy; problem is export restrictions on DES
>         - if we don't do DES, can do md5
> 
>     * modules that need to be made to work on win32
>         - mod_example isn't multithreadreded
>         - mod_unique_id (needs mt changes)
>         - mod_auth_db.c  (do we want to even try this?  We should have some
>           db of some sort... what else can we pick from under win32?)
>         - mod_auth_dbm.c
>         - mod_info.c (PR re exporting symbols for it...)
>         - mod_log_agent.c
>         - mod_log_referer.c
>         - mod_mime_magic.c (needs access to mod_mime API stage...)

Mime
View raw message