You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Randy Terbush <ra...@zyzzyva.com> on 1997/05/29 18:45:31 UTC
Re: [STATUS] Thu May 29 08:22:10 EDT 1997
I'll +1 this change although I can't quite make out what module it
affected. I had no problem with the patch in my current config.
Could someone confirm that I am to roll the tarball?
I'll apply this patch when I roll the release.
> Only real diff is handling Ken's suggested patch... If someone else
> wants to +1 it before the tarball, that's cool (so it can be included).
> In fact, that might be prefered.
>
> 1.2b11 status as of Thu May 29 08:22:10 EDT 1997
>
> * Code changes committed since 1.2b10:
>
> * ErrorDocument CGI responding to error from another CGI fixed
> * PR#512: signal redefinition problem on QNX
> * CGIWrap Problems (restore old PATH_INFO definition)
> * I hate messed up initializers (in USE_FCNTL_SERIALIZED_ACCEPT)
> * PR#501: escape html in server-status
> * PR#506: no DefaultType means no Content-Type
> * error responses have wrong headers (part 1)
> * Clarified comment about USERDIR_SUFFIX in suexec.h
> * HP-UX/cc compiler fix (minus oops)
> * internal redirect must inherit the_request
> * added comments and check the_request in original_uri()
> * Allow consistant use of whitespace in Configuration
> * PR#502: timeout problems (second try)
> * mod_dir HTTP_NOT_ACCEPTABLE fixup
> * error responses have wrong headers (part 2)
> * mod_dir/576: Port 0 being added in directory redirects
> * placement of $(REGLIB) after $(LIBS) in Makefile.tmpl
> * Roy's SEGV and missing Location patch
> * SIGTERM problem under OS/2 problem fixed. Due to buggy MPE
> patch.
> * PR#610: Mult v-hosts on single connection
> * PR#574,614: Proxy reports "Address not found" for servers that exist
> * Virtual hosts on different ports now works correctly
> * Correct logging with timeouts
> * PR#502: timeout was problem with IdentityCheck On
> * Allow #perl SSI to use routines governed by mod_perl
>
> The Plan
> ========
>
> * Immediate release of 1.2b11 tarball (Roy says he'll do). Adjust
> code to reflect 1.2b12 status. Allow only documentation cvs commits
> unless absolutely required (ie: 1.2b12 code will become 1.2). Allow
> for one week of testing of 1.2b11 and, if all goes well, Final
> release of 1.2 by June 5, 1997.
>
> * Ken's patch allowing rfc1413_timeout to be a global int should
> be voted on commited asap.
> Status: Ken votes -1 on releasing tarball until appproved
> Jim votes +1 on the patch but doesn't see the validity
> of a veto (but could just be cranky).
>
> Documentation Changes that would be nice for 1.2 but we're
> not gonna hold-up for them:
> -------------------------------------------
>
> * some better suexec docs would be really nice, detailing some of the
> security risks and compromises discussed
> Status: I think Randy said something about doing it at one point.
> Randy says he thinks Jason is perhaps doing them.
> [And Roy says: either somebody needs to document how it
> works (I don't know), or I'll go through and remove the
> documentation about how "good" it is to use it.]
> New Status: not really worth holding 1.2 on
>
> * Document problems with mismatch on FD_SETSIZE=1024?
>
> * Deal with Martin Kraemer's documentation notes:
> <19...@deejai.mch.sni.de>
> <19...@deejai.mch.sni.de>
>
> Post 1.2:
>
> * Workout path/goals for 2.0. Release 1.2.1 asap with below
> fixes and improvements?
>
> * PR#543: /cgi-bin/foo/bar%2fbaz
> unescape_url in util.c is forbidding %2f in PATH_INFO.
> The problem is that we use the %2f check to avoid security problems
> with stupid scripts. Roy thinks the best solution would be to
> decode all %2f's before doing any processing on the path, and thus
> reduce %2f... to /.. before doing the path checks. This makes it
> impossible to have a filename containing slash, but no big deal.
>
> * Marc's [PATCH] PR#566: mod_status dumps core in inetd mode
> <Pi...@alive.znep.com>
> <97...@paris.ics.uci.edu>
> Status: +1 Marc (post-1.2), Roy (with minor change), Dean
>
> * Dean's solaris 256 FILE * problem
> <Pi...@twinlark.arctic.org>
> Status: Dean seeing if it works for user, maybe add to FAQ
>
> * Various minor tweaks to port to different platforms:
> PR#383, PR#388, PR#399, PR#333, PR#327, PR#445, PR#511
>
> * Fix mod_negotiation to follow latest TCN draft
> Petr Lampa wants to work on this.
>
> * Doug MacEachern's [PATCH] merge dbm auth configs
> Status: The question is, should we be merging auth configs?
> Ken says not by default and not unless it's configurable.
>
> * redo lingering_close to check for old sockets to close out before
> accept() in child.
> Status: doesn't look to be overly clean to do in the current
> framework. Will not have time to do implementation for this
> beta in any case. If it turns out to be a big issue,
> could go in later. (1.2.1?)
>
> * Marc wants to have a check to be sure
> log directory(ies) isn't writable by anyone except the user starting
> the server. The posting in bugtraq only highlites the problem.
> Needs override. See NCSA code for sample implem.
> Status: Marc busy writing
>
> * error compiling on NeXT:
> In file included from http_main.c:108:
> /NextDeveloper/Headers/bsd/netinet/tcp.h:57: duplicate member `th_off'
> /NextDeveloper/Headers/bsd/netinet/tcp.h:58: duplicate member `th_x2'
>
> Status: got a login in a NeXT OpenStep 4.x machine to test,
> looks like an interaction between gcc and the header
> files. It is trying to include definitions for both big and
> little endian platforms, and that no work.
>
> * Type map can't find appropriate document for language on Solaris
> 2.x. (I can't gistify this one; full details in message ID
> <Pi...@localhost.imdb.com>.)
> Reporter has provided tar.gz file of config info.
> (no PR#, 1.2b7, 24/2/1997, <ej...@cise.ufl.edu>)
> Status: Dean might have fixed this one (the table overlay bug)
> [Dean has mailed the submitter to ask them to test 1.2b8 or b9]
>
> * SONY NEWS port. See both:
> <Pi...@taz.hyperreal.com>
> <Pi...@taz.hyperreal.com>
> Jim working on a patch, but not until after 1.2 release
>
> * Jim has patch for time taken to handle a request in status module
>
> * status report shows PIDs in empty slots, user supplied some sort
> of patch; behavior now is correct, but perhaps some cleanup of
> how the results are displayed could be done after 1.2...
> <Pi...@localhost.imdb.com>
>
> Should be added to the bugdb:
>
> * "Large groups cause authentication errors" on FreeBSD
> [salari@cs.ubc.ca]; problem looks to be MAX_STRING_LEN buffer
> in groups_for_user.
>
> Contrib stuff / future:
>
> * Start digital signing the distributions.
>
> * Chris Adams <ca...@ro.com> patch to mod_log_config to add %m and %c.
>
> * mod_log_config patch for conditional logging
> Status: contrib, not in server
>
> * Ed has an updated patch for limiting connections per IP
>
> * mod_include could use boyer-moore searching for <!--# and/or it could
> mmap the file.
>
> * add some setlocale stuff?
>
> * status module available from .htaccess files; Ken posted patch
>
> * Rob's "DONE" status response check for die()
> <Pi...@localhost.imdb.com>
> Roy says it's a feature... Dean agrees, thinks we should slate
> something for 2.0 that can handle this cleanly.
>
> * tem@global2000.net provided a patch for mod_imap to make it more
> friendly with MS FrontPage map files. Available in
> <Pi...@twinlark.arctic.org>
>
> * Dean's gif89 and expires hack
> <Pi...@twinlark.arctic.org>
>
> * mod_userdir needs a DisallowUserDir directive, a la ftp.deny, to
> restrict user names that can be accessed. Ken says maybe
> "UserDir disabled [user [...]]".
>
> * get_local_host and NIS patch fo SunOS 4
> <Pi...@localhost>
>
> * internationalized documentation
>
> * pagecounter extension to mod_include
> <Pi...@taz.hyperreal.com>
>
> * mod_expires improvements from "Miguel A.L. Paraz" <ma...@iphil.net>
> at <http://www.iphil.net/~map/apache/>
>
> * add is_initial_req() function
>
> * mod_dir: send HEIGHT/WIDTH tags to improve performance for user see
> PR#393 for a patch that provides this
>
> * A CIDRized access list patch such as the one supplied in
> <Pi...@taz.hyperreal.com>
>
> * PR#344: 64-bit cleanups
>
>
> --
> ====================================================================
> Jim Jagielski | jaguNET Access Services
> jim@jaguNET.com | http://www.jaguNET.com/
> "Not the Craw... the CRAW!"