Mailing List Archive

David wrote,

> Votes, please, on the patches available for 0.8.15. There is agreement
> that 0.8.15 is not good enough, so we should vote on _all_ of the patches.
>
> Suggested timetable:
> Deadline for patches: end of Monday 30th October (Europe)
> Deadline for votes: end of Monday 30th October (USA)

+1 on the timetable, any timetable! :-)
+1 30_svr4.0.8.15.patch
+1 33_time.0.8.15.patch


rob

On Fri, 27 Oct 95 15:11 GMT you wrote:

>Votes, please, on the patches available for 0.8.15. There is agreement
>that 0.8.15 is not good enough, so we should vote on _all_ of the patches.
>
>Suggested timetable:
>Deadline for patches: end of Monday 30th October (Europe)
>Deadline for votes: end of Monday 30th October (USA)
>[Does that give enough time, or should it be Tuesday?]

Seems reasonable.

>0.8.16 will be built the following day. After one week of testing, it will
>be released as 1.0, if no major problems arise.

I've been a voice of caution on this, so now I'll say WHOPEE.

+1 26_redirect2.0.8.15.patch Fix handling of % in Redirect command
+1 27_qnx.0.8.14.patch QNX Port

0 28_os2port.0.8.14.patch OS/2 Port
(My port so I can't vote against it, but I do agree that its to late
to add for now.)

+1 29_addtype.0.8.15.patch AddType & co should allow multiple
extensions
+1 30_svr4.0.8.15.patch Many SVR4 systems require a lock
around accept()
+1 31a_include.0.8.15.patch SSI #include file="/foo/bar"
shouldn't work
+1 32a_manpage.0.8.15.patch man page for httpd
+1 33_time.0.8.15.patch Fix bug in time parsing

0 34_htgroup.0.8.15.patch Allow multiple lines in htgroup for
same group
0 34a_htgroup.rst.0.8.15.patch Allow multiple lines in htgroup for
same group
(I like the idea, but unsure about which one.)

+1 35.userdir.0.8.15.patch Fix UserDir in VirtualHost sections


Garey Smiley
SoftLink Services
garey@slink.com
http://www.slink.com/
(216)848-1312 FAX/Data(216)699-4474

> Suggested timetable:
> Deadline for patches: end of Monday 30th October (Europe)

Since it is suggested that we are still accepting patches,
I have included a tiny one that fixes a warning in mod_imap.c.
I thought I had fixed this in the last patch....

+1 36.mod_imap.warning.0.8.15.patch


+1 26_redirect2.0.8.15.patch
+1 27_qnx.0.8.14.patch
-1 28_os2port.0.8.14.patch The changes look clean Garey,
but it should probably wait as you have
pointed out.

+1 29_addtype.0.8.15.patch
+1 30_svr4.0.8.15.patch
-1 31a_include.0.8.15.patch I don't agree with the interpretation of
how this should work. This would break much
of my include usage by not allowing relative
paths, or paths to files anywhere under
DOCUMENTROOT. I agree that it should not have
access to files anywhere on the system.
virtual != relative

+1 32a_manpage.0.8.15.patch
+1 33_time.0.8.15.patch
-1 34_htgroup.0.8.15.patch Too much code

+1 34a_htgroup.rst.0.8.15.patch Haven't actually tested this, but it
does not seem to have broken anything.

+1 35.userdir.0.8.15.patch Fix UserDir in VirtualHost sections

I don't have time to test most of these, which means I should give 0 or -1 to
the ones not tested, but, following the practise of others, I will +1 the ones
I approve of, but indicate which they are in case the vote counter wishes to
discount them.

+1 26_redirect2.0.8.15.patch Fix handling of % in Redirect command
Not tested. I intend to improve os_escape_path to allow this to
use it efficiently instead of escape_uri, but this can stand for now.
+1 27_qnx.0.8.14.patch QNX Port
Tested.
0 28_os2port.0.8.14.patch OS/2 Port
+1 29_addtype.0.8.15.patch AddType & co should allow multiple extensions
Not tested.
+1 30_svr4.0.8.15.patch Many SVR4 systems require a lock around accept()
Not tested (but since it doesn't affect any of my systems it can hardly fail).
0 31a_include.0.8.15.patch SSI #include file="/foo/bar" shouldn't work
I don't know enough to know which of the two (or more) camps is correct.
+1 32a_manpage.0.8.15.patch man page for httpd
How do you test this :->
+1 33_time.0.8.15.patch Fix bug in time parsing
Not tested.
+1 34_htgroup.0.8.15.patch Allow multiple lines in htgroup for same group
Not tested. I prefer this patch, it is more efficient.
0 34a_htgroup.rst.0.8.15.patch Allow multiple lines in htgroup for same group
Not tested.
+1 35.userdir.0.8.15.patch Fix UserDir in VirtualHost sections
Not tested.

We haven't cleared up the server push problem in this round. I don't think it
should be omitted from 1.0. I'm inclined to allow the CGI script to send a
header line disabling buffering. More sophistication can be added later. What
do people think?

Cheers,

Ben.

--
Ben Laurie Phone: +44 (181) 994 6435
Freelance Consultant Fax: +44 (181) 994 6472
and Technical Director Email: ben@algroup.co.uk
A.L. Digital Ltd,
London, England.

> We haven't cleared up the server push problem in this round. I don't think it
> should be omitted from 1.0. I'm inclined to allow the CGI script to send a
> header line disabling buffering. More sophistication can be added later. What
> do people think?

I think this sounds like new functionality, well suited to 1.0.1, but not to
1.0.

> Cheers,
>
> Ben.

Randy wrote:
>-1 31a_include.0.8.15.patch I don't agree with the interpretation of
> how this should work. This would break much
> of my include usage by not allowing relative
> paths, or paths to files anywhere under
> DOCUMENTROOT. I agree that it should not have
> access to files anywhere on the system.
> virtual != relative

Sigh. Can we be absolutely clear about what you are doing?
Since 0.8, you have been using relative and absolute paths in e.g.
<!--#include file="../inc/zzz" --> directives?

The feature you want is ALREADY available using
<!--#include virtual="../inc/zzz" -->

except that currently access to files anywhere on the system IS allowed
by using of the file tag. The patch is a security patch to remove that
loophole. It preserves the relative includes using the virtual tag.

David.