From: William A. Rowe Jr Date: Mon, 9 Jan 2017 16:12:53 +0000 (+0000) Subject: Upvote and promote 3 patches, note one being-worked, as yet unworkable backport X-Git-Tag: 2.4.26~384 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02176b04f795271899ce68889e828657442a15b9;p=thirdparty%2Fapache%2Fhttpd.git Upvote and promote 3 patches, note one being-worked, as yet unworkable backport git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1778004 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index 20fd38ebb63..3674ec2ce9d 100644 --- a/STATUS +++ b/STATUS @@ -119,6 +119,24 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] + *) util_fcgi: Fix crash with empty-valued envvars. PR60275 + trunk patch: http://svn.apache.org/r1775487. + 2.4.x patch: trunk works + +1 covener, jim, wrowe + + *) mod_auth_digest: Reduce severity from NOTICE to DEBUG this + once-per-restart msg (I guess the concern was that the RNG + could block after this message) + AH01757: generating secret for digest authentication ... + trunk patch: This was fixed in trunk as a trivial part of http://svn.apache.org/r1492395 + 2.4.x patch: Just change the loglevel to DEBUG. + +1: covener, jim, wrowe + + *) http: allow folding in check_headers(), still compliant with RFC 7230 (3.2.4). + trunk patch: http://svn.apache.org/r1777460 + http://svn.apache.org/r1777672 + 2.4.x patch: trunk works + +1: ylavic, covener, wrowe PATCHES PROPOSED TO BACKPORT FROM TRUNK: @@ -142,11 +160,6 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: 2.4.x patch: trunk works +1: ylavic, jim - *) util_fcgi: Fix crash with empty-valued envvars. PR60275 - trunk patch: http://svn.apache.org/r1775487. - 2.4.x patch: trunk works - +1 covener, jim - *) mod_proxy_fcgi: Return HTTP 504 rather than 503 in case of proxy timeout. trunk patch: http://svn.apache.org/r1775858 2.4 patch: trunk works (modulo CHANGES) @@ -162,27 +175,12 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: http://people.apache.org/~druggeri/patches/RemoteIPProxyProtocol.2.4.x.patch +1: druggeri, jim - *) mod_auth_digest: Reduce severity from NOTICE to DEBUG this - once-per-restart msg (I guess the concern was that the RNG - could block after this message) - - AH01757: generating secret for digest authentication ... - - trunk patch: This was fixed in trunk as a trivial part of http://svn.apache.org/r1492395 - 2.4.x patch: Just change the loglevel to DEBUG. - +1: covener, jim - *) mod_filter: AddOutputFilterByType should use underlying filters type, not just AP_FTYPE_CONTENT_SET. PR58856 trunk patch: http://svn.apache.org/r1726705 2.4.x patch: trunk works +1: covener, jim - *) http: allow folding in check_headers(), still compliant with RFC 7230 (3.2.4). - trunk patch: http://svn.apache.org/r1777460 - http://svn.apache.org/r1777672 - 2.4.x patch: trunk works - +1: ylavic, covener PATCHES/ISSUES THAT ARE BEING WORKED [ New entried should be added at the START of the list ] @@ -275,6 +273,27 @@ PATCHES/ISSUES THAT ARE BEING WORKED (& also, making the structure change with apr-util version means it breaks binary compat across an apr-util upgrade?) + * Support PCRE2 (10.x) in place of PCRE (8.x). + Submitted by: wrowe, Petr Pisar [ppisar redhat.com] + trunk patches: + http://svn.apache.org/r1773454 + http://svn.apache.org/r1773741 + http://svn.apache.org/r1773742 + http://svn.apache.org/r1773839 + http://svn.apache.org/r1773870 + http://svn.apache.org/r1773882 + wrowe notes that the current code is too inefficient, owing to the fact + that the ovector is a required allocation and is no longer allocated on + the stack, by design. The correct fix is an apr userdata allocation on + the appropriate pool, which would be thread-safe, but the actual API of + ap_regexec[_len]() offers us no pool. We cannot associate that pool with + the ap_regex_t, because a single regex may be used by many threads in + parallel and is not thread-safe beyond initialization. + So the only fix allowing us to use PCRE 10 in httpd 2.4 would be to write + this as a thread safe storage buffer for the majority of cases (<10 $args) + and we don't have a portable tls mechanism to do so. + + PATCHES/ISSUES THAT ARE STALLED * core: Add ap_errorlog_provider to make ErrorLog logging modular. This