Re: How do I know the character encoding?
--- On Sat, 5/3/08, Nick Kew [EMAIL PROTECTED] wrote: From: Nick Kew [EMAIL PROTECTED] Subject: Re: How do I know the character encoding? To: modules-dev@httpd.apache.org Date: Saturday, May 3, 2008, 5:17 AM In my output filter, I need to parse the document to search for certain patterns. Where can I get the information about the (character) encoding so that I can parse the document correctly? Eg the document may contain unicode characters and are encoded in a special encoding. See http://apache.webthing.com/mod_xml2enc/ If your filter uses libxml2, just use mod_xml2enc alongside it. If not, you can still use the charset detection and transcoding. Thanks Nick! I've never used the modules you mentioned. I will have a look at them. Thanks again! John
Question regarding the use of DBMs
Hello, What is the correct way to fill the dsize field in apr_datum_t? I am not sure whether I should do it like this apr_datum_t d; d.dptr = hello, world; d.dsize = strlen(d.dptr); or like this apr_datum_t d; d.dptr = hello, world; d.dsize = strlen(d.dptr) + 1; Could anyone tell me whether the +1 in the second case is really necessary? Thanks, -- César L. B. Silveira
Re: Question regarding the use of DBMs
On Mon, 5 May 2008 18:04:15 -0300 César Leonardo Blum Silveira [EMAIL PROTECTED] wrote: Hello, What is the correct way to fill the dsize field in apr_datum_t? I am not sure whether I should do it like this apr_datum_t d; d.dptr = hello, world; d.dsize = strlen(d.dptr); or like this apr_datum_t d; d.dptr = hello, world; d.dsize = strlen(d.dptr) + 1; Could anyone tell me whether the +1 in the second case is really necessary? Thanks, hello = +---+---+---+---+---+---+ | h | e | l | l | o | 0 | +---+---+---+---+---+---+ That 0 at the end is the null terminator. It is automatically included in the string literal hello, world. Although you did not explicitly put it there it will still be required during string operations otherwise you will enter overflow. If on the other hand you're just using it as a raw memory (for image data etc) then it's not required, but you're unlikely to use strncpy on this sort of data. strlen will return 5 when you give it the string hello, but if you want to put hello into some memory then you better have 6 bytes of memory ready. -- The DS3 to the Xbox is toast because of All your base are belong to us. Earthlink is being bought by AOL. :: http://www.s5h.net/ :: http://www.s5h.net/gpg.html signature.asc Description: PGP signature
RE: Building trunk on Windows
There is a tutorial: http://www.apachelounge.com/forum/viewtopic.php?t=785 regards Mario -Original Message- From: César Leonardo Blum Silveira [mailto:[EMAIL PROTECTED] Sent: Friday, May 02, 2008 7:32 PM To: dev@httpd.apache.org Subject: Building trunk on Windows Hi all, Is there any documentation regarding how to build httpd-trunk on Windows? Thanks, -- César L. B. Silveira
User/group security without CGI (SuEXEC)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello hackers! I was thinking of creating a more secure environment for running webscripts (mod_php in my case), I want to run php scripts as their owner. I tought of the following scheme's: http://junk.quis.cx/fViKmLRi/apache-user-scheme-p1.png http://junk.quis.cx/bPkxwAbI/apache-user-scheme-p2.png And an setting: ExecutiveUser %n # This should run php scripts as $script-owner ExecutiveUser www-%n # this should run php scripts as www-$scriptowner ExecutiveGroup www ExecutiveGroup www-%n (%n meaning the script-owners username, and eg %u for the script-owners uid) This would (eg) enable me to: [EMAIL PROTECTED]:~# id uid=1000(quis) gid=1000(users) groups=1000(users),1(www-quis) [EMAIL PROTECTED]:~# id www-quis uid=1(www-quis) gid=1(www-quis) groups=1(www-quis) [EMAIL PROTECTED]:~# chown quis:www-quis public_html [EMAIL PROTECTED]:~# chmod 750 public_html So only 'my' apache-runas user can access my scripts. How do you think about this idea ? It does decrease the performance a bit (Workers should parse the request, put it in some shm, Executive should pick it up from the shm and really run the php-script (See the links above for the terms Worker and Executive) But if the option is not specified it is possible to do it 'the old way'. Would it be possible to implement this as an MPM, or MOD ? (I don't know enough (yet) of apache to say that.) If that is possible there is no loss when it is disabled. - -- Jille Timmermans Ps Feel free to shoot me or my idea, or give suggestions for improving it. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkge7vAACgkQacI4LQTe9EXNlACfdvZODF399uuwaDFJrUoTISOO dAcAmQFnPinNwCrpCnUVvxu20wwFmybo =Y2CY -END PGP SIGNATURE-
Re: Apache response time
2008/5/4 Niko Wilfritz Sianipar Sianipar [EMAIL PROTECTED]: How to get the response time in the apache log file in msec. Thank you. %D in the logformat string gives you microseconds. Joshua.
dtrace probes for 2.2.x
Theo just announced dtrace probes for httpd: http://www.opensolaris.org/jive/thread.jspa?threadID=59306tstart=0 I wouldn't mind seeing those (or something similar) make it into trunk. vh Mads Toftum -- http://soulfood.dk
Re: dtrace probes for 2.2.x
Mads Toftum wrote: Theo just announced dtrace probes for httpd: http://www.opensolaris.org/jive/thread.jspa?threadID=59306tstart=0 I wouldn't mind seeing those (or something similar) make it into trunk. +1, this would be very nice. I'd be happy to help shepherd it in. I believe we would need to get a CLA from Theo or OmniIT (don't think it would be a problem if we asked nicely :P) At the very least, they would need to submit it as a .patch to this list, saying that we can use it. -Paul
[PATCH] DTrace probes patch.
Hello all, The probes can really give a different perspective on production environments. The patch has some nastiness to it that I'm sure people would want to strategize on cleaning up. The main issue being that Apache is constructed from a bunch of static apr/libtool built libraries. DTrace doesn't work on archives. So, I've got some bloody knuckles from bending the build system to keep things as normal ELF objects. I had a first good step... and then a red herring issue that I worked through with the DTrace team led me to a much less-elegant way of building. I could revert to the original process (ld -r -o the objects into library-esque packages) as DTrace can work on those. The probes are neatly defined and placed, but the patches to the build system are gruesome. The apr-util patch to the apr_hooks.h is simple and affords some nice probability for future probe uses. Docs on these probes are available here: https://labs.omniti.com/trac/project-dtrace/wiki/ Applications#Apache2.2.x I'm not on this list -- Cc me on pertinent responses please. Best regards, Theo -- Theo Schlossnagle Esoteric Curio -- http://lethargy.org/ OmniTI Computer Consulting, Inc. -- http://omniti.com/ apache-2.2.x-probes-p1.patch Description: Binary data apr-util-hook-probes.patch Description: Binary data
Re: dtrace probes for 2.2.x
On Mon, May 5, 2008 at 8:31 PM, Paul Querna [EMAIL PROTECTED] wrote: Mads Toftum wrote: Theo just announced dtrace probes for httpd: http://www.opensolaris.org/jive/thread.jspa?threadID=59306tstart=0 I wouldn't mind seeing those (or something similar) make it into trunk. +1, this would be very nice. I'd be happy to help shepherd it in. I believe we would need to get a CLA from Theo or OmniIT (don't think it would be a problem if we asked nicely :P) At the very least, they would need to submit it as a .patch to this list, saying that we can use it. Well, there you have it :) Cheers, Sander
Re: User/group security without CGI (SuEXEC)
2008/5/5 Jille Timmermans [EMAIL PROTECTED]: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello hackers! I was thinking of creating a more secure environment for running webscripts (mod_php in my case), I want to run php scripts as their owner. I tought of the following scheme's: http://junk.quis.cx/fViKmLRi/apache-user-scheme-p1.png http://junk.quis.cx/bPkxwAbI/apache-user-scheme-p2.png And an setting: ExecutiveUser %n # This should run php scripts as $script-owner ExecutiveUser www-%n # this should run php scripts as www-$scriptowner ExecutiveGroup www ExecutiveGroup www-%n (%n meaning the script-owners username, and eg %u for the script-owners uid) This would (eg) enable me to: [EMAIL PROTECTED]:~# id uid=1000(quis) gid=1000(users) groups=1000(users),1(www-quis) [EMAIL PROTECTED]:~# id www-quis uid=1(www-quis) gid=1(www-quis) groups=1(www-quis) [EMAIL PROTECTED]:~# chown quis:www-quis public_html [EMAIL PROTECTED]:~# chmod 750 public_html So only 'my' apache-runas user can access my scripts. How do you think about this idea ? It does decrease the performance a bit (Workers should parse the request, put it in some shm, Executive should pick it up from the shm and really run the php-script (See the links above for the terms Worker and Executive) But if the option is not specified it is possible to do it 'the old way'. Would it be possible to implement this as an MPM, or MOD ? (I don't know enough (yet) of apache to say that.) If that is possible there is no loss when it is disabled. take a look at peruser (http://www.telana.com/peruser.php) It supports ssl, keep-alive, chroot and chuid per vhost in simple configurations it seems to work out of the box with some quirks 1) graceful segfaults (apache continues to work) 2) on machines with multiple processors it hangs badly on gaceful restarts 3) some minor issues with ssl cache last week, I think I ironed out 1 2 graceful's work flawlessly on a busy webserwer (2xdc opteron) (around 300 diferent users with many more vhosts). Sadly support list for peruser seems to be dead and latest patch is based on 2.2.3. I fixed 2 race conditions, added limited support for ssl for NamevirtualHosts and did some minor patches. All without answer so i guess peruser isn't in active development anymore. There is still an memory leak to plug, maybe my patches did some wrong but for now it's not a big headache. Peruser now for me is quite usable, i have some ideas to improve it. I will do it anyway because i need it for my work. Somebody told me to fork it, but will anyone care ? -- Michal Grzedzicki
