"Andrew C. Wong" wrote:
> I found this same problem being mentioned by Steve Hay
> in Auguest. But the hack doesn't work for me.
>
> My guess is that when running as an NT service, there
> is not stdin/stdout/stderr assoicated with the process
> (correct me if I am wrong.) So dup/dup2 redirection
> failed to work and thus ssl_util_readfilter().
>
> Any idea of how I might get it to work?
Hi,
I've been looking at this again recently myself with 2.7.1/1.3.14 since my
previous hack (which did work on 2.6.6/1.3.12) no longer works.
I posted the (probably dreadful) hack which I was doing to this list on
Thu, 10 Aug 2000 11:14:06 +0100. It involved a patch first suggested by
Kirk Benson to get SSLPassPhraseDialog working for Apache started as a
Console App, plus a bit more for Apache starting as a Service.
Poking around in the latest Apache 1.3.15-dev code I've found that a
change has been made in the area of Kirk Benson's original patch which
effectively renders that patch redundant (i.e. the SSLPassphraseDialog now
works for Apache started as a Console App with some 1.3.15-dev changes
instead of Kirk Benson's change), but my further hacking to get it to run
as a Service does appear to still be needed.
Almost certainly my hacking for the Service case should be replaced by a
change similar to that in 1.3.15-dev for the Console case, but in the
meantime I've found that the following modification to
src\main\http_main.c allows me to run both as a Console App and as a
Service with SSLPassPhraseDialog:-
(http_main.c.orig is the Apache 1.3.14 source file AFTER applying the
mod_ssl patches with configure.bat
http_main.c is my changes to that file)
--- http_main.c.orig Tue Nov 21 14:19:51 2000
+++ http_main.c Tue Nov 21 17:29:02 2000
@@ -6275,6 +6275,8 @@
HANDLE hPipeRead = NULL;
HANDLE hPipeWrite = NULL;
HANDLE hPipeWriteDup;
+ HANDLE hNullOutput = NULL;
+ HANDLE hNullError = NULL;
HANDLE hCurrentProcess;
SECURITY_ATTRIBUTES sa = {0};
@@ -6324,6 +6326,26 @@
return -1;
}
+ /* Open a null handle to soak info from the child */
+ hNullOutput = CreateFile("nul", GENERIC_READ | GENERIC_WRITE,
+ FILE_SHARE_READ | FILE_SHARE_WRITE,
+ &sa, OPEN_EXISTING, 0, NULL);
+ if (hNullOutput == INVALID_HANDLE_VALUE) {
+ ap_log_error(APLOG_MARK, APLOG_WIN32ERROR | APLOG_CRIT,
server_conf,
+ "Parent: Unable to create null output pipe for child
proce
ss.\n");
+ return -1;
+ }
+
+ /* Open a null handle to soak info from the child */
+ hNullError = CreateFile("nul", GENERIC_READ | GENERIC_WRITE,
+ FILE_SHARE_READ | FILE_SHARE_WRITE,
+ &sa, OPEN_EXISTING, 0, NULL);
+ if (hNullError == INVALID_HANDLE_VALUE) {
+ ap_log_error(APLOG_MARK, APLOG_WIN32ERROR | APLOG_CRIT,
server_conf,
+ "Parent: Unable to create null error pipe for child
proces
s.\n");
+ return -1;
+ }
+
hCurrentProcess = GetCurrentProcess();
if (DuplicateHandle(hCurrentProcess, hPipeWrite, hCurrentProcess,
&hPipeWriteDup, 0, FALSE, DUPLICATE_SAME_ACCESS))
@@ -6338,9 +6360,11 @@
memset(&si, 0, sizeof(si));
memset(&pi, 0, sizeof(pi));
si.cb = sizeof(si);
- si.dwFlags = STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES;
+ si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
si.wShowWindow = SW_HIDE;
si.hStdInput = hPipeRead;
+ si.hStdOutput = hNullOutput;
+ si.hStdError = hNullError;
if (!CreateProcess(NULL, pCommand, NULL, NULL,
TRUE, /* Inherit handles */
@@ -6355,6 +6379,10 @@
*/
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
+ CloseHandle(hPipeRead);
+ CloseHandle(hPipeWrite);
+ CloseHandle(hNullOutput);
+ CloseHandle(hNullError);
return -1;
}
@@ -6401,6 +6429,8 @@
}
CloseHandle(hPipeRead);
CloseHandle(hPipeWrite);
+ CloseHandle(hNullOutput);
+ CloseHandle(hNullError);
return 0;
}
@@ -6521,7 +6551,9 @@
ap_clear_pool(plog);
ap_open_logs(server_conf, plog);
ap_set_version();
+#ifndef WIN32
ap_init_modules(pconf, server_conf);
+#endif
version_locked++;
service_set_status(SERVICE_START_PENDING);
/* Create child processes */
@@ -6726,6 +6758,17 @@
set_group_privs();
}
+#ifdef WIN32
+void post_parse_init2()
+{
+ ap_set_version();
+ ap_suexec_enabled = init_suexec();
+ version_locked++;
+ ap_open_logs(server_conf, plog);
+ set_group_privs();
+}
+#endif
+
int service_init()
{
common_init();
@@ -6738,7 +6781,11 @@
ap_setup_prelinked_modules();
server_conf = ap_read_config(pconf, ptrans, ap_server_confname);
ap_log_pid(pconf, ap_pid_fname);
+#ifdef WIN32
+ post_parse_init2();
+#else
post_parse_init();
+#endif
return TRUE;
}
Even more changes to seem to be afoot in the 1.3.15-dev code stream
involving a lot of work on src\os\win32\service.[ch], so hopefully the
need for my hopeless hacking will go away and 1.3.15 (or whatever the next
release of Apache eventually is) will work.
Hope this helps,
Steve Hay
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
