Re: [peruser] peruser coredump patch

Lazy Fri, 15 Feb 2008 02:28:19 -0800

2008/2/15, Sean Gabriel Heacock <[EMAIL PROTECTED]>:
>  On Thu, 2008-02-14 at 12:38 +0100, Lazy wrote:
>  > from my testing i think it crashes when there are no file descriptors left,
>  > after that the serwer is in unresponsive state
>
>
> Well that would do it.  Have you tried raising FD_SETSIZE?  On linux
>  it's defined in /usr/include/linux/posix_types.h and is 1024 by default.
>  If it's still set that low, raise it to something like 8194 and
>  recompile apache and peruser.
>
>  You can also run "ulimit -n 8192" from apachectl or an init script, but
>  I believe you can't set a higher limit than is defined by FD_SETSIZE.
>
>  I wonder... maybe we can redefine FD_SETSIZE inside mpm.h?  I hate
>  making changes to core include files like posix_types.h, since it just
>  gets wiped out next time I upgrade glibc.
it alredy is 4096, i gues we will raise it to 8196 but still it would
be nicer if apache would restart in that case


Please let me exploit your aperance further :), please have a look at
these patches,
any pointers how to improve them ?

peruser-missing-processor.patch:
logs and adds processor based on serverenviroment if a Processor is missing

peruser-ssl-vhosts.patch:
dirty hack to enable use of multiple vhosts for ssl enabled host port
pair if all of them use same serverenviroment and ssl cert,
without this ssl enabled namebasedvirtualhosts don't work

Thanks for your time

-- 
Michal Grzedzicki

diff -ru httpd-2.0.61/server/mpm/experimental/peruser/peruser.c httpd-2.0.61-peruser-lazy/server/mpm/experimental/peruser/peruser.c
--- httpd-2.0.61/server/mpm/experimental/peruser/peruser.c	2008-02-15 10:56:25.516057058 +0100
+++ httpd-2.0.61-peruser-lazy/server/mpm/experimental/peruser/peruser.c	2008-02-15 11:11:13.595554264 +0100
@@ -2969,6 +2969,8 @@
 static const char* cf_ServerEnvironment(cmd_parms *cmd, void *dummy,
     const char *user_name, const char *group_name, const char *chroot)
 {
+    int found=0,i;
+    server_env_t *senv;
     int uid = ap_uname2id(user_name);
     int gid = ap_gname2id(group_name);
     peruser_server_conf *sconf = PERUSER_SERVER_CONF(cmd->server->module_config);
@@ -2983,6 +2985,26 @@
     _DBG("user=%s:%d group=%s:%d chroot=%s numchilds=%d",
         user_name, uid, group_name, gid, chroot, NUM_CHILDS);
 
+    for(i = 0; i < NUM_CHILDS; i++) {
+      senv = CHILD_INFO_TABLE[i].senv;
+      if(CHILD_INFO_TABLE[i].type==CHILD_TYPE_PROCESSOR && senv->uid == uid && senv->gid == gid)
+	if(chroot==NULL && senv->chroot==NULL) {
+	  found=1;
+	  break;
+	}else {
+	  if(strcmp(senv->chroot,chroot)==0) {
+	    found=1;
+	    break;
+	  }
+	}
+    }
+ 
+    if(!found) {
+      ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, "Processor directive missing for user=%s group=%s chroot=%s, fixed.", user_name, group_name, chroot, NUM_CHILDS);
+      //check for errors ?
+      child_add(CHILD_TYPE_PROCESSOR, CHILD_STATUS_STANDBY, cmd->pool, uid, gid, chroot);
+    }
+
     return NULL;
 }

diff -ru httpd-2.0.61/server/mpm/experimental/peruser/peruser.c httpd-2.0.61-peruser-lazy/server/mpm/experimental/peruser/peruser.c
--- httpd-2.0.61/server/mpm/experimental/peruser/peruser.c	2008-02-15 10:56:25.516057058 +0100
+++ httpd-2.0.61-peruser-lazy/server/mpm/experimental/peruser/peruser.c	2008-02-15 11:19:33.788877740 +0100
@@ -216,6 +216,33 @@
 static int mpm_state = AP_MPMQ_STARTING;
 static ap_pod_t *pod;
 
+
+
+/* === ssl configuration === */
+#define SSL_VIRTUALHOST_HACK
+
+#ifdef SSL_VIRTUALHOST_HACK
+
+//taken form mod_ssl.h, used for detecting if some vhost has ssl enabled
+//we only use enabled so other pointers are casted to void
+typedef struct {
+  void            *mc;
+  unsigned int     enabled;
+  unsigned int     proxy_enabled;
+  const char      *vhost_id;
+  int              vhost_id_len;
+  int              session_cache_timeout;
+  void            *server;
+  void            *proxy;
+} SSLSrvConfigRec;
+
+
+extern module AP_MODULE_DECLARE_DATA ssl_module;
+
+static SSLSrvConfigRec *ssl_config;
+
+#endif
+
 /* === configuration stuff === */
 
 typedef struct
@@ -966,7 +993,20 @@
 		    current_conn->vhost_lookup_data ? "on" : "off");
     }
 
-    if (current_conn && !current_conn->vhost_lookup_data && CHILD_INFO_TABLE[my_child_num].type == CHILD_TYPE_MULTIPLEXER) {
+
+
+#ifdef SSL_VIRTUALHOST_HACK
+    //check for ssl configuration for this server
+    //this will probably brake if there is no mod_ssl
+    ssl_config = (SSLSrvConfigRec *)ap_get_module_config(current_conn->base_server->module_config, &ssl_module);
+
+    //pass socket if there is no NameVirtualhost or ssl is enabled on this server
+    if (current_conn && (!current_conn->vhost_lookup_data || ssl_config?ssl_config->enabled:0 ) && \
+	CHILD_INFO_TABLE[my_child_num].type == CHILD_TYPE_MULTIPLEXER) {
+#else
+    if (current_conn && !current_conn->vhost_lookup_data && CHILD_INFO_TABLE[my_child_num].type == \
+	CHILD_TYPE_MULTIPLEXER) {
+#endif
     	_DBG("We are not using name based vhosts, we'll directly pass the socket.");
 	
 	sconf = PERUSER_SERVER_CONF(current_conn->base_server->module_config);

_______________________________________________
Peruser mailing list
[email protected]
http://www.telana.com/mailman/listinfo/peruser

Re: [peruser] peruser coredump patch

Reply via email to