Re: [AOLSERVER] Binding to port 80
Or here I am with a better fix rather than changing the semantics of an existing function (what was I thinking!?). Still using Dobby's patch, change the way the timeout is set from timeout.sec = 10; timeout.usec = 0; to Ns_GetTime(timeout); timeout.sec += 10; rob Rob Crittenden wrote: It's failing because the timeout isn't setup properly. The timeout value to pthread_cond_timedwait() is based on an absolute time, not a relative time. So I guess the right thing to do is modify Ns_CondTimedWait() to fetch the local time and add the timeout to that. I was able to duplicate the problem myself and this patch resolves it. I guess the next step is to add a configuration option for the time to wait. Either that or use a simple CondWait() instead. This along with Dossy's patch fixes it for me: Index: pthread.c === RCS file: /cvsroot/aolserver/aolserver/nsthread/pthread.c,v retrieving revision 1.4 diff -u -r1.4 pthread.c --- pthread.c 7 Mar 2003 18:08:52 - 1.4 +++ pthread.c 23 Feb 2004 16:11:48 - @@ -641,19 +641,22 @@ { int err, status = NS_ERROR; struct timespec ts; +struct timeval now; if (timePtr == NULL) { Ns_CondWait(cond, mutex); return NS_OK; } +gettimeofday(now, NULL); + /* * Convert the microsecond-based Ns_Time to a nanosecond-based * struct timespec. */ -ts.tv_sec = timePtr-sec; -ts.tv_nsec = timePtr-usec * 1000; +ts.tv_sec = now.tv_sec + timePtr-sec; +ts.tv_nsec = now.tv_sec + timePtr-usec * 1000; /* * As documented on Linux, pthread_cond_timedwait may return Dossy wrote: On 2004.02.23, Taguchi Takeshi [EMAIL PROTECTED] wrote: New error occurs. [23/Feb/2004:15:13:51][84562.134557696][-main-] Notice: driver: starting: nssock nsthreads: pthread_cond_timedwait failed in Ns_CondTimedWait: Operation not permitted Abort I think error codes for pthread_cond_timedwait(3) are only EINVAL, and ETIMEDOUT. But it's seem EPERM. Does this function require root priv??? No, I'm guessing it doesn't like it if you haven't grabbed the mutex first -- that's probably why it's giving EPERM. Maybe I'm just too tired to think clearly, but this code doesn't make sense. Aren't mutexes in AOLserver, well, mutually exclusive -- only one thread can acquire the mutex at a time? If that's the case, then if the thread which executes the code that waits for the other thread to set a boolean does this by grabbing the mutex *first* then doing a timed condwait, but the other thread that's supposed to set the boolean also attempts to grab the mutex then send a condbroadcast ... well, it'll never get to set the boolean and condbroadcast until the first thread unlocks the mutex, which it won't do until the condwait times out ... Obviously, I must be understanding mutex behavior wrong, because if I'm right, things like NsWaitDriversShutdown() will also hang until timeout in some cases -- which may explain why every few times I ns_shutdown my 4.1 nsd's, it hangs. Hmm. Need to put more thought into this today. Maybe someone else will speak up and solve the problem in the meantime ... -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] tdom question
Dossy wrote: - if so, how can I get around it (and who desires it??) :) xsl:include href=../poi_list.xsl/ ? Really? Can you include relative files like this? rob -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] tdom question
Dossy wrote: On 2004.03.05, Rob Crittenden [EMAIL PROTECTED] wrote: Dossy wrote: xsl:include href=../poi_list.xsl/ Really? Can you include relative files like this? According to Ross, no, not in tDOM's XSLT processor, at least. However, the XSLT spec. doesn't forbid it, and one would think it ought to work. At least, I do. Sorry, poor wording on my part. Should any webserver allow including via relative directories like this? What is to prevent an xslt from including ../../../etc/passwd? Or is there an explicit limitation to the document root? rob -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] Generating UUID/GUIDs
E-tags generated in Apache and Netscape Enterprise Server (and at this point probably SunONE) are based on things like inode #, file size and mtime. rob Dave Bauer wrote: I'd like to try to comform to the WebDAV specification for this, but that is handy to have a simple way to produce a similar result. That is, one application of this would be to generate valid WebDAV lock tokens. It also seems that HTTP e-tags also use the same type of GUID. Dave Scott Goodwin wrote: Mac OS X also comes with uuidgen, which probably means the other BSDs do as well. The code seems straightforward enough to turn it into a loadable module. I'm using a simple random sequence of characters as a session id for visitors: set chars abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 set chars_len [string length $chars] set uid for { set i 0 } { $i 64 } { incr i } { append uid [string index $chars [expr int($chars_len * rand())]] } I think I stole this from Dossy's nssession module; it should suffice for uniquely identifying a session over a reasonable period of time. If this isn't fast enough, you can always pre-generate a bunch of them and stick them in an nsv. /s. On Mar 25, 2004, at 3:40 PM, Dave Bauer wrote: Has anyone had the need to generate UUID/GUIDs as described here http://hegel.ittc.ukans.edu/topics/internet/internet-drafts/draft-l/ draft-leach-uuids-guids-01.txt One option is to use the uuidgen program that is installed on linux at least. I am not sure that would always be available. Are there any other options for AOLserver or Tcl? Dave -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] maxkeepalive in 4.01
Gustaf Neumann wrote: we use pound as a reverse proxy, which handles all incoming SSL connection and feeds currently two backend servers via plain http. This works very well, today we had more the 3mio SSL requests on our system. I'm confused. In your first message it seemed like AOLserver was handling the SSL connection, now it isn't? How is this an issue with AOLserver if you have a proxy handling the SSL connection? Looking at the sources, keepalivetimeout is the correct parameter for AOLserver 4.x -- setting this to 0 disables keepalive entirely. right. i just wanted to hint that maxkeepalive - which worked for the same purpose in 3.* - is in current 4.x versions more or less a noop. I think you're right. The value is set but never used. To disable keepalives in 4.x set keepalivetimeout to 0. rob -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] How to get request values with C API
Well, these CGI variables are only set when you execute a CGI. Perhaps the easiest thing to do is look at the nscgi code and of these values that are set, mirror the way that they are set in nscgi. There are some better/worse ways to get them, such as using Ns_ConnGetQuery() instead of conn-request-query. It is probably best, IMHO, to call these functions instead of fetching them directly from the conn structure. The functions are unlikely to change, you never know about structures. AOLserver doesn't set all of these variables either (like SERVER_ADMIN). Others like SERVER_PORT have Ns_Conn* functions. I echo Dossy's suggestion, look at aolserver/nsd/conn.c. It shouldn't be too hard to figure out which functions to call to get what you need. The documention is woefully out of date, so that may not be too much help, the code is definitive. rob Dave Kuhlman wrote: I'm writing a function to handle certain requests. I've registered this function with Ns_RegisterRequest(). My module loads and my function is called to process requests. So I'm doing good so far. But there is some information I can't get my hands on. I've looked lots of the AOLserver C API documentation, but have not found much about this. I need to be able, from my registered function, to retrieve things like the script name/path, the remote (client) address, etc. So, is there some documentation somewhere on how to get the value corresponding to the following CGI variables? I've put a note next to the ones that I've figured out: SERVER_SOFTWARE SERVER_PROTOCOL SERVER_NAME -- Ns_ConnServer() SERVER_ADMIN SERVER_ADDR SERVER_PORT REMOTE_ADDR REMOTE_PORT -- Ns_ConnPort() REMOTE_USER -- Ns_ConnAuthUser() ? REQUEST_METHOD REQUEST_URI -- Ns_ConnLocation() returns the base URL, but not the whole URI. QUERY_STRING -- Ns_ConnGetQuery() SCRIPT_NAME PATH_INFO HTTP_USER_AGENT HTTP_COOKIE HTTPS CONTENT_TYPE DOCUMENT_ROOT HTTP_ACCEPT HTTP_REFERER In particular, I need the SCRIPT_NAME. For example, if the request is: http://www.myhost.com/xxx/yyy/zzz then I need to be able to retrieve /xxx/yyy/zzz. And, since I did *not* use flag NS_OP_NOINHERIT when I called Ns_RegisterRequest(), I don't know what that is. I did a test, and found that these are *not* available as environment variables when my registered C function is called. Is there a struct somewhere that contains some of these items? I've read the C examples (at http://aolserver.com/docs/devel/c/c-examples.html). But, none of them seem to show any awareness of the client, the request, etc. I've been able to find a few, but can't find the rest. Is there a document somewhere about this. It'd be great if there were a document on how to convert a CGI application written in C into an AOLserver loadable module with a registered function. One additional question -- Many functions return a char *. Am I correct that these return a pointer to a const char *? So I do not need to free these, right? Thanks for help and pointers. Dave -- Dave Kuhlman [EMAIL PROTECTED] http://www.rexx.com/~dkuhlman -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] Problem compiling aolserver on Solaris 9
Try: % export CC=gcc % make clean all rob Trenton Cameron wrote: Aolserver is not compiling for me on solaris 9. The make and install of tcl8.4.5 ran just fine. I am not getting an error message that I know how to interpet. I am getting the source for Aolserver 4.0r3. The ouput from my ./configure and make follow bash-2.05# ./configure --with-threads=/usr/local/lib loading cache ./config.cache checking for Tcl configuration... (cached) found /usr/local/lib/tclConfig.sh checking for existence of /usr/local/lib/tclConfig.sh... loading checking for build with symbols... no checking for timegm... (cached) no checking for fork1... (cached) no checking for poll... (cached) no checking for drand48... (cached) no checking for random... (cached) no checking for _NSGetEnviron... (cached) no checking how to run the C preprocessor... (cached) cc -E checking for mach-o/dyld.h... (cached) yes checking for dl.h... (cached) yes checking need for dup high... no checking msg_controllen in struct msghdr... no checking how to build server image... shared creating ./config.status creating include/Makefile.global creating include/Makefile.module bash-2.05# make make[1]: Entering directory `/usr/local/src/aolserver/aolserver/nsthread' make[1]: Nothing to be done for `all'. make[1]: Leaving directory `/usr/local/src/aolserver/aolserver/nsthread' make[1]: Entering directory `/usr/local/src/aolserver/aolserver/nsd' gcc -pipe -O -Wall -Wconversion -Wno-implicit-int -fPIC -I../include -I/usr/local/include -DNO_CONST -DHAVE_UNISTD_H=1 -DHAVE_LIMITS_H=1 -DTCL_THREADS=1 -DUSE_THREAD_ALLOC=1 -D_REENTRANT=1 -D_THREAD_SAFE=1 -DHAVE_PTHREAD_ATTR_SETSTACKSIZE=1 -DHAVE_READDIR_R=1 -DTCL_WIDE_INT_TYPE=long\ long -DHAVE_STRUCT_DIRENT64=1 -DHAVE_STRUCT_STAT64=1 -DHAVE_TYPE_OFF64_T=1 -DWORDS_BIGENDIAN=1 -DHAVE_GETCWD=1 -DHAVE_OPENDIR=1 -DHAVE_STRSTR=1 -DHAVE_STRTOL=1 -DHAVE_STRTOLL=1 -DHAVE_STRTOULL=1 -DHAVE_TMPNAM=1 -DHAVE_WAITPID=1 -DHAVE_UNISTD_H=1 -DHAVE_SYS_PARAM_H=1 -DUSE_TERMIOS=1 -DHAVE_SYS_TIME_H=1 -DTIME_WITH_SYS_TIME=1 -DHAVE_TZNAME=1 -DHAVE_GMTIME_R=1 -DHAVE_LOCALTIME_R=1 -DHAVE_TIMEZONE_VAR=1 -DHAVE_ST_BLKSIZE=1 -Dstrtod=fixstrtod -DSTDC_HEADERS=1 -DNO_UNION_WAIT=1 -DHAVE_SIGNED_CHAR=1 -DHAVE_LANGINFO=1 -D_REENTRANT=1 -D_POSIX_PTHREAD_SEMANTICS=1 -DHAVE_SYS_IOCTL_H=1 -DHAVE_SYS_FILIO_H=1 -DUSE_DYLD=1 -DUSE_DLSHL=1 -DNsdInit=_init -c -o adpcmds.o adpcmds.c In file included from adpcmds.c:38: nsd.h:67: warning: `POLLIN' redefined /usr/include/sys/poll.h:37: warning: this is the location of the previous definition nsd.h:68: warning: `POLLOUT' redefined /usr/include/sys/poll.h:39: warning: this is the location of the previous definition nsd.h:69: warning: `POLLPRI' redefined /usr/include/sys/poll.h:38: warning: this is the location of the previous definition In file included from adpcmds.c:38: nsd.h:70: redefinition of `struct pollfd' adpcmds.c:36: warning: `RCSID' defined but not used make[1]: *** [adpcmds.o] Error 1 make[1]: Leaving directory `/usr/local/src/aolserver/aolserver/nsd' make: *** [all] Error 1 I am not really sure where to go from here any help would be appreciated. Thanks -Trenton Cameron -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] nsopenssl: permission denied
This could be the prebound/timing issue that Dossy fixed earlier this year with his NsWaitDriversStartup() fix in the cvs tip. I've attached a patch that backports this fix if you want to try it. I didn't really test this so YMMV. This is diff'ed against AS 4.0.3. rob Bart Teeuwisse wrote: On Mon, 3 May 2004 15:32:24 -0400, Scott Goodwin [EMAIL PROTECTED] wrote: It's not a threading issue. AOLserver 4.x opens the listen sockets for all comm modules including nsopenssl, and the error message is coming from the DriverThread function in nsd/driver.c when it attempts to start listening on the port. The reason it says nsopenssl is, well, because that's the name of the thread). I trust the error message because it's coming from the OS; the driver code is very straightforward. So my guess is that you really aren't root at start time. I am most certainly root. Post the OS make, model and version (my guess is you're using Solaris), Redhat 7.1 on x486 the command line that you use to start the server #! /bin/sh export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib:/usr/local/ssl/lib exec /usr/local/aolserver/bin/nsd -it /etc/aolserver/7-sisters.com.tcl -B /etc/aolserver/7-sisters.com.bnd -u nsadmin -g web where 7-sisters.com.bnd contains: 192.168.1.2:80 192.168.1.2:443 and your nsd.tcl file with any sensitive stuff removed. ns_log notice nsd.tcl: starting to read config file... set httpport 80 set httpsport 443 set hostname www.7-sisters.com set address 192.168.1.2 set homedir /usr/local/aolserver set bindir ${homedir}/bin set logdir /var/log/aolserver set rundir /var/run/aolserver if [file isdirectory $homedir/servers/7-sisters.com] { set server 7-sisters.com set servername ${hostname} server set pageroot /web/${server}/www } set directoryfile index.adp,index.tcl,index.php,index.html,index.htm set sslkeyfile ${homedir}/servers/${server}/modules/nsopenssl/www.7-sisters.com.key set sslcertfile ${homedir}/servers/${server}/modules/nsopenssl/www.7-sisters.com.crt ns_section ns/parameters ns_param User nsadmin ns_param Group nsadmin ns_param home $homedir ns_param pidfile $rundir/nsd.pid ns_param debugfalse ns_param MailHost mail.7-sisters.com ns_param ServerLog${logdir}/${server}-error.log ns_param LogRoll on ns_param MaxBackup 9 ns_section ns/threads ns_param mutexmeter true ;# measure lock contention ns_param stacksize [expr 256*1024] ;# Per-thread stack size for hungry C modules. Increased to 256 for PHP. ns_section ns/servers ns_param $server $servername ns_section ns/server/${server} ns_param directoryfile$directoryfile ns_param pageroot $pageroot ns_param globalstats false ;# Enable built-in statistics ns_param urlstats false ;# Enable URL statistics ns_param maxurlstats 1000 ;# Max number of URL's to do stats on ns_param enabletclpages true ;# Parse tcl files in # pageroot (dangerous) ns_param maxthreads 5 ns_param minthreads 5 ns_section ns/server/${server}/module/nssock ns_param port $httpport ns_param hostname $hostname ns_param address $address ns_section ns/server/${server}/module/nsopenssl/sslcontexts ns_param ${server}_ctx SSL context for regular user access ns_param ${server}_client_ctx SSL context for outgoing script socket connections ns_section ns/server/${server}/module/nsopenssl/defaults ns_param server ${server}_ctx ns_param client ${server}_client_ctx ns_section ns/server/${server}/module/nsopenssl/sslcontext/${server}_ctx ns_param Role server ns_param CertFile ${sslcertfile} ns_param KeyFile ${sslkeyfile} ns_param CADir ca ns_param CAFile ca/freesslca.crt ns_param ModuleDir ${homedir}/servers/${server}/modules/nsopenssl/ ns_param Protocols SSLv2, SSLv3, TLSv1 ns_param CipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP ns_param PeerVerify false ns_param PeerVerifyDepth 3 ns_param Trace false ns_param SessionCache true ns_param SessionCacheID 1 ns_param SessionCacheSize 512 ns_param SessionCacheTimeout 300 ns_section ns/server/${server}/module/nsopenssl/sslcontext/${server}_client_ctx ns_param Role client ns_param CertFile ${sslcertfile} ns_param KeyFile ${sslkeyfile} ns_param CADir ca ns_param CAFile ca/freesslca.crt ns_param ModuleDir ${homedir}/servers/${server}/modules/nsopenssl/ ns_param Protocols SSLv2, SSLv3, TLSv1 ns_param CipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP ns_param PeerVerify false ns_param PeerVerifyDepth 3 ns_param Trace false ns_param SessionCache true ns_param SessionCacheID 1 ns_param
Re: [AOLSERVER] ANN: New project leader for AOLserver
There is a beta NSS/NSPR module checked into soureforge, the nsnss module. Should work ok but so far nobody that I know of has used it in production. rob Nathan Folkman wrote: Congratulations! I was wondering if there were any plans to start up the weekly AOLserver chats again, and also what are the plans in regards to the Core Team? Is it time for new elections? Do you envision continuing to even have a core team? One other thing I was curious about. Was any movement/decision made on whether or not to integrate nss and nspr? Just curious. Thanks! - Nathan Dossy wrote on 5/20/2004, 1:52 PM: On 2004.05.20, Jim Davidson [EMAIL PROTECTED] wrote: Expect to see a communication from Dossy himself regarding the upcoming plans and goals for the project. Thanks, Jim. I suspect this announcement comes as sort of a surprise to everyone as the list and project have been fairly quiet in the past few months, but even though there was little external signs of activity, there has been much planning and consideration with regard to the AOLserver project going on. Now that plans are more or less final, it was the appropriate time to make the announcement and start executing on these great plans! Perhaps one of the criticisms is that we do go through these periods of low visibility activity which brings about significant change where the perception from the community is that little is happening. To try and eliminate that perception, I hope to make the entire organization and planning process surrounding AOLserver as transparent as possible. To that end, I've put together a roadmap of where I hope we can all take the AOLserver project in the next couple of months. I'll be posting the roadmap to the wiki shortly, but for now, here it is: AOLserver project 2004 Roadmap == This document will serve as the roadmap for the AOLserver project and Open Source community for 2004. N.B.: When identifying the need for resources to fill roles outlined below, it is intentional that there is no designation whether the role should be filled by an AOL employee resource or someone from the larger AOLserver community. Ideally, the roles will be filled by whichever individual is enthusiastic about the role, has the necessary time to commit to fulfilling the role's duties, and the capability to fill the role. There is also no explicit preclusion from the same individual fulfilling multiple roles if possible and appropriate. Goals and milestones for Q2 2004 1) www.aolserver.com website revamp The project website deserves a more modern look and feel while maintaining the crisp, clean design aspects of the site. The site needs to clearly represent the most current releases and recent changes. Specific information that should be easily accessible on the website initially: - what it is - how it's different - where is useful, where it's not - how to get started - basic guide, notes for apache users - latest source and binary bundles - basic intro docs and extensive, complete, accurate manpages One role needs to be filled here: Webmaster. The project needs two Webmasters to ensure good responsiveness to keeping the site current in a timely fashion. 2) Freshen up documentation Currently available documentation for AOLserver mixes information for 2.3, 3.x and 4.x. All of the documentation needs to be evaluated for correctness and updated where appropriate. Documentation should be made available in at least three formats: plain text, HTML and PDF. All documentation should be readily available from the project website. One role needs to be filled here: Documentation Writer. The project needs two Documentation Writers to keep all of the documentation current. 3) SourceForge bug and support trackers There are currently 56 open bugs, 3 open support requests, 29 open patches and 8 open feature requests in SourceForge. Attention to these trackers is minimal at best which sends the wrong message about the project's commitment to supporting itself. Two roles need to be filled here: Support Manager and Support Engineers. The project needs one Support Manager and four Support Engineers. The Support Manager (SM) needs to ensure that opened requests get tasked to someone in a timely fashion (within 24-48 hours) and resolved appropriately. The SM will also be responsible for communicating any resolutions or FAQs to the Documentation Team for inclusion in any documentations or publications. 4) Better release management of AOLserver While maintaining a ChangeLog and tagging code periodically may be suitable for the developer community, the larger user audience of AOLserver has a varying degree of technical background. Releases need to be managed such that a clear communication accessible to a non-technical background should be able to
[AOLSERVER] AOLserver 4.0.5 released
I'm happy to announce the release of AOLserver 4.0.5. The changes in this release include: * remove Makefile.module during distclean * Allow users to override logging functions (see nsd/log.c) * Fix crash bug in Ns_Trim* when trimming NULL strings. * Add new bool config option, keepaliveallmethods, which enables HTTP/1.0 Keep-Alives for all valid methods. By default this is false. rob -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] Problem with nsssl
This is nothing to worry about and yes, it is very misleading. The sample configuration checks to see if it should setup nsssl and if it can't it diplays out this warning. It can safely be ignored. rob Joaquín Souza wrote: I have this problem installing AOLServer, i make all of what the installation manual says, but in nowhere says nothing about the nssl. I paste the problem error, maybe anybody can help me. [08/Jul/2004:13:06:02][30572.16384][-main-] Warning: config.tcl: nsssl not loaded -- key/cert files do not exist. [08/Jul/2004:13:06:02][30572.16384][-main-] Notice: encoding: loaded: iso8859-1 i hope that anybody can help me, thanks, Joaquín Souza -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] AOLserver 4.0.6 has crashing bug leading to DOS.
This causes a core dump? rob Stephen Deasey wrote: How to reproduce: telnet host 80 GET / HTTP/1.1 I sent an email about this early yesterday well before the release, but didn't get any response. Thanks. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] [DEV] Changing required autoconf version
Many relatively old (but not ancient) Linux distributions ship with autoconf 2.13 such as RedHat 7.2, 7,3 and AS 2.1. Upgrading isn't particularly painful but many only like using official rpms and AFAIK RedHat does not provide them. What is the advantage of upgrade? rob Dossy wrote: Everyone, I'd like to change the required version of autoconf required -- currently, AOLserver configure.in works with autoconf 2.13, but I'd like to move to configure.ac and autoconf 2.50+. Does anyone have any issues with this? -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] aolserver/php
I haven't been able to duplicate this. I see ab reporting some errors but according to the AOLserver logs it is doing the right thing. I have zero previous experience with ab though, so a lot of this is from the hip. Part of the problem may be that PHP isn't setting a content-length header and ab is getting confused. The length that it is reporting for me for a PHP 5.0.0 phpinfo command is less than the actual output (33292 by ab versus 33422 actual bytes). I set verbosity to 5 to log everything and the output seems truncated as well. My guess is that it logs just bit of data from the first read but I don't know for sure yet. For exceptions, I get Protocol driver not attached. Whether this is an AOLserver-caused problem or not I don't know yet. I think this maps to EADDRNOTAVAIL. It may essentially just be connection refused if aolserver ran out of connection threads. Even with smaller batches of requests it fails. I've been testing with 1000 requests and 20 threads and finding errors. Note that ab does some wierd stuff. If you request 1000 connections you'll get more like 1002. Seems it doesn't count very well. I tested with AOLserver 4.0.5, PHP 4.3.7 and PHP 5.0.0 on Linux 2.4.24. rob Noah Robin wrote: So, in the interest of science (and probably masochism) I compiled PHP 4.3.8 (with the aolserver.c patch from panoptic) against aolserver 3.5.10 and 4.0.7 last night, and ran some load tests. Result: on linux 2.4.26, and the only PHP configure option was --with-aolserver=, I was seeing a failure rate of ~6% for a page that only called phpinfo(). Load test: /usr/sbin/ab2 -n10 -c25 http://localhost:8000/ (ab2 being the version of 'ab' that ships with apache2). This failure rate is obviously not going to cut it for production use, and I was wondering if anyone had seen this before. Nothing in the server.log file during the failures; the access log shows that sometimes the request simply returned zero-length content. Thread stack-size has been set to 1M. Anyone seen this before? =) Noah Robin System Administrator, America Online 703.265.2925 #include remarks/witty.h -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] aolserver/php
Using a different threaded test tool that compares the actual output to an expected output, I ran 150k tests with a 100% pass rate. This is with 20 concurrent request threads. To handle the load I added this to my config: ns_parammaxthreads 512 ns_paramminthreads 10 I am running PHP 5.0.0, AOLserver 4.0.5 on Linux 2.4.24 (RedHat 7.2). rob Dossy Shiobara wrote: On 2004.07.23, Noah Robin [EMAIL PROTECTED] wrote: So, in the interest of science (and probably masochism) I compiled PHP 4.3.8 (with the aolserver.c patch from panoptic) against aolserver 3.5.10 and 4.0.7 last night, and ran some load tests. Result: on linux 2.4.26, and the only PHP configure option was --with-aolserver=, I was seeing a failure rate of ~6% for a page that only called phpinfo(). Load test: /usr/sbin/ab2 -n10 -c25 http://localhost:8000/ (ab2 being the version of 'ab' that ships with apache2). Lets see what I get on my system: $ uname -a Linux ecwav 2.6.5 #3 Thu May 6 06:57:14 EDT 2004 i686 GNU/Linux $ cat /proc/cpuinfo | grep model name model name : Intel(R) Pentium(R) III CPU family 1266MHz $ cat test.php ? phpinfo(); ? $ ab -c25 -n1 http://panoptic.com/test.php This is ApacheBench, Version 1.3d $Revision: 1.67 $ apache-1.3 Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/ Benchmarking panoptic.com (be patient) Completed 1000 requests Completed 2000 requests Completed 3000 requests Completed 4000 requests Completed 5000 requests Completed 6000 requests Completed 7000 requests Completed 8000 requests Completed 9000 requests Finished 1 requests Server Software:AOLserver/4.0.7 Server Hostname:panoptic.com Server Port:80 Document Path: /test.php Document Length:23519 bytes Concurrency Level: 25 Time taken for tests: 30.294 seconds Complete requests: 1 Failed requests:3 (Connect: 0, Length: 3, Exceptions: 0) Broken pipe errors: 0 Total transferred: 236933670 bytes HTML transferred: 235213498 bytes Requests per second:330.10 [#/sec] (mean) Time per request: 75.73 [ms] (mean) Time per request: 3.03 [ms] (mean, across all concurrent requests) Transfer rate: 7821.14 [Kbytes/sec] received Connnection Times (ms) min mean[+/-sd] median max Connect:045 370.0 0 9012 Processing: 326 139.5 17 6325 Waiting:026 139.5 17 6325 Total: 371 398.6 17 9031 Percentage of the requests served within a certain time (ms) 50% 17 66% 18 75% 19 80% 21 90% 29 95% 33 98%355 99% 3022 100% 9031 (last request) PHP 4.3.7RC1 This failure rate is obviously not going to cut it for production use, and I was wondering if anyone had seen this before. Nothing in the server.log file during the failures; the access log shows that sometimes the request simply returned zero-length content. Thread stack-size has been set to 1M. Anyone seen this before? =) Hmm, in my test above, we see 3 failures out of 10,000 -- 0.03% -- is probably reasonable for a production site. Nothing emitted into the server log, nor the php4.log either. Let me crank up ab to -v99 and see if I can get the failures to happen again ... Failed requests:2 (Connect: 0, Length: 2, Exceptions: 0) OK, so it happened again. Looking at the log ... nothing enlightening. Lets ask Google. It knows everything ... Aha. OK -- those Length errors can *probably* be ignored -- ApacheBench registers a Length failure if the HTTP response length varies from the initial response, which it CAN do for the test.php page that calls phpinfo(), since the output can vary. Look in the PHP Variables section towards the bottom of the page at _SERVER[REMOTE_PORT] -- as it goes from to 1, the length of the document goes up by 1 byte causing a length failure. Same thing happens in the other direction, as it goes from 32000 back down to 1000-something. I agree with you, a true 6% failure rate is unacceptable. On my test environment, I'm seeing effectively a 0% failure rate. -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To
Re: [AOLSERVER] nsopenssl errors
If you don't need AOLserver to act as a client then simply don't register a client context. As far as I recall it isn't required. As for SSL2, I wouldn't trust it for e-commerce myself. I do agree that if only for clarity that SSL2 should be enabled/disabled in both places. It is very possible that openSSL isn't doing the right thing here. rob Dossy Shiobara wrote: On 2004.08.18, Janine Sisk [EMAIL PROTECTED] wrote: To add a bit more data to the fire, here is the config section I was using for nsopenssl with AOLserver 4. it is basically straight out of the latest version of the OpenACS suggested config file. The *.pem files do exist; I believe I changed the client cert section to point to the same files as the server cert because it got rid of some errors. I vaguely recall some issues where you cannot use the same certificate as both the server and client cert, but I can't find it in the archives so maybe I'm just making this up. This config has SSLv2 in the Protocols for the client but not for the server. I don't really understand how this all works, so I don't know if that's ok or not? The client config is used when you initiate outbound SSL connections frmo AOLserver. The server cert is used for serving inbound connections from web browsers/SSL clients. You definitely need to add SSLv2 to the protocols list for the server config! Ahh ... ns_section ns/server/${server}/module/nsopenssl/sslcontext/users ns_param Role server ns_param ModuleDir ${homedir}/${server}/etc/certs ns_param CertFile certfile.pem ns_param KeyFile keyfile.pem ns_param CADir /usr/share/ssl ns_param CAFile/usr/share/ssl/cert.pem ns_param Protocols SSLv3, TLSv1 Yes, this is the problem, for sure. Need to add SSLv2 there. ns_param CipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP ns_param PeerVerifyfalse ns_param PeerVerifyDepth 3 ns_param Trace false I wonder if the reason we're seeing this problem is the default setting for ciphersuite includes +SSLv2 but protocols doesn't. If you want to refuse to use SSLv2, maybe +SSLv2 should come out of the ciphersuite param. I don't see any good reason to refuse SSLv2 connections, so I'd rather just add it into the protocols param. If you can, make the change and give it a test ... let us know if that solves the mystery for you. :-) -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] Max file size upload
You need to set maxinput in the nssock module in your config file. Something like: ns_section ns/server/${servername}/module/nssock ns_param port$httpport ns_param hostname$hostname ns_param address $address ns_param maxinput[expr 5*1024*1024] Note that I think that the default is actually 1 meg so I'm not sure how you ended up with 2 here. rob HUANG,KHY LY wrote: Hi, Is there a max file size post for multipart/form-data? When I tried to post a file larger than 2MB I get the error The document contains no data. I tested the post of aolserver 3.x and it works. Please advise. Thanks. Regards, Khy -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to [EMAIL PROTECTED] with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.