Writing new module for Apache 2.0
Hi All, I am trying to write a new module for post processing of the response. I am using Apache 2.0 as a reverse proxy. I wrote a modeul called mod_xyz. Apache could load the module properly and the xyz_register_hook method was also called properly. In the hook function I wrote following code, static void xyz_register_hook(apr_pool_t *p) { xyz_hook_response_handler(ap_xyz_response_handler, NULL, NULL, APR_HOOK_REALLY_LAST); } and ap_xyz_response_handler function looks like this, int ap_xyz_response_handler(request_rec *r) { printf(Hello); // Send a message to stderr (apache redirects this to the error log) fprintf(stderr,apache2_mod_tut1: A request was made.\n); // We need to flush the stream for messages to appear right away. // Performing an fflush() in a production system is not good for // performance - don't do this for real. fflush(stderr); // Return DECLINED so that the Apache core will keep looking for // other modules to handle this request. This effectively makes // this module completely transparent. return DECLINED; } But this function is never called. Can somebody tell me whats wrong with this. -Prajakt
Re: Renames (Gee, it's a mail from thom, it must be renames)
Thom May [EMAIL PROTECTED] writes: So what is the consensus with the renames? The patch is available from http://cvs.apache.org/~thommay/full-rename-diff and seems good - it builds and passes tests on (at least) BeOS and OS X. Also, httpd and svn don't need any changes to still work - the functions are all wrapped by the old names. So it's just binary compatibility that's the problem. But binary incompatibility breaks the notion of a stable httpd API. Can we hold off until Sander tags everything for an httpd release? (I guess Sander is still planning to tag.) -- Jeff Trawick | [EMAIL PROTECTED] Born in Roswell... married an alien...
Re: Writing new module for Apache 2.0
Prajakt Deolasee [EMAIL PROTECTED] writes: static void xyz_register_hook(apr_pool_t *p) { xyz_hook_response_handler(ap_xyz_response_handler, NULL, NULL, APR_HOOK_REALLY_LAST); } ... But this function is never called. Can somebody tell me whats wrong with this. If you hook it really last then you've hooked it *after* whichever hook is going to handle it, and subsequent hooks won't be called. Hook it REALLY_FIRST. -- Jeff Trawick | [EMAIL PROTECTED] Born in Roswell... married an alien...
Re: mod_usertrack.c modifications and child seg faults
Joe Oppegaard [EMAIL PROTECTED] writes: Once I switch over to the if statement that first checks for r-content_type then calls strcmp, everything works just as expected. Any ideas on why this is? the simple answer is because r-content_type has not yet been set at this point and if you look at other code in Apache you'll see checks to verify that r-content_type is actually set as for why r-content_type isn't set as of the fixup hook on this particular request, I do not know... it depends on the config affecting this request and what other modules are doing --- mod_usertrack.c.orig2002-11-19 23:36:26.0 -0800 +++ mod_usertrack.c 2002-11-19 23:37:55.0 -0800 @@ -222,8 +222,16 @@ return DECLINED;/* There's already a cookie, no new one */ } make_cookie(r); return OK; /* We set our cookie */ + is this really the right patch? how do you even get to the code below given the unconditional return OK right above? + +/*if (r-content_type strcmp(r-content_type,text/html) == 0) {*/ +if (strcmp(r-content_type,text/html) == 0) { +make_cookie(r); +return OK; +} +else { +return DECLINED; +} } static void *make_cookie_log_state(apr_pool_t *p, server_rec *s) -- Jeff Trawick | [EMAIL PROTECTED] Born in Roswell... married an alien...
Re: mod_usertrack.c modifications and child seg faults
On 20 Nov 2002, Jeff Trawick wrote: Joe Oppegaard [EMAIL PROTECTED] writes: Once I switch over to the if statement that first checks for r-content_type then calls strcmp, everything works just as expected. Any ideas on why this is? the simple answer is because r-content_type has not yet been set at this point and if you look at other code in Apache you'll see checks to verify that r-content_type is actually set as for why r-content_type isn't set as of the fixup hook on this particular request, I do not know... it depends on the config affecting this request and what other modules are doing Ah yes, that's true I noticed that in a few other modules. In trying to figure this out, I had thrown in a ap_rprintf statement, and seen that r-content_type is actually holding a value at this point. In the code below this will actually spit back out to the browser what the content type is. If I uncomment the if with just the strcmp by itself it will segfault. Though when that strcmp statement wasn't there, printf showed that value existed at that point, correct? Of course, using the if statement that first checks r-content_type still works perfect. I can handle the answer of that's just how you do it, but I'm confused on why. --- mod_usertrack.c.orig2002-11-19 23:36:26.0 -0800 +++ mod_usertrack.c 2002-11-20 11:29:33.0 -0800 @@ -222,8 +222,18 @@ return DECLINED;/* There's already a cookie, no new one */ } -make_cookie(r); -return OK; /* We set our cookie */ + + +ap_rprintf(r,r-content_type holds %s, r-content_type); +/*if (r-content_type strcmp(r-content_type,text/html) == 0) {*/ +/*if (strcmp(r-content_type,text/html) == 0) {*/ +if (1) { + make_cookie(r); +return OK; +} +else { +return DECLINED; +} } static void *make_cookie_log_state(apr_pool_t *p, server_rec *s) old patch snipped is this really the right patch? how do you even get to the code below given the unconditional return OK right above? Oops! There should have been a few minus signs there. The patch above is correct now though. :) ___ Joe Oppegaard http://joppegaard.com GnuPG/PGP Information: Key: 1024D/272159F6 Keyserver: pgp.mit.edu By web: http://joppegaard.com/files/0x272159F6.asc
2.0, 2.1 branch, WAS: Re: Renames
Jeff Trawick wrote: Thom May [EMAIL PROTECTED] writes: So what is the consensus with the renames? The patch is available from http://cvs.apache.org/~thommay/full-rename-diff and seems good - it builds and passes tests on (at least) BeOS and OS X. Also, httpd and svn don't need any changes to still work - the functions are all wrapped by the old names. So it's just binary compatibility that's the problem. But binary incompatibility breaks the notion of a stable httpd API. Can we hold off until Sander tags everything for an httpd release? (I guess Sander is still planning to tag.) Always useful if Sander responds ;) Bottom line: I'm not going to tag before we branch. It all comes down to this: - The auth changes _don't_ break 3rd party auth modules - We can rename the auth modules and their directives back to their old names so we don't break existing 2.0 configs - We must add implicit loading of mod_auth_basic when no auth provider was loaded - AFAIK the renames don't break bin compat, everything is wrapped in stubs So, we're ok. We can branch right now, because the state of the tree today is probable what we want to use as the basis for 2.1/2.2. Once we get the auth stuff renamed and the implicit loading in place I'll tag 2.0.44. My guess is that this will probably happen next week somewhere. Justin? Jeff, OtherBill, does httpd-2.0 HEAD contain anything you'd rather not see rolled into 2.0.44 (apart from the above)? Sander
Apache 1.3 and invalid headers
Hello all, Does anyone know what the behaviour of Apache 1.3 is under the circumstances where the HTTP request or response contains an invalid request header? Specifically, when the Connection header contains something other than 'close'? It appears to immediately close the connection - can anyone confirm or deny that this is Apache's behaviour for both requests and responses? Thanks, Andy __ Do you Yahoo!? Yahoo! Web Hosting - Let the expert host your site http://webhosting.yahoo.com
Re: Apache 1.3 and invalid headers
You mean when you send a request header that looks something like this? ~ telnet localhost 80 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. GET / HTTP/1.1 Host: localhost Connection: foo HTTP/1.1 200 OK Date: Wed, 20 Nov 2002 22:52:24 GMT Server: Apache/1.3.28-dev (Unix) PHP/4.3.0RC1 X-Powered-By: PHP/4.3.0RC1 Last-Modified: Wed, 02 Oct 2002 13:34:42 GMT Transfer-Encoding: chunked Content-Type: text/html 99d !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN html head ... I don't get a closed connection right away. I get all my output (chunked in this case) and then my connection is closed. -Rasmus On Tue, 19 Nov 2002, Andy Yang wrote: Hello all, Does anyone know what the behaviour of Apache 1.3 is under the circumstances where the HTTP request or response contains an invalid request header? Specifically, when the Connection header contains something other than 'close'? It appears to immediately close the connection - can anyone confirm or deny that this is Apache's behaviour for both requests and responses? Thanks, Andy __ Do you Yahoo!? Yahoo! Web Hosting - Let the expert host your site http://webhosting.yahoo.com
Re: Apache 1.3 and invalid headers
Does anyone know what the behaviour of Apache 1.3 is under the circumstances where the HTTP request or response contains an invalid request header? Specifically, when the Connection header contains something other than 'close'? There is nothing invalid about that -- connection is completely extensible. It appears to immediately close the connection - can anyone confirm or deny that this is Apache's behaviour for both requests and responses? It does not close the connection on that basis. What you are probably seeing is a server that is configured with keepalive off, in which case all connections are closed regardless of what is received in Connection. Roy
[Patch] Be more selective on includes
This is in response to a debian bug request; basically it just tightens up the list of allowed characters, so we don't include .dotfiles and backups etc. Thoughts? -Thom Index: server/config.c === RCS file: /home/cvspublic/httpd-2.0/server/config.c,v retrieving revision 1.156 diff -u -r1.156 config.c --- server/config.c 12 Sep 2002 20:04:07 - 1.156 +++ server/config.c 21 Nov 2002 01:58:06 - @@ -76,6 +76,7 @@ #include apr_portable.h #include apr_file_io.h #include apr_fnmatch.h +#include apr_lib.h #define APR_WANT_STDIO #define APR_WANT_STRFUNC @@ -1434,6 +1435,20 @@ return strcmp(f1-fname,f2-fname); } +static int fname_valid(const char *fname) +{ +const char *c = fname; +if (!apr_isalnum(*c)) + return 0; +++c; +while (*c) { + if(!apr_isalnum(*c) *c!='_' *c!='-' *c!='.') +return 0; + ++c; +} +return 1; +} + AP_DECLARE(void) ap_process_resource_config(server_rec *s, const char *fname, ap_directive_t **conftree, apr_pool_t *p, @@ -1510,7 +1525,8 @@ strcmp(dirent.name, ..) (!ispatt || apr_fnmatch(pattern, dirent.name, -FNM_PERIOD) == APR_SUCCESS)) { +FNM_PERIOD) == APR_SUCCESS) + fname_valid(dirent.name)) { fnew = (fnames *) apr_array_push(candidates); fnew-fname = ap_make_full_path(p, path, dirent.name); }
Re: [Patch] Be more selective on includes
* Thom May wrote: This is in response to a debian bug request; basically it just tightens up the list of allowed characters, so we don't include .dotfiles and backups etc. Thoughts? hmm. I don't like it. The most can easily be done with normal wildcard matching. If your patch is applied and I have filenames (already), that don't match the hardcoded (!) rules, I'm lost. nd -- sub the($){+shift} sub answer (){ord q [* It is always 42! *] } print the answer # André Malo # http://www.perlig.de/ #
Re: [Patch] Be more selective on includes
On Thu, 21 Nov 2002, André Malo wrote: * Thom May wrote: This is in response to a debian bug request; basically it just tightens up the list of allowed characters, so we don't include .dotfiles and backups etc. Thoughts? hmm. I don't like it. The most can easily be done with normal wildcard matching. If your patch is applied and I have filenames (already), that don't match the hardcoded (!) rules, I'm lost. Right. People should be using Include conf/*.conf The docs now explicitly discourage the use of directory includes to avoid exactly this problem. Joshua.
[STATUS] (apache-1.3) Wed Nov 20 23:45:11 EST 2002
APACHE 1.3 STATUS: -*-text-*- Last modified at [$Date: 2002/10/31 05:57:52 $] Release: 1.3.28-dev: In development 1.3.27: Tagged September 30, 2002. Announced Oct 3, 2002. 1.3.26: Tagged June 18, 2002. 1.3.25: Tagged June 17, 2002. Not released. 1.3.24: Tagged Mar 21, 2002. Announced Mar 22, 2002. 1.3.23: Tagged Jan 21, 2002. 1.3.22: Tagged Oct 8, 2001. Announced Oct 12, 2001. 1.3.21: Not released. (Pulled for htdocs/manual config mismatch. t/r Oct 5, 2001) 1.3.20: Tagged and rolled May 15, 2001. Announced May 21, 2001. 1.3.19: Tagged and rolled Feb 26, 2001. Announced Mar 01, 2001. 1.3.18: Tagged and rolled Not released. (Pulled because of an incorrect unescaping fix. t/r Feb 19, 2001) 1.3.17: Tagged and rolled Jan 26, 2001. Announced Jan 29, 2001. 1.3.16: Not released. (Pulled because of vhosting bug. t/r Jan 20, 2001) 1.3.15: Not released. (Pulled due to CVS dumping core during the tagging when it reached src/os/win32/) 1.3.14: Tagged and Rolled Oct 10, 2000. Released/announced on the 13th. 1.3.13: Not released. (Pulled in the first minutes due to a Netware build bug) 1.3.12: Tagged and rolled Feb. 23, 2000. Released/announced on the 25th. 1.3.11: Tagged and rolled Jan. 19, 2000. Released/announced on the 21st. 1.3.10: Not released. (Pulled at last minute due to a build bug in the MPE port) 1.3.9: Tagged and rolled on Aug. 16. Released and announced on 19th. 1.3.8: Not released. 1.3.7: Not released. 1.3.6: Tagged and rolled on Mar. 22. Released and announced on 24th. 1.3.5: Not released. 1.3.4: Tagged and rolled on Jan. 9. Released on 11th, announced on 12th. 1.3.3: Tagged and rolled on Oct. 7. Released on 9th, announced on 10th. 1.3.2: Tagged and rolled on Sep. 21. Announced and released on 23rd. 1.3.1: Tagged and rolled on July 19. Announced and released. 1.3.0: Tagged and rolled on June 1. Announced and released on the 6th. 2.0 : Available for general use, see httpd-2.0 repository RELEASE SHOWSTOPPERS: RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: * Current vote on 2 PRs for inclusion: Bugz #9181 (Unable to set headers on non-2XX responses) +1: Martin, Jim Gnats #10246 (Add ProxyConnAllow directive) +0: Martin (or rather -.5, see dev@ Message [EMAIL PROTECTED]) * htpasswd.c and htdigest.c use tmpnam()... consider using mkstemp() when available. Message-ID: [EMAIL PROTECTED] Status: * Dean's unescaping hell (unescaping the various URI components at the right time and place, esp. unescaping the host name). Message-ID: [EMAIL PROTECTED] Status: * Martin observed a core dump because a ipaddr_chain struct contains a NULL-server pointer when being dereferenced by invoking httpd -S. Message-ID: [EMAIL PROTECTED] Status: Workaround enabled. Clean solution can come after 1.3.19 * long pathnames with many components and no AllowOverride None Workaround is to define Directory / with AllowOverride None, which is something all sites should do in any case. Status: Marc was looking at it. (Will asks 'wasn't this patched?') * Ronald Tschalär's patch to mod_proxy to allow other modules to set headers too (needed by mod_auth_digest) Message-ID: [EMAIL PROTECTED] Status: Available Patches (Most likely, will be ported to 2.0 as appropriate): * A rewrite of ap_unparse_uri_components() by Jeffrey W. Baker [EMAIL PROTECTED] to more fully close some segfault potential. Message-ID: Pine.LNX.4.21.0102102350060.6815-20@desktop Status: Jim +1 (for 1.3.19), Martin +0 * Andrew Ford's patch (1999/12/05) to add absolute times to mod_expires Message-ID: [EMAIL PROTECTED] Status: Martin +1, Jim +1, Ken +1 (on concept) * Raymond S Brand's path to mod_autoindex to fix the header/readme include processing so the envariables are correct for the included documents. (Actually, there are two variants in the patch message, for two different ways of doing it.) Message-ID: [EMAIL PROTECTED] Status: Martin +1(concept) * Jayaram's patch (10/27/99) for bugfix to mod_autoindex IndexIgnore file-extension should hide the files with this file- extension in directory listings. This was NOT happening because the total filename was being compared with the file-extension. Status: Martin +1(untested), Ken +1(untested) * Salvador Ortiz Garcia [EMAIL PROTECTED]' patch to allow DirectoryIndex to refer to URIs for non-static resources. MID: [EMAIL PROTECTED] Status: Ken +1 (on concept), Lars +1 (on concept) * Brian Havard's patch
[STATUS] (httpd-2.0) Wed Nov 20 23:45:16 EST 2002
APACHE 2.0 STATUS: -*-text-*- Last modified at [$Date: 2002/11/20 21:43:24 $] Release: 2.0.44 : in development 2.0.43 : released October 3, 2002 as GA. 2.0.42 : released September 24, 2002 as GA. 2.0.41 : rolled September 16, 2002. not released. 2.0.40 : released August 9, 2002 as GA. 2.0.39 : released June 17, 2002 as GA. 2.0.38 : rolled June 16, 2002. not released. 2.0.37 : rolled June 11, 2002. not released. 2.0.36 : released May 6, 2002 as GA. 2.0.35 : released April 5, 2002 as GA. 2.0.34 : tagged March 26, 2002. 2.0.33 : tagged March 6, 2002. not released. 2.0.32 : released Feburary 16, 2002 as beta. 2.0.31 : rolled Feburary 1, 2002. not released. 2.0.30 : tagged January 8, 2002. not rolled. 2.0.29 : tagged November 27, 2001. not rolled. 2.0.28 : released November 13, 2001 as beta. 2.0.27 : rolled November 6, 2001 2.0.26 : tagged October 16, 2001. not rolled. 2.0.25 : rolled August 29, 2001 2.0.24 : rolled August 18, 2001 2.0.23 : rolled August 9, 2001 2.0.22 : rolled July 29, 2001 2.0.21 : rolled July 20, 2001 2.0.20 : rolled July 8, 2001 2.0.19 : rolled June 27, 2001 2.0.18 : rolled May 18, 2001 2.0.17 : rolled April 17, 2001 2.0.16 : rolled April 4, 2001 2.0.15 : rolled March 21, 2001 2.0.14 : rolled March 7, 2001 2.0a9 : released December 12, 2000 2.0a8 : released November 20, 2000 2.0a7 : released October 8, 2000 2.0a6 : released August 18, 2000 2.0a5 : released August 4, 2000 2.0a4 : released June 7, 2000 2.0a3 : released April 28, 2000 2.0a2 : released March 31, 2000 2.0a1 : released March 10, 2000 Please consult the following STATUS files for information on related projects: * srclib/apr/STATUS * srclib/apr-util/STATUS * docs/STATUS Contributors looking for a mission: * just do an egrep on TODO and see what's there CURRENT RELEASE NOTES: RELEASE SHOWSTOPPERS: CURRENT VOTES: * Adopt backwards compatibility for future Apache 2.0 releases such that MMN major number changes and eliminating non-experimental modules are deferred for the next minor version bump (e.g. 2.1, 2.2 or 3.0). +1: wrowe, jerenkrantz, aaron, brianp, trawick, stoddard, jwoolley, rbowen, rederpj, jim, striker 0: -1: * Defer the Auth module overhaul to the next minor version bump (e.g. 2.1, 2.2, 3.0) on the condition that forward compatibility resolution is adopted. +1: wrowe, aaron, trawick, stoddard, jwoolley, rbowen, gregames, rederpj, jim 0: jerenkrantz -1: striker * Adopt an even/odd release paradigm (see VERSIONING) such that even numbered releases are stable, and odd numbered releases are development efforts, keeping in the tradition of Linux, Perl, etc. In pratical terms, this implies C-T-R-T-C, where patches are (generally) first applied to the development branch, tested, and then (after vote) applied to the stable branch. +1: wrowe, jerenkrantz, aaron, trawick, stoddard, jwoolley, rbowen, gregames, rederpj, jim, striker 0: -1: * Branch APACHE_2_0_BRANCH today, changing the version in CVS HEAD to 2.1.0-dev. +1 [from APACHE_2_0_43]: wrowe, aaron, trawick, stoddard, jwoolley, gregames, rederpj, jim +1 [from HEAD]: striker 0: jerenkrantz -1: * httpd-std.conf and friends a) httpd-std.conf should be tailored by install (from src or binbuild) even if user has existing httpd.conf +1: trawick, slive, gregames, ianh, Ken, wrowe, jwoolley wrowe - prefer httpd.default.conf to avoid ambiguity with cvs b) tailored httpd-std.conf should be copied by install to sysconfdir/examples -0: striker c) tailored httpd-std.conf should be installed to sysconfdir/examples or manualdir/exampleconf/ +1: slive, trawick, Ken d) Installing a set of default config files when upgrading a server doesn't make ANY sense at all. +1: ianh - medium/big sites don't use 'standard config' anyway, as it usually needs major customizations -1: Ken, wrowe, jwoolley, jim wrowe - diff is wonderful when comparing old/new default configs, even for customized sites that ianh mentions jim - ... assuming that the default configs have been updated with the required inline docs to explain the changes * If the parent process dies, should the remaining child processes gracefully self-terminate. Or maybe we should make it a runtime option, or have a concept of 2 parent
Re: [STATUS] (apache-1.3) long pathnames with many components
On Wed, Nov 20, 2002 at 11:45:11PM -0500, Rodent of Unusual Size wrote: APACHE 1.3 STATUS:-*-text-*- Last modified at [$Date: 2002/10/31 05:57:52 $] [...] RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: [...] * long pathnames with many components and no AllowOverride None Workaround is to define Directory / with AllowOverride None, which is something all sites should do in any case. Status: Marc was looking at it. (Will asks 'wasn't this patched?') [...] Is this a code problem or can the documentation be augmented instead? DirectoryMatch uses full regexes, but can't be used to enable or disable AllowOverride (.htaccess) since it is processed _after_ .htaccess files are processed. But Directory has *, ?, and character class [] wildcards which can be employed just as well in most cases. An example: In my configuration, all public web-related files are nested in vhosts: /pub/u/s/username/vhost.dom/ userdirs: /pub/u/s/username/homepage/ (Usernames on this system must be at least two chars long and must start with two lowercase alphas. Additionally, since users do not have write privileges to the /pub/u/s/username/ directory, the following also limits the use of the expensive SymlinksIfOwnerMatch to all user-controlled files.) Directory / Options FollowSymLinks AllowOverride None deny from all /Directory Directory /pub/[a-z]/[a-z]/*/* Options SymLinksIfOwnerMatch Indexes IncludesNoExec AllowOverride FileInfo AuthConfig Limit Indexes allow from all /Directory Another solution is to have a Directory block within each vhost that allows access to the DocumentRoot of the vhost. And one for userdirs. Directory / Options FollowSymLinks AllowOverride None deny from all /Directory ## (for each vhost) VirtualHost * # ... DocumentRoot /my/document/root Directory /my/document/root Options FollowSymLinks Indexes IncludesNoExec AllowOverride FileInfo AuthConfig Limit Indexes allow from all /Directory /VirtualHost Directory /home/*/public_html Options FollowSymLinks Indexes IncludesNoExec AllowOverride FileInfo AuthConfig Limit Indexes allow from all /Directory And now a question about the code: why bother checking for .htaccess files outside of valid DocumentRoots (or UserDirs)? If you need to set directives above the document root, create a Directory block in httpd.conf. Also for Apache 3.0, can AllowOverride None be the default? It is a more secure default, besides providing better performance. Cheers, Glenn