Re: Can't locate ModPerl/MM.pm
Ick. The Perl glue likes to take over like that on windows. Try running win32\Configure.pl (directly) and passing --disable-perl-glue. (Or make life easier on yourself by building and installing mod_perl first - you don't need to use it afterward) Issac Sam Carleton wrote: Hay folks, I am trying to get libapreq2 installed on my Windows machine. I fixed the bug in the Makefile that was looking for libapr.lib rather then libapr-1.lib, but I am stumped on the error Can't locate ModPerl/MM.pm Here is the whole thing: C:\Perl\bin\perl.exe Makefile.PL Can't locate ModPerl/MM.pm in @INC (@INC contains: C:/Perl/site/lib C:/Perl/lib.) at Makefile.PL line 2. BEGIN failed--compilation aborted at Makefile.PL line 2. NMAKE : fatal error U1077: 'C:\Perl\bin\perl.exe' : return code '0x2' Stop.
Re: Best way to debug
Just add -X to the command arguments in the project settings, and it'll keep everything in one process. Sam Carleton wrote: yea, I tried installing mod_perl and I still got the same problem. I finally simply tried nmake install and it worked, despite the perl error;) So I was up to 1am working on my new apache module! I recall beating my head agaisnt the wall last time I tried writing an apache module, but that was back in the 1.x days, on *NIX, not my native platform, and without a debugger. Today on Windows with a debugger, things are running very smoothly! I do have a debugging question: As we all know, when you fire up httpd, it starts at least one more instance. If I am not mistaken, on Windows it is only one more. When I try to debug in VS6, it attaches to the first instance of httpd, not the one that I actually want to debug. VS6 lacks the ability to debug multiple programs at one time, so... I am using VS2005. This is what I am doing... 1: Compiling on VS6 2: Go to a command window and starting httpd 3: Go to an instances of VS2005 and attaching to both instance of httpd [debug] 4: When down debugging, I deattach VS2005 from the httpd 5: Go to the command line and press Ctrl+C Is there any why to have httpd start up such that it does not start a second process so that I can simply debug with VS6, skipping steps 2 through 4? If no, so be it, it would simply be nice;) Sam On 3/28/07, Issac Goldstand [EMAIL PROTECTED] wrote: Ick. The Perl glue likes to take over like that on windows. Try running win32\Configure.pl (directly) and passing --disable-perl-glue. (Or make life easier on yourself by building and installing mod_perl first - you don't need to use it afterward)
Re: how to get started?
Sam Carleton wrote: Ok, I have apxs installed!! I have created a basic project called fancy_image_handler, when I follow the instructions in the comment of the mod_fancy_image_handler.c, here is what I am getting: D:\Temp\fancy_image_handlerapxs -c -i mod_fancy_image_handler.c cl /nologo /MD /W3 /O2 /D WIN32 /D _WINDOWS /D NDEBUG -IC:\Apache2.2\include /c /Fomod_fancy_image_handler.lo mod_fancy_image_handler.c Looks good link kernel32.lib /nologo /subsystem:windows /dll /machine:I386 /libpath:C:/Apache2.2\lib /out:mod_fancy_image_handler.so mod_fancy_image_handler.lo looks bad. There is no libhttpd.lib, libapr-1.lib or libaprutil-1.lib in this link line. (The libpath correctly provided the path to these libraries though.) Odd, can't say offhand what's up, other than this might be an httpd-2.2 specific bug in the apxs. mod_fancy_image_handler.lo : error LNK2001: unresolved external symbol [EMAIL PROTECTED] mod_fancy_image_handler.lo : error LNK2001: unresolved external symbol [EMAIL PROTECTED] These live in libhttpd.lib (.dll).
manifest embedding issue?
I know that as of VS200? (2 or 3) that Microsoft started this whole manifest thing. It is also my understanding that, for C/C++ apps, it can be turned off. What exactly is the issue? Considering it seems most of you are *NIX developers, maybe this is something I can dig into and find a solution, maybe not;) Sam
Re: manifest embedding issue?
Do yourself a favor, and use VC6. Honestly, I've used 2003 also without problems here, but 2005 gives headaches (though hopefully one of the fixes to the bleeding edge apxs on win32 fixes that). Issac Sam Carleton wrote: I know that as of VS200? (2 or 3) that Microsoft started this whole manifest thing. It is also my understanding that, for C/C++ apps, it can be turned off. What exactly is the issue? Considering it seems most of you are *NIX developers, maybe this is something I can dig into and find a solution, maybe not;) Sam
Re: manifest embedding issue?
Sam Carleton wrote: I know that as of VS200? (2 or 3) that Microsoft started this whole manifest thing. It is also my understanding that, for C/C++ apps, it can be turned off. What exactly is the issue? Considering it seems most of you are *NIX developers, maybe this is something I can dig into and find a solution, maybe not;) Nope - as of 2005 it's an explicit thing. The VC 2005 clibs are soley side by side assemblies, and you must have a manifest which refers to them. It doesn't have to be embedded, but most folks who both compile and package such things would rather fight with embedding than fight with distributing .manifest files. MS has expressed that they've woken up w.r.t. the nonsense they created by corrupting PSDK-dependent projects in the VC Express product, and the nonsense they created in the deprecation of stdc/posix APIs. They have disavowed the disaster they've created in 64 bit default time_t (claiming the validation of dates after Y3000 is the programmers issue?) So I'm far from convinced that 2005 is worth the C-language communities' time nor respect. MS's primary goal is primacy, be it forcing users into their API, their language extensions, their OS. Sometimes, the best answer is a dash of bubble gum and bailing wire to get around the mess they create, and sometimes it's to ignore their drivel as irrelevant .
Re: how to get started?
William A. Rowe, Jr. wrote: Sam Carleton wrote: Ok, I have apxs installed!! I have created a basic project called fancy_image_handler, when I follow the instructions in the comment of the mod_fancy_image_handler.c, here is what I am getting: D:\Temp\fancy_image_handlerapxs -c -i mod_fancy_image_handler.c cl /nologo /MD /W3 /O2 /D WIN32 /D _WINDOWS /D NDEBUG -IC:\Apache2.2\include /c /Fomod_fancy_image_handler.lo mod_fancy_image_handler.c Looks good link kernel32.lib /nologo /subsystem:windows /dll /machine:I386 /libpath:C:/Apache2.2\lib /out:mod_fancy_image_handler.so mod_fancy_image_handler.lo looks bad. There is no libhttpd.lib, libapr-1.lib or libaprutil-1.lib in this link line. (The libpath correctly provided the path to these libraries though.) Odd, can't say offhand what's up, other than this might be an httpd-2.2 specific bug in the apxs. I've seen this in httpd-2.2 all over on win32 systems. I thought I'd mentioned it to you and Randy when I mentioned the manifest embedding... Issac
Re: manifest embedding issue?
On 3/28/07, William A. Rowe, Jr. [EMAIL PROTECTED] wrote: MS's primary goal is primacy, be it forcing users into their API, their language extensions, their OS. Sometimes, the best answer is a dash of bubble gum and bailing wire to get around the mess they create, and sometimes it's to ignore their drivel as irrelevant I hear you, though I have always been a Windows developer, I have always disliked M$. The problem is they really know how to make life easy. I simply LOVE .Net development, so quick and easy. The whole manifest thing does make life easier, but it is also a control issue. What a pain, I really like VS2005 interface, oh well. Sam
Apache + Mod_plsql - reg
Hi Folks, Any body familiar with mod_plsql? My environment: Oracle 10 RHEL 4 32 bit httpd-2.0.59 Plz help me or send configuration details, how to include mod_plsql into my httpd-2.0.59. Thanks in Advance. Regards Sudakar Srinivasan
Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxy ing Apache 2.2
Hi all I have made following setup with Apache 2.2 Client ---https--- Apache 2.2.3 OWA 2k3 server in my conf I have Listen 172.25.12.146:80 VirtualHost 172.25.12.146:80 DocumentRoot /myroot/abc/ ServerName application.owa.com IfDefine PROXY ProxyPass/ http://application.owa.com/ ProxyPassReverse / http://application.owa.com/ ProxyPassReverse / http://application.owa.com:80/ ProxyPassReverse / http://172.25.11.33/ ProxyPassReverse / http://172.25.11.33:80/ /IfDefine /VirtualHost but when I try to connect I get repeated NTLM authentication boxes but OWA resource is available after many attempts.If I click any other link on OWA it again asks for NTLM authentication. Also the very same httpd.conf and network setup is working fine with Apache 2.0.53 hust replacing the httpd Is there any change in the two version regarding the same Or if anyone has experienced this .Please help. Thanks/regards Manmeet Singh The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it.
Re: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2
NTLM currently does not work with httpd 2.2.x and reverse proxy configurations due to the fact that httpd 2.2.x uses connection pooling for its backend connections. NTLM does not respect the fact that HTTP is a stateless protocol. Thus is fails. See also: http://issues.apache.org/bugzilla/show_bug.cgi?id=39673 Regards Rüdiger -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] Gesendet: Mittwoch, 28. März 2007 12:56 An: dev@httpd.apache.org Betreff: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2 Hi all I have made following setup with Apache 2.2 Client ---https--- Apache 2.2.3 OWA 2k3 server in my conf I have Listen 172.25.12.146:80 VirtualHost 172.25.12.146:80 DocumentRoot /myroot/abc/ ServerName application.owa.com IfDefine PROXY ProxyPass/ http://application.owa.com/ ProxyPassReverse / http://application.owa.com/ ProxyPassReverse / http://application.owa.com:80/ ProxyPassReverse / http://172.25.11.33/ ProxyPassReverse / http://172.25.11.33:80/ /IfDefine /VirtualHost but when I try to connect I get repeated NTLM authentication boxes but OWA resource is available after many attempts.If I click any other link on OWA it again asks for NTLM authentication. Also the very same httpd.conf and network setup is working fine with Apache 2.0.53 hust replacing the httpd Is there any change in the two version regarding the same Or if anyone has experienced this .Please help. Thanks/regards Manmeet Singh The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it.
Best way to debug
yea, I tried installing mod_perl and I still got the same problem. I finally simply tried nmake install and it worked, despite the perl error;) So I was up to 1am working on my new apache module! I recall beating my head agaisnt the wall last time I tried writing an apache module, but that was back in the 1.x days, on *NIX, not my native platform, and without a debugger. Today on Windows with a debugger, things are running very smoothly! I do have a debugging question: As we all know, when you fire up httpd, it starts at least one more instance. If I am not mistaken, on Windows it is only one more. When I try to debug in VS6, it attaches to the first instance of httpd, not the one that I actually want to debug. VS6 lacks the ability to debug multiple programs at one time, so... I am using VS2005. This is what I am doing... 1: Compiling on VS6 2: Go to a command window and starting httpd 3: Go to an instances of VS2005 and attaching to both instance of httpd [debug] 4: When down debugging, I deattach VS2005 from the httpd 5: Go to the command line and press Ctrl+C Is there any why to have httpd start up such that it does not start a second process so that I can simply debug with VS6, skipping steps 2 through 4? If no, so be it, it would simply be nice;) Sam On 3/28/07, Issac Goldstand [EMAIL PROTECTED] wrote: Ick. The Perl glue likes to take over like that on windows. Try running win32\Configure.pl (directly) and passing --disable-perl-glue. (Or make life easier on yourself by building and installing mod_perl first - you don't need to use it afterward)
smal mod to mod_ssl
I would like to propose a slight change to mod_ssl sssl_engine_init.c The recent openssl versions changed teh definitions of the SSLvnn_xxx_method to be const. This has an impact to the ssl_init_ctx_protocol function. The curent code reads: static void ssl_init_ctx_protocol(server_rec *s, apr_pool_t *p, apr_pool_t *ptemp, modssl_ctx_t *mctx) { SSL_CTX *ctx = NULL; SSL_METHOD *method = NULL; . some stuff deleted if (protocol == SSL_PROTOCOL_SSLV2) { method = mctx-pkp ? SSLv2_client_method() : /* proxy */ SSLv2_server_method(); /* server */ ctx = SSL_CTX_new(method); /* only SSLv2 is left */ } else { method = mctx-pkp ? SSLv23_client_method() : /* proxy */ SSLv23_server_method(); /* server */ ctx = SSL_CTX_new(method); /* be more flexible */ } -- Since method is only used in the two cases before I think it is better to use the expressions as a parameter to SSL_CTX_new and not declare method. Thanks for consideration. Peter Sylvester smime.p7s Description: S/MIME Cryptographic Signature
Meaning of man/man8/?
The man8/ directory doesn't seem appropriate for the current contents we install. Notably, ab and logresolve are certainly not dedicated to the role of httpd, but are independently useful binaries. Beyond that, apxs doesn't seem to quite fit that role. ab.8apxs.8 httpd.8 rotatelogs.8 apachectl.8 htcacheclean.8 logresolve.8suexec.8 Of the remainder, apachectl, htcacheclean, suexec and (for the most part) rotatelogs are only sensible in the context of httpd itself. But not really understanding the meaning of .8 pages, I'm not really clear if these are on-point or out of context. Comments? Bill
Re: Meaning of man/man8/?
[taking docs on cc] * William A. Rowe, Jr. wrote: The man8/ directory doesn't seem appropriate for the current contents we install. Notably, ab and logresolve are certainly not dedicated to the role of httpd, but are independently useful binaries. Beyond that, apxs doesn't seem to quite fit that role. ab.8apxs.8 httpd.8 rotatelogs.8 apachectl.8 htcacheclean.8 logresolve.8suexec.8 Of the remainder, apachectl, htcacheclean, suexec and (for the most part) rotatelogs are only sensible in the context of httpd itself. But not really understanding the meaning of .8 pages, I'm not really clear if these are on-point or out of context. Well, we might put ab and logresolve in .1. But where would the other ones fit better? nd -- Umfassendes Werk (auch fuer Umsteiger vom Apache 1.3) -- aus einer Rezension http://pub.perlig.de/books.html#apache2
[Fwd: iDefense Final Notice [IDEF1445]]
Not acked. ---BeginMessage--- To whom it may concern, The attached advisory and email was originally submitted on Feb 08, 2006, but a response has not yet been received. In accordance with our vendor disclosure policy (http://labs.idefense.com/legal.php#disclosure) we will proceed with public disclosure of this issue if acknowledgment of receipt is not received within five business days. Regards, Joshua J. Drake iDefense Labs pub_Apache httpd suexec Multiple Vulnerabilities.txt Description: Binary data - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]---End Message---
Re: [Fwd: iDefense Final Notice [IDEF1445]]
William A. Rowe, Jr. wrote: Not acked. Acked now. Bloody Hell
Re: [Fwd: iDefense Final Notice [IDEF1445]]
William A. Rowe, Jr. wrote: Not acked. Well, I've notified Joshua of our inadvertent disclosure, and welcome dev@ feedback and analysis of the specifics in the report (w.r.t. 1.3, 2.0, and/or 2.2). We've committed to provide him some update by tomorrow afternoon, as they would love to publish 1. workarounds 2. best practices issues 3. proposed patches and/or 4. next release/resolution details in their normal advisory process.
Re: [Fwd: iDefense Final Notice [IDEF1445]]
William A. Rowe, Jr. wrote: dev@ feedback and analysis of the specifics in the report (w.r.t. 1.3, 2.0, and/or 2.2). quote At line #500 of the suexec utility, a strncmp() is used to check whether the current directory is a subdirectory of the document root directory. This check will succeed in situations where there exists a directory which begins with the same sequence, but contains extra content. For example, if the document root is /var/www/html, the test will also succeed for /var/www/html_backup and /var/www/htmleditor. A correct test would also perform a check that the next character is a trailing null-terminator or directory separator. /quote FWIW, it's manditory in any mass vhost scenario that the directories above the varying userspaces would be owned by root (or privilaged role user). Similar to the ownership of / and /home. It would be best-practice not to suexec-enable the entire web space but a specific cgi directory within the userspace. Ergo... 1. root assigns the 'similar names' cited above moving from host-to-host. Ergo the possibility of /webs/joe being able to exploit this against /webs/joe2 are relatively remote. 2. given that ownership is conveyed to /webs/joe/cgi-bin/ distinct from /webs/joe2/cgi-bin - the path length escape is relatively difficult in a sane layout to exploit. All of this relates to the issue 1. in the report, of course, in that the ownership of those parent directories is incredibly important to prevent such exploits, and this is universally accepted as a best practice to create less-restrictive directories down the directory tree, and never leave a higher level parent directory with more open permissions. That said, this issue deserves attention. quote The check performed at line #524 does not verify whether a path to the CGI script (cmd) is a regular file or not. If the path is pointing at a subdirectory owned by the appropriate user and group of a directory owned by the appropriate user and group, it will be accepted as a valid path to be executed (provided all other checks succeed). /quote If a directory, it's not executable. Difficult to see an exploit here. But another edge case to address.
[STATUS] (httpd-trunk) Wed Mar 28 23:47:41 2007
APACHE 2.3 STATUS: -*-text-*- Last modified at [$Date: 2006-08-22 16:41:03 -0400 (Tue, 22 Aug 2006) $] The current version of this file can be found at: * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS Documentation status is maintained seperately and can be found at: * docs/STATUS in this source tree, or * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS Consult the following STATUS files for information on related projects: * http://svn.apache.org/repos/asf/apr/apr/trunk/STATUS * http://svn.apache.org/repos/asf/apr/apr-util/trunk/STATUS Patches considered for backport are noted in their branches' STATUS: * http://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x/STATUS * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS Release history: [NOTE that x.{odd}.z versions are strictly Alpha/Beta releases, while x.{even}.z versions are Stable/GA releases.] 2.3.0 : in development Contributors looking for a mission: * Just do an egrep on TODO or XXX in the source. * Review the bug database at: http://issues.apache.org/bugzilla/ * Review the PatchAvailable bugs in the bug database: https://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEWbug_status=ASSIGNEDbug_status=REOPENEDproduct=Apache+httpd-2keywords=PatchAvailable After testing, you can append a comment saying Reviewed and tested. * Open bugs in the bug database. CURRENT RELEASE NOTES: RELEASE SHOWSTOPPERS: * Handling of non-trailing / config by non-default handler is broken http://marc.theaimsgroup.com/?l=apache-httpd-devm=105451701628081w=2 jerenkrantz asks: Why should this block a release? wsanchez agrees: this may be a change in behavior, but isn't clearly wrong, and even if so, it doesn't seem like a showstopper. * the edge connection filter cannot be removed http://marc.theaimsgroup.com/?l=apache-httpd-devm=105366252619530w=2 jerenkrantz asks: Why should this block a release? stas replies: because it requires a rewrite of the filters stack implementation (you have suggested that) and once 2.2 is released you can't do that anymore. CURRENT VOTES: * If the parent process dies, should the remaining child processes gracefully self-terminate. Or maybe we should make it a runtime option, or have a concept of 2 parent processes (one being a hot spare). See: Message-ID: [EMAIL PROTECTED] Self-destruct: Ken, Martin, Lars Not self-destruct: BrianP, Ian, Cliff, BillS Make it runtime configurable: Aaron, jim, Justin, wrowe, rederpj, nd /* The below was a concept on *how* to handle the problem */ Have 2 parents: +1: jim -1: Justin, wrowe, rederpj, nd +0: Lars, Martin (while standing by, could it do something useful?) * Make the worker MPM the default MPM for threaded Unix boxes. +1: Justin, Ian, Cliff, BillS, striker, wrowe, nd +0: BrianP, Aaron (mutex contention is looking better with the latest code, let's continue tuning and testing), rederpj, jim -0: Lars pquerna: Do we want to change this for 2.2? RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: * Patches submitted to the bug database: http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEWbug_status=ASSIGNEDbug_status=REOPENEDproduct=Apache+httpd-2keywords=PatchAvailable * Filter stacks and subrequests, redirects and fast redirects. There's at least one PR that suffers from the current unclean behaviour (which lets the server send garbage): PR 17629 nd says: Every subrequest should get its own filter stack with the subreq_core filter as bottom-most. That filter does two things: - swallow EOS buckets - redirect the data stream to the upper request's (rr-main) filter chain directly after the subrequest's starting point. Once we have a clean solution, we can try to optimize it, so that the server won't be slow down too much. * RFC 2616 violations. Closed PRs: 15857. Open PRs: 15852, 15859, 15861, 15864, 15865, 15866, 15868, 15869, 15870, 16120, 16125, 16126, 16133, 16135, 16136, 16137, 16138, 16139, 16140, 16142, 16518, 16520, 16521, jerenkrantz says: need to decide how many we need to backport and/or if these rise to showstopper status. wrowe suggests: it would be nice to see MUST v.s. SHOULD v.s. MAY out of this list, without reviewing them individually. * There is a bug in how we sort some hooks, at
[STATUS] (httpd-2.0) Wed Mar 28 23:48:18 2007
APACHE 2.0 STATUS: -*-text-*- Last modified at [$Date: 2007-03-20 22:53:42 -0500 (Tue, 20 Mar 2007) $] The current version of this file can be found at: * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS Documentation status is maintained seperately and can be found at: * docs/STATUS in this source tree, or * http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/docs/STATUS Consult the following STATUS files for information on related projects: * http://svn.apache.org/repos/asf/apr/apr/branches/0.9.x/STATUS * http://svn.apache.org/repos/asf/apr/apr-util/branches/0.9.x/STATUS Consult the trunk/ for all new development and documentation efforts: * http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS * http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/STATUS Release history: 2.0.60 : in maintenance 2.0.59 : released July 28, 2006 as GA. 2.0.58 : released May 1, 2006 as GA. 2.0.57 : tagged April 19, 2006, not released. 2.0.56 : tagged April 16, 2006, not released. 2.0.55 : released October 16, 2005 as GA. 2.0.54 : released April 17, 2005 as GA. 2.0.53 : released February 7, 2005 as GA. 2.0.52 : released September 28, 2004 as GA. 2.0.51 : released September 15, 2004 as GA. 2.0.50 : released June 30, 2004 as GA. 2.0.49 : released March 19, 2004 as GA. 2.0.48 : released October 29, 2003 as GA. 2.0.47 : released July 09, 2003 as GA. 2.0.46 : released May 28, 2003 as GA. 2.0.45 : released April 1, 2003 as GA. 2.0.44 : released January 20, 2003 as GA. 2.0.43 : released October 3, 2002 as GA. 2.0.42 : released September 24, 2002 as GA. 2.0.41 : rolled September 16, 2002. not released. 2.0.40 : released August 9, 2002 as GA. 2.0.39 : released June 17, 2002 as GA. 2.0.38 : rolled June 16, 2002. not released. 2.0.37 : rolled June 11, 2002. not released. 2.0.36 : released May 6, 2002 as GA. 2.0.35 : released April 5, 2002 as GA. 2.0.34 : tagged March 26, 2002. 2.0.33 : tagged March 6, 2002. not released. 2.0.32 : released Feburary 16, 2002 as beta. 2.0.31 : rolled Feburary 1, 2002. not released. 2.0.30 : tagged January 8, 2002. not rolled. 2.0.29 : tagged November 27, 2001. not rolled. 2.0.28 : released November 13, 2001 as beta. 2.0.27 : rolled November 6, 2001 2.0.26 : tagged October 16, 2001. not rolled. 2.0.25 : rolled August 29, 2001 2.0.24 : rolled August 18, 2001 2.0.23 : rolled August 9, 2001 2.0.22 : rolled July 29, 2001 2.0.21 : rolled July 20, 2001 2.0.20 : rolled July 8, 2001 2.0.19 : rolled June 27, 2001 2.0.18 : rolled May 18, 2001 2.0.17 : rolled April 17, 2001 2.0.16 : rolled April 4, 2001 2.0.15 : rolled March 21, 2001 2.0.14 : rolled March 7, 2001 2.0a9 : released December 12, 2000 2.0a8 : released November 20, 2000 2.0a7 : released October 8, 2000 2.0a6 : released August 18, 2000 2.0a5 : released August 4, 2000 2.0a4 : released June 7, 2000 2.0a3 : released April 28, 2000 2.0a2 : released March 31, 2000 2.0a1 : released March 10, 2000 Contributors looking for a mission: * Just do an egrep on TODO or XXX in the source. * Review the bug database at: http://issues.apache.org/bugzilla/ * Review the PatchAvailable bugs in the bug database: http://issues.apache.org/bugzilla/buglist.cgi?bug_status=NEWbug_status=ASSIGNEDbug_status=REOPENEDproduct=Apache+httpd-2.0keywords=PatchAvailable After testing, you can append a comment saying Reviewed and tested. * Open bugs in the bug database. CURRENT RELEASE NOTES: * Forward binary compatibility is expected of Apache 2.0.x releases, such that no MMN major number changes will occur. Such changes can only be made in the trunk. * All commits to branches/2.0.x must be reflected in SVN trunk, as well, if they apply. Logical progression is commit to trunk, get feedback and votes on list or in STATUS, then merge into branches/2.2.x, and finally merge into branches/2.0.x, as applicable. RELEASE SHOWSTOPPERS: * mod_proxy: ProxyTimeout (and others) ignored due to not merging the *_set params. PR# 11540 Trunk version of patch: http://svn.apache.org/viewvc?view=revrevision=507516 2.0 version: http://people.apache.org/~jim/patches/httpd-2.0-proxy.patch +1: jim, minfrin, wrowe PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ please place SVN revisions from trunk here, so it is easy to identify exactly what the proposed changes are! Add all new proposals to the end of this list. ] *) Reverse Proxy fixes: Location bug and Cookie support
RE: Repeated NTLM authentication boxes for OWA 2k3 with Reverse P roxying Apache 2.2
Hi Rüdiger/all Thanks for the reply But is there any workaround available for using NTLM with MPM worker or a way to turn off connection pooling. Regards Manmeet Singh -Original Message- From: Plüm, Rüdiger, VF-Group [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 28, 2007 4:34 PM To: dev@httpd.apache.org Subject: Re: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2 NTLM currently does not work with httpd 2.2.x and reverse proxy configurations due to the fact that httpd 2.2.x uses connection pooling for its backend connections. NTLM does not respect the fact that HTTP is a stateless protocol. Thus is fails. See also: http://issues.apache.org/bugzilla/show_bug.cgi?id=39673 http://issues.apache.org/bugzilla/show_bug.cgi?id=39673 Regards Rüdiger -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] Gesendet: Mittwoch, 28. März 2007 12:56 An: dev@httpd.apache.org Betreff: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2 Hi all I have made following setup with Apache 2.2 Client ---https--- Apache 2.2.3 OWA 2k3 server in my conf I have Listen 172.25.12.146:80 VirtualHost 172.25.12.146:80 DocumentRoot /myroot/abc/ ServerName application.owa.com IfDefine PROXY ProxyPass/ http://application.owa.com/ http://application.owa.com/ ProxyPassReverse / http://application.owa.com/ http://application.owa.com/ ProxyPassReverse / http://application.owa.com:80/ http://application.owa.com:80/ ProxyPassReverse / http://172.25.11.33/ http://172.25.11.33/ ProxyPassReverse / http://172.25.11.33:80/ http://172.25.11.33:80/ /IfDefine /VirtualHost but when I try to connect I get repeated NTLM authentication boxes but OWA resource is available after many attempts.If I click any other link on OWA it again asks for NTLM authentication. Also the very same httpd.conf and network setup is working fine with Apache 2.0.53 hust replacing the httpd Is there any change in the two version regarding the same Or if anyone has experienced this .Please help. Thanks/regards Manmeet Singh The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it. The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it.
Re: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2
Maybe this still works if you use the prefork MPM, because in this case the connection pool per server process is limited to 1 connection. Please let us know if this works such that this can be added as a comment to http://issues.apache.org/bugzilla/show_bug.cgi?id=39673. Regards Rüdiger -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 29. März 2007 07:03 An: dev@httpd.apache.org Betreff: RE: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2 Hi Rüdiger/all Thanks for the reply But is there any workaround available for using NTLM with MPM worker or a way to turn off connection pooling. Regards Manmeet Singh -Original Message- From: Plüm, Rüdiger, VF-Group [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 28, 2007 4:34 PM To: dev@httpd.apache.org Subject: Re: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2 NTLM currently does not work with httpd 2.2.x and reverse proxy configurations due to the fact that httpd 2.2.x uses connection pooling for its backend connections. NTLM does not respect the fact that HTTP is a stateless protocol. Thus is fails. See also: http://issues.apache.org/bugzilla/show_bug.cgi?id=39673 Regards Rüdiger -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] Gesendet: Mittwoch, 28. März 2007 12:56 An: dev@httpd.apache.org Betreff: Repeated NTLM authentication boxes for OWA 2k3 with Reverse Proxying Apache 2.2 Hi all I have made following setup with Apache 2.2 Client ---https--- Apache 2.2.3 OWA 2k3 server in my conf I have Listen 172.25.12.146:80 VirtualHost 172.25.12.146:80 DocumentRoot /myroot/abc/ ServerName application.owa.com IfDefine PROXY ProxyPass/ http://application.owa.com/ ProxyPassReverse / http://application.owa.com/ ProxyPassReverse / http://application.owa.com:80/ ProxyPassReverse / http://172.25.11.33/ ProxyPassReverse / http://172.25.11.33:80/ /IfDefine /VirtualHost but when I try to connect I get repeated NTLM authentication boxes but OWA resource is available after many attempts.If I click any other link on OWA it again asks for NTLM authentication. Also the very same httpd.conf and network setup is working fine with Apache 2.0.53 hust replacing the httpd Is there any change in the two version regarding the same Or if anyone has experienced this .Please help. Thanks/regards Manmeet Singh The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it. The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it.