Re: Chasing a segfault

[Eric Covener]

On Fri, Oct 22, 2021 at 8:49 PM miim  wrote:
>
> I have a relatively simple module which is nonetheless causing Apache to 
> intermittently segfault.
>
> I've added debugging trace messages to be sent to the error log, but the lack 
> of anything in the log at the time of the segfault leads me to think that the 
> error log is not flushed when a message is sent.  For example, a segfault 
> occurs at 00:18:04, last previous request was at 00:15:36, so clearly the new 
> request caused the segfault.   But not even the "Here I am at the handler 
> entry point" (see below) gets into the logfile before the server log reports 
> a segfault taking down Apache.
>
>
>   /* Retrieve the per-server configuration */
>   mod_bc_config *bc_scfg = ap_get_module_config(r->server->module_config,
>   _module);
>   if (bc_scfg->bc_logdebug & 0x00200)
>  ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r,
>"mod_bridcheck: Enter bridcheck_handler");
>
>
> I could turn on core dumping but (a) I am no expert at decoding core dumps 
> and (b) I don't want to dump this problem on somebody else.

I think this is probably the best way to go, even if you don't go
farther than the stack which is not a lot. It is a good skill to build
anyway.
An alternative is to get backtraces in the error_log:
https://emptyhammock.com/projects/httpd/diag/

> So ... is there a way to force Apache to flush the error log before 
> proceeding?

It is probably memory corruption that clobbers some memory used by a
different module on a later request. I've not really seen buffering of
these kinds of messages at all in httpd.

On linux running the server with environment variable MALLOC_CHECK_=2
might get it to crash earlier/closer to the mismanagement. Or running
it under valgrind if you can do it in a low-load environment.

-- 
Eric Covener
cove...@gmail.com

Re: Graceful restart

[Eric Covener]

On Thu, Sep 30, 2021 at 9:54 AM Florian Wagner  wrote:
>
> Hi everyone,
>
> for a module I'm writing I need know - preferably in my post_config
> handler - if the webserver was gracefully reloaded (SIGUSR1) just now.
> Is there some simple solution to accomplish this?

Maybe the config generation helps?  You can see the value in
/server-status interactively.

ap_generation_t my_generation;
ap_mpm_query(AP_MPMQ_GENERATION, _generation);

Re: Hook function meta data?

[Eric Covener]

On Wed, Mar 24, 2021 at 8:50 AM Mike Summers  wrote:
>
> I would like to have a single hook that runs before any one of a number of
> predecessor modules, is there a way for the hook to know which module it's
> running before? I don't see anything that looks like "hook meta data" in
> request_rec.

Maybe code from mod_info helps?

Re: Implement hmac using APR

[Eric Covener]

See apr_crypto_key() in apr-util 1.6.x and later.   I think you might
need 1.7.x and later to do this specifically for
APR_CRYPTO_KTYPE_HMAC.

Your APR will need crypto support enabled which adds a dependency on
some platform crypto library (like openssl)  The platform crypto
library does the low-level stuff.

On Mon, Jan 25, 2021 at 11:23 AM Riccardo Vacirca
 wrote:
>
> Hi everyone
> is it possible to implement the following code using Apache APR  library? I 
> can't find code examples. Thanks
>
> digest = base64encode(
> hmac("sha256",
>  "secret",
>  "GET+/users/username/account+20apr201312:59:24+123456"))



-- 
Eric Covener
cove...@gmail.com

Re: TCP socket wothout HTTP protocol

[Eric Covener]

On Tue, Apr 14, 2020 at 11:16 AM Sébastien Mizrahi  wrote:
>
> Hi,
>
> For some reasons, I would like to read natively TCP socket in an Apache 
> module. The request is not encapsulated in HTTP protocol end the client send 
> raw data.
> I have already an apache module that manage standard HTTP request and I would 
> like to mutualise the code.
>

The test suite has "weird" modules that are not HTTP that you might
have a look at

https://svn.apache.org/repos/asf/httpd/test/framework/trunk

./c-modules/nntp_like/mod_nntp_like.c is what I was thinking of. Just
from seeing it scroll by.

There is also mod_ftp: https://httpd.apache.org/mod_ftp/

Re: How to write to log from own functions?

[Eric Covener]

On Wed, Jul 31, 2019 at 9:44 AM Bill Moo  wrote:
>
> As the subject says really. How can I write to the log from my own
> functions I see nothing (obvious) in the documentation on how to do
> this. The functions that are there require a server_rec, connection or
> pool pointer, that I don’t have access to in my own functions.

ap_log_rerror is passed a request_rec. If you want to use apache's
logging, find a way to pass a request or conn_rec or pool down.

Re: No content returned from directive handler sample.

[Eric Covener]

On Tue, Jul 30, 2019 at 11:41 AM Bill Moo  wrote:
>
> Hey, thanks for the quick reply. But I'll be honest and confess to not
> knowing exactly what you are meaning. If I do understand correctly
> then the Location is correct but the Directory entry needs to be
> /var/www/html/info is this correct?

Yes, it should be a full filesystem path  -- if you need that kind of
section at all.
2nd caveat -- proxy-like modules can short-circuit the mapping
altogether and no directory section may match.

Re: No content returned from directive handler sample.

[Eric Covener]

On Tue, Jul 30, 2019 at 11:07 AM Bill Moo  wrote:
>
> Hello,
>
> I am embarking on my first module and using the Apache provided
> example to dump my module's configuration as my starting point I’m
> having no real success.
>
> I have configured everything as per the sample and compiled and
> configured using:
>
> sudo apxs -i -a -n mod_graphing -c mod_graphing.c
>
> I have to provide the -n mod_graphing parameter as without it I get :
> apxs:Error: Sorry, cannot determine bootstrap symbol name.
>
> The name (mod_graphing) being the same as the module tag. In addition
> to this when I try to restart the server I get a Syntax error on the
> generated mod_graphing.load file as it has appended _module to my
> mod_graphing!
>
> Assuming my interpretation is correct I created a mod_graphing.conf
> file and added to it:
>
> 
> SetHandler configHandler
> 
>
> 
> sqlConnection "SQL Connection String"
> sqlUserInfo username password
> 

Does something cause the /info URL to be mapped to the actual
directory /info?  It looks like it should be a filesystem path in the
latter.

Re: Reference to core request fails during compile

[Eric Covener]

On Sun, Jan 27, 2019 at 4:00 PM miim  wrote:
>
>
> Eric, you nailed the problem down precisely.
>
> Unfortunately while digging through the core source code it develops that 
> getting the document root out of the core data structures is not a 100% 
> reliable solution.  Comments associated with the document root entries 
> specifically state that If the URI has been internally rewritten to use a 
> filename that is permitted but out of the server root, then the data in those 
> entries does not apply to the specific request.
>
> This was all prompted by an issue in mod_nsf.  The incoming URL was of the 
> form
>
> http://www.server.com/index.html/wp-includes/wlwmanifest.xml
>
> but mod_nsf found r->filename to contain
>
> /www/server-root/index.html
>
> instead of (what I would consider to be correct)
>
> /www/server-root/index.html/wp-includes/wlwmanifest.xml
>
> which caused mod_nsf to say "Yes, the file's there, request is OK" instead of 
> "Crafty, but still no such file, put 'em on the ban list."
>
> I'll need to think on this a bit more before going back to it.

You'll find the rest in r->path_info as in CGI's PATH_INFO.


-- 
Eric Covener
cove...@gmail.com

Re: Reference to core request fails during compile

[Eric Covener]

On Sat, Jan 26, 2019 at 6:46 PM miim  wrote:
>
> I have undefined reference errors in an Apache module.  I've cut the source 
> code down to a minimum that reproduces the error. Below is the source for 
> "mod_test.c" ...
>
> 
> #include "httpd.h"
> #include "http_config.h"
> #include "http_request.h"
> #include "http_protocol.h"
> #include "http_core.h"
> #include "http_main.h"
> #include "http_log.h"
> #include "ap_mpm.h"
> #include "apr_strings.h"
> #include 
> #include 
> #include 
> #include 
> #include 
> #include 
> #include 
>
> module AP_MODULE_DECLARE_DATA test_module;
>
> static int test_handler(request_rec *r);
> static int test_init(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, 
> server_rec *s);
>
> /* Structure containing state information for the module */
>
> typedef struct {
> } ns_mod_config;
>
>
> static int ns_typematch(request_rec *r) {
>
>   ns_mod_config *ns_scfg = ap_get_module_config(r->server->module_config,
>   _module);
>
>   core_request_config *creq_cfg;
>   creq_cfg = ap_get_core_module_config(r->request_config);
>
>   return 0;
> }
>
> module AP_MODULE_DECLARE_DATA test_module = {
> STANDARD20_MODULE_STUFF,NULL,NULL,NULL,NULL,NULL,NULL};
> 
>
> I am using a more-or-less standard Makefile for compiling the module (note 
> that the install option has been removed as this is a test to demonstrate the 
> problem.)
>
> 
> APXS=/usr/local/apache2/bin/apxs
> APXS_OPTS=-Wc, -Wc,-DDST_CLASS=3
> SRC=src/mod_test.c
> OBJ=src/.libs/mod_test.so
>
> $(OBJ): $(SRC)
> @echo
> $(APXS) $(APXS_OPTS) -c $(SRC)
> @echo
> @echo write '"make install"' to install module
> @echo
>
> clean:
> rm -f src/.libs/*
> rm -f src/*.o
> rm -f src/*.lo
> rm -f src/*.la
> rm -f src/*.slo
> rmdir src/.libs
> 
>
> The compile fails as follows:
>
> 
> /usr/local/apache2/bin/apxs -Wc, -Wc,-DDST_CLASS=3 -c src/mod_test.c
> /usr/local/apache2/build/libtool --silent --mode=compile gcc -prefer-pic   
> -DLINUX -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -O2 -pthread 
> -I/usr/local/apache2/include  -I/usr/local/apache2/include   
> -I/usr/local/apache2/include   -DDST_CLASS=3  -c -o src/mod_test.lo 
> src/mod_test.c && touch src/mod_test.slo
> src/mod_test.c: In function âns_typematchâ:
> src/mod_test.c:34:3: error: unknown type name âcore_request_configâ
>core_request_config *creq_cfg;
>^~~
> src/mod_test.c:35:14: warning: implicit declaration of function 
> âap_get_core_module_configâ [-Wimplicit-function-declaration]
>creq_cfg = ap_get_core_module_config(r->request_config);


is /usr/local/apache2 Apache 2.2.x instead of 2.4.x?

2.2 is far past end of support, but:
 - 2.2 required modules to define CORE_PRIVATE before seeing this structure.
 - 2.2 also has no ap_get_core_module_config so you can't use that
2.4-ism (this is actually the 2nd error quoted above)

Re: post response hook

[Eric Covener]

On Mon, Jun 25, 2018 at 2:22 PM Alan Nilsson  wrote:
>
> Is there a hook that runs after a response is sent to client but before the 
> process (prefork execution model) is queued up to take another request?
>
> We have a module that, as part of its job, is to accept uploaded files and 
> stash them away at a special place.  I would like to add functionality such 
> that the uploaded file also gets sent to 1 or more other servers for backup 
> purposes.  However, I don't want the client to have to wait for all of those 
> distribution events before it gets told that everything is OK.  If there is 
> no hook that would work for this, is it safe to spawn a pthread to simply 
> send the file elsewhere then die?
>

Two simple options -- you can either use log_transaction or register a
cleanup on the request pool at any earlier request hook.

Re: Change the content-length header for other filters

[Eric Covener]

On Thu, Dec 22, 2016 at 8:37 AM, Andre Rothe
<andre.ro...@zks.uni-leipzig.de> wrote:
> I don't know, how mod_webobjects will read the request content,
> but it seems, that my changes on the request are not transparent.
> It is not a problem of the transmitted data, it is a length problem
> (if I don't change the content length, the request will be processed).


It uses the old ap_get_client_block() interface instead of using the
bucket brigade directly.  It does appear to copy the content length
before the first read is performed [meaning your input filter has not
run for the first time when it looks at the length).


-- 
Eric Covener
cove...@gmail.com

Re: Authz provider module: r->server->server_scheme is (null)

[Eric Covener]

On Thu, Apr 28, 2016 at 11:27 AM, Lukáš Hellebrandt  wrote:
> Why is that? And is there any other way to get the used scheme?

ap_http_scheme(r) for the requests scheme, as opposed to the servers.
This is what the expression parser and mod_rewrite uses.

Re: modify request_rec->args

[Eric Covener]

On Fri, Mar 25, 2016 at 10:22 AM, Justin Kennedy
<jus...@justinkennedy.ca> wrote:
> The plan is for the module to do other things, this is just the first step.
> Any suggestions? Thank you.


It should work. Who sees the unchanged query string? I think it exists
in apr_uri_t form somewhere too.

-- 
Eric Covener
cove...@gmail.com

Re: "hello world" module crashes 2.4 on CentOS 6.7

[Eric Covener]

On Thu, Mar 10, 2016 at 3:59 PM, Justin Kennedy <jus...@justinkennedy.ca> wrote:
>
> I have a pretty simple module that is crashing my server as soon as I
> dereference a pointer that comes from the request_rec pool.


preprocess with -E and look to make sure the httpd headers are coming
from where you expect? Maybe somehow STANDARD20_MODULE_STUFF comes
from 2.4 but other headers are found from 2.2?

-- 
Eric Covener
cove...@gmail.com

hand-tended *.dsp files and Windows

[Eric Covener]

I have an old out-of-tree module that has a copied/hand-written
mod_foo.dsp. I have an entry for it in apache.dsw in my overall Apache
build.

It is a relatively complex module that makes extensive use of stuff
exported from e.g. libhttpd.lib with no issues.

But when I include http_main.h to use ap_server_conf, linking fails on Windows.

I only ever use VC6/msdev, and I build mod_foo via an append to apache.dsw.

When I add /VERBOSE to the link, I can see it searching libhttpd.lib:

Searching Libraries
Searching 
C:\cygwin64\home\covener\REGRES~1\vstudio\Win2003SDK\Lib\kernel32.lib:
Searching 
C:\cygwin64\home\covener\REGRES~1\vstudio\Win2003SDK\Lib\wsock32.lib:
Searching ..\..\..\srclib\apr\Release\libapr-1.lib:
Searching ..\..\..\srclib\apr-util\Release\libaprutil-1.lib:
Searching ..\..\..\Release\libhttpd.lib:
Searching 
C:\cygwin64\home\covener\REGRES~1\vstudio\Win2003SDK\Lib\Advapi32.lib:
Searching \cygwin64\home\covener\SRC\2.4.x\srclib\apr\Release\libapr-1.lib:
Searching 
\cygwin64\home\covener\SRC\2.4.x\srclib\apr-util\Release\libaprutil-1.lib:
Searching \cygwin64\home\covener\SRC\2.4.x\Release\libhttpd.lib:
Searching C:\cygwin64\home\covener\REGRES~1\vstudio\VC6\VC98\Lib\MSVCRT.lib:
Searching 
C:\cygwin64\home\covener\REGRES~1\vstudio\VC6\VC98\Lib\OLDNAMES.lib:
Done Searching Libraries
End Pass1
mod_foo.obj : error LNK2001: unresolved external symbol _ap_server_conf


Anyone have a clue or debug hints?   The sanitized DSP file is here:

http://hastebin.com/iquruyegih.tex

Re: Tracking sent responses

[Eric Covener]

On Fri, Nov 6, 2015 at 11:18 AM, Julien FROMENT
 wrote:
> Does the number of bytes sent written by the log  take into account the fact 
> that a browser could cancel the request halfway through?


The data added by mod_logio does take that into account. It's not 100%
accurate because we cannot tell what has made it out of the box, but
it's not just e.g. the content-length.  It does include headers as
well.

Re: server directives are lost when activating module in vhost

[Eric Covener]

On Wed, Oct 21, 2015 at 9:45 AM, Justin Kennedy  wrote:
> Any ideas?


Maybe you also happen to use your first core directive when you add
your own to httpd.conf, and this causes the cores merge function to be
run.

Re: Linking sqlite in to apache module

[Eric Covener]

On Mon, Jul 13, 2015 at 9:42 AM, Mark Taylor mtt...@gmail.com wrote:
   I am uncertain if LoadModule directive can be used to load
 arbitary .so, but if so that could be an option.

LoadFile is the alternative for that.

Re: You don't have permission to access / on this server : Apache 2.4 Mac os x mavericks

[Eric Covener]

On Wed, Jul 8, 2015 at 5:01 AM, Prakash Premkumar
prakash.p...@gmail.com wrote:
 I installed Apache 2.4 on Mac os x mavericks and when I started the server
 and navigated to URL localhost/. I get the following error.

 Forbidden

 You don't have permission to access / on this server.

 I tried googling and found many posts on the same error. But none of the
 solutions helped.


Not appropriate for modules-dev@httpd.apache.org.

-- 
Eric Covener
cove...@gmail.com

Re: You don't have permission to access /asd on this server

[Eric Covener]

On Tue, Jul 7, 2015 at 7:58 AM, Prakash Premkumar
prakash.p...@gmail.com wrote:
 You don't have permission to access /asd on this server. Server unable to
 read htaccess file, denying access to be safe

 Can you please help me solve this ?


What does the error_log say?

-- 
Eric Covener
cove...@gmail.com

Re: You don't have permission to access /asd on this server

[Eric Covener]

On Wed, Jul 8, 2015 at 8:31 AM, Prakash Premkumar
prakash.p...@gmail.com wrote:
 The error log says

 (13)Permission denied: [client ::1:50441] AH00035: access to / denied
 (filesystem path '/Users/prakash-2282/Desktop/apache') because search
 permissions are missing on a component of the path


Okay, pretty clear then. An alternative to fixing the permissions or
pointing your DocumentRoot elsewhere is to implement a dummy
translate_name or map_to_storage hook (I am not sure which one)

-- 
Eric Covener
cove...@gmail.com

Re: mod_authz_dbd question

[Eric Covener]

These are similar to the hooks that the core uses from APR in every
module. Everyone who has registered with authz_dbd_hook_client_login
gets called until someone returns an error.

Check out the expansion of these macros in apr_hooks.h:

APR_DECLARE_EXTERNAL_HOOK
APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL


I am not sure how usable this def is, since authz_dbd.h doesn't seem
to be a public/installed header.


On Mon, May 4, 2015 at 4:27 PM, Mark Taylor mtt...@gmail.com wrote:
 Hi,

 I'm researching mod_authz_dbd.c and looking at the authz_dbd_login()
 function.  Near its end, this function calls authz_dbd_run_client_login(),
 but I can't find where this function is defined:

 httpd-2.4.12# grep -r authz_dbd_run_client_login .

 returns no results other than modules/aaa/mod_authz_dbd.c.  Does anyone
 know where this function may be defined?

 Thanks,
 Mark



-- 
Eric Covener
cove...@gmail.com

Re: Debugging mod_websocket -- any others out there?

[Eric Covener]

On Tue, Feb 24, 2015 at 7:16 PM, Jacob Champion jacob.champ...@ni.com wrote:
 - Is it even possible/safe to do an asynchronous one thread reads, one
 thread writes operation in a production-quality module? (In other
 words, is mod_websocket just unfixably broken?)

You might check out how mod_spdy shares a connection between threads.

-- 
Eric Covener
cove...@gmail.com

Re: Help needed with Event MPM configuration settings

[Eric Covener]

On Tue, Nov 4, 2014 at 8:05 AM, Rajalakshmi Iyer r...@blismedia.com wrote:

 I need some assistance with tuning Apache with event MPM.


​This looks more appropriate for users@​, which also has a wider audience.

Re: sequence of request

[Eric Covener]

On Thu, Jul 24, 2014 at 12:51 AM, Donatas Abraitis
donatas.abrai...@gmail.com wrote:
 Hello guys,

 is it possible to know the sequence of request is handled? I mean which
 module takes precedence? Because I need to debug why r-filename becomes
 not so as I expected.

mod_info shows you the order the loaded modules will run in for
various phases.  A debugger can also tell you when it changes.

-- 
Eric Covener
cove...@gmail.com

Re: Custom modules : what's the behavior of mod_deflate ?

[Eric Covener]

By default, it would be compressed if it met the normal conditions.
You can opt out a few ways (below in rough order of intrusiveness):

set the no-gzip per-request environment variable (r-subprocess_env)
remove the mod_deflate output filter (mod_proxy_wstunnel.c has an
example of moving a filter)
unset the accept-encoding header before writing your response
set a Content-Encoding: gzip response header

The only reference is mod_deflate.c + output filter basics.


On Mon, Jun 30, 2014 at 5:54 AM, Pierre Lindenbaum
pierre.lindenb...@univ-nantes.fr wrote:
 (cross-posted on SO: http://stackoverflow.com/questions/24486594 )



 I wrote a custom module for as described in:
 http://httpd.apache.org/docs/2.4/developer/modguide.html

 ap_rprintf(r, Hello, world!);

 I've been asked about the behavior of mod_deflate
 http://httpd.apache.org/docs/2.2/mod/mod_deflate.html .

 Will response to the client produced by my module will be compressed by
 mod_deflate if the client accepts the compression with Accept-Encoding: gzip
 ?

 If my response is already gzipped , can I prevent mod_deflate to work ?

 Do you have any reference/link about this ?

 Thanks

 Pierre




-- 
Eric Covener
cove...@gmail.com

Re: Apache module avoiding re-initialization of connection pool in every worker process

[Eric Covener]

On Wed, Jan 1, 2014 at 7:45 AM, ksakhare kiran.sakh...@gmail.com wrote:
 Hi All

 Thanks for the replies. I appriciate the replies but the problem i am
 currently facing is when i initialize the connection pool in worker 1
 (httpd.exe child process), next request may spawn another worker (httpd.exe
 process). As these are two different process the connection pool is
 re-initialized in second worker.

 I would like to avail the connections initialized in first worker from
 second worker process. Is there a way, where i create this connection in
 global memory pool which is accessible across the worker process.

It's complex and most modules with connection pools don't bother with
it. If it was working with prefork, settle for a connection pool per
child which is easy.

Re: Apache module avoiding re-initialization of connection pool in every worker process

[Eric Covener]

On Tue, Dec 31, 2013 at 3:52 AM, ksakhare kiran.sakh...@gmail.com wrote:
 Hi All

 I am building apache module, which maintains the connection pool with
 back-end server. As in prefork mode only one connection pool is created as
 their is only one worker process exist.

 Now I need to port this module on worker mpm, because there are multiple
 worker process, multiple connection pools are getting created.

 How can i initialization connection in once and use these connections across
 the different worker process. Thanks in advacne.

You can keep doing it once per process and share across threads.  If
you don't manage them very smartly today, maybe apr_reslist would help
in the multithreaded case.

Re: Writing apache module for filtering HTTP request on PHP website

[Eric Covener]

On Sat, Dec 21, 2013 at 10:09 PM, farid ridho faridri...@gmail.com wrote:
 I'm going to make simple web application firewall like modsecurity. I want
 to write apache module in C for filtering a web attack like SQL injection.

 I put my web on http://localhost/vulweb my question is, when iam accessing
 http://localhost/vulweb i want the apache module analysis the request
 first, before continuing its to PHP website (if the request is not an
 attack). Can anyone help me to explain how to make a module for this
 purpose? and how to configure this module (sethandler, addhandler)??

 PS: I have already know how to write helloworld apache module with C, and
 run it through http://localhost/helloworld

use ap_hook_fixups to run before the configured handler.  No
configuration will be needed, unless you want your own directives.

Re: How to determine the right vhost in name based vhosting

[Eric Covener]

On Sep 24, 2013 5:40 AM, Christoph Gröver gro...@sitepark.com wrote:


 Hello list, Hello Sorin,

 I tested several different Apaches (2.4.x and 2.2.x) and they never did
 the wanted or expected.

 If I configure more than one VHost only the first one is returned by
 the server-server_hostname structure. The one of the second vhost that
is configured as a ServerName seems
 to be impossible to determine?

 Is there any other way to find the hostname?

When you check, are you in the middle of a request that's mapped to the 2nd
virtual host?  In what phase do you inspect the value? If you define a
logfile in your 2nd vhost, does it accumulate entries?

Re: Threaded vs non-threaded dev package

[Eric Covener]

On Wed, Jul 10, 2013 at 3:44 PM, Alex Bligh a...@alex.org.uk wrote:
 I am compiling a module I have written on Ubuntu Precise. The module will 
 always
 be run on apache-mpm-prefork (i.e. the non-threaded mpm), but the module 
 itself
 uses threads (apr_thread*). Should I be compiling against apache2-threaded-dev
 or apache2-prefork-dev? Or doesn't it matter?

Should not matter.  You probably care about APR_HAS_THREADS which is
more of a platform thing and won't change if someone ships different
httpd MPMS.

--
Eric Covener
cove...@gmail.com

Re: Get name of config file for module

[Eric Covener]

On Thu, May 23, 2013 at 10:39 AM, Sean Beck seanmckayb...@gmail.com wrote:
 OK thank you! I ask because my boss wants me to log the config file info on
 start-up of the server but I have been completely unable to find a way to
 do so, hence why I came to the mailing lists for help. Thanks for the help

You can get info about where any of your own directives are specified.
 The VirtualHost directive remembers where it was found:

s-defn_name = cmd-directive-filename;
s-defn_line_number = cmd-directive-line_num;

Re: Setting cookies and user agent using Apache C API

[Eric Covener]

On Sat, May 4, 2013 at 1:38 AM, Sindhi Sindhi sindhi@gmail.com wrote:
 Hi,

 I get ap_filter_t* filterChain as an input parameter to my Apache C++
 module. I can see that I can get the cookies and user agent from the below
 calls.

 request_rec *currRequest = filterChain-r;
 const char* userAgent = apr_table_get(currRequest-headers_in,
 User-Agent);
 const char *cookieVal = apr_table_get(currRequest-headers_in, cookie);

 Ho can I set cookies and user agent back in the headers using Apache API?


Have a look at mod_headers.

Re: ap_log_rerror limit size

[Eric Covener]

On Wed, Mar 13, 2013 at 6:16 AM, Eric Covener cove...@gmail.com wrote:
 On Wed, Mar 13, 2013 at 6:01 AM, Hoang Vu Dang dang@gmail.com wrote:
 Hi guys,

 Is there any limit of the size of a message log entry? How to control this ?

 I did this:

 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, f-r,
 %s, buffer);

 And the buffer was truncated on the error log. I check the strlen of the 
 buffer and it was about 320K, and I got only around: ~ 8KB

 If it's more than PIPE_BUF, it won't be atomic and can be interleaved
 with other entries.  Are you sure it's truncated and not just spread
 out?

Er if using a piped logger that is.

Re: apache GUI frontend to edit config files

[Eric Covener]

On Mon, Mar 11, 2013 at 6:07 PM, Nce Rt nce...@yahoo.com wrote:

 Is there a GUI tool available to configure and control httpd server? Like 
 editing httpd.conf files, restart server, enable/disable modules, etc from UI.

There are some unpopular ones, and more  web control panel hosting
frontends.  Off-topic here, though.

Re: some key fields of request_rec are null

[Eric Covener]

On Wed, Mar 6, 2013 at 4:21 PM, Nce Rt nce...@yahoo.com wrote:


 A custom handler which is registered to run APR_HOOK_FIRST has these fields 
 null when processing http request:
  r-content_type, r-parsed_uri.scheme

r-content_type is not related to any request header -- it's the
response content type.  It won't be set early, before a response is
generated.

Re: some key fields of request_rec are null

[Eric Covener]

On Wed, Mar 6, 2013 at 6:34 PM, Nce Rt nce...@yahoo.com wrote:
 It's request_rec which represents http Request not Response. look into this 
 data structure for the content-type field.

That's not how the field is used.  If you want to read a Content-Type
request header, read it from r-headers_in.

Re: Possible to call Apache expression processor from module?

[Eric Covener]

On Thu, Jan 10, 2013 at 11:04 AM,  oh...@cox.net wrote:
 Hi,

 I'm starting to work on a new module, and part of the functionality that I'd 
 like to incorporate would involve processing Apache-type expressions to 
 produce a true/false result that my module would then use to decide what to 
 do, in some cases.

 So, I  was wondering if there is some API or interface that is exposed in 
 Apache that would allow my module to  pass the interface an expression, and 
 get a return result of  true/false?

 I'm not sure if what I'm trying to explain is very clear, but if not, please 
 let me know and I'll try again.


You might look at how mod_rewrite uses ap_expr_* (from
include/ap_expr.h) in trunk or 2.4.

--
Eric Covener
cove...@gmail.com

Re: When does Apache restart child processes

[Eric Covener]

 It's possible this is because a burst of requests causes Apache to spin up
 child processes to handle them, but perhaps the load-test generation slows
 down at some point, Apache winds up with idle processes, and closes some
 down?  Is that plausible?

http://httpd.apache.org/docs/2.2/mod/mpm_common.html#minsparethreads
http://httpd.apache.org/docs/2.2/mod/mpm_common.html#maxsparethreads

Re: best way to return the content of a file

[Eric Covener]

 i'm enabling my module with a Location directive:

 Location /data
 SetHandler kcache
 /Location

 and i want to control the execution of the module with an initial check:

 if (!r-handler || strcmp(r-handler, kcache)) return (DECLINED);

 but r-handler is null if the hook is called in ap_hook_translate_name
 state, so how can i check this condition?

You can't check that condition early.  You should implement a
directive to enable your module in these early phases.

Re: required packages for mod_uio.so for Windows Environment

[Eric Covener]

 When I checked the syntax of httpd.conf file by issuing the command
 httpd.exe –t it says Cannot load mod_uio.so into server. The specified
 module could not be found.

 Please reply which dll/package is required to download in windows env.

Ask the vendor of mod_uio.so, not a list about developing modules.

Re: Question about malloc / realloc in module

[Eric Covener]

 But what if a process exists in a faulty way. Perhaps some PHP code
 that exists abnormally?

If the process exits, you've got no worries about memory.  If a thread
hangs [indefinitely], before you can free memory, the memory is
probably the least of your problems.

Re: proxying another protocol to http/https

[Eric Covener]

On Thu, Jul 7, 2011 at 5:18 PM, Ben Noordhuis i...@bnoordhuis.nl wrote:
 On Thu, Jul 7, 2011 at 02:56, Jodi Bosa jodib...@gmail.com wrote:
 I would like to leverage mod_proxy and mod_proxy_http to proxy client
 requests (from another protocol).
 Assuming I have input  output filters that handle the other protocol with
 the client, shouldn't I simply be able to:


 Handler
 {
    r-filename = apr_psprintf(r-pool, proxy:https://%s;, hostname);
    r-proxyreq = PROXYREQ_PROXY;
    return DECLINED; /* to allow mod_proxy to kick in and do it's thing */
 }

 That should work if your handler runs before mod_proxy. Hook it at
 APR_HOOK_REALLY_FIRST.


Or do it in a different hook like translate_name --  like proxy and rewrite do.

Re: Socket transfer from Apache httpd to a non-httpd process

[Eric Covener]

On Thu, Jun 16, 2011 at 10:57 AM, Henrik Strand henrik.str...@axis.com wrote:
 Hi Ben,

 I've tried that but with no success. The problem (i.e., that the
 connection is closed) still remains.

Check out mod_proxy_fdpass in trunk, which replaces the socket httpd
is using and lets the external process finish the connection.

Re: Vary:User-Agent, best practices, and making the web faster.

[Eric Covener]

 This encourages all site owners to add Vary:User-Agent to all css and js
 files, whether they actually vary in content or not.

 Does anyone know the history of this recommendation?  Surely that is an
 inappropriate recommendation for mod_deflate.  Vary:Accept-Encoding make
 sense in the context of that filter, but not Vary:User-Agent.

It's because of the other (dated) canned exceptions that set/unset
no-gzip/gzip-only-text/html based on the User-Agent, to second-guess
browsers that send AE:gzip but can't properly deal with it.

Re: APR Shared Memory Usage

[Eric Covener]

 I would assume that subsequent callers could use apr_shm_attach to then
 attach to an existing shared memory segment, however, it appears that this
 function is not used anywhere in the apache (2.2) code base whatsoever.
 (It is used in one or two places in 2.3).

I assume you don't see it in HTTP server because everyone inherits a
reference to shared memory created in the parent process.   Of course
outside of this you don't always have such a relationship.

Maybe the testshm* in apr/test/ would be a good resource?  The APR
tests are always easy to tinker with.

-- 
Eric Covener
cove...@gmail.com

Re: How to parse jsp response in apache handler

[Eric Covener]

On Thu, Mar 24, 2011 at 11:02 AM, Whut  Jia whut_...@163.com wrote:
 Hi,
 all! I want to parse a jsp page in my handler.How can I do it??
 Please help me! In my handler, I do a request (http://www.xxx/xxx.jsp)with 
 libcurl,and then parse returned response ,and draw some infomation.Please ask 
 how to parse this jsp response???


Please don't create duplicate threads.  Someone already recommended an
example of an HTML parsing module -- what more advice could you want?

Re: Saving the original request URI ahead of a mod_rewrite

[Eric Covener]

On Sat, Mar 12, 2011 at 10:26 PM, Ben Noordhuis i...@bnoordhuis.nl wrote:
 On Sun, Mar 13, 2011 at 04:02, Eric Covener cove...@gmail.com wrote:
 OP specifically mentions internal redirect and rewrite-in-htaccess.

 Hah, the moment I fired off that email I thought oh wait, mod_rewrite
 *does* do an internal redirect somewhere.

 Internal redirects share a pool so your suggestion would work but
 following r-main is still the better solution, I think, if only
 because it works for both redirects and sub-requests.

r-main doesn't change on an internal redirect AFAICT.

Re: Saving the original request URI ahead of a mod_rewrite

[Eric Covener]

 So I like #1 best.  Any other opinions or ideas?

I solved a similar problem recently by using apr_pool_userdata_set on
r-pool which you can still find after the internal redirects of
rewrite in htaccess / with PT flag.

Re: mod_ruby on Apache for Windows 2.2.17

[Eric Covener]

On Fri, Feb 11, 2011 at 2:25 AM, Zeno Davatz zdav...@gmail.com wrote:
 Hi

 I am trying to debug mod_ruby to load in Apache for Windows. So far
 Apache for Windows does start with mod_ruby.so but it seems that httpd
 does not start correctly with mod_ruby enabled in Apache for Windows.

 The steps I took to compile mod_ruby for Apache for Windows 2.2.17
 with MinGW are here:

you should eliminate mingw from the equation if you're mostly
interested in the ruby side.

Re: mod_ruby on Apache for Windows 2.2.17

[Eric Covener]

 I can execute Ruby as a CGI-script without a problem with these simple
 VirtualHost settings (I tested it with test.rbx)

What does that have to do with debugging mod_ruby?

Re: mod_ruby on Apache for Windows 2.2.17

[Eric Covener]

 Apache on Linux does not do that? Our Apache on Linux with mod_ruby
 sometimes has over 1'000 sessions and about 30-50 threads open. Memory
 can go up to 10 GB.

Normally Apache on unix uses multiple child processes. See your MPM
and MPM configuration for details.

Re: How to add a cookie header in response headers when do external redirect?

[Eric Covener]

2011/1/17 Whut  Jia whut_...@163.com:
 Hi,
 I want to save accessed uri into response cookie before doing a external 
 redirect,according this way below:
  apr_table_setn(r-headers_out,Location,http://www.idp.com/login.jsp;);
 apr_table_setn(r-headers_out,Set-Cookie,r-uri);
 return HTTP_SEE_OTHER;
 But in client ,I cannot always find cookie header in response headers ，why  
 ?How do I solve this??
 Thanks,

r-err_headers_out?


-- 
Eric Covener
cove...@gmail.com

Re: Overriding mod_rewrite from another module

[Eric Covener]

 The access checking on mod_pagespeed resources is
 redundant, because the resource will either be served from cache (in which
 case it had to be authenticated to get into the cache in the first place) or
 will be decoded and the original resource(s) fetched from the same server
 with full authentication.

Re: suppressing mod_authz_host: This doesn't sound like it guards
against a user that meets the AAA conditions causing the resource to
be cached and served to users who would not have met the AAA
restrictions.  Maybe you are missing a map_to_storage callback to tell
the core that this thing will really, really not be served from the
filesystem.

Re: suppressing rewrite.  Your comments in the src imply that rewrite
is doing some of what you're also suppressing in
server/core.c:ap_core_translate_name().  Also, it's odd that your
scheme for suppressing mod_rewrite wasn't a no-op for rewrite in
htaccess context, since these use the RUN_ALL fixups hook to do its
magic, but maybe you're catching a break there?

Re: Re: compile a file written by C++ into apache

[Eric Covener]

On Tue, Nov 30, 2010 at 8:58 AM, Ben Noordhuis i...@bnoordhuis.nl wrote:
 2010/11/30 whut_jia whut_...@163.com:
 In Apache2.2, I compile a c++ source file with g++ as below：
 g++ -fPIC -shared -o mod_validate.so mod_validate.cpp -I/usr/include/httpd 
 -I/usr/include/apr-1 -I/opt/opensaml/include
 After it , I copy mod_calidate.so into apache module location ,and this 
 module work well.
 But now,in apache2.3,I compile this file in  the same way.it accurs the 
 following error,
     /apache2.3/include/http_config.h:989:error:expected ,or ... before 
 ‘new’
 (In headers file ,The 989th  line is:
 AP_DECLARE(void) ap_merge_log_config(const struct ap_logconf *old,
                                     struct ap_logconf *new);
 )
 I think there are not errors in this line ,but why can i compile it 
 successfullly?

 new is a C++ keyword. Three solutions.

 1. Rename the parameter in http_config.h to new_conf. Bad.
 2. At the top of your source file add #define new new_. Bad.
 3. Make your module C only. Split off the C++ code into a separate file. Good.



I believe this was reported and fixed in trunk over the last month or so.

-- 
Eric Covener
cove...@gmail.com

Re: How do I get hold of session information?

[Eric Covener]

 It looks like mod_session has an API defined in
 http://httpd.apache.org/docs/2.2/sections.html and used by
 mod_auth_form -- I'd probably start there.

whoops, wrong buffer:

modules/session/mod_session.h

-- 
Eric Covener
cove...@gmail.com

Re: Error: invalid ELF header

[Eric Covener]

 What I think is that I will have to compile the module once on linux
 environment. If this is the case, it would be great if anyone can suggest
 good link for compiling and creating modules on Linux machine.

http://httpd.apache.org/docs/current/programs/apxs.html

Re: mod_proxy per-directory settings handling

[Eric Covener]

 Am I wrong? Is there some other reason why mod_proxy needs to go through the
 aliases in forward order, maybe related to regex matching?

Just convention that the first match is the operative one (which is
also why the ! rules have to come before whatever would match them).
 Could make it configurable but probably not a candidate for a change
in default (IMO)


-- 
Eric Covener
cove...@gmail.com

Re: Seeking suggestions on changes to mod_authnz_ldap [and possibly mod_ldap] supporting X.509/LDAP AA [AuthType Certificate]

[Eric Covener]

On Wed, Apr 21, 2010 at 12:49 PM, Thomas, Peter ptho...@hpti.com wrote:
 When the user's certificate subject is also the DN of the LDAP object,
 one can optimize search and compare operations by doing a
 LDAP_SCOPE_BASE search for the object based on the subject DN.  I was
 able to substitute a search for the exact LDAP object in the
 authentication code.  For authorization, I ran into a problem.  The LDAP
 search cache entries for a URL are unique by filter expression.  If ANY
 user was cached for a specific ldap-filter, the search cache has no way
 of knowing that I'm applying that search to a different search base.  I
 could create a separate cache for every user encountered [i.e. by
 changing the base component of the LDAP URL before calling any
 uldap_cache_* function].  That seems painful.  Thoughts?


How important is this optimization to either Apache or the LDAP server?

-- 
Eric Covener
cove...@gmail.com

Re: Seeking suggestions on changes to mod_authnz_ldap [and possibly mod_ldap] supporting X.509/LDAP AA [AuthType Certificate]

[Eric Covener]

On Wed, Apr 21, 2010 at 12:49 PM, Thomas, Peter ptho...@hpti.com wrote:
 When the user's certificate subject is also the DN of the LDAP object,
 one can optimize search and compare operations by doing a
 LDAP_SCOPE_BASE search for the object based on the subject DN.  I was
 able to substitute a search for the exact LDAP object in the
 authentication code.

I thought your goal was for the certificate itself to be the source of authn?

Does the roundtrip to LDAP  during authn add much?

 For authorization, I ran into a problem.  The LDAP
 search cache entries for a URL are unique by filter expression.
 user was cached for a specific ldap-filter, the search cache has no way
 of knowing that I'm applying that search to a different search base.  I
 could create a separate cache for every user encountered [i.e. by
 changing the base component of the LDAP URL before calling any
 uldap_cache_* function].  That seems painful.  Thoughts?

I guess this applies to ldap-user and ldap-filter but not the other
ldap-* -- attributes already use the user DN as the base and groups
use the group as a base -- although if your schema uses the CN as the
group member value you'd have to extract it from the DN.

It does seem like either the cache structure, or the
ldap-user/ldap-filter logic would need an overhaul. 1-cache-per-user
is probably the wrong direction though.


-- 
Eric Covener
cove...@gmail.com

Re: Support for SASL bind in mod_ldap?

[Eric Covener]

On Thu, Mar 18, 2010 at 10:54 AM, Thomas, Peter ptho...@hpti.com wrote:
 Looking at modules/ldap/util_ldap.c , it appears that mod_ldap is
 hard-wired to support only ldap_simple_bind_s.  Has anyone looked into
 enabling SASL authentication in mod_ldap?
 Are there any pitfalls I should be cognizant of if I plan to go down
 that road mysely?

Just portability between SDKs.




-- 
Eric Covener
cove...@gmail.com

Re: How to apply patches for ZLIB and OpenSSL that are in patches_applied directory

[Eric Covener]

2010/3/8 Serj serj...@gmail.com:
 Hi,
 There are no instructions how to apply patches
 http://www.apache.org/dist/httpd/binaries/win32/patches_applied/ to the
 source of Apache 2.2.15 before compiling and linking. How can I do it?

They're just unified diffs.  gnu patch or any compatible piece of software.


-- 
Eric Covener
cove...@gmail.com

Re: Time for a new AuthType: cert?

[Eric Covener]

   1) for authentication:  depend upon mod_ssl configured with an appropriate
 SSLVerifyClient option.  [i.e. decline to authenticate a user if no client
 cert was passed; be configurable to fail or warn stridently if a client cert
 was passed but SSLVerifyClient optional_no_ca is in use]

With you here, the big descision is to whether impersonate basic auth
or to run before it.


   2) for authorization:  like mod_authnz_ldap, support dn, group [to include
 nested group], attribute, and filter require directives

disagree here, why/where are you going to query this stuff?  Why not
just use it in conjunction with LDAP authz?

   3) provide the same flexibility as mod_authnz_ldap with respect to
 configuring the LDAP connection and working with various LDAP libraries


-1 if it were going into the actual Apache distribution!

   4) be configurable to work with users' existing LDAP schemas without
 requiring changes in the directory.

sounds reasonable unless you're drawing a contrast with the current
LDAP auth modules.


 Most of the prior art 3rd party modules I've seen out there seem to fall
 down in one of more of these respects.

 I'm new to Apache module development, and I recognize that stepping outside
 of basic and digest to create an entire new authorization provider type
 might be a lot to bite off.  I invite any suggestions or tips--especially if
 someone has already cracked this nut in an generalizable way.

I think AuthType cert is reasonable as long as you can demonstrate
using the the traditional authz providers.

-- 
Eric Covener
cove...@gmail.com

Re: OAuth WRAP apache module

[Eric Covener]

2010/1/15 Pedro Félix pedrofe...@cc.isel.ipl.pt:

 Now, my main question is how to create a separate building environment for
 this module. I've downloaded the httpd sources, and created several files in
 the source tree (mod_auth_wrap.c, mod_auth_wrap.dep, mod_auth_wrap.mak). I'm
 using the mod_auth_wrap.mak makefile (copied from mod_auth_basic.mak) to
 build the module under windows. However, I would like to create a separate
 building environment (not in the httpd source tree) with only my module and
 all the artifacts required to build it under windows and linux. Any thoughts
 or advices regarding this?

There is a windows flavor of apxs hosted over at mod_perl

-- 
Eric Covener
cove...@gmail.com

Re: Linking in libraries to Apache Module

[Eric Covener]

On Mon, Dec 7, 2009 at 7:07 PM, Devin Ceartas de...@nacredata.com wrote:
 hm. -rpath doesn't seem to be an accepted flag in the apxs included with the
 latest OpenBSD

apxs will pass linker or compiler args down to the respective program
with -Wl, or -Wc, ; it doesn't do anything with them directly.

-- 
Eric Covener
cove...@gmail.com

Re: [OT] ajusting apache timeout

[Eric Covener]

On Sun, Nov 15, 2009 at 3:44 PM, Sam Carleton
scarle...@miltonstreet.com wrote:
 I am working on a Axis2/C module that is hosted by Apache 2.2.  The client
 is .Net 3.5.  I have set the SendTimeout on the .Net binding to 10 minutes
 but things are still timing out in about 30 seconds.

During what?

-- 
Eric Covener
cove...@gmail.com

Re: ap_sub_req_lookup_uri(r-uri, r, NULL)-content_type always returns 'text/plain'?

[Eric Covener]

On Sat, Nov 14, 2009 at 7:37 PM,  oh...@cox.net wrote:

 Our use case is slightly different that the original one for this module.  
 The original code is designed to limit the number of connections from any 
 given IP address, whereas in my case, we want to limit the total number of 
 connections to the entire Apache server instance.

What does this get you over just setting MaxClients directly?

-- 
Eric Covener
cove...@gmail.com

Re: ap_sub_req_lookup_uri(r-uri, r, NULL)-content_type always returns 'text/plain'?

[Eric Covener]

On Sat, Nov 14, 2009 at 8:10 PM,  oh...@cox.net wrote:
 MaxClients was one of the first approaches that I tried when i was asked 
 about this.

 The problem with MaxClients that I found was that it appeared that when it 
 was used, Apache would queue up the requests.  The end-result from the user 
 perspective was that either response time would look really slow, or their 
 browser would eventually timeout, and they'd get (in IE) a The page cannot 
 be displayed.

Wanting your own errordoc makes sense, but the queuing is just:
http://httpd.apache.org/docs/2.2/mod/mpm_common.html#listenbacklog


-- 
Eric Covener
cove...@gmail.com

Re: post-config phase question

[Eric Covener]

On Wed, Nov 11, 2009 at 10:06 AM, Michael Durket
dur...@highwire.stanford.edu wrote:
 Weird, because I'm tracing the entry to post-config in my code and the second
 phase seems to be called 8 times which on my system is the value listed in 
 the StartServers
 directive.

Sounds like you're either hooked into child_init or calling some code
from both post_config and child_init -- can you post the smallest
working module that demonstrates it?

(also on Windows, 4 times is normal -- 2 in the parent and 2 in the child)

-- 
Eric Covener
cove...@gmail.com

Re: Repetitive warnings on ErrorLogs.

[Eric Covener]

On Wed, Sep 9, 2009 at 1:48 PM, Houser, Rickhouser.r...@aoins.com wrote:
 This is a known issue in IBM's 2.0.47 port of Apache (IHS), which was
 fixed in a later upstream version (possibly by the 2.2.8 port, but I
 really can't say for sure).

This message is not unique to IBM's Apache-based server or even 2.0.x.
 One source of the message was resolved in both distributions in 2005,
which I believe is:

http://svn.apache.org/viewvc?view=revrevision=159470

-- 
Eric Covener
cove...@gmail.com

Re: correct hook function after accepting connection

[Eric Covener]

On Fri, Aug 28, 2009 at 10:06 AM, Robert Schulzer...@bytecamp.net wrote:
 Hi,

 is there a hook for dealing with connections *before* any http data is read?
 The reason for this todo would be dropping connections from hosts without
 ever reading the request - keeping slowloris in mind.

ap_hook_pre_connection() is a RUN_ALL.

(not really pre_connection of course, that'd be some feat!)

-- 
Eric Covener
cove...@gmail.com

Re: Module reports busy workers

[Eric Covener]

On Wed, Aug 26, 2009 at 8:47 AM, ricardo13ricardoogra...@gmail.com wrote:

 Hi,

 I would like to implement a module that write information (busy worker and
 idle worker) in file.
 When request is processed, It writes information (ap_log_hook).

 I use mod_status to recovery these information. I don't know about use these
 information in my module.

mod_status is less than a thousand lines of code and already has all
of this logic. What part of mod_status are you having trouble
understanding, specifically?

-- 
Eric Covener
cove...@gmail.com

Re: Module reports busy workers

[Eric Covener]

On Wed, Aug 26, 2009 at 11:56 AM, ricardo13ricardoogra...@gmail.com wrote:

 HI,

 How do I collect these informations in my module ?


Same way mod_status does?


-- 
Eric Covener
cove...@gmail.com

Re: Threads

[Eric Covener]

On Tue, Jul 28, 2009 at 7:54 AM, ricardo13ricardoogra...@gmail.com wrote:

 I thought better and I think that first thread will be delete. Because, all
 post_request_read() hook, I add request, dont need a thread for it.

 Now, second thread's asynchnous. That means, doesn't need a event add
 request for scheduling. It's independent.

 I didn't undestand about talk to your thread standalone.
 What do I will talk for thread ?

I don't understand much of this, but re: my earlier comment:  I
assumed that if you were creating a thread, you'd want to interact
with it in some way to implement your queueing.  It sounded like you
expected the core of Apache to interact directly with your standalone
thread, which it won't do for you.

-- 
Eric Covener
cove...@gmail.com

Re: How do I manipulate request_rec Object in worker.c

[Eric Covener]

On Sun, Jul 19, 2009 at 11:50 PM, ricardo13ricardoogra...@gmail.com wrote:

 One question for I undestand the sequence of hooks.
 Do It means that firstly worker.c processes sockets (accept connections),
 after other modules processes the hooks (post_read_request,
 translate_name, map_to_storage, etc..)??

Yes, although there are connection-related hooks that run in-between
the two things you mentioned.

-- 
Eric Covener
cove...@gmail.com

Re: Module that forward requests

[Eric Covener]

On Tue, Jul 14, 2009 at 7:37 AM, Tom Evanstevans...@googlemail.com wrote:
 On Tue, 2009-07-14 at 03:22 -0700, ricardo13 wrote:

 r-filename = apr_psprintf(r-pool, %s://%s%s%s%s, http, ip_machine,
 port_machine, r-filename);


# of %s in format doesn't agree with # of arguments, right?

-- 
Eric Covener
cove...@gmail.com

Re: Module that forward requests

[Eric Covener]

On Mon, Jul 13, 2009 at 9:34 AM, ricardo13ricardoogra...@gmail.com wrote:

 hi,

 I'm newbie in APR and need develop a module that forward request to cluster.
 The same in mod_rewrite with flag [P].

 That module, I processing the object request_rec-uri and set what machine
 in cluster forward the request.

Look at mod_proxy, mod_jk, mod_serf.


-- 
Eric Covener
cove...@gmail.com

Re: Module that forward requests

[Eric Covener]

On Mon, Jul 13, 2009 at 10:06 AM, ricardo13ricardoogra...@gmail.com wrote:
 It's difficult. I'd suggest finding a way to use existing modules.

 Use or modify, that is.
 Can my module to use mod_proxy for forward requests ? How do I do it ?

I'm not convinced you need a module.  mod_rewrite already illustrates
this with the P flag.

-- 
Eric Covener
cove...@gmail.com

Re: Module that forward requests

[Eric Covener]

On Mon, Jul 13, 2009 at 10:33 AM, ricardo13ricardoogra...@gmail.com wrote:



 Eric Covener wrote:

 On Mon, Jul 13, 2009 at 10:06 AM, ricardo13ricardoogra...@gmail.com
 wrote:
 It's difficult. I'd suggest finding a way to use existing modules.

 Use or modify, that is.
 Can my module to use mod_proxy for forward requests ? How do I do it ?

 I'm not convinced you need a module.  mod_rewrite already illustrates
 this with the P flag.

 Because I need modify request_rec object. You told me (in other topic)
 that cannot modify request_rec object in external program in mod_rewrite.
 I use external program for schedule request.

 My idea is prioritize requests. I will do this form:

 1° Modify field priority in request_rec. (I will create this field in
 request_rec)

Not arbitrarily.  You can store that value in a note (r-notes) and
set/query via rewrite if you're not looking to do much development.




-- 
Eric Covener
cove...@gmail.com

Re: Module that forward requests

[Eric Covener]

On Mon, Jul 13, 2009 at 10:46 AM, ricardo13ricardoogra...@gmail.com wrote:

 Not arbitrarily.  You can store that value in a note (r-notes) and
 set/query via rewrite if you're not looking to do much development.


 You can store that value in a note (r-notes)
 How do I do it ?? Remember, using external program. Because my external
 program classifies requests.


Why do your followups have the same level of quoting as the thing
you're replying to?

-- 
Eric Covener
cove...@gmail.com

Re: Module that forward requests

[Eric Covener]

On Mon, Jul 13, 2009 at 1:30 PM, ricardo13ricardoogra...@gmail.com wrote:
 r-proxyreq == PROXYREQ_PROXY;

 But in httpd.h, the request_rec object hasn't field proxyreq.
 What's this ??

In my 2.2.x headers it's an int in the request_rec.

-- 
Eric Covener
cove...@gmail.com

Re: Memory and pools

[Eric Covener]

On Tue, Jun 30, 2009 at 9:00 AM, Kevac Markoma...@kevac.org wrote:
 Hello

 Is memory (RSS) returned to OS after cleaning pool (for example r-pool)?
 After destroying pool?

 My module uses a lot of memory (~100 MiB). This memory is taken from
 r-pool. But after request is finished, this memory is not returned to
 OS - RSS is 100 MiB.

 Linux 2.6 - httpd-2.2.10

Not by default, see the MaxMemFree directive.  The conventional wisdom
is that some other req on that thread will also soon need the same
high water mark of memory, so better to not go in/out of the heap
library each time.

-- 
Eric Covener
cove...@gmail.com

Re: mod_auth_digest amiss correction

[Eric Covener]

 Am I mistaken in thinking I should not be logged in as admin?  Or that
 there
 is someway to force this to happen?

This is just your browser using stored credentials. It doesn't know
the significance of your logout user.

-- 
Eric Covener
cove...@gmail.com

Re: Deregister and register a single module on passing signal..

[Eric Covener]

On Sun, Apr 19, 2009 at 11:58 PM, Jaysingh Samuel
jayasingh.sam...@hotmail.com wrote:

 1. If iam passing a SigUSR2 signal to the parent process, then will i be able 
 to reload/rerun only my custom Modules,  without reading the config file ?.

No, all the modules are reloaded and the config is re-parsed.

-- 
Eric Covener
cove...@gmail.com

Re: start httpd with one child for debugging

[Eric Covener]

On Tue, Mar 17, 2009 at 7:50 PM, Andrej van der Zee
andrejvander...@gmail.com wrote:
 Hi,

 I believe I read some while ago that it is possible to start httpd
 with only one child (a special for debugging httpd). I am not able to
 find this option anymore. Does such an option really exist?

 Thank you,
 Andrej


-X is the easiest to remember

http://httpd.apache.org/dev/debugging.html


-- 
Eric Covener
cove...@gmail.com

Re: ap_auth_type() -question

[Eric Covener]

On Mon, Feb 23, 2009 at 2:46 AM, Jouni Mäkeläinen
jouni.makelai...@twinkle.fi wrote:

if (!encrypted_sso_str || apr_strnatcmp(encrypted_sso_str, false) == 0) {
if (apr_strnatcasecmp(ap_auth_type(r), auth_xxx) == 0) {

NULL != ap_auth_type(r)?

 *** Segmentation fault *** (ap_auth_type)

 Here is the backtrace from the core dump:
 #0  0x2af41b58b67f in apr_match_glob () from /usr/lib64/libapr-1.so.0
 #1  0x2af4249ebb74 in authenticate_user (r=0x2af42ed75488) at 
 mod_auth_xxx.c:159

Are you sure this debuger was looking at the runtime binaries?   Do
you call apr_match_glob elsewhere?

You might try building with --enable-maintainer-mode


-- 
Eric Covener
cove...@gmail.com

Re: Callback function which is just called before connection is destroyed

[Eric Covener]

On Mon, Feb 23, 2009 at 12:53 PM, Ashish Khare ashis...@gmail.com wrote:
 Hi Eric,

 Thanks for the fast response.
 By Session I mean when the request comes into the picture, the c
 Connection and rrequest_rec parameters are intialized.
 Session ends when the request is served. the c and r parameters got
 destroyed or cleanup.

 Can you please send me the code snippet to register the cleanup function as
 you suggested.

They're not initialized and destroyed together, e.g. keepalive.

See ssl_io_filter_init in modules/ssl/ssl_engine_io.c, except you'd
need to grab the conn_rec from the request_rec.

-- 
Eric Covener
cove...@gmail.com

Re: Making mod_auth_digest mysql

[Eric Covener]

On Thu, Feb 12, 2009 at 3:27 PM, Michele Waldman mmwald...@nyc.rr.com wrote:
 RewriteCond ${REMOTE_USER} . does not seem to work when the REMOTE_USER is
 not defined.  The statement evaluates to true.

 What happens when you use the proper syntax,  %{REMOTE_USER}?

 Lol.  I'm using the proper syntax on the server.  Just checked.

Works for me:  http://apache.pastebin.ca/1335270

.htaccess:
RewriteEngine on
RewriteCond %{REMOTE_USER} .
RewriteRule .* - [G]

127.0.0.1 - - [12/Feb/2009:15:40:42 --0500]
[localhost/sid#954fc98][rid#9578328/initial] (4) RewriteCond: input=''
pattern='.' = not-matched

-- 
Eric Covener
cove...@gmail.com

Re: Making mod_auth_digest mysql

[Eric Covener]

On Thu, Feb 12, 2009 at 3:44 PM, Michele Waldman mmwald...@nyc.rr.com wrote:
 Basically, when I user is logged out, %{REMOTE_USER} is not defined.  It
 seems any rewritecode using an undefined server environment variable always
 evaluates to true.  I don't want this.  I want false if not defined.  I'm
 going to hack apache, if I have to.

That's not the behavior of variables in rewriteconds.

Try a simpler testcase.

-- 
Eric Covener
cove...@gmail.com

Re: Making mod_auth_digest mysql

[Eric Covener]

On Thu, Feb 12, 2009 at 3:49 PM, Michele Waldman mmwald...@nyc.rr.com wrote:
 I'm doing this:

 RewriteEngine On
 RewriteCond %{REMOTE_USER} .
 RewriteRule ^.*$ - [S=1]
 RewriteRule ^.*$ http://domain/logged_out.html?%{N} [R]

 AuthType Digest
 AuthName account
 AuthUserFile /path/.htpasswd
 Require valid-user

 1) The user is logged in.
 2) The user logs out.
 3) In ff, the user hits the backpage button.
 4) The user gets a dialog box to login rather than being redirected.


HTTP is stateless.  You wrote a rule that wants to see if
authentication has already occured, so on some level you're
acknowledging that authentication is processed _before_ your rewrite.

When you configure authentication for a resource, the very same code
that would authenticate you will immediately prompt you for
credentials if they're not provided.  This happens before your
per-directory rewrites have a chance to do anything.

RewriteLog would likely tell you that the conditions/rules are not
evaluated in this scenario, because the 401 is returned before the
fixup hook where rewrite runs in per-dir context

-- 
Eric Covener
cove...@gmail.com

Re: WELCOME to modules-dev@httpd.apache.org

[Eric Covener]

On Wed, Feb 11, 2009 at 1:18 PM, dave man...@gmail.com wrote:
 acfg and bcfg are the arguments to the merge calback. cfg is the result that
 the merge callback returns
 ...
 merge_server{acfg: 0x2b45d35e79d0bcfg:0x2b45dc2385f0cfg:
 0x2b45dc26fff0}
 merge_dir{acfg: 0x2b45d35e79e8bcfg:0x2b45dc2385d8cfg:
 0x2b45dc270458}
 child_init{pid: 2800cfg:0x2b45d35e79d0server:
 0x2b45d355f968} -- recieving the acfg from the merge_server, not the return
 value of the merge_server
 create new
 handler{pid: 2800cfg:0x2b45dc26fff0server:
 0x2b45dc2361b8}  -- recieving the return value of the merge_server
 create new

is this from passing r-server? Are you sure your request was mapped
to a virtualhost?

-- 
Eric Covener
cove...@gmail.com

Re: Making mod_auth_digest mysql

[Eric Covener]

On Fri, Feb 6, 2009 at 8:49 AM, Michele Waldman mmwald...@nyc.rr.com wrote:
 I mean to check server environment variables which is what REMOTE_USER is.

This might be better off on us...@httpd.apache.org

 I just want to know if the variable is defined on the server then I could do
 this:

 RewriteEngine On
 RewriteCond %{REMOTE_USER} -e

I couldn't find any reference to -e, to check if it's empty you can
do != or !^$

 RewriteRule ^(.*)$ - [S=1]
 RewriteRule ^.*$ http://domain/login.html [R]

 Right now when REMOTE_USER is not defined this line gets executed:
 RewriteRule ^(.*)$ - [S=1]

 I want that line to be skipped if REMOTE_USER has not been defined as a
 server environment variable.

In per-vhost context, that will never be set unless you use the
lookahead feature.


 You can see the values in phpinfo();  It is only defined if the user is
 logged in.

That processing is later, so REMOTE_USER may be set by then.

 Why would a nonexistent variable evaluate to true?

Unless i'm confused re: -e, It  seems like your -e would be
interpreted as a regex, but that shouldn't match an empty string
AFAICT.


-- 
Eric Covener
cove...@gmail.com

Re: Antwort: Need help with --activate-module

[Eric Covener]

On Thu, Jan 29, 2009 at 2:57 AM, Shibu Narendranathan
shi...@sonimtech.com wrote:

 SetHandler foo_handler

My 2.2.x apxs -g module says:   if (strcmp(r-handler, foo)) {



-- 
Eric Covener
cove...@gmail.com

Re: multiple processes: but one module init needed

[Eric Covener]

On Sun, Jan 25, 2009 at 11:31 AM, Sander Temme scte...@apache.org wrote:

 http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/examples/mod_example_ipc.c?view=co

 for an example.  The post_config hook is where you want to put your stuff,
 but yes it does get called twice so you may want to use the construction in
 the example module to avoid reallocating certain items.

Buy two, get two free on Windows!

-- 
Eric Covener
cove...@gmail.com

Re: How to get a port number.

[Eric Covener]

On Sun, Jan 18, 2009 at 2:36 PM, wolfgang wolfgang...@gmail.com wrote:
 Hi there,

 I can not get a port number if my apache module is set in the main
 server config and listen port is set to 10080.
 ( the main server config means other than virtual host configs. )

 When my apache module is set in the main server config as follows and
 a client requests http://www.example.com:10080;.

 In httpd.conf,
 ...
 Listen 10080
 Location /
   SetHandler mymodule
 /Location
 

 Then, in mymodule I get the following results.

 request_rec-server-is_virtual is 0.
 ap_get_server_port(request_rec) is 80.  - 80 !? why not 10080 ??
 request_rec-server-port is 0.  - ZERO !? hm...
 request_rec-server-addrs-host_port is 0.   - ZERO... Sure, my
 module is not in a virtual host.


Maybe http://httpd.apache.org/docs/2.2/mod/core.html#usecanonicalphysicalport ?

(or ServerName if it's the only Listen)

-- 
Eric Covener
cove...@gmail.com

Re: multiple source files in a single apache module

[Eric Covener]

On Tue, Jan 13, 2009 at 3:48 PM, wolfgang wolfgang...@gmail.com wrote:
 Hi gurus,

 I made a sample apache module, mod_test, by
 /usr/local/apache/bin/apxs -g -n test.
 Now I want to make the mod_test call the following source ( actually,
 an add_test function ).



 httpd: Syntax error on line 100 of /usr/local/apache/conf/httpd.conf:
 Cannot load /usr/local/apache/modules/mod_test.so into server:
 /usr/local/apache/modules/mod_test.so: undefined symbol: add_test


IIUC, you can just pass a string of .c files to apxs on the command
line.  I'm not sure what Makefile you're starting with.



-- 
Eric Covener
cove...@gmail.com

Re: proxy - as a Handler or a Filter?

[Eric Covener]

On Mon, Dec 15, 2008 at 12:32 PM, Jodi Bosa jodib...@gmail.com wrote:
 Right now I am thinking of writing this as an Apache Handler that reads
 data from a client into a Bucket Brigade and then the Handler create it's
 own Filter chain and invokes the Filter chain on that Bucket Brigade.

I would suggest implementing both the handler and the filter and
leaving them as independent as possible.

-- 
Eric Covener
cove...@gmail.com

Re: Stopping Apache when configuration directive is wrong

[Eric Covener]

On Sun, Nov 23, 2008 at 6:46 PM, Sam Carleton
[EMAIL PROTECTED] wrote:
 Under some circumstances, the value read into my directive will be
 invalid and thus Apache should NOT continue to execute.  What do I
 need to do to tell Apache to stop executing?


Return a non-NULL string from your callback that runs when the
directive is encountered in the config file

-- 
Eric Covener
[EMAIL PROTECTED]

Re: Wrapping an existing hook (2.0)

[Eric Covener]

On Fri, Oct 3, 2008 at 11:11 AM, Houser, Rick [EMAIL PROTECTED] wrote:
 I'm relatively new to module development, but I have a need to wrap a
 function in a proprietary module (no source) registered via a
 check_user_id hook in a proprietary module (mod_auth_saf).  Basically, I
 need to detect an expired password condition.  I've already tried to use
 the normal pre/post hook registration, but that function returns an
 HTTP_UNAUTHORIZED (some internal basic auth password change feature)
 instead of DECLINE, so Apache never runs my call.

If you ask Apache to run your code first, the proprietary module
shouldn't be able to prevent yours from being run. You should be able
to make sure that your own logic runs for the expired password case
and just DECLINE for everything else.

IMO an auth_checker probably shouldn't return DECLINED if it can
lookup a user and specifically find they have an expired password --
could you make a case to IBM for the behavior you ultimately want?

-- 
Eric Covener
[EMAIL PROTECTED]