Re: Chasing a segfault
On Fri, Oct 22, 2021 at 8:49 PM miim wrote: > > I have a relatively simple module which is nonetheless causing Apache to > intermittently segfault. > > I've added debugging trace messages to be sent to the error log, but the lack > of anything in the log at the time of the segfault leads me to think that the > error log is not flushed when a message is sent. For example, a segfault > occurs at 00:18:04, last previous request was at 00:15:36, so clearly the new > request caused the segfault. But not even the "Here I am at the handler > entry point" (see below) gets into the logfile before the server log reports > a segfault taking down Apache. > > > /* Retrieve the per-server configuration */ > mod_bc_config *bc_scfg = ap_get_module_config(r->server->module_config, > _module); > if (bc_scfg->bc_logdebug & 0x00200) > ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r, >"mod_bridcheck: Enter bridcheck_handler"); > > > I could turn on core dumping but (a) I am no expert at decoding core dumps > and (b) I don't want to dump this problem on somebody else. I think this is probably the best way to go, even if you don't go farther than the stack which is not a lot. It is a good skill to build anyway. An alternative is to get backtraces in the error_log: https://emptyhammock.com/projects/httpd/diag/ > So ... is there a way to force Apache to flush the error log before > proceeding? It is probably memory corruption that clobbers some memory used by a different module on a later request. I've not really seen buffering of these kinds of messages at all in httpd. On linux running the server with environment variable MALLOC_CHECK_=2 might get it to crash earlier/closer to the mismanagement. Or running it under valgrind if you can do it in a low-load environment. -- Eric Covener cove...@gmail.com
Re: Graceful restart
On Thu, Sep 30, 2021 at 9:54 AM Florian Wagner wrote: > > Hi everyone, > > for a module I'm writing I need know - preferably in my post_config > handler - if the webserver was gracefully reloaded (SIGUSR1) just now. > Is there some simple solution to accomplish this? Maybe the config generation helps? You can see the value in /server-status interactively. ap_generation_t my_generation; ap_mpm_query(AP_MPMQ_GENERATION, _generation);
Re: Hook function meta data?
On Wed, Mar 24, 2021 at 8:50 AM Mike Summers wrote: > > I would like to have a single hook that runs before any one of a number of > predecessor modules, is there a way for the hook to know which module it's > running before? I don't see anything that looks like "hook meta data" in > request_rec. Maybe code from mod_info helps?
Re: Implement hmac using APR
See apr_crypto_key() in apr-util 1.6.x and later. I think you might need 1.7.x and later to do this specifically for APR_CRYPTO_KTYPE_HMAC. Your APR will need crypto support enabled which adds a dependency on some platform crypto library (like openssl) The platform crypto library does the low-level stuff. On Mon, Jan 25, 2021 at 11:23 AM Riccardo Vacirca wrote: > > Hi everyone > is it possible to implement the following code using Apache APR library? I > can't find code examples. Thanks > > digest = base64encode( > hmac("sha256", > "secret", > "GET+/users/username/account+20apr201312:59:24+123456")) -- Eric Covener cove...@gmail.com
Re: TCP socket wothout HTTP protocol
On Tue, Apr 14, 2020 at 11:16 AM Sébastien Mizrahi wrote: > > Hi, > > For some reasons, I would like to read natively TCP socket in an Apache > module. The request is not encapsulated in HTTP protocol end the client send > raw data. > I have already an apache module that manage standard HTTP request and I would > like to mutualise the code. > The test suite has "weird" modules that are not HTTP that you might have a look at https://svn.apache.org/repos/asf/httpd/test/framework/trunk ./c-modules/nntp_like/mod_nntp_like.c is what I was thinking of. Just from seeing it scroll by. There is also mod_ftp: https://httpd.apache.org/mod_ftp/
Re: How to write to log from own functions?
On Wed, Jul 31, 2019 at 9:44 AM Bill Moo wrote: > > As the subject says really. How can I write to the log from my own > functions I see nothing (obvious) in the documentation on how to do > this. The functions that are there require a server_rec, connection or > pool pointer, that I don’t have access to in my own functions. ap_log_rerror is passed a request_rec. If you want to use apache's logging, find a way to pass a request or conn_rec or pool down.
Re: No content returned from directive handler sample.
On Tue, Jul 30, 2019 at 11:41 AM Bill Moo wrote: > > Hey, thanks for the quick reply. But I'll be honest and confess to not > knowing exactly what you are meaning. If I do understand correctly > then the Location is correct but the Directory entry needs to be > /var/www/html/info is this correct? Yes, it should be a full filesystem path -- if you need that kind of section at all. 2nd caveat -- proxy-like modules can short-circuit the mapping altogether and no directory section may match.
Re: No content returned from directive handler sample.
On Tue, Jul 30, 2019 at 11:07 AM Bill Moo wrote: > > Hello, > > I am embarking on my first module and using the Apache provided > example to dump my module's configuration as my starting point I’m > having no real success. > > I have configured everything as per the sample and compiled and > configured using: > > sudo apxs -i -a -n mod_graphing -c mod_graphing.c > > I have to provide the -n mod_graphing parameter as without it I get : > apxs:Error: Sorry, cannot determine bootstrap symbol name. > > The name (mod_graphing) being the same as the module tag. In addition > to this when I try to restart the server I get a Syntax error on the > generated mod_graphing.load file as it has appended _module to my > mod_graphing! > > Assuming my interpretation is correct I created a mod_graphing.conf > file and added to it: > > > SetHandler configHandler > > > > sqlConnection "SQL Connection String" > sqlUserInfo username password > Does something cause the /info URL to be mapped to the actual directory /info? It looks like it should be a filesystem path in the latter.
Re: Reference to core request fails during compile
On Sun, Jan 27, 2019 at 4:00 PM miim wrote: > > > Eric, you nailed the problem down precisely. > > Unfortunately while digging through the core source code it develops that > getting the document root out of the core data structures is not a 100% > reliable solution. Comments associated with the document root entries > specifically state that If the URI has been internally rewritten to use a > filename that is permitted but out of the server root, then the data in those > entries does not apply to the specific request. > > This was all prompted by an issue in mod_nsf. The incoming URL was of the > form > > http://www.server.com/index.html/wp-includes/wlwmanifest.xml > > but mod_nsf found r->filename to contain > > /www/server-root/index.html > > instead of (what I would consider to be correct) > > /www/server-root/index.html/wp-includes/wlwmanifest.xml > > which caused mod_nsf to say "Yes, the file's there, request is OK" instead of > "Crafty, but still no such file, put 'em on the ban list." > > I'll need to think on this a bit more before going back to it. You'll find the rest in r->path_info as in CGI's PATH_INFO. -- Eric Covener cove...@gmail.com
Re: Reference to core request fails during compile
On Sat, Jan 26, 2019 at 6:46 PM miim wrote: > > I have undefined reference errors in an Apache module. I've cut the source > code down to a minimum that reproduces the error. Below is the source for > "mod_test.c" ... > > > #include "httpd.h" > #include "http_config.h" > #include "http_request.h" > #include "http_protocol.h" > #include "http_core.h" > #include "http_main.h" > #include "http_log.h" > #include "ap_mpm.h" > #include "apr_strings.h" > #include > #include > #include > #include > #include > #include > #include > > module AP_MODULE_DECLARE_DATA test_module; > > static int test_handler(request_rec *r); > static int test_init(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, > server_rec *s); > > /* Structure containing state information for the module */ > > typedef struct { > } ns_mod_config; > > > static int ns_typematch(request_rec *r) { > > ns_mod_config *ns_scfg = ap_get_module_config(r->server->module_config, > _module); > > core_request_config *creq_cfg; > creq_cfg = ap_get_core_module_config(r->request_config); > > return 0; > } > > module AP_MODULE_DECLARE_DATA test_module = { > STANDARD20_MODULE_STUFF,NULL,NULL,NULL,NULL,NULL,NULL}; > > > I am using a more-or-less standard Makefile for compiling the module (note > that the install option has been removed as this is a test to demonstrate the > problem.) > > > APXS=/usr/local/apache2/bin/apxs > APXS_OPTS=-Wc, -Wc,-DDST_CLASS=3 > SRC=src/mod_test.c > OBJ=src/.libs/mod_test.so > > $(OBJ): $(SRC) > @echo > $(APXS) $(APXS_OPTS) -c $(SRC) > @echo > @echo write '"make install"' to install module > @echo > > clean: > rm -f src/.libs/* > rm -f src/*.o > rm -f src/*.lo > rm -f src/*.la > rm -f src/*.slo > rmdir src/.libs > > > The compile fails as follows: > > > /usr/local/apache2/bin/apxs -Wc, -Wc,-DDST_CLASS=3 -c src/mod_test.c > /usr/local/apache2/build/libtool --silent --mode=compile gcc -prefer-pic > -DLINUX -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -O2 -pthread > -I/usr/local/apache2/include -I/usr/local/apache2/include > -I/usr/local/apache2/include -DDST_CLASS=3 -c -o src/mod_test.lo > src/mod_test.c && touch src/mod_test.slo > src/mod_test.c: In function âns_typematchâ: > src/mod_test.c:34:3: error: unknown type name âcore_request_configâ >core_request_config *creq_cfg; >^~~ > src/mod_test.c:35:14: warning: implicit declaration of function > âap_get_core_module_configâ [-Wimplicit-function-declaration] >creq_cfg = ap_get_core_module_config(r->request_config); is /usr/local/apache2 Apache 2.2.x instead of 2.4.x? 2.2 is far past end of support, but: - 2.2 required modules to define CORE_PRIVATE before seeing this structure. - 2.2 also has no ap_get_core_module_config so you can't use that 2.4-ism (this is actually the 2nd error quoted above)
Re: post response hook
On Mon, Jun 25, 2018 at 2:22 PM Alan Nilsson wrote: > > Is there a hook that runs after a response is sent to client but before the > process (prefork execution model) is queued up to take another request? > > We have a module that, as part of its job, is to accept uploaded files and > stash them away at a special place. I would like to add functionality such > that the uploaded file also gets sent to 1 or more other servers for backup > purposes. However, I don't want the client to have to wait for all of those > distribution events before it gets told that everything is OK. If there is > no hook that would work for this, is it safe to spawn a pthread to simply > send the file elsewhere then die? > Two simple options -- you can either use log_transaction or register a cleanup on the request pool at any earlier request hook.
Re: Change the content-length header for other filters
On Thu, Dec 22, 2016 at 8:37 AM, Andre Rothe <andre.ro...@zks.uni-leipzig.de> wrote: > I don't know, how mod_webobjects will read the request content, > but it seems, that my changes on the request are not transparent. > It is not a problem of the transmitted data, it is a length problem > (if I don't change the content length, the request will be processed). It uses the old ap_get_client_block() interface instead of using the bucket brigade directly. It does appear to copy the content length before the first read is performed [meaning your input filter has not run for the first time when it looks at the length). -- Eric Covener cove...@gmail.com
Re: Authz provider module: r->server->server_scheme is (null)
On Thu, Apr 28, 2016 at 11:27 AM, Lukáš Hellebrandtwrote: > Why is that? And is there any other way to get the used scheme? ap_http_scheme(r) for the requests scheme, as opposed to the servers. This is what the expression parser and mod_rewrite uses.
Re: modify request_rec->args
On Fri, Mar 25, 2016 at 10:22 AM, Justin Kennedy <jus...@justinkennedy.ca> wrote: > The plan is for the module to do other things, this is just the first step. > Any suggestions? Thank you. It should work. Who sees the unchanged query string? I think it exists in apr_uri_t form somewhere too. -- Eric Covener cove...@gmail.com
Re: "hello world" module crashes 2.4 on CentOS 6.7
On Thu, Mar 10, 2016 at 3:59 PM, Justin Kennedy <jus...@justinkennedy.ca> wrote: > > I have a pretty simple module that is crashing my server as soon as I > dereference a pointer that comes from the request_rec pool. preprocess with -E and look to make sure the httpd headers are coming from where you expect? Maybe somehow STANDARD20_MODULE_STUFF comes from 2.4 but other headers are found from 2.2? -- Eric Covener cove...@gmail.com
hand-tended *.dsp files and Windows
I have an old out-of-tree module that has a copied/hand-written mod_foo.dsp. I have an entry for it in apache.dsw in my overall Apache build. It is a relatively complex module that makes extensive use of stuff exported from e.g. libhttpd.lib with no issues. But when I include http_main.h to use ap_server_conf, linking fails on Windows. I only ever use VC6/msdev, and I build mod_foo via an append to apache.dsw. When I add /VERBOSE to the link, I can see it searching libhttpd.lib: Searching Libraries Searching C:\cygwin64\home\covener\REGRES~1\vstudio\Win2003SDK\Lib\kernel32.lib: Searching C:\cygwin64\home\covener\REGRES~1\vstudio\Win2003SDK\Lib\wsock32.lib: Searching ..\..\..\srclib\apr\Release\libapr-1.lib: Searching ..\..\..\srclib\apr-util\Release\libaprutil-1.lib: Searching ..\..\..\Release\libhttpd.lib: Searching C:\cygwin64\home\covener\REGRES~1\vstudio\Win2003SDK\Lib\Advapi32.lib: Searching \cygwin64\home\covener\SRC\2.4.x\srclib\apr\Release\libapr-1.lib: Searching \cygwin64\home\covener\SRC\2.4.x\srclib\apr-util\Release\libaprutil-1.lib: Searching \cygwin64\home\covener\SRC\2.4.x\Release\libhttpd.lib: Searching C:\cygwin64\home\covener\REGRES~1\vstudio\VC6\VC98\Lib\MSVCRT.lib: Searching C:\cygwin64\home\covener\REGRES~1\vstudio\VC6\VC98\Lib\OLDNAMES.lib: Done Searching Libraries End Pass1 mod_foo.obj : error LNK2001: unresolved external symbol _ap_server_conf Anyone have a clue or debug hints? The sanitized DSP file is here: http://hastebin.com/iquruyegih.tex
Re: Tracking sent responses
On Fri, Nov 6, 2015 at 11:18 AM, Julien FROMENTwrote: > Does the number of bytes sent written by the log take into account the fact > that a browser could cancel the request halfway through? The data added by mod_logio does take that into account. It's not 100% accurate because we cannot tell what has made it out of the box, but it's not just e.g. the content-length. It does include headers as well.
Re: server directives are lost when activating module in vhost
On Wed, Oct 21, 2015 at 9:45 AM, Justin Kennedywrote: > Any ideas? Maybe you also happen to use your first core directive when you add your own to httpd.conf, and this causes the cores merge function to be run.
Re: Linking sqlite in to apache module
On Mon, Jul 13, 2015 at 9:42 AM, Mark Taylor mtt...@gmail.com wrote: I am uncertain if LoadModule directive can be used to load arbitary .so, but if so that could be an option. LoadFile is the alternative for that.
Re: You don't have permission to access / on this server : Apache 2.4 Mac os x mavericks
On Wed, Jul 8, 2015 at 5:01 AM, Prakash Premkumar prakash.p...@gmail.com wrote: I installed Apache 2.4 on Mac os x mavericks and when I started the server and navigated to URL localhost/. I get the following error. Forbidden You don't have permission to access / on this server. I tried googling and found many posts on the same error. But none of the solutions helped. Not appropriate for modules-dev@httpd.apache.org. -- Eric Covener cove...@gmail.com
Re: You don't have permission to access /asd on this server
On Tue, Jul 7, 2015 at 7:58 AM, Prakash Premkumar prakash.p...@gmail.com wrote: You don't have permission to access /asd on this server. Server unable to read htaccess file, denying access to be safe Can you please help me solve this ? What does the error_log say? -- Eric Covener cove...@gmail.com
Re: You don't have permission to access /asd on this server
On Wed, Jul 8, 2015 at 8:31 AM, Prakash Premkumar prakash.p...@gmail.com wrote: The error log says (13)Permission denied: [client ::1:50441] AH00035: access to / denied (filesystem path '/Users/prakash-2282/Desktop/apache') because search permissions are missing on a component of the path Okay, pretty clear then. An alternative to fixing the permissions or pointing your DocumentRoot elsewhere is to implement a dummy translate_name or map_to_storage hook (I am not sure which one) -- Eric Covener cove...@gmail.com
Re: mod_authz_dbd question
These are similar to the hooks that the core uses from APR in every module. Everyone who has registered with authz_dbd_hook_client_login gets called until someone returns an error. Check out the expansion of these macros in apr_hooks.h: APR_DECLARE_EXTERNAL_HOOK APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL I am not sure how usable this def is, since authz_dbd.h doesn't seem to be a public/installed header. On Mon, May 4, 2015 at 4:27 PM, Mark Taylor mtt...@gmail.com wrote: Hi, I'm researching mod_authz_dbd.c and looking at the authz_dbd_login() function. Near its end, this function calls authz_dbd_run_client_login(), but I can't find where this function is defined: httpd-2.4.12# grep -r authz_dbd_run_client_login . returns no results other than modules/aaa/mod_authz_dbd.c. Does anyone know where this function may be defined? Thanks, Mark -- Eric Covener cove...@gmail.com
Re: Debugging mod_websocket -- any others out there?
On Tue, Feb 24, 2015 at 7:16 PM, Jacob Champion jacob.champ...@ni.com wrote: - Is it even possible/safe to do an asynchronous one thread reads, one thread writes operation in a production-quality module? (In other words, is mod_websocket just unfixably broken?) You might check out how mod_spdy shares a connection between threads. -- Eric Covener cove...@gmail.com
Re: Help needed with Event MPM configuration settings
On Tue, Nov 4, 2014 at 8:05 AM, Rajalakshmi Iyer r...@blismedia.com wrote: I need some assistance with tuning Apache with event MPM. This looks more appropriate for users@, which also has a wider audience.
Re: sequence of request
On Thu, Jul 24, 2014 at 12:51 AM, Donatas Abraitis donatas.abrai...@gmail.com wrote: Hello guys, is it possible to know the sequence of request is handled? I mean which module takes precedence? Because I need to debug why r-filename becomes not so as I expected. mod_info shows you the order the loaded modules will run in for various phases. A debugger can also tell you when it changes. -- Eric Covener cove...@gmail.com
Re: Custom modules : what's the behavior of mod_deflate ?
By default, it would be compressed if it met the normal conditions. You can opt out a few ways (below in rough order of intrusiveness): set the no-gzip per-request environment variable (r-subprocess_env) remove the mod_deflate output filter (mod_proxy_wstunnel.c has an example of moving a filter) unset the accept-encoding header before writing your response set a Content-Encoding: gzip response header The only reference is mod_deflate.c + output filter basics. On Mon, Jun 30, 2014 at 5:54 AM, Pierre Lindenbaum pierre.lindenb...@univ-nantes.fr wrote: (cross-posted on SO: http://stackoverflow.com/questions/24486594 ) I wrote a custom module for as described in: http://httpd.apache.org/docs/2.4/developer/modguide.html ap_rprintf(r, Hello, world!); I've been asked about the behavior of mod_deflate http://httpd.apache.org/docs/2.2/mod/mod_deflate.html . Will response to the client produced by my module will be compressed by mod_deflate if the client accepts the compression with Accept-Encoding: gzip ? If my response is already gzipped , can I prevent mod_deflate to work ? Do you have any reference/link about this ? Thanks Pierre -- Eric Covener cove...@gmail.com
Re: Apache module avoiding re-initialization of connection pool in every worker process
On Wed, Jan 1, 2014 at 7:45 AM, ksakhare kiran.sakh...@gmail.com wrote: Hi All Thanks for the replies. I appriciate the replies but the problem i am currently facing is when i initialize the connection pool in worker 1 (httpd.exe child process), next request may spawn another worker (httpd.exe process). As these are two different process the connection pool is re-initialized in second worker. I would like to avail the connections initialized in first worker from second worker process. Is there a way, where i create this connection in global memory pool which is accessible across the worker process. It's complex and most modules with connection pools don't bother with it. If it was working with prefork, settle for a connection pool per child which is easy.
Re: Apache module avoiding re-initialization of connection pool in every worker process
On Tue, Dec 31, 2013 at 3:52 AM, ksakhare kiran.sakh...@gmail.com wrote: Hi All I am building apache module, which maintains the connection pool with back-end server. As in prefork mode only one connection pool is created as their is only one worker process exist. Now I need to port this module on worker mpm, because there are multiple worker process, multiple connection pools are getting created. How can i initialization connection in once and use these connections across the different worker process. Thanks in advacne. You can keep doing it once per process and share across threads. If you don't manage them very smartly today, maybe apr_reslist would help in the multithreaded case.
Re: Writing apache module for filtering HTTP request on PHP website
On Sat, Dec 21, 2013 at 10:09 PM, farid ridho faridri...@gmail.com wrote: I'm going to make simple web application firewall like modsecurity. I want to write apache module in C for filtering a web attack like SQL injection. I put my web on http://localhost/vulweb my question is, when iam accessing http://localhost/vulweb i want the apache module analysis the request first, before continuing its to PHP website (if the request is not an attack). Can anyone help me to explain how to make a module for this purpose? and how to configure this module (sethandler, addhandler)?? PS: I have already know how to write helloworld apache module with C, and run it through http://localhost/helloworld use ap_hook_fixups to run before the configured handler. No configuration will be needed, unless you want your own directives.
Re: How to determine the right vhost in name based vhosting
On Sep 24, 2013 5:40 AM, Christoph Gröver gro...@sitepark.com wrote: Hello list, Hello Sorin, I tested several different Apaches (2.4.x and 2.2.x) and they never did the wanted or expected. If I configure more than one VHost only the first one is returned by the server-server_hostname structure. The one of the second vhost that is configured as a ServerName seems to be impossible to determine? Is there any other way to find the hostname? When you check, are you in the middle of a request that's mapped to the 2nd virtual host? In what phase do you inspect the value? If you define a logfile in your 2nd vhost, does it accumulate entries?
Re: Threaded vs non-threaded dev package
On Wed, Jul 10, 2013 at 3:44 PM, Alex Bligh a...@alex.org.uk wrote: I am compiling a module I have written on Ubuntu Precise. The module will always be run on apache-mpm-prefork (i.e. the non-threaded mpm), but the module itself uses threads (apr_thread*). Should I be compiling against apache2-threaded-dev or apache2-prefork-dev? Or doesn't it matter? Should not matter. You probably care about APR_HAS_THREADS which is more of a platform thing and won't change if someone ships different httpd MPMS. -- Eric Covener cove...@gmail.com
Re: Get name of config file for module
On Thu, May 23, 2013 at 10:39 AM, Sean Beck seanmckayb...@gmail.com wrote: OK thank you! I ask because my boss wants me to log the config file info on start-up of the server but I have been completely unable to find a way to do so, hence why I came to the mailing lists for help. Thanks for the help You can get info about where any of your own directives are specified. The VirtualHost directive remembers where it was found: s-defn_name = cmd-directive-filename; s-defn_line_number = cmd-directive-line_num;
Re: Setting cookies and user agent using Apache C API
On Sat, May 4, 2013 at 1:38 AM, Sindhi Sindhi sindhi@gmail.com wrote: Hi, I get ap_filter_t* filterChain as an input parameter to my Apache C++ module. I can see that I can get the cookies and user agent from the below calls. request_rec *currRequest = filterChain-r; const char* userAgent = apr_table_get(currRequest-headers_in, User-Agent); const char *cookieVal = apr_table_get(currRequest-headers_in, cookie); Ho can I set cookies and user agent back in the headers using Apache API? Have a look at mod_headers.
Re: ap_log_rerror limit size
On Wed, Mar 13, 2013 at 6:16 AM, Eric Covener cove...@gmail.com wrote: On Wed, Mar 13, 2013 at 6:01 AM, Hoang Vu Dang dang@gmail.com wrote: Hi guys, Is there any limit of the size of a message log entry? How to control this ? I did this: ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, f-r, %s, buffer); And the buffer was truncated on the error log. I check the strlen of the buffer and it was about 320K, and I got only around: ~ 8KB If it's more than PIPE_BUF, it won't be atomic and can be interleaved with other entries. Are you sure it's truncated and not just spread out? Er if using a piped logger that is.
Re: apache GUI frontend to edit config files
On Mon, Mar 11, 2013 at 6:07 PM, Nce Rt nce...@yahoo.com wrote: Is there a GUI tool available to configure and control httpd server? Like editing httpd.conf files, restart server, enable/disable modules, etc from UI. There are some unpopular ones, and more web control panel hosting frontends. Off-topic here, though.
Re: some key fields of request_rec are null
On Wed, Mar 6, 2013 at 4:21 PM, Nce Rt nce...@yahoo.com wrote: A custom handler which is registered to run APR_HOOK_FIRST has these fields null when processing http request: r-content_type, r-parsed_uri.scheme r-content_type is not related to any request header -- it's the response content type. It won't be set early, before a response is generated.
Re: some key fields of request_rec are null
On Wed, Mar 6, 2013 at 6:34 PM, Nce Rt nce...@yahoo.com wrote: It's request_rec which represents http Request not Response. look into this data structure for the content-type field. That's not how the field is used. If you want to read a Content-Type request header, read it from r-headers_in.
Re: Possible to call Apache expression processor from module?
On Thu, Jan 10, 2013 at 11:04 AM, oh...@cox.net wrote: Hi, I'm starting to work on a new module, and part of the functionality that I'd like to incorporate would involve processing Apache-type expressions to produce a true/false result that my module would then use to decide what to do, in some cases. So, I was wondering if there is some API or interface that is exposed in Apache that would allow my module to pass the interface an expression, and get a return result of true/false? I'm not sure if what I'm trying to explain is very clear, but if not, please let me know and I'll try again. You might look at how mod_rewrite uses ap_expr_* (from include/ap_expr.h) in trunk or 2.4. -- Eric Covener cove...@gmail.com
Re: When does Apache restart child processes
It's possible this is because a burst of requests causes Apache to spin up child processes to handle them, but perhaps the load-test generation slows down at some point, Apache winds up with idle processes, and closes some down? Is that plausible? http://httpd.apache.org/docs/2.2/mod/mpm_common.html#minsparethreads http://httpd.apache.org/docs/2.2/mod/mpm_common.html#maxsparethreads
Re: best way to return the content of a file
i'm enabling my module with a Location directive: Location /data SetHandler kcache /Location and i want to control the execution of the module with an initial check: if (!r-handler || strcmp(r-handler, kcache)) return (DECLINED); but r-handler is null if the hook is called in ap_hook_translate_name state, so how can i check this condition? You can't check that condition early. You should implement a directive to enable your module in these early phases.
Re: required packages for mod_uio.so for Windows Environment
When I checked the syntax of httpd.conf file by issuing the command httpd.exe –t it says Cannot load mod_uio.so into server. The specified module could not be found. Please reply which dll/package is required to download in windows env. Ask the vendor of mod_uio.so, not a list about developing modules.
Re: Question about malloc / realloc in module
But what if a process exists in a faulty way. Perhaps some PHP code that exists abnormally? If the process exits, you've got no worries about memory. If a thread hangs [indefinitely], before you can free memory, the memory is probably the least of your problems.
Re: proxying another protocol to http/https
On Thu, Jul 7, 2011 at 5:18 PM, Ben Noordhuis i...@bnoordhuis.nl wrote: On Thu, Jul 7, 2011 at 02:56, Jodi Bosa jodib...@gmail.com wrote: I would like to leverage mod_proxy and mod_proxy_http to proxy client requests (from another protocol). Assuming I have input output filters that handle the other protocol with the client, shouldn't I simply be able to: Handler { r-filename = apr_psprintf(r-pool, proxy:https://%s;, hostname); r-proxyreq = PROXYREQ_PROXY; return DECLINED; /* to allow mod_proxy to kick in and do it's thing */ } That should work if your handler runs before mod_proxy. Hook it at APR_HOOK_REALLY_FIRST. Or do it in a different hook like translate_name -- like proxy and rewrite do.
Re: Socket transfer from Apache httpd to a non-httpd process
On Thu, Jun 16, 2011 at 10:57 AM, Henrik Strand henrik.str...@axis.com wrote: Hi Ben, I've tried that but with no success. The problem (i.e., that the connection is closed) still remains. Check out mod_proxy_fdpass in trunk, which replaces the socket httpd is using and lets the external process finish the connection.
Re: Vary:User-Agent, best practices, and making the web faster.
This encourages all site owners to add Vary:User-Agent to all css and js files, whether they actually vary in content or not. Does anyone know the history of this recommendation? Surely that is an inappropriate recommendation for mod_deflate. Vary:Accept-Encoding make sense in the context of that filter, but not Vary:User-Agent. It's because of the other (dated) canned exceptions that set/unset no-gzip/gzip-only-text/html based on the User-Agent, to second-guess browsers that send AE:gzip but can't properly deal with it.
Re: APR Shared Memory Usage
I would assume that subsequent callers could use apr_shm_attach to then attach to an existing shared memory segment, however, it appears that this function is not used anywhere in the apache (2.2) code base whatsoever. (It is used in one or two places in 2.3). I assume you don't see it in HTTP server because everyone inherits a reference to shared memory created in the parent process. Of course outside of this you don't always have such a relationship. Maybe the testshm* in apr/test/ would be a good resource? The APR tests are always easy to tinker with. -- Eric Covener cove...@gmail.com
Re: How to parse jsp response in apache handler
On Thu, Mar 24, 2011 at 11:02 AM, Whut Jia whut_...@163.com wrote: Hi, all! I want to parse a jsp page in my handler.How can I do it?? Please help me! In my handler, I do a request (http://www.xxx/xxx.jsp)with libcurl,and then parse returned response ,and draw some infomation.Please ask how to parse this jsp response??? Please don't create duplicate threads. Someone already recommended an example of an HTML parsing module -- what more advice could you want?
Re: Saving the original request URI ahead of a mod_rewrite
On Sat, Mar 12, 2011 at 10:26 PM, Ben Noordhuis i...@bnoordhuis.nl wrote: On Sun, Mar 13, 2011 at 04:02, Eric Covener cove...@gmail.com wrote: OP specifically mentions internal redirect and rewrite-in-htaccess. Hah, the moment I fired off that email I thought oh wait, mod_rewrite *does* do an internal redirect somewhere. Internal redirects share a pool so your suggestion would work but following r-main is still the better solution, I think, if only because it works for both redirects and sub-requests. r-main doesn't change on an internal redirect AFAICT.
Re: Saving the original request URI ahead of a mod_rewrite
So I like #1 best. Any other opinions or ideas? I solved a similar problem recently by using apr_pool_userdata_set on r-pool which you can still find after the internal redirects of rewrite in htaccess / with PT flag.
Re: mod_ruby on Apache for Windows 2.2.17
On Fri, Feb 11, 2011 at 2:25 AM, Zeno Davatz zdav...@gmail.com wrote: Hi I am trying to debug mod_ruby to load in Apache for Windows. So far Apache for Windows does start with mod_ruby.so but it seems that httpd does not start correctly with mod_ruby enabled in Apache for Windows. The steps I took to compile mod_ruby for Apache for Windows 2.2.17 with MinGW are here: you should eliminate mingw from the equation if you're mostly interested in the ruby side.
Re: mod_ruby on Apache for Windows 2.2.17
I can execute Ruby as a CGI-script without a problem with these simple VirtualHost settings (I tested it with test.rbx) What does that have to do with debugging mod_ruby?
Re: mod_ruby on Apache for Windows 2.2.17
Apache on Linux does not do that? Our Apache on Linux with mod_ruby sometimes has over 1'000 sessions and about 30-50 threads open. Memory can go up to 10 GB. Normally Apache on unix uses multiple child processes. See your MPM and MPM configuration for details.
Re: How to add a cookie header in response headers when do external redirect?
2011/1/17 Whut Jia whut_...@163.com: Hi, I want to save accessed uri into response cookie before doing a external redirect,according this way below: apr_table_setn(r-headers_out,Location,http://www.idp.com/login.jsp;); apr_table_setn(r-headers_out,Set-Cookie,r-uri); return HTTP_SEE_OTHER; But in client ,I cannot always find cookie header in response headers ,why ?How do I solve this?? Thanks, r-err_headers_out? -- Eric Covener cove...@gmail.com
Re: Overriding mod_rewrite from another module
The access checking on mod_pagespeed resources is redundant, because the resource will either be served from cache (in which case it had to be authenticated to get into the cache in the first place) or will be decoded and the original resource(s) fetched from the same server with full authentication. Re: suppressing mod_authz_host: This doesn't sound like it guards against a user that meets the AAA conditions causing the resource to be cached and served to users who would not have met the AAA restrictions. Maybe you are missing a map_to_storage callback to tell the core that this thing will really, really not be served from the filesystem. Re: suppressing rewrite. Your comments in the src imply that rewrite is doing some of what you're also suppressing in server/core.c:ap_core_translate_name(). Also, it's odd that your scheme for suppressing mod_rewrite wasn't a no-op for rewrite in htaccess context, since these use the RUN_ALL fixups hook to do its magic, but maybe you're catching a break there?
Re: Re: compile a file written by C++ into apache
On Tue, Nov 30, 2010 at 8:58 AM, Ben Noordhuis i...@bnoordhuis.nl wrote: 2010/11/30 whut_jia whut_...@163.com: In Apache2.2, I compile a c++ source file with g++ as below: g++ -fPIC -shared -o mod_validate.so mod_validate.cpp -I/usr/include/httpd -I/usr/include/apr-1 -I/opt/opensaml/include After it , I copy mod_calidate.so into apache module location ,and this module work well. But now,in apache2.3,I compile this file in the same way.it accurs the following error, /apache2.3/include/http_config.h:989:error:expected ,or ... before ‘new’ (In headers file ,The 989th line is: AP_DECLARE(void) ap_merge_log_config(const struct ap_logconf *old, struct ap_logconf *new); ) I think there are not errors in this line ,but why can i compile it successfullly? new is a C++ keyword. Three solutions. 1. Rename the parameter in http_config.h to new_conf. Bad. 2. At the top of your source file add #define new new_. Bad. 3. Make your module C only. Split off the C++ code into a separate file. Good. I believe this was reported and fixed in trunk over the last month or so. -- Eric Covener cove...@gmail.com
Re: How do I get hold of session information?
It looks like mod_session has an API defined in http://httpd.apache.org/docs/2.2/sections.html and used by mod_auth_form -- I'd probably start there. whoops, wrong buffer: modules/session/mod_session.h -- Eric Covener cove...@gmail.com
Re: Error: invalid ELF header
What I think is that I will have to compile the module once on linux environment. If this is the case, it would be great if anyone can suggest good link for compiling and creating modules on Linux machine. http://httpd.apache.org/docs/current/programs/apxs.html
Re: mod_proxy per-directory settings handling
Am I wrong? Is there some other reason why mod_proxy needs to go through the aliases in forward order, maybe related to regex matching? Just convention that the first match is the operative one (which is also why the ! rules have to come before whatever would match them). Could make it configurable but probably not a candidate for a change in default (IMO) -- Eric Covener cove...@gmail.com
Re: Seeking suggestions on changes to mod_authnz_ldap [and possibly mod_ldap] supporting X.509/LDAP AA [AuthType Certificate]
On Wed, Apr 21, 2010 at 12:49 PM, Thomas, Peter ptho...@hpti.com wrote: When the user's certificate subject is also the DN of the LDAP object, one can optimize search and compare operations by doing a LDAP_SCOPE_BASE search for the object based on the subject DN. I was able to substitute a search for the exact LDAP object in the authentication code. For authorization, I ran into a problem. The LDAP search cache entries for a URL are unique by filter expression. If ANY user was cached for a specific ldap-filter, the search cache has no way of knowing that I'm applying that search to a different search base. I could create a separate cache for every user encountered [i.e. by changing the base component of the LDAP URL before calling any uldap_cache_* function]. That seems painful. Thoughts? How important is this optimization to either Apache or the LDAP server? -- Eric Covener cove...@gmail.com
Re: Seeking suggestions on changes to mod_authnz_ldap [and possibly mod_ldap] supporting X.509/LDAP AA [AuthType Certificate]
On Wed, Apr 21, 2010 at 12:49 PM, Thomas, Peter ptho...@hpti.com wrote: When the user's certificate subject is also the DN of the LDAP object, one can optimize search and compare operations by doing a LDAP_SCOPE_BASE search for the object based on the subject DN. I was able to substitute a search for the exact LDAP object in the authentication code. I thought your goal was for the certificate itself to be the source of authn? Does the roundtrip to LDAP during authn add much? For authorization, I ran into a problem. The LDAP search cache entries for a URL are unique by filter expression. user was cached for a specific ldap-filter, the search cache has no way of knowing that I'm applying that search to a different search base. I could create a separate cache for every user encountered [i.e. by changing the base component of the LDAP URL before calling any uldap_cache_* function]. That seems painful. Thoughts? I guess this applies to ldap-user and ldap-filter but not the other ldap-* -- attributes already use the user DN as the base and groups use the group as a base -- although if your schema uses the CN as the group member value you'd have to extract it from the DN. It does seem like either the cache structure, or the ldap-user/ldap-filter logic would need an overhaul. 1-cache-per-user is probably the wrong direction though. -- Eric Covener cove...@gmail.com
Re: Support for SASL bind in mod_ldap?
On Thu, Mar 18, 2010 at 10:54 AM, Thomas, Peter ptho...@hpti.com wrote: Looking at modules/ldap/util_ldap.c , it appears that mod_ldap is hard-wired to support only ldap_simple_bind_s. Has anyone looked into enabling SASL authentication in mod_ldap? Are there any pitfalls I should be cognizant of if I plan to go down that road mysely? Just portability between SDKs. -- Eric Covener cove...@gmail.com
Re: How to apply patches for ZLIB and OpenSSL that are in patches_applied directory
2010/3/8 Serj serj...@gmail.com: Hi, There are no instructions how to apply patches http://www.apache.org/dist/httpd/binaries/win32/patches_applied/ to the source of Apache 2.2.15 before compiling and linking. How can I do it? They're just unified diffs. gnu patch or any compatible piece of software. -- Eric Covener cove...@gmail.com
Re: Time for a new AuthType: cert?
1) for authentication: depend upon mod_ssl configured with an appropriate SSLVerifyClient option. [i.e. decline to authenticate a user if no client cert was passed; be configurable to fail or warn stridently if a client cert was passed but SSLVerifyClient optional_no_ca is in use] With you here, the big descision is to whether impersonate basic auth or to run before it. 2) for authorization: like mod_authnz_ldap, support dn, group [to include nested group], attribute, and filter require directives disagree here, why/where are you going to query this stuff? Why not just use it in conjunction with LDAP authz? 3) provide the same flexibility as mod_authnz_ldap with respect to configuring the LDAP connection and working with various LDAP libraries -1 if it were going into the actual Apache distribution! 4) be configurable to work with users' existing LDAP schemas without requiring changes in the directory. sounds reasonable unless you're drawing a contrast with the current LDAP auth modules. Most of the prior art 3rd party modules I've seen out there seem to fall down in one of more of these respects. I'm new to Apache module development, and I recognize that stepping outside of basic and digest to create an entire new authorization provider type might be a lot to bite off. I invite any suggestions or tips--especially if someone has already cracked this nut in an generalizable way. I think AuthType cert is reasonable as long as you can demonstrate using the the traditional authz providers. -- Eric Covener cove...@gmail.com
Re: OAuth WRAP apache module
2010/1/15 Pedro Félix pedrofe...@cc.isel.ipl.pt: Now, my main question is how to create a separate building environment for this module. I've downloaded the httpd sources, and created several files in the source tree (mod_auth_wrap.c, mod_auth_wrap.dep, mod_auth_wrap.mak). I'm using the mod_auth_wrap.mak makefile (copied from mod_auth_basic.mak) to build the module under windows. However, I would like to create a separate building environment (not in the httpd source tree) with only my module and all the artifacts required to build it under windows and linux. Any thoughts or advices regarding this? There is a windows flavor of apxs hosted over at mod_perl -- Eric Covener cove...@gmail.com
Re: Linking in libraries to Apache Module
On Mon, Dec 7, 2009 at 7:07 PM, Devin Ceartas de...@nacredata.com wrote: hm. -rpath doesn't seem to be an accepted flag in the apxs included with the latest OpenBSD apxs will pass linker or compiler args down to the respective program with -Wl, or -Wc, ; it doesn't do anything with them directly. -- Eric Covener cove...@gmail.com
Re: [OT] ajusting apache timeout
On Sun, Nov 15, 2009 at 3:44 PM, Sam Carleton scarle...@miltonstreet.com wrote: I am working on a Axis2/C module that is hosted by Apache 2.2. The client is .Net 3.5. I have set the SendTimeout on the .Net binding to 10 minutes but things are still timing out in about 30 seconds. During what? -- Eric Covener cove...@gmail.com
Re: ap_sub_req_lookup_uri(r-uri, r, NULL)-content_type always returns 'text/plain'?
On Sat, Nov 14, 2009 at 7:37 PM, oh...@cox.net wrote: Our use case is slightly different that the original one for this module. The original code is designed to limit the number of connections from any given IP address, whereas in my case, we want to limit the total number of connections to the entire Apache server instance. What does this get you over just setting MaxClients directly? -- Eric Covener cove...@gmail.com
Re: ap_sub_req_lookup_uri(r-uri, r, NULL)-content_type always returns 'text/plain'?
On Sat, Nov 14, 2009 at 8:10 PM, oh...@cox.net wrote: MaxClients was one of the first approaches that I tried when i was asked about this. The problem with MaxClients that I found was that it appeared that when it was used, Apache would queue up the requests. The end-result from the user perspective was that either response time would look really slow, or their browser would eventually timeout, and they'd get (in IE) a The page cannot be displayed. Wanting your own errordoc makes sense, but the queuing is just: http://httpd.apache.org/docs/2.2/mod/mpm_common.html#listenbacklog -- Eric Covener cove...@gmail.com
Re: post-config phase question
On Wed, Nov 11, 2009 at 10:06 AM, Michael Durket dur...@highwire.stanford.edu wrote: Weird, because I'm tracing the entry to post-config in my code and the second phase seems to be called 8 times which on my system is the value listed in the StartServers directive. Sounds like you're either hooked into child_init or calling some code from both post_config and child_init -- can you post the smallest working module that demonstrates it? (also on Windows, 4 times is normal -- 2 in the parent and 2 in the child) -- Eric Covener cove...@gmail.com
Re: Repetitive warnings on ErrorLogs.
On Wed, Sep 9, 2009 at 1:48 PM, Houser, Rickhouser.r...@aoins.com wrote: This is a known issue in IBM's 2.0.47 port of Apache (IHS), which was fixed in a later upstream version (possibly by the 2.2.8 port, but I really can't say for sure). This message is not unique to IBM's Apache-based server or even 2.0.x. One source of the message was resolved in both distributions in 2005, which I believe is: http://svn.apache.org/viewvc?view=revrevision=159470 -- Eric Covener cove...@gmail.com
Re: correct hook function after accepting connection
On Fri, Aug 28, 2009 at 10:06 AM, Robert Schulzer...@bytecamp.net wrote: Hi, is there a hook for dealing with connections *before* any http data is read? The reason for this todo would be dropping connections from hosts without ever reading the request - keeping slowloris in mind. ap_hook_pre_connection() is a RUN_ALL. (not really pre_connection of course, that'd be some feat!) -- Eric Covener cove...@gmail.com
Re: Module reports busy workers
On Wed, Aug 26, 2009 at 8:47 AM, ricardo13ricardoogra...@gmail.com wrote: Hi, I would like to implement a module that write information (busy worker and idle worker) in file. When request is processed, It writes information (ap_log_hook). I use mod_status to recovery these information. I don't know about use these information in my module. mod_status is less than a thousand lines of code and already has all of this logic. What part of mod_status are you having trouble understanding, specifically? -- Eric Covener cove...@gmail.com
Re: Module reports busy workers
On Wed, Aug 26, 2009 at 11:56 AM, ricardo13ricardoogra...@gmail.com wrote: HI, How do I collect these informations in my module ? Same way mod_status does? -- Eric Covener cove...@gmail.com
Re: Threads
On Tue, Jul 28, 2009 at 7:54 AM, ricardo13ricardoogra...@gmail.com wrote: I thought better and I think that first thread will be delete. Because, all post_request_read() hook, I add request, dont need a thread for it. Now, second thread's asynchnous. That means, doesn't need a event add request for scheduling. It's independent. I didn't undestand about talk to your thread standalone. What do I will talk for thread ? I don't understand much of this, but re: my earlier comment: I assumed that if you were creating a thread, you'd want to interact with it in some way to implement your queueing. It sounded like you expected the core of Apache to interact directly with your standalone thread, which it won't do for you. -- Eric Covener cove...@gmail.com
Re: How do I manipulate request_rec Object in worker.c
On Sun, Jul 19, 2009 at 11:50 PM, ricardo13ricardoogra...@gmail.com wrote: One question for I undestand the sequence of hooks. Do It means that firstly worker.c processes sockets (accept connections), after other modules processes the hooks (post_read_request, translate_name, map_to_storage, etc..)?? Yes, although there are connection-related hooks that run in-between the two things you mentioned. -- Eric Covener cove...@gmail.com
Re: Module that forward requests
On Tue, Jul 14, 2009 at 7:37 AM, Tom Evanstevans...@googlemail.com wrote: On Tue, 2009-07-14 at 03:22 -0700, ricardo13 wrote: r-filename = apr_psprintf(r-pool, %s://%s%s%s%s, http, ip_machine, port_machine, r-filename); # of %s in format doesn't agree with # of arguments, right? -- Eric Covener cove...@gmail.com
Re: Module that forward requests
On Mon, Jul 13, 2009 at 9:34 AM, ricardo13ricardoogra...@gmail.com wrote: hi, I'm newbie in APR and need develop a module that forward request to cluster. The same in mod_rewrite with flag [P]. That module, I processing the object request_rec-uri and set what machine in cluster forward the request. Look at mod_proxy, mod_jk, mod_serf. -- Eric Covener cove...@gmail.com
Re: Module that forward requests
On Mon, Jul 13, 2009 at 10:06 AM, ricardo13ricardoogra...@gmail.com wrote: It's difficult. I'd suggest finding a way to use existing modules. Use or modify, that is. Can my module to use mod_proxy for forward requests ? How do I do it ? I'm not convinced you need a module. mod_rewrite already illustrates this with the P flag. -- Eric Covener cove...@gmail.com
Re: Module that forward requests
On Mon, Jul 13, 2009 at 10:33 AM, ricardo13ricardoogra...@gmail.com wrote: Eric Covener wrote: On Mon, Jul 13, 2009 at 10:06 AM, ricardo13ricardoogra...@gmail.com wrote: It's difficult. I'd suggest finding a way to use existing modules. Use or modify, that is. Can my module to use mod_proxy for forward requests ? How do I do it ? I'm not convinced you need a module. mod_rewrite already illustrates this with the P flag. Because I need modify request_rec object. You told me (in other topic) that cannot modify request_rec object in external program in mod_rewrite. I use external program for schedule request. My idea is prioritize requests. I will do this form: 1° Modify field priority in request_rec. (I will create this field in request_rec) Not arbitrarily. You can store that value in a note (r-notes) and set/query via rewrite if you're not looking to do much development. -- Eric Covener cove...@gmail.com
Re: Module that forward requests
On Mon, Jul 13, 2009 at 10:46 AM, ricardo13ricardoogra...@gmail.com wrote: Not arbitrarily. You can store that value in a note (r-notes) and set/query via rewrite if you're not looking to do much development. You can store that value in a note (r-notes) How do I do it ?? Remember, using external program. Because my external program classifies requests. Why do your followups have the same level of quoting as the thing you're replying to? -- Eric Covener cove...@gmail.com
Re: Module that forward requests
On Mon, Jul 13, 2009 at 1:30 PM, ricardo13ricardoogra...@gmail.com wrote: r-proxyreq == PROXYREQ_PROXY; But in httpd.h, the request_rec object hasn't field proxyreq. What's this ?? In my 2.2.x headers it's an int in the request_rec. -- Eric Covener cove...@gmail.com
Re: Memory and pools
On Tue, Jun 30, 2009 at 9:00 AM, Kevac Markoma...@kevac.org wrote: Hello Is memory (RSS) returned to OS after cleaning pool (for example r-pool)? After destroying pool? My module uses a lot of memory (~100 MiB). This memory is taken from r-pool. But after request is finished, this memory is not returned to OS - RSS is 100 MiB. Linux 2.6 - httpd-2.2.10 Not by default, see the MaxMemFree directive. The conventional wisdom is that some other req on that thread will also soon need the same high water mark of memory, so better to not go in/out of the heap library each time. -- Eric Covener cove...@gmail.com
Re: mod_auth_digest amiss correction
Am I mistaken in thinking I should not be logged in as admin? Or that there is someway to force this to happen? This is just your browser using stored credentials. It doesn't know the significance of your logout user. -- Eric Covener cove...@gmail.com
Re: Deregister and register a single module on passing signal..
On Sun, Apr 19, 2009 at 11:58 PM, Jaysingh Samuel jayasingh.sam...@hotmail.com wrote: 1. If iam passing a SigUSR2 signal to the parent process, then will i be able to reload/rerun only my custom Modules, without reading the config file ?. No, all the modules are reloaded and the config is re-parsed. -- Eric Covener cove...@gmail.com
Re: start httpd with one child for debugging
On Tue, Mar 17, 2009 at 7:50 PM, Andrej van der Zee andrejvander...@gmail.com wrote: Hi, I believe I read some while ago that it is possible to start httpd with only one child (a special for debugging httpd). I am not able to find this option anymore. Does such an option really exist? Thank you, Andrej -X is the easiest to remember http://httpd.apache.org/dev/debugging.html -- Eric Covener cove...@gmail.com
Re: ap_auth_type() -question
On Mon, Feb 23, 2009 at 2:46 AM, Jouni Mäkeläinen jouni.makelai...@twinkle.fi wrote: if (!encrypted_sso_str || apr_strnatcmp(encrypted_sso_str, false) == 0) { if (apr_strnatcasecmp(ap_auth_type(r), auth_xxx) == 0) { NULL != ap_auth_type(r)? *** Segmentation fault *** (ap_auth_type) Here is the backtrace from the core dump: #0 0x2af41b58b67f in apr_match_glob () from /usr/lib64/libapr-1.so.0 #1 0x2af4249ebb74 in authenticate_user (r=0x2af42ed75488) at mod_auth_xxx.c:159 Are you sure this debuger was looking at the runtime binaries? Do you call apr_match_glob elsewhere? You might try building with --enable-maintainer-mode -- Eric Covener cove...@gmail.com
Re: Callback function which is just called before connection is destroyed
On Mon, Feb 23, 2009 at 12:53 PM, Ashish Khare ashis...@gmail.com wrote: Hi Eric, Thanks for the fast response. By Session I mean when the request comes into the picture, the c Connection and rrequest_rec parameters are intialized. Session ends when the request is served. the c and r parameters got destroyed or cleanup. Can you please send me the code snippet to register the cleanup function as you suggested. They're not initialized and destroyed together, e.g. keepalive. See ssl_io_filter_init in modules/ssl/ssl_engine_io.c, except you'd need to grab the conn_rec from the request_rec. -- Eric Covener cove...@gmail.com
Re: Making mod_auth_digest mysql
On Thu, Feb 12, 2009 at 3:27 PM, Michele Waldman mmwald...@nyc.rr.com wrote: RewriteCond ${REMOTE_USER} . does not seem to work when the REMOTE_USER is not defined. The statement evaluates to true. What happens when you use the proper syntax, %{REMOTE_USER}? Lol. I'm using the proper syntax on the server. Just checked. Works for me: http://apache.pastebin.ca/1335270 .htaccess: RewriteEngine on RewriteCond %{REMOTE_USER} . RewriteRule .* - [G] 127.0.0.1 - - [12/Feb/2009:15:40:42 --0500] [localhost/sid#954fc98][rid#9578328/initial] (4) RewriteCond: input='' pattern='.' = not-matched -- Eric Covener cove...@gmail.com
Re: Making mod_auth_digest mysql
On Thu, Feb 12, 2009 at 3:44 PM, Michele Waldman mmwald...@nyc.rr.com wrote: Basically, when I user is logged out, %{REMOTE_USER} is not defined. It seems any rewritecode using an undefined server environment variable always evaluates to true. I don't want this. I want false if not defined. I'm going to hack apache, if I have to. That's not the behavior of variables in rewriteconds. Try a simpler testcase. -- Eric Covener cove...@gmail.com
Re: Making mod_auth_digest mysql
On Thu, Feb 12, 2009 at 3:49 PM, Michele Waldman mmwald...@nyc.rr.com wrote: I'm doing this: RewriteEngine On RewriteCond %{REMOTE_USER} . RewriteRule ^.*$ - [S=1] RewriteRule ^.*$ http://domain/logged_out.html?%{N} [R] AuthType Digest AuthName account AuthUserFile /path/.htpasswd Require valid-user 1) The user is logged in. 2) The user logs out. 3) In ff, the user hits the backpage button. 4) The user gets a dialog box to login rather than being redirected. HTTP is stateless. You wrote a rule that wants to see if authentication has already occured, so on some level you're acknowledging that authentication is processed _before_ your rewrite. When you configure authentication for a resource, the very same code that would authenticate you will immediately prompt you for credentials if they're not provided. This happens before your per-directory rewrites have a chance to do anything. RewriteLog would likely tell you that the conditions/rules are not evaluated in this scenario, because the 401 is returned before the fixup hook where rewrite runs in per-dir context -- Eric Covener cove...@gmail.com
Re: WELCOME to modules-dev@httpd.apache.org
On Wed, Feb 11, 2009 at 1:18 PM, dave man...@gmail.com wrote: acfg and bcfg are the arguments to the merge calback. cfg is the result that the merge callback returns ... merge_server{acfg: 0x2b45d35e79d0bcfg:0x2b45dc2385f0cfg: 0x2b45dc26fff0} merge_dir{acfg: 0x2b45d35e79e8bcfg:0x2b45dc2385d8cfg: 0x2b45dc270458} child_init{pid: 2800cfg:0x2b45d35e79d0server: 0x2b45d355f968} -- recieving the acfg from the merge_server, not the return value of the merge_server create new handler{pid: 2800cfg:0x2b45dc26fff0server: 0x2b45dc2361b8} -- recieving the return value of the merge_server create new is this from passing r-server? Are you sure your request was mapped to a virtualhost? -- Eric Covener cove...@gmail.com
Re: Making mod_auth_digest mysql
On Fri, Feb 6, 2009 at 8:49 AM, Michele Waldman mmwald...@nyc.rr.com wrote: I mean to check server environment variables which is what REMOTE_USER is. This might be better off on us...@httpd.apache.org I just want to know if the variable is defined on the server then I could do this: RewriteEngine On RewriteCond %{REMOTE_USER} -e I couldn't find any reference to -e, to check if it's empty you can do != or !^$ RewriteRule ^(.*)$ - [S=1] RewriteRule ^.*$ http://domain/login.html [R] Right now when REMOTE_USER is not defined this line gets executed: RewriteRule ^(.*)$ - [S=1] I want that line to be skipped if REMOTE_USER has not been defined as a server environment variable. In per-vhost context, that will never be set unless you use the lookahead feature. You can see the values in phpinfo(); It is only defined if the user is logged in. That processing is later, so REMOTE_USER may be set by then. Why would a nonexistent variable evaluate to true? Unless i'm confused re: -e, It seems like your -e would be interpreted as a regex, but that shouldn't match an empty string AFAICT. -- Eric Covener cove...@gmail.com
Re: Antwort: Need help with --activate-module
On Thu, Jan 29, 2009 at 2:57 AM, Shibu Narendranathan shi...@sonimtech.com wrote: SetHandler foo_handler My 2.2.x apxs -g module says: if (strcmp(r-handler, foo)) { -- Eric Covener cove...@gmail.com
Re: multiple processes: but one module init needed
On Sun, Jan 25, 2009 at 11:31 AM, Sander Temme scte...@apache.org wrote: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/examples/mod_example_ipc.c?view=co for an example. The post_config hook is where you want to put your stuff, but yes it does get called twice so you may want to use the construction in the example module to avoid reallocating certain items. Buy two, get two free on Windows! -- Eric Covener cove...@gmail.com
Re: How to get a port number.
On Sun, Jan 18, 2009 at 2:36 PM, wolfgang wolfgang...@gmail.com wrote: Hi there, I can not get a port number if my apache module is set in the main server config and listen port is set to 10080. ( the main server config means other than virtual host configs. ) When my apache module is set in the main server config as follows and a client requests http://www.example.com:10080;. In httpd.conf, ... Listen 10080 Location / SetHandler mymodule /Location Then, in mymodule I get the following results. request_rec-server-is_virtual is 0. ap_get_server_port(request_rec) is 80. - 80 !? why not 10080 ?? request_rec-server-port is 0. - ZERO !? hm... request_rec-server-addrs-host_port is 0. - ZERO... Sure, my module is not in a virtual host. Maybe http://httpd.apache.org/docs/2.2/mod/core.html#usecanonicalphysicalport ? (or ServerName if it's the only Listen) -- Eric Covener cove...@gmail.com
Re: multiple source files in a single apache module
On Tue, Jan 13, 2009 at 3:48 PM, wolfgang wolfgang...@gmail.com wrote: Hi gurus, I made a sample apache module, mod_test, by /usr/local/apache/bin/apxs -g -n test. Now I want to make the mod_test call the following source ( actually, an add_test function ). httpd: Syntax error on line 100 of /usr/local/apache/conf/httpd.conf: Cannot load /usr/local/apache/modules/mod_test.so into server: /usr/local/apache/modules/mod_test.so: undefined symbol: add_test IIUC, you can just pass a string of .c files to apxs on the command line. I'm not sure what Makefile you're starting with. -- Eric Covener cove...@gmail.com
Re: proxy - as a Handler or a Filter?
On Mon, Dec 15, 2008 at 12:32 PM, Jodi Bosa jodib...@gmail.com wrote: Right now I am thinking of writing this as an Apache Handler that reads data from a client into a Bucket Brigade and then the Handler create it's own Filter chain and invokes the Filter chain on that Bucket Brigade. I would suggest implementing both the handler and the filter and leaving them as independent as possible. -- Eric Covener cove...@gmail.com
Re: Stopping Apache when configuration directive is wrong
On Sun, Nov 23, 2008 at 6:46 PM, Sam Carleton [EMAIL PROTECTED] wrote: Under some circumstances, the value read into my directive will be invalid and thus Apache should NOT continue to execute. What do I need to do to tell Apache to stop executing? Return a non-NULL string from your callback that runs when the directive is encountered in the config file -- Eric Covener [EMAIL PROTECTED]
Re: Wrapping an existing hook (2.0)
On Fri, Oct 3, 2008 at 11:11 AM, Houser, Rick [EMAIL PROTECTED] wrote: I'm relatively new to module development, but I have a need to wrap a function in a proprietary module (no source) registered via a check_user_id hook in a proprietary module (mod_auth_saf). Basically, I need to detect an expired password condition. I've already tried to use the normal pre/post hook registration, but that function returns an HTTP_UNAUTHORIZED (some internal basic auth password change feature) instead of DECLINE, so Apache never runs my call. If you ask Apache to run your code first, the proprietary module shouldn't be able to prevent yours from being run. You should be able to make sure that your own logic runs for the expired password case and just DECLINE for everything else. IMO an auth_checker probably shouldn't return DECLINED if it can lookup a user and specifically find they have an expired password -- could you make a case to IBM for the behavior you ultimately want? -- Eric Covener [EMAIL PROTECTED]