Bug report for Apache httpd-1.3 [2008/08/03]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10744|New|Nor|2002-07-12|suexec might fail to open log file| |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |10760|New|Maj|2002-07-12|empty ftp directory listings from cached ftp direc| |14518|Opn|Nor|2002-11-13|QUERY_STRING parts not incorporated by mod_rewrite| |16013|Opn|Nor|2003-01-13|Fooling mod_autoindex + IndexIgnore | |16631|Inf|Min|2003-01-31|.htaccess errors logged outside the virtual host l| |17318|Inf|Cri|2003-02-23|Abend on deleting a temporary cache file if proxy | |19279|Inf|Min|2003-04-24|Invalid chmod options in solaris build| |21637|Inf|Nor|2003-07-16|Timeout causes a status code of 200 to be logged | |21777|Inf|Min|2003-07-21|mod_mime_magic doesn't handle little gif files| |22618|New|Maj|2003-08-21|MultiViews invalidates PATH_TRANSLATED if cgi-wrap| |25057|Inf|Maj|2003-11-27|Empty PUT access control in .htaccess overrides co| |26126|New|Nor|2004-01-14|mod_include hangs with request body | |26152|Ass|Nor|2004-01-15|Apache 1.3.29 and below directory traversal vulner| |26790|New|Maj|2004-02-09|error deleting old cache file | |29257|Opn|Nor|2004-05-27|Problem with apache-1.3.31 and mod_frontpage (dso,| |29498|New|Maj|2004-06-10|non-anonymous ftp broken in mod_proxy | |29538|Ass|Enh|2004-06-12|No facility used in ErrorLog to syslog| |30207|New|Nor|2004-07-20|Piped logs don't close read end of pipe | |30877|New|Nor|2004-08-26|htpasswd clears passwd file on Sun when /var/tmp i| |30909|New|Cri|2004-08-28|sporadic segfault resulting in broken connections | |31975|New|Nor|2004-10-29|httpd-1.3.33: buffer overflow in htpasswd if calle| |32078|New|Enh|2004-11-05|clean up some compiler warnings | |32539|New|Trv|2004-12-06|[PATCH] configure --enable-shared= brocken on SuSE| |32974|Inf|Maj|2005-01-06|Client IP not set | |33086|New|Nor|2005-01-13|unconsistency betwen 404 displayed path and server| |33495|Inf|Cri|2005-02-10|Apache crashes with WSADuplicateSocket failed for| |33772|New|Nor|2005-02-28|inconsistency in manual and error reporting by sue| |33875|New|Enh|2005-03-07|Apache processes consuming CPU| |34108|New|Nor|2005-03-21|mod_negotiation changes mtime to mtime of Document| |34114|New|Nor|2005-03-21|Apache could interleave log entries when writing t| |34404|Inf|Blk|2005-04-11|RewriteMap prg can not handle fpout | |34571|Inf|Maj|2005-04-22|Apache 1.3.33 stops logging vhost| |34573|Inf|Maj|2005-04-22|.htaccess not working / mod_auth_mysql| |35424|New|Nor|2005-06-20|httpd disconnect in Timeout on CGI| |35439|New|Nor|2005-06-21|Problem with remove /../ in util.c and mod_rewri| |35547|Inf|Maj|2005-06-29|Problems with libapreq 1.2 and Apache::Cookie | |3|New|Nor|2005-06-30|Can't find DBM on Debian Sarge| |36375|Opn|Nor|2005-08-26|Cannot include http_config.h from C++ file| |37166|New|Nor|2005-10-19|Under certain conditions, mod_cgi delivers an empt| |37185|New|Enh|2005-10-20|AddIcon, AddIconByType for OpenDocument format| |37252|New|Reg|2005-10-26|gen_test_char reject NLS string | |38989|New|Nor|2006-03-15|restart + piped logs stalls httpd for 24 minutes (| |39104|New|Enh|2006-03-25|[FR] fix build with -Wl,--as-needed | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39937|New|Nor|2006-06-30|Garbage output if README.html is gzipped or compre| |40176|New|Nor|2006-08-03|magic and mime| |40224|Ver|Nor|2006-08-10|System time crashes Apache @year 2038 (win32 only?| |41279|New|Nor|2007-01-02|Apache 1.3.37 htpasswd is vulnerable to buffer ove| |42355|New|Maj|2007-05-08|Apache 1.3 permits non-rfc HTTP error code = 600 | |43626|New|Maj|2007-10-15|r-path_info returning invalid value |
Thesis about open source projects
Hi, My name is Michael Simonetto, I'm a student in Brussels finishing my thesis about communication in open source projects. I need some interviews to illustrate and complete my work and have thought the mailing list would be a convenient way to find some developers kind enough to help me! If you are interested, please reply and I'll send you the questions! We can also meet on IRC or any communication channel you wish to use... Thanks a lot! Michael PS : I'm afraid to say it's awfully urgent... (thesis due 18 august...), so if you don't have time, you don't need to fully answer the questionnaire...
Re: worker MPM on trunk does not shut down cleanly
Ruediger Pluem wrote: Nevertheless I think that the precleanup code in apr trunk and the changes to the reslist in apr-util trunk are not backportable just because of the example above: Code may break if you change an apr / apr-util 1.3 release under the hood. This should not happen. I agree with you. However, like you observed this particular apr_reslist usage was simply presuming the reslist was not already destroyed, by doing nasty tricks and registering additional cleanup on top of existing one so that we can mark the structure (worker-cp-pool = NULL) element before calling apr_reslist_destroy so that destructor callback knows their child pools have been already destroyed, so it doesn't destroy them twice, and still allows connection pool mix...max maintenance where the child pools has to be explicitly destroyed so that memory doesn't leak. All that is a total mess and hard to follow. With pre_cleanup, the code is simpler and straightforward: constructors creates, desctructor destroys, and that's it :) Anyhow, porting that to 1.3 would probably break (presumption) of the 'under the hood' behavior (not the API itself). Regards -- ^(TM)
Re: worker MPM on trunk does not shut down cleanly
On Aug 3, 2008, at 4:50 PM, William A. Rowe, Jr. wrote: Jim Jagielski wrote: So does this mean that trunk is now based on a broken or incompatible version of apr? Do we need to now break off trunk to 2.4 and baseline APR 1.3 to allow trunk to now work with an incompatible APR rev? There's no such thing as an incompatible APR revision. There *shouldn't* be. There is. That's the problem :)
Re: worker MPM on trunk does not shut down cleanly
On Aug 3, 2008, at 2:44 PM, Ruediger Pluem wrote: Nevertheless I think that the precleanup code in apr trunk and the changes to the reslist in apr-util trunk are not backportable just because of the example above: Code may break if you change an apr / apr-util 1.3 release under the hood. This should not happen. That's my point.
Re: svn commit: r682369 - /httpd/httpd/trunk/modules/proxy/proxy_util.c
[EMAIL PROTECTED] wrote: --- httpd/httpd/trunk/modules/proxy/proxy_util.c (original) +++ httpd/httpd/trunk/modules/proxy/proxy_util.c Mon Aug 4 05:53:50 2008 @@ -1380,7 +1380,6 @@ proxy_worker *worker = (proxy_worker *)theworker; if (worker-cp-res) { worker-cp-pool = NULL; -apr_reslist_destroy(worker-cp-res); } return APR_SUCCESS; } Well, you've beat me :) The complete conn_pool_cleanup function can be omitted, and there is no need for checking if (conn-worker-cp-pool) in the connection_destructor. Regards -- ^(TM)
Re: svn commit: r682389 - in /httpd/httpd/trunk: CHANGES modules/generators/mod_cgid.c
On 08/04/2008 03:49 PM, [EMAIL PROTECTED] wrote: Author: covener Date: Mon Aug 4 06:49:07 2008 New Revision: 682389 URL: http://svn.apache.org/viewvc?rev=682389view=rev Log: *) mod_cgid: Pass along empty command line arguments from an ISINDEX query that has consecutive '+' characters in the QUERY_STRING, matching the behavior of mod_cgi. Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/modules/generators/mod_cgid.c Modified: httpd/httpd/trunk/modules/generators/mod_cgid.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?rev=682389r1=682388r2=682389view=diff == --- httpd/httpd/trunk/modules/generators/mod_cgid.c (original) +++ httpd/httpd/trunk/modules/generators/mod_cgid.c Mon Aug 4 06:49:07 2008 @@ -237,6 +237,9 @@ ap_unescape_url(w); av[idx++] = ap_escape_shell_cmd(p, w); } +else { +av[idx++] = w; +} } av[idx] = NULL; return av; Thanks for keeping track of this. Wouldn't it make sense to keep the code identical in mod_cgi and mod_cgid? Regards RĂ¼diger
Re: svn commit: r682369 - /httpd/httpd/trunk/modules/proxy/proxy_util.c
On Aug 4, 2008, at 9:54 AM, Ruediger Pluem wrote: On 08/04/2008 03:50 PM, Mladen Turk wrote: [EMAIL PROTECTED] wrote: --- httpd/httpd/trunk/modules/proxy/proxy_util.c (original) +++ httpd/httpd/trunk/modules/proxy/proxy_util.c Mon Aug 4 05:53:50 2008 @@ -1380,7 +1380,6 @@ proxy_worker *worker = (proxy_worker *)theworker; if (worker-cp-res) { worker-cp-pool = NULL; -apr_reslist_destroy(worker-cp-res); } return APR_SUCCESS; } Well, you've beat me :) The complete conn_pool_cleanup function can be omitted, and there is no need for checking if (conn-worker-cp-pool) in the connection_destructor. Might be. At the current state it makes it possible to keep trunk and 2.2.x very similar until all in apr land is sorted out. We can cleanup the remaining parts then. +1. Let's wait until APR gets sorted out before we start mucking around with fixing 2.2 and trunk to handle an in-flux APR
Re: svn commit: r682369 - /httpd/httpd/trunk/modules/proxy/proxy_util.c
Ruediger Pluem wrote: On 08/04/2008 03:50 PM, Mladen Turk wrote: [EMAIL PROTECTED] wrote: --- httpd/httpd/trunk/modules/proxy/proxy_util.c (original) +++ httpd/httpd/trunk/modules/proxy/proxy_util.c Mon Aug 4 05:53:50 2008 @@ -1380,7 +1380,6 @@ proxy_worker *worker = (proxy_worker *)theworker; if (worker-cp-res) { worker-cp-pool = NULL; -apr_reslist_destroy(worker-cp-res); } return APR_SUCCESS; } Well, you've beat me :) The complete conn_pool_cleanup function can be omitted, and there is no need for checking if (conn-worker-cp-pool) in the connection_destructor. Might be. At the current state it makes it possible to keep trunk and 2.2.x very similar until all in apr land is sorted out. We can cleanup the remaining parts then. Well I was hopping to add an extra apr_reslist_maintain function that would allow to close the expired resources out of the require/release bounds. Right now in proxy the connection will be release only if the particular mpm child process gets request for a particular worker. It can take minutes or hours on slow hit ratio for that to happen. So the ttl is more a 'guess' rather then a firm fact. Regards -- ^(TM)
Re: svn commit: r682369 - /httpd/httpd/trunk/modules/proxy/proxy_util.c
Jim Jagielski wrote: On Aug 4, 2008, at 9:54 AM, Ruediger Pluem wrote: On 08/04/2008 03:50 PM, Mladen Turk wrote: [EMAIL PROTECTED] wrote: --- httpd/httpd/trunk/modules/proxy/proxy_util.c (original) +++ httpd/httpd/trunk/modules/proxy/proxy_util.c Mon Aug 4 05:53:50 2008 @@ -1380,7 +1380,6 @@ proxy_worker *worker = (proxy_worker *)theworker; if (worker-cp-res) { worker-cp-pool = NULL; -apr_reslist_destroy(worker-cp-res); } return APR_SUCCESS; } Well, you've beat me :) The complete conn_pool_cleanup function can be omitted, and there is no need for checking if (conn-worker-cp-pool) in the connection_destructor. Might be. At the current state it makes it possible to keep trunk and 2.2.x very similar until all in apr land is sorted out. We can cleanup the remaining parts then. +1. Let's wait until APR gets sorted out before we start mucking around with fixing 2.2 and trunk to handle an in-flux APR If the under the hood apr_reslist behavior is of such concern we can create apr_reslist_create_ex with some param that will allow to specify the pool cleanup ordering keeping everyone happy concerning backporting and still allowing all the goodies. Regards -- ^(TM)
Re: Testing modules using Python
On Mon, Aug 04, 2008 at 04:27:58PM +0200, [EMAIL PROTECTED] wrote: Hi, I want to unit test my module (catacomb.tigris.org) using Python. My idea is to load the module with ctypes (a python module that allows to load functions from shared libraries into python) and test it in this environment. The main advantage is that it's much easier to create mock-up objects in Python than in C. My problem is that ctypes fails if the shared library contains any undefined symbols. Because the module is used normally together with a httpd server, there're a lot of undefined symbols. My solution is to link libapr, libaprutil, libexpat and libmysql statically in my module and to add a file with the definitions of the apache-internal functions (just copy and paste from httpd source). With every function which I copy in this file I get a few new undefined symbols. All in all it's a pain to search all definitions and I probably have to do this again after adding new features which uses other functionalities. Is there an easier way to do this? To build a module which includes all needed links to apache functions without linking the needed libraries statically and copy-and-paste functions from apache source? Or do you know a better way to do this? Steven With httpd 1.3, there used to be a way to build something what was called shared core, a shared object that contained the server in a form you could link it into an application. I don't know if this is still possible with httpd 2.x, but what used I in an RPM package at the time was --enable-rule=SHARED_CORE mkdir shared_core cp -p src/libhttpd.ep src/libhttpd.so src/httpd shared_core # install shared-core apache install -m 755 shared_core/libhttpd.ep $RPM_BUILD_ROOT/%{_libdir}/%{name} install -m 755 shared_core/libhttpd.so $RPM_BUILD_ROOT/%{_libdir}/%{name} ln -s %{_libdir}/%{name}/libhttpd.ep $RPM_BUILD_ROOT/%{_sbindir}/httpd-shared_core ln -s %{_libdir}/%{name}/libhttpd.so $RPM_BUILD_ROOT/%{_libdir}/libhttpd.so At the time, that was reportedly working to build DSOs with Kylix 3. Peter -- Contact: [EMAIL PROTECTED] (a.k.a. [EMAIL PROTECTED]) #opensuse-mirrors on freenode.net Info: http://en.opensuse.org/Mirror_Infrastructure SUSE LINUX Products GmbH Research Development pgp5uxWB6T0sk.pgp Description: PGP signature
WIX-based httpd installer [Was: about httpd installer]
William A. Rowe, Jr. wrote: I'll add though, that if you can do it from scratch, the obvious way in this day and age is to start with the WIX project (sourceforge, MS created) which is an XML format - very transparent, and can be built by any of the contributors using free tools. That's actually my roadmap for apr (httpd etc). Bill A colleague of mine, Michael Faden, used WIX in a project recently and would like to throw in a couple of hours to implement an httpd installer based on WIX. Are you interested in such a contribution, or did you already work on it yourself? If there is some interest, he would contact the list himself, and most likely he would need to ask a few questions concerning the things, that the momentary httpd installer does on the target system. Regards, Rainer
Re: svn commit: r682369 - /httpd/httpd/trunk/modules/proxy/proxy_util.c
Mladen Turk wrote: If the under the hood apr_reslist behavior is of such concern we can create apr_reslist_create_ex with some param that will allow to specify the pool cleanup ordering keeping everyone happy concerning backporting and still allowing all the goodies. In APR version 1.4.0 of course. That could be a nice combination.
Re: svn commit: r682369 - /httpd/httpd/trunk/modules/proxy/proxy_util.c
William A. Rowe, Jr. wrote: Mladen Turk wrote: If the under the hood apr_reslist behavior is of such concern we can create apr_reslist_create_ex with some param that will allow to specify the pool cleanup ordering keeping everyone happy concerning backporting and still allowing all the goodies. In APR version 1.4.0 of course. That could be a nice combination. Sure. Seems we cannot backport even the existing change to 1.3.x since it can cause user code to break in some cases, like shown in this example. For 1.3.x, Bojan can register the pre_cleanup for apr_dbd after creating the reslist, so actually mimicking the trunk behavior, but thats for APR list discussion. Regards -- ^(TM)
Mpm maintenance thread hook
Hi, Right now any event happening in mpm child process is per request based. As an example I'll give mod_proxy and its connection pool. The connection_pool maintenance happens only when a request comes in which is fine for a frequently accessed server. If there is no request for a long time the ttl (time to live) is useless cause nothing can call the maintenance. I propose we create a single maintenance thread (configurable) for each child process (on creation) with child lifetime, and configurable interval that will call module callbacks registered to this hook. Something like in register hooks: ap_hook_watchdog(watchdog_handler, NULL, NULL, APR_HOOK_FIRST); The maintenance (watchdog) thread would call registered hooks at configured interval independent from the request rate allowing modules to do what ever needed. Usage examples: mod_proxy connection pool maintenance mod_balancer decaying (averaging) the transferred statistics, so that node-up/recovery doesn't consume all the load. mod_proxy_ajp sending ping/pong at regular intervals (detecting node failure before request) mod_cache probably lots of use cases since its time interval related I'm not sure if the hook is a correct API to choose or something like ap_register_provider API that will allow module to register the desired watchdog interval, or something. Right now this can be done on per-module basis by creating the thread on child_init (we have that in mod_jk for example), but this can lead to multiple threads created by modules basically only calling some function at regular intervals. Having that server wide would lower down the resource usage although it might lead to serialization problems if the callback takes a long time to execute. Comments, other ideas? Regards -- ^(TM)
Re: Mpm maintenance thread hook
On 8/4/08 12:59 PM, Mladen Turk [EMAIL PROTECTED] wrote: mod_balancer decaying (averaging) the transferred statistics, so that node-up/recovery doesn't consume all the load. mod_proxy_ajp sending ping/pong at regular intervals (detecting node failure before request) mod_cache probably lots of use cases since its time interval related Couldn't these be in the monitor hook in parent, assuming some shared memory tied the children together? I'm +1 on the idea. For 99% of my stuff, the servers get access frequently enough that it doesn't matter, but I have had to hack together a few child maintenance threads. -- Brian Akins Chief Operations Engineer Turner Digital Media Technologies
Re: Mpm maintenance thread hook
Mladen Turk wrote: Comments, other ideas? I would prefer to not add a separate 'dedicated' thread, but just 'use' a worker thread, when it is about to idle instead. When you are about to go into the idle wait, check if there are any timed tasks that need to execute soon, and run that instead of going idle. This is where I wanted to do with the (unfinished) Simple MPM... Have an API to schedule callbacks in the future, react to IO, or other events. Rather than having dedicated threads for all of them, I wanted to use a single worker pool. -Paul
Re: Mpm maintenance thread hook
On Aug 4, 2008, at 1:57 PM, Paul Querna wrote: Mladen Turk wrote: Comments, other ideas? I would prefer to not add a separate 'dedicated' thread, but just 'use' a worker thread, when it is about to idle instead. When you are about to go into the idle wait, check if there are any timed tasks that need to execute soon, and run that instead of going idle. +1
Re: Mpm maintenance thread hook
On Aug 4, 2008, at 1:25 PM, Akins, Brian wrote: On 8/4/08 12:59 PM, Mladen Turk [EMAIL PROTECTED] wrote: mod_balancer decaying (averaging) the transferred statistics, so that node-up/recovery doesn't consume all the load. mod_proxy_ajp sending ping/pong at regular intervals (detecting node failure before request) mod_cache probably lots of use cases since its time interval related Couldn't these be in the monitor hook in parent, assuming some shared memory tied the children together? *grin* I've always wondered what usefulness ap_run_monitor(p) was...
Re: svn commit: r682389 - in /httpd/httpd/trunk: CHANGES modules/generators/mod_cgid.c
Thanks for keeping track of this. Wouldn't it make sense to keep the code identical in mod_cgi and mod_cgid? Jim got this in r682475 before I could ACK. I updated the backport proposal. Thanks for the review. -- Eric Covener [EMAIL PROTECTED]