64 bit libapreq2 segfaults
Hi all, I'll summarize my problem: my module runs fine on 32 bit (i386) machines but segfaults constantly on 64 bit (x86_64) machines. It seems that the address returned by apreq_handle_apache2 is out of bounds, accessing it (e.g. with other libapreq2 functions) leads to a segfault. Funny thing is: I got a valid address from apreq_handle_apache2 when debugging it with gdb. The machines I tested are Xen DomUs running CentOS 5.3. I tested libapreq2-2.12 as well as svn-trunk (r783546). This is the output of my gdb session: (gdb) run -X -d /etc/httpd ... Program received signal SIGSEGV, Segmentation fault. apreq_param (req=0xad4fff80, key=0x2ad7a140e981 s) at ../include/apreq_module.h:196 196 return req-module-args_get(req, name); (gdb) bt full #0 apreq_param (req=0xad4fff80, key=0x2ad7a140e981 s) at ../include/apreq_module.h:196 param = value optimized out #1 0x2ad7a140e440 in cod_handler (r=0x2ad7ad4fb048) at mod_zeec_cod.c:179 req = (apreq_handle_t *) 0xad4fff80 s = value optimized out #2 0x2ad7960c89ba in ap_run_handler () from /usr/sbin/httpd No symbol table info available. #3 0x2ad7960cbe32 in ap_invoke_handler () from /usr/sbin/httpd No symbol table info available. #4 0x2ad7960d6888 in ap_process_request () from /usr/sbin/httpd No symbol table info available. #5 0x2ad7960d3ac0 in ?? () from /usr/sbin/httpd No symbol table info available. ... (gdb) p *req Cannot access memory at address 0xad4fff80 (gdb) return Make apreq_param return now? (y or n) y #0 0x2ad7a140e440 in cod_handler ( r=0x2ad7ad4fb048) at mod_zeec_cod.c:179 179 if (apreq_param(req, s)) (gdb) p *apreq_handle_apache2(r) $3 = {module = 0x2ad7a11fe8a0, pool = 0x2ad7ad4fafd8, bucket_alloc = 0x2ad7ad4f8fc8} Many thanks in advance and let me know if you need more information. David
Shared memory hash table.
Hi all, Please let me know ur comments / suggestion on the following. 1. Is there any apache apr to have shared memory hash Table. I want a hash table with is shared and should be able to access and change in runtime. We can do work around with the apr_shm and apr_rmm to achieve this. but just wanted to know is there any function already available which suits this requirement. Pls guide me with your comments. thanks in advance, Jaysingh Samuel. _ Live Search extreme As India feels the heat of poll season, get all the info you need on the MSN News Aggregator http://news.in.msn.com/National/indiaelections2009/aggregator/default.aspx
Bug report for Apache httpd-1.3 [2009/06/28]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10744|New|Nor|2002-07-12|suexec might fail to open log file| |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |10760|New|Maj|2002-07-12|empty ftp directory listings from cached ftp direc| |14518|Opn|Reg|2002-11-13|QUERY_STRING parts not incorporated by mod_rewrite| |16013|Opn|Nor|2003-01-13|Fooling mod_autoindex + IndexIgnore | |16631|Inf|Min|2003-01-31|.htaccess errors logged outside the virtual host l| |17318|Inf|Cri|2003-02-23|Abend on deleting a temporary cache file if proxy | |19279|Inf|Min|2003-04-24|Invalid chmod options in solaris build| |21637|Inf|Nor|2003-07-16|Timeout causes a status code of 200 to be logged | |21777|Inf|Min|2003-07-21|mod_mime_magic doesn't handle little gif files| |22618|New|Maj|2003-08-21|MultiViews invalidates PATH_TRANSLATED if cgi-wrap| |25057|Inf|Maj|2003-11-27|Empty PUT access control in .htaccess overrides co| |26126|New|Nor|2004-01-14|mod_include hangs with request body | |26152|Ass|Nor|2004-01-15|Apache 1.3.29 and below directory traversal vulner| |26790|New|Maj|2004-02-09|error deleting old cache file | |29257|Opn|Nor|2004-05-27|Problem with apache-1.3.31 and mod_frontpage (dso,| |29498|New|Maj|2004-06-10|non-anonymous ftp broken in mod_proxy | |29538|Ass|Enh|2004-06-12|No facility used in ErrorLog to syslog| |30207|New|Nor|2004-07-20|Piped logs don't close read end of pipe | |30877|New|Nor|2004-08-26|htpasswd clears passwd file on Sun when /var/tmp i| |30909|New|Cri|2004-08-28|sporadic segfault resulting in broken connections | |31975|New|Nor|2004-10-29|httpd-1.3.33: buffer overflow in htpasswd if calle| |32078|New|Enh|2004-11-05|clean up some compiler warnings | |32539|New|Trv|2004-12-06|[PATCH] configure --enable-shared= brocken on SuSE| |32974|Inf|Maj|2005-01-06|Client IP not set | |33086|New|Nor|2005-01-13|unconsistency betwen 404 displayed path and server| |33495|Inf|Cri|2005-02-10|Apache crashes with WSADuplicateSocket failed for| |33772|New|Nor|2005-02-28|inconsistency in manual and error reporting by sue| |33875|New|Enh|2005-03-07|Apache processes consuming CPU| |34108|New|Nor|2005-03-21|mod_negotiation changes mtime to mtime of Document| |34114|New|Nor|2005-03-21|Apache could interleave log entries when writing t| |34404|Inf|Blk|2005-04-11|RewriteMap prg can not handle fpout | |34571|Inf|Maj|2005-04-22|Apache 1.3.33 stops logging vhost| |34573|Inf|Maj|2005-04-22|.htaccess not working / mod_auth_mysql| |35424|New|Nor|2005-06-20|httpd disconnect in Timeout on CGI| |35439|New|Nor|2005-06-21|Problem with remove /../ in util.c and mod_rewri| |35547|Inf|Maj|2005-06-29|Problems with libapreq 1.2 and Apache::Cookie | |3|New|Nor|2005-06-30|Can't find DBM on Debian Sarge| |36375|Opn|Nor|2005-08-26|Cannot include http_config.h from C++ file| |37166|New|Nor|2005-10-19|Under certain conditions, mod_cgi delivers an empt| |37252|New|Reg|2005-10-26|gen_test_char reject NLS string | |38989|New|Nor|2006-03-15|restart + piped logs stalls httpd for 24 minutes (| |39104|New|Enh|2006-03-25|[FR] fix build with -Wl,--as-needed | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39937|New|Nor|2006-06-30|Garbage output if README.html is gzipped or compre| |40224|Ver|Nor|2006-08-10|System time crashes Apache @year 2038 (win32 only?| |41279|New|Nor|2007-01-02|Apache 1.3.37 htpasswd is vulnerable to buffer ove| |42355|New|Maj|2007-05-08|Apache 1.3 permits non-rfc HTTP error code = 600 | |43626|New|Maj|2007-10-15|r-path_info returning invalid value | |44768|New|Blk|2008-04-07|Server suddenly reverted to showing test page only| |44926|New|Nor|2008-05-02|1.3.41 binary downloads are faulty MSIs |
httpd initd daemon
i would like to set the httpd instance to run as standard linux daemon. the daemon should be controlled by the init daemon. the problem is that the apachectl that runs the httpd is starting the main server process then forking N StarServers and return 0 or something else. I would like it to be hang while it run i.e. right before exiting addin select command that will listen on some signal, like SIGTERM. is there any way to add it? if so can somebody recomands what is the best place to make the change? is there allready such feature? -- View this message in context: http://www.nabble.com/httpd-initd-daemon-tp24251132p24251132.html Sent from the Apache HTTP Server - Dev mailing list archive at Nabble.com.
Re: httpd initd daemon
2009/6/29 Yahav bi...@lucent.com: i would like to set the httpd instance to run as standard linux daemon. the daemon should be controlled by the init daemon. the problem is that the apachectl that runs the httpd is starting the main server process then forking N StarServers and return 0 or something else. I would like it to be hang while it run i.e. right before exiting addin select command that will listen on some signal, like SIGTERM. is there any way to add it? if so can somebody recomands what is the best place to make the change? is there allready such feature? Have you tried: httpd -DFOREGROUND instead of apachectl. Read the httpd manual page and Google search on that for more information. Graham
Re: httpd initd daemon
many thanks Graham Dumpleton-2 wrote: 2009/6/29 Yahav bi...@lucent.com: i would like to set the httpd instance to run as standard linux daemon. the daemon should be controlled by the init daemon. the problem is that the apachectl that runs the httpd is starting the main server process then forking N StarServers and return 0 or something else. I would like it to be hang while it run i.e. right before exiting addin select command that will listen on some signal, like SIGTERM. is there any way to add it? if so can somebody recomands what is the best place to make the change? is there allready such feature? Have you tried: httpd -DFOREGROUND instead of apachectl. Read the httpd manual page and Google search on that for more information. Graham -- View this message in context: http://www.nabble.com/httpd-initd-daemon-tp24251132p24253128.html Sent from the Apache HTTP Server - Dev mailing list archive at Nabble.com.
Re: httpd initd daemon
many thanks it is working. Graham Dumpleton-2 wrote: 2009/6/29 Yahav bi...@lucent.com: i would like to set the httpd instance to run as standard linux daemon. the daemon should be controlled by the init daemon. the problem is that the apachectl that runs the httpd is starting the main server process then forking N StarServers and return 0 or something else. I would like it to be hang while it run i.e. right before exiting addin select command that will listen on some signal, like SIGTERM. is there any way to add it? if so can somebody recomands what is the best place to make the change? is there allready such feature? Have you tried: httpd -DFOREGROUND instead of apachectl. Read the httpd manual page and Google search on that for more information. Graham -- View this message in context: http://www.nabble.com/httpd-initd-daemon-tp24251132p24253136.html Sent from the Apache HTTP Server - Dev mailing list archive at Nabble.com.
Creating a new thread inside a module
Hi All, I want to open a port to communicate my Apache hhtpd (2.2) with small software run on a separate machine .Without affecting the httpd how can i create a new thread to listen to that software. Also I want to start this thread when the mod_proxy_balancer is initialize its balancer members(balancer_init). please helpp me, thank you, Iroshan Under graduate-UCSC Ari Lanka
Re: Creating a new thread inside a module
h iroshan wrote: Hi All, I want to open a port to communicate my Apache hhtpd (2.2) with small software run on a separate machine .Without affecting the httpd how can i create a new thread to listen to that software. Also I want to start this thread when the mod_proxy_balancer is initialize its balancer members(balancer_init). Take a look at trunk's mod_watchdog. It should compile with 2.2 without a problem. However it requires to be statically compiled so it can survive the child death. If that's not feasible, hack it ;) Regards -- ^(TM)
Re: Using slotmem in /mod_lbmethod_heartbeat/mod_heartmonitor
On Jun 24, 2009, at 8:54 AM, jean-frederic clere wrote: Paul Querna wrote: On Tue, Jun 23, 2009 at 5:35 AM, jean-frederic clerejfcl...@gmail.com wrote: Hi, I plan to use slotmem (additionally to the actual file based logic) in the heartbeat logic. HeartbeatStorage mem:logs/hb.dat (slotmem and key/save uses logs/ hb.dat). HeartbeatStorage logs/hb.dat (existing logic). Of course the hearthbeat handler will use slotmem and issue en error at the start if that is not the storage configured. (actualy the the hearthbeat handler doesn't work). The slotmem element will use the proxy_worker_stat and heartbeat actual format...(Well a string big enough). Comments? why do we need to store the same information twice? Not twice, I will just keep the old file logic and add a new one, the proxy_worker_stat would come from the slotmem not from the scoreboard. +1
Re: mod_noloris: mitigating against slowloris-style attack
On Jun 25, 2009, at 11:12 AM, William A. Rowe, Jr. wrote: Nick Kew wrote: Is this worth hacking up, or more trouble than it saves? It already lives in /repos/asf/httpd/mod_ftp/trunk/modules/ftp/ ... see the http://httpd.apache.org/mod_ftp/mod/mod_ftp.html#ftplimitloginip docs. It would be reasonably simple to rip this out and use a single shared implementation for both protocols. An extended scoreboard based solution would be much more efficient, I suspect. Actually, I have a hacked version that uses mod_slotmem :)
Re: Mitigating the Slowloris DoS attack
On Jun 24, 2009, at 5:18 AM, Joe Orton wrote: Regardless, the only thing I've ever wanted to see changed in the server which would somewhat mitigate this type of attack is to have coarser granularity on timeouts, e.g. per-request-read, rather than simply per-IO-operation. ++1. Timeout would set universal defaults and we could then have something like Timeout ReqRead 2 to provide further refinement.
Re: A modest proposal, was Re: Mitigating the Slowloris DoS attack
On Jun 23, 2009, at 8:39 PM, Akins, Brian wrote: On 6/23/09 12:48 AM, Paul Querna p...@querna.org wrote: Mitagation is the wrong approach. We all know our architecture is wrong. Another heretical suggestion: Lighttpd and nginx are both release under BSD-like licenses. Hear me out. I've actually been thinking how possible would it be to transform one of them into httpd 3.0? Most prob not that hard since Lighttpd is a fork of Apache 1.3.
Re: Creating a new thread inside a module
Hi Mladen Turk, Thank you .In Apache 2.2.x trunk there is no such a module mod_watchdog. Is this is from later version?. Can I compile this in DSO mode with mod_proxy_balancer.? Help me Iroshan. Take a look at trunk's mod_watchdog. It should compile with 2.2 without a problem. However it requires to be statically compiled so it can survive the child death. If that's not feasible, hack it ;) Regards -- ^(TM)
Re: Creating a new thread inside a module
Hi All Actually I need *to* modify *Apache* and *run* one custom background *thread *. In addition, my custom modules have *to* be able *to* access the shared memory and it should be done through the background *thread*. Did anybody do this before? Is *there* an example I can use as a starting point? please help me. Best Regards, Iroshan Under graduate UCSC Sri Lanka.
Re: Creating a new thread inside a module
h iroshan wrote: Hi All Actually I need *to* modify *Apache* and *run* one custom background *thread*. In addition, my custom modules have *to* be able *to* access the shared memory and it should be done through the background *thread*. Did anybody do this before? Is *there* an example I can use as a starting point? please help me. I already told you to look at the trunk (mod_watchdog) http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/core/ It is used to manage the hartbeat module at regular intervals (you might look at this as well) and it listens and send data via socket using shared memory extensively and can manage mod_proxy (well should ;) Regards -- ^(TM)
Re: Creating a new thread inside a module
Mladen Turk wrote: Take a look at trunk's mod_watchdog. It should compile with 2.2 without a problem. However it requires to be statically compiled so it can survive the child death. *That's* the reason for static?!? See mod_aspdotnet and several others for how to pin a particular .so module for the lifetime of the process, instead of per-restart. No modules in trunk should require static compilation, period.
Re: Creating a new thread inside a module
Hi Mladen Turk, Thank you very much. I roughly gone throug the mod_watchdog. I create my background thread inside the balancer_init method at mod_proxy_balancer module. But after finished the execution of balancer_init method my thread also terminate automatically. Do you or any body have idea to avoid this. I need to run my background thread until the server stop by user. Best Regards, Iroshan.
protocol for reporting bug that 'may' be considered exploit
Hello, I think we may have discovered an issue with mod_proxy that 'could' be used as an exploit to render an Apache server useless. I normally report more benign bugs via the normal bug reporting interface. However, this one bug is quite easy to create an exploit for so I am looking for guidance on how to report this issue. Should I report this on the apache bug tool (which will make this info publicly available) ? What I have so far 1. a confirmed repro of the bug 2. a general area where we think the offending line in the code is causing the problem 3. attempted to fix the bug and created a patch but to no avail (we aren't familiar with the apr* modules and various ap* functions.) In addition I have scanned through the bug DB and found several instances of similar symptoms that we have observed around issues with mod_proxy. None of the bug a repro. I believe we could have found a repro case that consistently causes a lockup in Apache. Because of the sensitivity of this bug and its relative ease to craft an exploit, let me know how to proceed. We are willing to work with one or more individuals on the apache team who are familiar with the code to repro and test one or more patches. If the normal procedure is to report the bug via the Apache bug db, please let me know. Thanks in advance. PS: During our discovery, we also found another bug but it's more benign and I will file it as a separate bug
Re: protocol for reporting bug that 'may' be considered exploit
On Tue, Jun 30, 2009 at 12:10 AM, Toadietoadie...@gmail.com wrote: Hello, I think we may have discovered an issue with mod_proxy that 'could' be used as an exploit to render an Apache server useless. report via email to secur...@apache.org ( more detail at http://www.apache.org/security/ ) -- Eric Covener cove...@gmail.com
Re: Creating a new thread inside a module
William A. Rowe, Jr. wrote: However it requires to be statically compiled so it can survive the child death. *That's* the reason for static?!? See mod_aspdotnet and several others for how to pin a particular .so module for the lifetime of the process, instead of per-restart. Why can't we make some simpler API for such modules instead hacking the current one when it is obvious that there are modules that cannot survive the graceful restart? No modules in trunk should require static compilation, period. There is a difference between should and must, but seems to me there's no decent API for that. Regards -- ^(TM)
Re: protocol for reporting bug that 'may' be considered exploit
Thank you! Will file one shortly. On Mon, Jun 29, 2009 at 9:24 PM, Eric Covenercove...@gmail.com wrote: On Tue, Jun 30, 2009 at 12:10 AM, Toadietoadie...@gmail.com wrote: Hello, I think we may have discovered an issue with mod_proxy that 'could' be used as an exploit to render an Apache server useless. report via email to secur...@apache.org ( more detail at http://www.apache.org/security/ ) -- Eric Covener cove...@gmail.com