Re: [PATCH][1.3] Segfault in mod_proxy
At 05:00 PM 7/17/2003, William A. Rowe, Jr. wrote: I should have read the rest of the thread first. I'm happy with a .28 release already and will do the win32-magic tonight. Sorry this took me a little while to get to the top of my plate. The installers for Apache 1.3.28/Win32 are now created and available for testing and download from: http://www.apache.org/dist/httpd/binaries/win32/ Note there is a new file, apache_1.3.28-win32-x86-symbols.zip. As already introduced for 2.0 packaging, we will now make the exact set of diagnostic symbols available for users to simply unpack into their apache/ directory (with the appropriate -dir flag to unpack the tree structure.) These files should significantly enhance the core developers' ability to diagonose Win32 crash dump files (.dbg files). Users wishing to be able to look at the raw files may also obtain windbg from Microsoft (free download) and unpack the symbols into their own tree. Even without windbg, these symbol files provide Dr. Watson on Win2k and later, or WinME with the ability to provide a useful backtrace report of a crashed server process. Bill
[PATCH][1.3] Segfault in mod_proxy
Hi folks, so it seems that ProxyPass operation has been broken since at least 1.3.9; we're currently firefighting our way through the list of debian bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=57316 - ProxyPass to ftp urls causes apache to segfault. The attached patch borrows from proxy_http.c's logic and was written by Tollef Fog Heen, with hindrance from myself. If no-one has any objections I'll commit the fix shortly. Cheers, -Thom --- build-tree/apache_1.3.27/src/modules/proxy/proxy_ftp.c 2002-04-07 20:57:36.0 +0200 +++ build-tree/apache_1.3.27/src/modules/proxy/proxy_ftp.c 2003-07-17 12:12:34.0 +0200 @@ -547,13 +547,14 @@ */ int ap_proxy_ftp_handler(request_rec *r, cache_req *c, char *url) { -char *host, *path, *strp, *parms; +char *desthost, *path, *strp, *parms; +char *strp2; char *cwd = NULL; char *user = NULL; /*char *account = NULL; how to supply an account in a URL? */ const char *password = NULL; const char *err; -int port, i, j, len, rc, nocache = 0; +int destport, i, j, len, rc, nocache = 0; int csd = 0, sock = -1, dsock = -1; struct sockaddr_in server; struct hostent server_hp; @@ -562,6 +563,8 @@ BUFF *ctrl = NULL; BUFF *data = NULL; pool *p = r-pool; +char *destportstr = NULL; +const char *urlptr = NULL; int one = 1; NET_SIZE_T clen; char xfer_type = 'A'; /* after ftp login, the default is ASCII */ @@ -593,17 +596,40 @@ /* We break the URL into host, port, path-search */ -host = r-parsed_uri.hostname; -port = (r-parsed_uri.port != 0) -? r-parsed_uri.port -: ap_default_port_for_request(r); -path = ap_pstrdup(p, r-parsed_uri.path); -if (path == NULL) -path = ; -else -while (*path == '/') -++path; - +urlptr = strstr(url, ://); +if (urlptr == NULL) +return HTTP_BAD_REQUEST; +urlptr += 3; +destport = 21; +#ifdef EAPI +ap_hook_use(ap::mod_proxy::ftp::handler::set_destport, +AP_HOOK_SIG2(int,ptr), +AP_HOOK_TOPMOST, +destport, r); +#endif /* EAPI */ +strp = strchr(urlptr, '/'); +if (strp == NULL) { +desthost = ap_pstrdup(p, urlptr); +urlptr = /; +} +else { +char *q = ap_palloc(p, strp - urlptr + 1); +memcpy(q, urlptr, strp - urlptr); +q[strp - urlptr] = '\0'; +urlptr = strp; +desthost = q; +} + +strp2 = strchr(desthost, ':'); +if (strp2 != NULL) { +*(strp2++) = '\0'; +if (ap_isdigit(*strp2)) { +destport = atoi(strp2); +destportstr = strp2; +} +} +path = strchr(urlptr, '/')+1; + /* * The Authorization: header must be checked first. We allow the user * to override the URL-coded user [ password ] in the Browsers' @@ -643,25 +669,25 @@ } /* check if ProxyBlock directive on this host */ -destaddr.s_addr = ap_inet_addr(host); +destaddr.s_addr = ap_inet_addr(desthost); for (i = 0; i conf-noproxies-nelts; i++) { if (destaddr.s_addr == npent[i].addr.s_addr || (npent[i].name != NULL - (npent[i].name[0] == '*' || strstr(host, npent[i].name) != NULL))) + (npent[i].name[0] == '*' || strstr(desthost, npent[i].name) != NULL))) return ap_proxyerror(r, HTTP_FORBIDDEN, Connect to remote machine blocked); } -ap_log_error(APLOG_MARK, APLOG_DEBUG | APLOG_NOERRNO, r-server, FTP: connect to %s:%d, host, port); +ap_log_error(APLOG_MARK, APLOG_DEBUG | APLOG_NOERRNO, r-server, FTP: connect to %s:%d, desthost, destport); -parms = strchr(path, ';'); +parms = strchr(url, ';'); if (parms != NULL) *(parms++) = '\0'; memset(server, 0, sizeof(struct sockaddr_in)); server.sin_family = AF_INET; -server.sin_port = htons((unsigned short)port); -err = ap_proxy_host2addr(host, server_hp); +server.sin_port = htons((unsigned short)destport); +err = ap_proxy_host2addr(desthost, server_hp); if (err != NULL) return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, err); @@ -1293,7 +1319,7 @@ if (destaddr.s_addr == ncent[i].addr.s_addr || (ncent[i].name != NULL (ncent[i].name[0] == '*' || - strstr(host, ncent[i].name) != NULL))) { + strstr(desthost, ncent[i].name) != NULL))) { nocache = 1; break; }
Re: [PATCH][1.3] Segfault in mod_proxy
* Jim Jagielski wrote: Hmmm... I wonder if we should hold off on 1.3.28 then. I'm leaning towards releasing 1.3.28 as-is, and us placing this in patches/ (and of course, being committed to 1.3.29-dev)... +1. It's tagged already and therefore no chance for 1.3.28 get any patches in. nd
Re: [PATCH][1.3] Segfault in mod_proxy
=?ISO-8859-1?Q?Andr=E9?= Malo wrote: +1. It's tagged already and therefore no chance for 1.3.28 get any patches in. Of course. That's why I asked if we should hold off on 1.3.28. I didn't want (and don't want) to see 1.3.28 DOA. If I hadn't tagged and rolled 1.3.28, it wouldn't even be an issue (almost :) ). -- === Jim Jagielski [|] [EMAIL PROTECTED] [|] http://www.jaguNET.com/ A society that will trade a little liberty for a little order will lose both and deserve neither - T.Jefferson
Re: [PATCH][1.3] Segfault in mod_proxy
* Jim Jagielski ([EMAIL PROTECTED]) wrote : Thom May wrote: Hi folks, Hmmm... I wonder if we should hold off on 1.3.28 then. I'm leaning towards releasing 1.3.28 as-is, and us placing this in patches/ (and of course, being committed to 1.3.29-dev)... Any objections? I don't see that we should hold off 1.3.28, but maybe bring up the timescale for .29 a bit afterwards. So yes, +1. (Sorry for bringing this up today, but we litterally only found and fixed it late last night) Cheers -Thom
Re: [PATCH][1.3] Segfault in mod_proxy
* Thom May wrote: so it seems that ProxyPass operation has been broken since at least 1.3.9; we're currently firefighting our way through the list of debian bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=57316 - ProxyPass to ftp urls causes apache to segfault. The attached patch borrows from proxy_http.c's logic and was written by Tollef Fog Heen, with hindrance from myself. If no-one has any objections I'll commit the fix shortly. looks good (though untested). +1. nd
Re: [PATCH][1.3] Segfault in mod_proxy
Jim Jagielski wrote: Thom May wrote: Hi folks, so it seems that ProxyPass operation has been broken since at least 1.3.9; we're currently firefighting our way through the list of debian bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=57316 - ProxyPass to ftp urls causes apache to segfault. The attached patch borrows from proxy_http.c's logic and was written by Tollef Fog Heen, with hindrance from myself. If no-one has any objections I'll commit the fix shortly. Cheers, -Thom Hmmm... I wonder if we should hold off on 1.3.28 then. I'm leaning towards releasing 1.3.28 as-is, and us placing this in patches/ (and of course, being committed to 1.3.29-dev)... Any objections? Please release as-is. This has gone on long enough ;) Meanwhile, having fixes in the tree that people want in a real release is not the worst thing in the world but is instead an incentive for certain types of good behavior.
Re: [PATCH][1.3] Segfault in mod_proxy
Let's release 1.3.28... david - Original Message - From: Thom May [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, July 17, 2003 1:49 PM Subject: Re: [PATCH][1.3] Segfault in mod_proxy * Jim Jagielski ([EMAIL PROTECTED]) wrote : Thom May wrote: Hi folks, Hmmm... I wonder if we should hold off on 1.3.28 then. I'm leaning towards releasing 1.3.28 as-is, and us placing this in patches/ (and of course, being committed to 1.3.29-dev)... Any objections? I don't see that we should hold off 1.3.28, but maybe bring up the timescale for .29 a bit afterwards. So yes, +1. (Sorry for bringing this up today, but we litterally only found and fixed it late last night) Cheers -Thom
Re: [PATCH][1.3] Segfault in mod_proxy
Thom May wrote: --- build-tree/apache_1.3.27/src/modules/proxy/proxy_ftp.c 2002-04-07 20:57:36.0 +0200 +++ build-tree/apache_1.3.27/src/modules/proxy/proxy_ftp.c 2003-07-17 12:12:34.0 +0200 ... +#ifdef EAPI +ap_hook_use(ap::mod_proxy::ftp::handler::set_destport, +AP_HOOK_SIG2(int,ptr), +AP_HOOK_TOPMOST, +destport, r); +#endif /* EAPI */ no ifdef EAPI stuff should be present in real Apache for various reasons (I figure you were going to yank this before committing, but just in case...)
Re: [PATCH][1.3] Segfault in mod_proxy
* Jeff Trawick ([EMAIL PROTECTED]) wrote : Thom May wrote: --- build-tree/apache_1.3.27/src/modules/proxy/proxy_ftp.c 2002-04-07 20:57:36.0 +0200 +++ build-tree/apache_1.3.27/src/modules/proxy/proxy_ftp.c 2003-07-17 12:12:34.0 +0200 ... +#ifdef EAPI +ap_hook_use(ap::mod_proxy::ftp::handler::set_destport, +AP_HOOK_SIG2(int,ptr), +AP_HOOK_TOPMOST, +destport, r); +#endif /* EAPI */ no ifdef EAPI stuff should be present in real Apache for various reasons (I figure you were going to yank this before committing, but just in case...) yes, i was. I should've pulled it before posting, but didn't want to go messing around hand editting diffs :-) it's gone from the patch I've applied to my source tree. Cheers for the review! -Thom
Re: [PATCH][1.3] Segfault in mod_proxy
Thom May wrote: Hi folks, so it seems that ProxyPass operation has been broken since at least 1.3.9; we're currently firefighting our way through the list of debian bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=57316 - ProxyPass to ftp urls causes apache to segfault. The attached patch borrows from proxy_http.c's logic and was written by Tollef Fog Heen, with hindrance from myself. If no-one has any objections I'll commit the fix shortly. You can't commit EAPI changes to the base. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff
Re: [PATCH][1.3] Segfault in mod_proxy
At 07:43 AM 7/17/2003, Jim Jagielski wrote: Thom May wrote: Hi folks, so it seems that ProxyPass operation has been broken since at least 1.3.9; we're currently firefighting our way through the list of debian bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=57316 - ProxyPass to ftp urls causes apache to segfault. The attached patch borrows from proxy_http.c's logic and was written by Tollef Fog Heen, with hindrance from myself. If no-one has any objections I'll commit the fix shortly. Cheers, -Thom Hmmm... I wonder if we should hold off on 1.3.28 then. I'm leaning towards releasing 1.3.28 as-is, and us placing this in patches/ (and of course, being committed to 1.3.29-dev)... The problem is that for the win32 world, we would also distribute a patched replacement for this module. That seems unclean, and the logging issue is fairly minor. Anyone strongly object to moving on to .29 so we catch this fix? Version numbers are cheap - but I think that 1.3'ers enjoy the fact that releases are few and far between. Bill
Re: [PATCH][1.3] Segfault in mod_proxy
I should have read the rest of the thread first. I'm happy with a .28 release already and will do the win32-magic tonight. Bill At 07:43 AM 7/17/2003, Jim Jagielski wrote: Thom May wrote: Hi folks, so it seems that ProxyPass operation has been broken since at least 1.3.9; we're currently firefighting our way through the list of debian bugs and found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=57316 - ProxyPass to ftp urls causes apache to segfault. The attached patch borrows from proxy_http.c's logic and was written by Tollef Fog Heen, with hindrance from myself. If no-one has any objections I'll commit the fix shortly. Cheers, -Thom Hmmm... I wonder if we should hold off on 1.3.28 then. I'm leaning towards releasing 1.3.28 as-is, and us placing this in patches/ (and of course, being committed to 1.3.29-dev)... The problem is that for the win32 world, we would also distribute a patched replacement for this module. That seems unclean, and the logging issue is fairly minor. Anyone strongly object to moving on to .29 so we catch this fix? Version numbers are cheap - but I think that 1.3'ers enjoy the fact that releases are few and far between. Bill
Re: [PATCH][1.3] Segfault in mod_proxy
On Thu, 17 Jul 2003, William A. Rowe, Jr. wrote: Anyone strongly object to moving on to .29 so we catch this fix? Version numbers are cheap - but I think that 1.3'ers enjoy the fact that releases are few and far between. Uhhh... proxypass to ftp urls is a rather obscure feature that is obviously unused (since it doesn't work). I don't see why this needs to cause us any grief. Joshua.