r own input filter module.
That is, if I've understood you aright?
--
Nick Kew
I'd consider hooking it earlier in the request cycle, or into mod_proxy
instead. How does mod_proxy_fcgi fit your vision?
--
Nick Kew
your
module will continue to work with (at least) future 2.4.x
releases. That give you C or any language with C linkage.
If you deviate from the API, you're on your own.
Alternatives that (broadly speaking) wrap the C API are also
possible: see for example mod_perl and mod_lua.
--
Nick Kew
s, however, as task that's been done in open source
code you can look at, or perhaps use instead of reinventing
their wheel. Either Ironbee or mod_security will scan a
request body for you.
> btw, Nick I bought your book - it was a great help :)
Thanks :)
--
Nick Kew
} while (!end && (status == APR_SUCCESS));
>> if (status == APR_SUCCESS) {
>> return DECLINED;
>> } else {
>> return HTTP_INTERNAL_SERVER_ERROR;
>> }
>> }
Minor tip there: you're turning EAGAIN into a fatal error.
--
Nick Kew
oblem (perhaps due to a bug outside your control),
issue a blocking call to your own upstream and don't return
anything until you have data (or EOS).
Or if I were working around a bug in closed source, I might
try inserting a placeholder such as an empty data bucket.
--
Nick Kew
n run something ahead of mod_ssl getting in to a connection.
Not sure if that actually leads anywhere useful. Just a thought,
if you haven't already tried it. Your main problem is that you
have a hack that shoehorns vhosts in where they don't belong.
--
Nick Kew
ign? Say, a
bucket that serves data from a static file by seek/read,
just to see how it behaves in different configurations
and whether you can make the architecture work for you?
--
Nick Kew
d file for the benefit
of future byterange requests.
--
Nick Kew
it - becomes hopelessly inefficient for large requests.
There's some discussion of the issue in the mod_proxy docs,
as mod_proxy has an option to support HTTP/1.0 backends that
need an explicit Content-Length.
--
Nick Kew
ly easier than that. Before investing in
new development, consider:
- Could you hook your notification into regular piped logging?
- Would regular logging through an API like syslog or spread
serve (there are third-party modules for those).
- Would a security-oriented tool like Ironbee be complete overkill?
--
Nick Kew
clean. So, a few questions:
I don't know a clean answer: it's not a problem I've ever tackled.
But if you don't find a better solution, you can improve a little
on your existing one by running your child_init after other modules
have done theirs with APR_HOOK_LAST.
--
Nick Kew
are supposed to be about your data. They can in limited
circumstances change metadata (e.g. set a 503), but you'd need
at least to set r-status before the first call to f-next.
--
Nick Kew
, and has no file descriptor.
If your library is designed to be usable in non-file applications,
it'll offer some mechanism for plugging in your own I/O functions.
If not, you could perhaps try some ugly hack: create some bucket of
file-compatible type for it to write to.
--
Nick Kew
a proxy subrequest to
make an HTTP connection.
--
Nick Kew
the update per-process or use shared memory.
In the latter case, use apache's (and apr's) mechanisms
for shared memory and timed monitoring to avoid introducing
new complexity.
--
Nick Kew
to maintain a pool of database connections shared across threads.
Your task looks quite similar to that!
--
Nick Kew
sure to address the security
concerns hinted at in the comments if you do that.
You'd also want to move any further discussion to the dev list.
--
Nick Kew
be APR's network_io module.
If you're thinking HTTP-over-SCTP (if indeed that makes any sense)
then that may be most of what you need to do. If not, or if you want
to do everything as a module, you could start by looking at protocol
modules like mod_ftp or mod_smtp.
--
Nick Kew
On 11 May 2013, at 07:35, Sindhi Sindhi wrote:
Could you please advice?
Did you check the answer in the FAQ?
--
Nick Kew
that - e.g. mod_deflate if the data arrive compressed.
Bottom line: don't make assumptions, as there are no guarantees.
You can of course look at existing filters that do similar things
to yours. Or even read about it in my book :-)
--
Nick Kew
in connect_database (db_pool=0x21c2138,
error_messages=0x7f599a7c7000, dbd_config=dbd_config@entry=0x2273940)
at database/dbd.c:35
Would it not make sense for your module to use mod_dbd to manage
a database connection pool?
--
Nick Kew
On 5 Feb 2013, at 02:29, chary wrote:
I'm writing a mod for apache, and I need some help.
how to do something in a mod when apache is shutting down?
What kind of hooks could be used?
Register your function as a cleanup on the process pool.
--
Nick Kew
check the return status from the output filter chain.
If there's an error, check for closed connection. You can
do that in a handler or an output filter.
--
Nick Kew
a
subrequest or internal redirect in a way that doesn't work with 2.0.
--
Nick Kew
not quite the same as needing a mutable string.
Can your call be modified to accept a non-null-terminated
pointer together with a length? You would of course determine
those by parsing rather than copying the original.
--
Nick Kew
that?
--
Nick Kew
wants to take control of a request then it can
set its own handler (or unset the handler to get the default).
But then it needs to document that it breaks normal configuration!
--
Nick Kew
wants to take control of a request then it can
set its own handler (or unset the handler to get the default).
But then it needs to document that it breaks normal configuration!
--
Nick Kew
constructs, and serves to make your life very easy in the
context of a module!
--
Nick Kew
hint how to actually do this, also googling for
some time didn't get me anything useful either.
You register your own functions for relevant parts of expression parsing.
To get started, I suggest you read the extensive comments in the header
file include/ap_expr.h.
--
Nick Kew
, not unless you hack deep in APR to allocate from shm.
But you can achieve a shared hash using mod_socache.
--
Nick Kew
is basically the same.
Any subrequests or internal redirects involved? Look carefully at the
request object itself.
Or tyops?
--
Nick Kew
answer is, the easy way is to use apr_reslist, which is what
mod_dbd does.
--
Nick Kew
be much more generalisable if it were configurable on/off.
This would remove the issue of running order which you tackled with
APR_HOOK_FIRST.
3. Be conservative in what you send. The last line of your
robots.txt is unterminated!
--
Nick Kew
, or some extension to the HTTP
protocol. Maybe there's some such application- or ptotocol-
oriented filter in your chain?
--
Nick Kew
distro: for example, mod_deflate and mod_sed
offer input filters. mod_security and mod_ironbee are third-party
examples.
I could also recommend the book: see http://www.apachetutor.org/
--
Nick Kew
non-http.
--
Nick Kew
abstractions for shared memory. Older modules
had to work much harder to do the same thing, so looking at them may not
be your best approach.
--
Nick Kew
the latter for mod_authn_socache, which is a simple example.
--
Nick Kew
);// -- new code
Could that be triggering a timeout?
--
Nick Kew
submit
another request via #include virtual.
--
Nick Kew
On 16 Oct 2011, at 00:14, Jodi Bosa wrote:
Is there a module that can record requests+responses before and after other
filters have been invoked?
You mean like mod_diagnostics?
--
Nick Kew
,
not of some part of it. There are various workarounds,
with setuid CGI (and variants on that) the most common.
But take a look at mod_privileges, which would enable you
to do what you want on Solaris. You might be able to
hook into selinux to do something similar.
--
Nick Kew
problem.
This looks reminiscent of
https://issues.apache.org/bugzilla/show_bug.cgi?id=17629
a bug that lurked a long time before being fixed!
I suggest you read that - particularly comment 30 and later,
and see if it sheds any light on your problem.
--
Nick Kew
immediately after the malloc/realloc. See mod_proxy_html
for an example.
--
Nick Kew
database.
Are you sure you need a new module? mod_rewrite can set headers for you,
and RewriteMap can get them from a database.
If you are writing a new module, you could look at how that works.
Also, be sure to check out mod_dbd for how to access SQL databases
more generally.
--
Nick Kew
nabble.com.
--
Nick Kew
nabble.com.
--
Nick Kew
a pointer to look at the util_ldap source.
That's old!
These days we have two shared memory frameworks: slotmem and socache.
I'd look there first, rather than duplicate older code.
--
Nick Kew
hook: you can
access every vhost with care, or set up something server-wide.
--
Nick Kew
(found 0, need 20051115). Please contact the vendor for the correct
version.
Guessing in the dark
You declare the module with
module AP_MODULE_DECLARE_DATA proxy_fdpass_module;
But you don't instantiate it. The macro commonly used in trunk
doesn't exist in 2.2.
--
Nick Kew
) headers.
--
Nick Kew
?
--
Nick Kew
Available for work, contract or permanent
http://www.webthing.com/~nick/cv.html
on at least the configuration walk).
--
Nick Kew
Available for work, contract or permanent
http://www.webthing.com/~nick/cv.html
for reading its input through to EOS and for
returning EOS to its caller. If you fix that and still have the
problem, please describe in detail!
--
Nick Kew
Available for work, contract or permanent
http://www.webthing.com/~nick/cv.html
it would save me a lot of time. Alternatively, if
you think I should just relax and use an atomic increment instead, then let
me know.
What springs to mind (as being supported in the API) is the scoreboard.
mod_slotmem (new in trunk) may be worth a look.
--
Nick Kew
Available for work
response.
Won't make any difference to someone trying to set a request header in a
response.
--
Nick Kew
Available for work, contract or permanent
http://www.webthing.com/~nick/cv.html
On Wed, 12 Jan 2011 14:49:53 -0500
Victor Ronin victor.ro...@gmail.com wrote:
Hi,
I need to write a module, which does something at the beginning and at
the end of each connection.
Register a cleanup on the connection pool.
--
Nick Kew
Available for work, contract or permanent.
http
and child_init get passed
the first server_rec. The server_rec in any later hook is the
virtual host. Could your problem be setting data in one server
then trying to retrieve it from another?
--
Nick Kew
that this pool is cleared
at the end of the final request?
That doesn't really make sense. What is the final request?
If it's requests in a connection, use the connection pool.
Otherwise, you're looking at a time-based solution such
as garbage collection.
--
Nick Kew
, and then reconstruct HTTP requests from the bytestream.
That could be done outside apache.
--
Nick Kew
it to the sysop
and recommend using mod_filter in your documentation.
--
Nick Kew
correspondence in your app, use the connection's configuration
record to pass information to/from the request(s).
--
Nick Kew
at an
arbitrary URL?
Yes of course you can!
You can run a subrequest that'll use mod_proxy. Or you can use your choice
of HTTP client code.
--
Nick Kew
On 10 Jun 2010, at 07:34, Eddy wrote:
How modify (decrypt data) the body content before all module ?
That's what filters do.
See mod_ssl for secure encryption. Or in your case since it's only the
body content, see for example mod_deflate for a comparable task.
--
Nick Kew
as an
example that may be nearer to what you want if your needs are
sufficiently complex to demand a new module.
--
Nick Kew
, that's a lot
of wheel to reinvent.
--
Nick Kew
.
In that case, you're probably the exception to the general advice to
use mod_proxy. Simplest would probably be DIY with your choice
of HTTP client library.
--
Nick Kew
.
--
Nick Kew
-threaded. So the usual module rules
go out of the window, and you can use global/static vars in a monitor hook.
They're not shared with the children anyway.
--
Nick Kew
.
If apache DBD API doesn't meet your needs, you can invoke
sqlite directly, but use LoadFile so sysops can load libsqlite if
and only if it's not already loaded.
--
Nick Kew
with APR versions.
--
Nick Kew
Robert Schulze wrote:
Hi,
is there another way to enum the status of all current connection slots,
except for the scoreboard? The problem is that its information lacks the
client's ip address as long as the slot is in BUSY_READ. So there is no
chance of retrieving the slot-count for a given
filter?
How do you know the subrequest exists at the point where you access
it from the filter?
Put whatever you need on your module's filter's context.
--
Nick Kew
Michael Franklin wrote:
So my questions are:
1) In an Apache module, how do you output a std::wstring or wchar_t* to the client as UTF-8?
You would have to ensure it is utf-8, then output it. Or else
use it with an output filter that converts to utf-8. But if
you're using 16-bit chars
and it'll work without mod_perl. You want C, my book takes you
through
developing a custom authentication/authorization handler.
If I understood your original question (... conditional
authentication ... if
public access is granted??) I could perhaps say something more
specific.
--
Nick Kew
client to support HTTP, without the need for
a Content-Length header.
--
Nick Kew
be in time for
a 2.4 release. Bear in mind that to be of general use, you'll
probably need to start by writing down exactly what you mean by
group, to avoid the likelihood of arguing at cross-purposes.
Otherwise, yes, your module can export its own API independently.
--
Nick Kew
Application
Heh. Lost in the ether (again).
Begin forwarded message:
From: Nick Kew n...@webthing.com
Date: 1 June 2009 21:10:26 BDT
To: modules-dev@httpd.apache.org
Subject: Re: Making HTTP requests
Michael Spiegle wrote:
I'm writing a module where I need the ability to make HTTP
requests to
servers
[seems to be lost in the ether]
Begin forwarded message:
From: Nick Kew n...@webthing.com
Date: 23 May 2009 22:12:14 BDT
To: modules-dev@httpd.apache.org
Subject: Re: persistent data : common/best practices
On Sat, 23 May 2009 21:07:05 +0200
Jérôme Renard j...@ez.no wrote:
I thought about
the test, on the dubious grounds that if pool allocation fails,
then your error handling is pretty-much going to fail for the
same reason so it's pointless.
With apr exploring entirely different allocators, that excuse
looks ever more suspect. So, yes, you're right.
--
Nick Kew
Application Development
. Is this disallowed/discouraged in the spec or an
oversight in the
implementation?
Both. It's an edge case, and a mod_form incompleteness. But it
won't bite you
unless your application uses a POST form with a query_string in the
action.
Or perhaps does similar for non-browser data.
--
Nick Kew
things?
--
Nick Kew
could be a mod_proxy protocol module. You might want to look
at how mod_proxy(_balancer) and mod_dbd maintain connection pools.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
mentioned above are to be sent to another server.
So that's a (reverse) proxy architecture. Apache is happy with that,
and indeed it's a very common scenario.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
of deprecating, or even pulling, the client_block API.
But it never happened, nor do I think it's likely to in future 2.x.
As for performance, you're unlikely to see a significant change
unless you find some optimisation outside the scope of this question.
--
Nick Kew
Application Development
perhaps give you more
separation, though at quite a cost in terms of efficiency if
each vhost needs its own libraries!
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
On Wed, 18 Jun 2008 12:56:08 +0100
Konstantin Chuguev [EMAIL PROTECTED] wrote:
Since there can be multiple different fixes of this bug and I'm not
sure which is better, I haven't provided the patch.
Yes, it's broken. That's why it's deprecated. The fix is mod_filter.
--
Nick Kew
sent (or gives back error)?
That's out of your hands. A filter in the chain may or
may not buffer some or all of the data, and may block or
return to you while still processing.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
the data twice.
But that's likely to mean you're doing the same work twice over.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
/mod_authz_host
but using a different lookup.
3. mod_rewrite can already do what you're looking for.
If you want to drive it from SQL, you can use
RewriteMap dbd:your-SQL-query
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
want
to do that for a variety of reasons.
So where do you suppose all that data will be squirreled away
between computing md5 and using it the second time?
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
processing hook. Or if you want to
do it the hard way, write a protocol filter.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
command calling
apache2ctl
No. You'd have to make your module read the config in question from
somewhere
other than httpd.conf. See the SQL-based vhosting modules for examples.
--
Nick Kew
of a molehill. You can do the proxying
using RewriteRule, and the dynamic mapping using RewriteMap.
Or if you want to do it in a module, you can just use a
header_parser hook, which is much simpler than a filter.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http
enabled
on 2.2 (where it's a default).
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
On Tue, 18 Mar 2008 19:45:06 +0530
Pitchaimani Muthuveeran [EMAIL PROTECTED] wrote:
How could i redirect the request and mark it as initial request?
You don't. But if you tell us why you think you want to,
then maybe an alternative will present itself.
--
Nick Kew
Application Development
server is present in
the third-party external application- based on the arguments present
in the incoming requests).
That's what RewriteMap is for.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
On Sat, 16 Feb 2008 07:36:41 -0800
Brian Smith [EMAIL PROTECTED] wrote:
Where can I find out which APIs are official vs. unofficial?
If it's in include/something.h, it's official.
--
Nick Kew
Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/
1 - 100 of 138 matches
Mail list logo