On Fri, Oct 9, 2009 at 12:04 PM, Barry Scott <barry.sc...@onelan.co.uk> wrote: > Jeff Trawick wrote: >> >> On Fri, Oct 9, 2009 at 11:00 AM, Barry Scott <barry.sc...@onelan.co.uk> >> wrote: >> >>> >>> Barry Scott wrote: >>> >>>> >>>> William A. Rowe, Jr. wrote: >>>> >>>>> >>>>> Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another >>>>> candidate >>>>> for your consideration. Please fetch up the newly minted >>>>> mod_fcgid-2.3.4.tar.gz >>>>> (or .tar.bz2) or the win32/netware suitable package >>>>> mod_fcgid-2.3.3-crlf.zip from: >>>>> >>>>> http://httpd.apache.org/dev/dist/mod_fcgid/ >>>>> >>>>> review, take it for a spin, and cast your choice >>>>> >>>>> [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) >>>>> [ ] +1 to release as 2.3.4-beta >>>>> [ ] +1 to release as 2.3.4-GA >>>>> >>>>> For getting started, >>>>> >>>>> http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID >>>>> >>>>> >>>>> >>>> >>>> Further testing of our application has shown up a problem. >>>> >>>> With the following configuration we are seeing the request body >>>> of POST messages get stripped out if FcgidAuthorizer is used for >>>> Location /player. If we comment out the "Require onelan magic" the >>>> POSTs work. >>>> >>>> Have I misconfigured or is this a bug in mod_fcgid? >>>> >>>> Barry >>>> >>>> >>>> ... >>>> LoadModule fcgid_module modules/mod_fcgid.so >>>> >>>> FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1 >>>> FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1 >>>> FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1 >>>> >>>> >>>> <VirtualHost *:80> >>>> >>>> #+ Rewrite Web API Rules >>>> RewriteEngine on >>>> >>>> # security - deny TRACE and TRACK requests >>>> RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) >>>> RewriteRule .* - [F] >>>> #- Rewrite Web API Rules >>>> >>>> #+ Rewrite Web API Rules >>>> # make the URLs hide the use of dsm.fcgi >>>> RewriteRule ^/$ /dsm.fcgi [L] >>>> RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) >>>> /dsm.fcgi/$1$2 [L] >>>> #- Rewrite Web API Rules >>>> >>>> #+ Rewrite XML API Rules >>>> # make the URLs hide the use of dsmxml.fcgi >>>> RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L] >>>> #- Rewrite XML API Rules >>>> >>>> #+ Rewrite VPN >>>> ReWriteMap ntb_ip_address >>>> prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address >>>> RewriteRule ^/player/(\d+)\.(.*) >>>> http://${ntb_ip_address:$1}:8080/player/$1.$2 [P] >>>> #- Rewrite VPN >>>> >>>> #+ Locations Web VPN API >>>> <Location /player> >>>> #+ HTTP auth file >>>> Order allow,deny >>>> Allow from all >>>> AuthType Digest >>>> AuthName "Manager System" >>>> AuthGroupFile /etc/onelan/common/http.group >>>> AuthUserFile /etc/onelan/common/http.passwd >>>> Require onelan magic >>>> #- HTTP auth file >>>> >>>> FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi >>>> </Location> >>>> </VirtualHost> >>>> >>>> >>>> >>> >>> Looking at bridge_request we see the code is reading the input buckets >>> and feeding then to the Authorizer. >>> >>> It seems to us that: >>> >>> Either this must not happen if the fcgid is an authorizer >>> or the buckets must be put back for whatever handles >>> the POST to process. >>> >> >> yeah; looks like bridge_request() doesn't look at role (FCGI_RESPONDER >> vs. FCGID_AUTHORIZER) >> >> (unless you think this is a regression, start a new thread and/or open >> a Bugzilla entry) >> >> > > 2.3.1 is broken the same way - I guess its a day one bug.
We'd also be worried if 2.2 is NOT broken the same way. (regression over what lots of people are using) > > Bug report and new thread started. Cool... Testing simple patch now.
