Re: Bug#269499: apache-ssl: SSL log directives don't work?
tag 269499 moreinfo
stop
On Wed, 1 Sep 2004, Rafael D'Halleweyn wrote:
Package: apache-ssl
Version: 1.3.31-5
Severity: important
The SSL log directives don't work for me, I only get a '+' in the logs.
Looking at the source in src/modules/standard/mod_log_config.c, I see
that the '%{clientcert}c' log directive is actually handled by
log_connection_status since it appears in the log_item_keys array before
log_ssl_info (and find_log_func matches on the first entry).
So, as far as I understand, the '+' in the logs is the 'status of the
connection'.
Since '%c' is the same as '%X', the '%c' directive should probably be
removed.
please attach you config files.
Fabio
--
user fajita: step one
fajita Whatever the problem, step one is always to look in the error log.
user fajita: step two
fajita When in danger or in doubt, step two is to scream and shout.
Processed: Re: Bug#269499: apache-ssl: SSL log directives don't work?
Processing commands for [EMAIL PROTECTED]: tag 269499 moreinfo Bug#269499: apache-ssl: SSL log directives don't work? There were no tags set. Tags added: moreinfo stop Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Bug#269580: apache2 should have versioned dependancy to apache2 models
Package: apache2 Version: 2.0.50-11 Severity: normal Hi, I think apache2 should have versioned dependancy to apache2 models, because in current situation command apt-get install apache2 doesn't upgrade apache2 webserver - it only upgrades an apache2 metapackage and leaves outdated real apache2 webserver (for example apache2-mpm-worker ), so this misleads lots of users. -- System Information: Debian Release: 3.1 Architecture: i386 Kernel: Linux dubrava.homelinux.org 2.6.5-1-k7 #2 Fri Apr 30 20:46:35 EST 2004 i686 Locale: LANG=lt_LT, LC_CTYPE=lt_LT Versions of packages apache2 depends on: ii apache2-mpm-worker2.0.50-5 High speed threaded model for Apac -- no debconf information
Re: Bug#269499: apache-ssl: SSL log directives don't work?
On Thu, 2004-09-02 at 06:41 +0200, Fabio Massimo Di Nitto wrote:
please attach you config files.
See attached. conf.d only contains the configlet for gallery.
I am looking at the contents of the ssl.log file, which contains:
[31/Aug/2004:17:52:43 -0400] + + +
ssl.log is defined as:
CustomLog /var/log/apache-ssl/ssl.log %t %{version}c %{cipher}c %
{clientcert}c
BTW. I removed { 'c', log_connection_status, 0 } from the
log_item_keys array in mod_log_config.c and I am now getting the logs
that I expect.
Thanks,
Raf.
##
## httpd.conf -- Apache HTTP server configuration file
##
ServerType standalone
ServerRoot /etc/apache-ssl
LockFile /var/lock/apache-ssl.lock
PidFile /var/run/apache-ssl.pid
ScoreBoardFile /var/run/apache-ssl.scoreboard
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 100
Listen 563
Port 563
#BindAddress *
Include /etc/apache-ssl/modules.conf
User www-data
Group www-data
ServerAdmin [EMAIL PROTECTED]
ServerName .
#SSLNoV2
SSLRandomFile file /dev/urandom 1024
SSLRandomFilePerConnection file /dev/urandom 1024
SSLEnable
SSLCacheServerPath /usr/lib/apache-ssl/gcache
SSLCacheServerPort /var/run/gcache_port
SSLSessionCacheTimeout 15
SSLCACertificatePath /etc/apache-ssl/ssl
SSLCACertificateFile /etc/apache-ssl/ssl/cacert.pem
SSLCertificateFile /etc/apache-ssl/ssl/cert.pem
SSLCertificateKeyFile /etc/apache-ssl/ssl/key.pem
SSLVerifyClient 2
SSLVerifyDepth 2
#SSLFakeBasicAuth
#SSLUseCRL
#SSLCRLCheckAll
SSLRequiredCiphers RC4-MD5:RC4-SHA:IDEA-CBC-MD5:DES-CBC3-SHA
DocumentRoot /home/www
Directory /
#Options SymLinksIfOwnerMatch
AllowOverride All
/Directory
Directory /home/www/
#Options Indexes Includes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
/Directory
IfModule mod_dir.c
DirectoryIndex index.html index.htm index.shtml index.php
/IfModule
AccessFileName .htaccess
Files ~ ^\.ht
Order allow,deny
Deny from all
/Files
UseCanonicalName Off
TypesConfig /etc/mime.types
DefaultType text/plain
HostnameLookups Off
ErrorLog /var/log/apache-ssl/error.log
LogLevel warn
LogFormat %h %l \%u\ %t \%r\ %s %b \%{Referer}i\ \%{User-Agent}i\
\%{forensic-id}n\ %T %v full
LogFormat %h %l \%u\ %t \%r\ %s %b \%{Referer}i\ \%{User-Agent}i\
\%{forensic-id}n\ %P %T debug
LogFormat %h %l \%u\ %t \%r\ %s %b \%{Referer}i\ \%{User-Agent}i\
\%{forensic-id}n\ \%{clientcert}c\ combined
LogFormat %h %l \%u\ %t \%r\ %s %b \%{forensic-id}n forensic
LogFormat %h %l \%u\ %t \%r\ %s %b common
LogFormat %{Referer}i - %U referer
LogFormat %{User-agent}i agent
CustomLog /var/log/apache-ssl/access.log combined
ServerSignature Off
ServerTokens Prod
IfModule mod_mime.c
AddEncoding x-compress Z
AddEncoding x-gzip gz tgz
AddType application/x-tar .tgz
AddType image/bmp .bmp
AddType text/x-hdml .hdml
/IfModule
IfModule mod_bandwidth.c
# BandWidthDataDir /var/lib/apache/mod-bandwidth/
BandWidthModule On
BandWidth 172.18.43.4 0
BandWidth all 40960
LargeFileLimit 25 20480
LargeFileLimit 250 10240
/IfModule
AddDefaultCharset on
CustomLog /var/log/apache-ssl/ssl.log %t %{version}c %{cipher}c %{clientcert}c
Include /etc/apache-ssl/conf.d
# Autogenerated file - do not edit!
# This file is maintained by the apache-ssl package.
# To update it, run the command:
#/usr/sbin/apache-modconf apache-ssl
ClearModuleList
AddModule mod_so.c
AddModule mod_macro.c
LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config_ssl.so
LoadModule agent_log_module /usr/lib/apache/1.3/mod_log_agent.so
LoadModule referer_log_module /usr/lib/apache/1.3/mod_log_referer.so
LoadModule mime_module /usr/lib/apache/1.3/mod_mime_ssl.so
LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
LoadModule access_module /usr/lib/apache/1.3/mod_access.so
LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
LoadModule apache_ssl_module /usr/lib/apache/1.3/libssl.so
LoadModule auth_module /usr/lib/apache/1.3/mod_auth_ssl.so
LoadModule bandwidth_module /usr/lib/apache/1.3/mod_bandwidth.so
LoadModule php4_module /usr/lib/apache/1.3/libphp4.so
Новая еженедельная картинка от Miss Kiss
! MISSKISS http://www.misskiss.ru/enter/109.html 24,. http://www.misssauna.ru/ . , . ! , MISSKISS. �
Bug#199685: Seems to be fixed in apache2 2.0.50-11
Package: apache Followup-For: Bug #199685 The problem seems to be fixed in apache2 at least 2.0.50-11. Anyone having trouble with this bug should consider an upgrade. Daniel.
Bug#242543: More information
I've managed to track down why QUERY_STRING works and PATH_INFO doesn't.
In src/modules/standard/mod_include.c around line 2181 mod_include fixes up
the QUERY_STRING. If I add similar code to fixup PATH_INFO ie:
if (r-path_info) {
ap_table_setn(r-subprocess_env, PATH_INFO, r-path_info);
}
Then it fixes my problem with PATH_INFO not being set correctly.
I think what's happening is that mod_include is setting up the subrequest
using the values from the parent (main?) request. Then code has been
specifically added to correct the QUERY_STRING based on the subrequest, but
not the PATH_INFO.
If I setup a mod_perl that looks up a URI and then runs the subrequest, it
behaves as I expect with the QUERY_STRING and PATH_INFO set according to the
subrequest.
Carl
