Re: library-ization
Jacek Prucia [EMAIL PROTECTED] writes: Is it a goal of the flood project to make a library out of it? In other words, expose an API that other programs could pass data into and out of, and link to? Or will XML be the only way to do this? It will probably be XML only. If you want other software on top of flood, you'll have to wrap it around flood binary (with pipes or so). I started doing this with 'ab', and was directed to flood as a more modern effort with more work going into it. It looks pretty good so far! Yeah, but we still have a lot of work to do. Voulnteers and patches welcome :) Well, I'm primarily interested in seeing flood as a versatile a tool as possible... which for me means a library that I can use with other things, and also a simple command line tool ala ab. I think this would be possible if flood were a library with a few different executable front ends - ab, flood, gtkflood, etc... I guess I'll keep quite though, because I doubt I'll have the time to do this at work. Just out of curiosity, will flood be supplanting 'ab' at some point? This is probably best for Aaron or Justin to answer, but IMHO no. ApacheBench is a very simple tool. You can hit just one url, no config file, etc. It's just fine when it comes to simple testing. Flood can hit many url's, has structured config file, and besides typical stress tests, it can be used also for 'web application regression tests' and 'web capacity planning'. Well... sort of... most of the features aren't implemented yet, but we're moving forward ;)) Hrm... I see. -- David N. Welton Consulting: http://www.dedasys.com/ Personal: http://www.dedasys.com/davidw/ Free Software: http://www.dedasys.com/freesoftware/ Apache Tcl: http://tcl.apache.org/
Re: library-ization
On Tue, Oct 08, 2002 at 06:15:43PM -0700, David N. Welton wrote: Well, I'm primarily interested in seeing flood as a versatile a tool as possible... which for me means a library that I can use with other things, and also a simple command line tool ala ab. I think this would be possible if flood were a library with a few different executable front ends - ab, flood, gtkflood, etc... The HTTP client library is intended to be serf, not flood. Ideally, flood would be rewritten to use serf. Flood's main purpose is to be a HTTP tester not a HTTP client library. See the apr-serf CVS repository and the serf-dev@apr.apache.org mailing lists. -- justin
Re: Antw: Re: Instructions for building aut_ldap under win32 ?
Andre Schild wrote: Did you compile mod_auth_ldap as one module, and util_ldap as the second one ? Mod_auth_ldap and util_ldap are two separate modules where mod_auth_ldap depends on util_ldap. This is done in exactly the same way that proxy_ftp depends on mod_proxy, so if you are looking for some examples on how to do this in Windows, look there. Regards, Graham -- - [EMAIL PROTECTED]There's a moon over Bourbon Street tonight...
Re: building aut_ldap under win32
Andre Schild wrote: finaly I got the module compiled and running under w2k. Sweet... I just comitted them - thanks! If my changes are accepted, then I'm willing to update the README.ldap file to replect the win32 steps to build the module. If you can update the README it would be great... Regards, Graham -- - [EMAIL PROTECTED]There's a moon over Bourbon Street tonight...
Antw: Re: building aut_ldap under win32
Here the updates. The apr_ldap.hw goes in the apr-util/include, as it isn't automaticaly generated for windows. What about renaming util_ldap.c to mod_ldap.c ? Would make the naming of the files/modules more consistent, but on the other hand break the build process for all platforms. But if we wish to change, then we should do it probably asap André [EMAIL PROTECTED] 09.10.2002 08:53:31 Andre Schild wrote: finaly I got the module compiled and running under w2k. Sweet... I just comitted them - thanks! If my changes are accepted, then I'm willing to update the README.ldap file to replect the win32 steps to build the module. If you can update the README it would be great... Regards, Graham -- - [EMAIL PROTECTED]There's a moon over Bourbon Street tonight... README.ldap.diff Description: Binary data apr_ldap.hw Description: Binary data
Re: Antw: Re: building aut_ldap under win32
Andre Schild wrote: Here the updates. The apr_ldap.hw goes in the apr-util/include, as it isn't automaticaly generated for windows. Ok. What about renaming util_ldap.c to mod_ldap.c ? Would make the naming of the files/modules more consistent, but on the other hand break the build process for all platforms. But if we wish to change, then we should do it probably asap Is it that important for now? I think lets rather worry about this when mod_auth_ldap gets fitted to the new authn/authz framework. Then we will be renaming a whole bunch of stuff. Regards, Graham -- - [EMAIL PROTECTED]There's a moon over Bourbon Street tonight...
Re: Antw: Re: building aut_ldap under win32
[EMAIL PROTECTED] 09.10.2002 10:14:58 Andre Schild wrote: What about renaming util_ldap.c to mod_ldap.c ? Is it that important for now? I think lets rather worry about this when mod_auth_ldap gets fitted to the new authn/authz framework. Then we will be renaming a whole bunch of stuff. Ok, lets wait. André
Re: cvs commit: httpd-2.0/server core.c util_script.c
On Wed, Oct 02, 2002 at 03:54:18PM -0700, Joshua Slive wrote: On Wed, 2 Oct 2002, Marc Slemko wrote: Lets not encode env variables, as we discussed earlier. Escaping them is bogus and doesn't solve anything since there are all sorts of variables that aren't and shouldn't be encoded. +1 to what Marc says. The encoding serves no purpose. Preventing the sample cgi scripts from being included in a make install would be a great idea. If this change does get reverted so that SERVER_NAME is not encoded internally again, the error includes need updating so that is is encoded there instead: --- error/include/bottom.html~ 2002-07-11 20:07:03.0 +0100 +++ error/include/bottom.html 2002-10-09 12:04:59.0 +0100 -6,7 +6,7 dl dd address - a href=/!--#echo encoding=none var=SERVER_NAME --/a + a href=/!--#echo encoding=url var=SERVER_NAME --/a br / !--#config timefmt=%c -- small!--#echo encoding=none var=DATE_LOCAL --/small
Re: cvs commit: httpd-2.0/server core.c util_script.c
* Joe Orton wrote:
If this change does get reverted so that SERVER_NAME is not encoded
internally again, the error includes need updating so that is is
encoded there instead:
--- error/include/bottom.html~ 2002-07-11 20:07:03.0 +0100
+++ error/include/bottom.html 2002-10-09 12:04:59.0 +0100
-6,7 +6,7
dl
dd
address
- a href=/!--#echo encoding=none var=SERVER_NAME --/a
+ a href=/!--#echo encoding=url var=SERVER_NAME --/a
should be encoding=entity. url is not right here.
nd
--
package Hacker::Perl::Another::Just;print
qq~@{[reverse split/::/ =__PACKAGE__]}~;
# André Malo # http://www.perlig.de #
Re: Antw: Re: Instructions for building aut_ldap under win32 ?
Andre Schild wrote: Did you compile mod_auth_ldap as one module, and util_ldap as the second one ? Yes. If yes, how did you resolve the missing exports from util_ldap to be able to link mod_auth_ldap. I created a .def file as per the attachment on my previous post and included it in the project. Actually it seems for me, that in util_ldap.h all functions should be declared as AP_DECLARE_NONSTD (or whatever the types/returnvalues require). This way they get exported and can be imported by the mod_auth_ldap module. Could be, but my fix worked :-) Building mod_auth_ldap together with util_ldap doesn't work, since util_ldap_connection_find in util_ldap.c has it's own moduleconfiguration where it stores the pool of ldap connections. Yep. You do have to build them as 2 modules. -- Jess Holle
Re: building aut_ldap under win32
Andre Schild wrote: Hello, finaly I got the module compiled and running under w2k. Here the steps required to get it working: 1. put the two dsp files from the attachement in the experimental folder 2. the netscape/iplanet ldap libraries are installed in srclib\ldap 3. Apply the util_ldap.c.diff and util_ldap.h.diff to the source tree (based on 2.0.43 release) 4. Compile the two modules using the dsp files 5. You get a mod_auth_ldap.so and a util_ldap.so module 6. Put them in the modules directory, don't forget to copy the nsldap32v50.dll somewhere where apache.exe will find it 7. Load the two modules in your httpd.conf, like below: LoadModule ldap_module modules/util_ldap.so LoadModule auth_ldap_module modules/mod_auth_ldap.so 8. Configure the directories as described in the docus. 9. Start apache.exe Additional infos: First: A main problem in the current sources is, that we build two modules (ldap_module and auth_ldap_module) as dll's, but the functions from ldap_module who are required by the mod_auth_ldap don't get exported. To do this, I have changed the util_ldap.h/c files (see diffs) to use a dllexport/import stuff, similar to the system used by mod_proxy. That approach works fine, as does use of a separate modldapwin32.def (or some such) Win32 export definition file. (Ideally) one approach or the other should be selected as preferable and consistently applied in such cases. Second: ldap_module is home in a file named util_ldap, where as all other modules use the form of mod_XY Why not change the source-filename to mod_ldap too ? Reasonable question, but not a real hang-up, right? If my changes are accepted, then I'm willing to update the README.ldap file to replect the win32 steps to build the module. Cool.
Bug handling survey - Tree based models
Hello HTTP contributors, I am conducting a survey about the way bugs are handled in open source software projects. The survey includes questions that can be answered by developers,testers, bug fixers, project managers, and owners of defect databases. It is only and only for research purposes and it is very easy to fill out. It consists of three short sections which can be completed at once or in different sessions. Please fill it out if you haven't done yet. You will find the questions interesting since there is a reason behind each one one of them. They will make you think about how things work (or could work)in your project. The survey can be found in the address: http://www.seas.smu.edu/~gkoru/surveys/dhsurvey.html The data in the bug databases can be used to identify the high risk areas in the software development. One of the ways of doing it is constructing tree-based models, which could be very useful in open source projects. If you would like to read about it, I prepared a web page for you: http://www.seas.smu.edu/~gkoru/surveys/tbdm1.html Please accept my apologies if you receive duplicates of this e-mail. This is a survey, which will give useful results for all of us. I will try to prepare and make some preliminary results on-line within the next two weeks. Since this is a survey, covering many important open source projects, it will be interesting for everybody to see what kind of quality assurance work is going on in the other projects. As always, we are very dedicated to this research. Please contact me for any question you might have. Thank you, A. Gunes Koru http://www.engr.smu.edu/~gkoru
Do __NOT_ randomly use encoding=none in docs SSIs!
Prompted by a recent message about SERVER_NAME, I took a look at some of the default error page SSIs. And they have '#echo encoding=none var=...' sprinkled in all sorts of places. Please, do NOT do this. The ONLY place to use encoding=none is where you know the variable is being set by something that has already properly encoded or filtered any user supplied input, _AND_ we explicitly want any HTML in the variable to be rendered as HTML. It would probably be wise to try to have a list somewhere in the docs of the select subset of server set variables that fall into this category. Things like: ./docs/error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var:die !--#echo encoding= none var=REDIRECT_REQUEST_METHOD---Methode are just security holes waiting to happen, and things like: ./docs/error/include/bottom.html: small!--#echo encoding=none var=DATE_LO CAL --/small while not exploitable, are just nonsensical since if there are any characters that need to be encoded in there, then not doing so will just result in bogus data going to the browser. The default of using entity encoding is fine in the vast majority of cases, and only has to be overridden if we need URL encoding or if we hit a special case like ERROR_NOTES where we don't want to do any encoding.
Mod_cache and multiple brigade problem.
Hi, I found problems in mod_cache + mod_proxy and handling multiple brigade. If someone have ideas on it... 1) When the mod_cache is trying to cache a document in multiple brigade, it store and concat each brigade in cache-saved_brigade. When the first brigade is cached, the r-headers_out are all available, but when the others brigade are going throught the mod_cache, there is no more r-headers_out. Mod_cache is writting the headers informations when it find the last brigade (containing EOS bucket). So at this moment, mod_cache is able to store headers he put in info, but not the others one he should find in r-headers_out So i can read the Server header of my reverse proxy instead of the backend headers. This bug happen really random and i am not able at the moment to exactly find why ? 2) When a document in multiple brigade is handled by reverse proxy and cache. The first time, it cache the document without error. (the browser display the document) The second time, it serve the document from cache.( the browser doesn't display the document) When the browser receive the document from cache, it's impossible for him to display it but he received the good data ( i do a md5sum to control ). The only difference between the two answer, is the not cached and first request doesn't contain a content-length the second request receiving data from cache contain differents headers like content-length (seems to be right) and some more headers like Age. 3) When a document is cached the first time, the debug message say that he will cache the url. I put debug in the cache_write_entity_headers and body to see if they all finish well. the debug message never display an error on that, but the next request which should be handled by cache is still handled by the reverse proxy and the cache say again he will cache the url... In conclusion, do you think all these problems could be linked ? What is amazing is i do my test on two different boxes: the mod_cache + mod_proxy is working fine on redhat 8, a document of 1200bytes is handled in one brigade the mod_cache + mod_proxy is not working properly on a redhat 7.2 and the same document as above is handled in 2 brigade... The compilations lines and the source code are EXACTLY the same. The backend server is the same too for all the test. I will try to find more details about this problems. regards, Estrade Matthieu __ Etudiant: Wanadoo t'offre le Pack eXtense Haut Débit soit 150,92 euros d'économies ! Clique ici : http://www.ifrance.com/_reloc/mail.etudiant
Re: Mod_cache and multiple brigade problem.
Estrade Matthieu wrote: Hi, I found problems in mod_cache + mod_proxy and handling multiple brigade. If someone have ideas on it... 1) When the mod_cache is trying to cache a document in multiple brigade, it store and concat each brigade in cache-saved_brigade. When the first brigade is cached, the r-headers_out are all available, but when the others brigade are going throught the mod_cache, there is no more r-headers_out. I'll take a look at this as soon as I have time (probably this Saturday). Brian
Re: Mod_cache and multiple brigade problem.
I'm looking at some odd behavior in the cache code right now related to cache expiration processing. I might get to looking at this problem before this weekend. I'll post any info I find in order to help you fix it this weekend if I don't finish it before then... Brian Pane wrote: Estrade Matthieu wrote: Hi, I found problems in mod_cache + mod_proxy and handling multiple brigade. If someone have ideas on it... 1) When the mod_cache is trying to cache a document in multiple brigade, it store and concat each brigade in cache-saved_brigade. When the first brigade is cached, the r-headers_out are all available, but when the others brigade are going throught the mod_cache, there is no more r-headers_out. I'll take a look at this as soon as I have time (probably this Saturday). Brian -- Paul J. Reder --- The strength of the Constitution lies entirely in the determination of each citizen to defend it. Only if every single citizen feels duty bound to do his share in this defense are the constitutional rights secure. -- Albert Einstein
Apache and Unix domain sockets
This might sound silly, but can one make Apache 2.0 listen to a Unix domain socket instead of a TCP socket? I looked through the code that has to do with sockets and it seemed as if that was not possible at this point. But I might have missed something... Bojan
[STATUS] (apache-1.3) Wed Oct 9 23:45:12 EDT 2002
APACHE 1.3 STATUS: -*-text-*- Last modified at [$Date: 2002/10/04 18:10:11 $] Release: 1.3.28-dev: In development 1.3.27: Tagged September 30, 2002. 1.3.26: Tagged June 18, 2002. 1.3.25: Tagged June 17, 2002. Not released. 1.3.24: Tagged Mar 21, 2002. Announced Mar 22, 2002. 1.3.23: Tagged Jan 21, 2002. 1.3.22: Tagged Oct 8, 2001. Announced Oct 12, 2001. 1.3.21: Not released. (Pulled for htdocs/manual config mismatch. t/r Oct 5, 2001) 1.3.20: Tagged and rolled May 15, 2001. Announced May 21, 2001. 1.3.19: Tagged and rolled Feb 26, 2001. Announced Mar 01, 2001. 1.3.18: Tagged and rolled Not released. (Pulled because of an incorrect unescaping fix. t/r Feb 19, 2001) 1.3.17: Tagged and rolled Jan 26, 2001. Announced Jan 29, 2001. 1.3.16: Not released. (Pulled because of vhosting bug. t/r Jan 20, 2001) 1.3.15: Not released. (Pulled due to CVS dumping core during the tagging when it reached src/os/win32/) 1.3.14: Tagged and Rolled Oct 10, 2000. Released/announced on the 13th. 1.3.13: Not released. (Pulled in the first minutes due to a Netware build bug) 1.3.12: Tagged and rolled Feb. 23, 2000. Released/announced on the 25th. 1.3.11: Tagged and rolled Jan. 19, 2000. Released/announced on the 21st. 1.3.10: Not released. (Pulled at last minute due to a build bug in the MPE port) 1.3.9: Tagged and rolled on Aug. 16. Released and announced on 19th. 1.3.8: Not released. 1.3.7: Not released. 1.3.6: Tagged and rolled on Mar. 22. Released and announced on 24th. 1.3.5: Not released. 1.3.4: Tagged and rolled on Jan. 9. Released on 11th, announced on 12th. 1.3.3: Tagged and rolled on Oct. 7. Released on 9th, announced on 10th. 1.3.2: Tagged and rolled on Sep. 21. Announced and released on 23rd. 1.3.1: Tagged and rolled on July 19. Announced and released. 1.3.0: Tagged and rolled on June 1. Announced and released on the 6th. 2.0 : Available for general use, see httpd-2.0 repository RELEASE SHOWSTOPPERS: RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: * Current vote on 2 PRs for inclusion: Bugz #9181 (Unable to set headers on non-2XX responses) +1: Martin, Jim Gnats #10246 (Add ProxyConnAllow directive) +0: Martin (or rather -.5, see dev@ Message [EMAIL PROTECTED]) * htpasswd.c and htdigest.c use tmpnam()... consider using mkstemp() when available. Message-ID: [EMAIL PROTECTED] Status: * Dean's unescaping hell (unescaping the various URI components at the right time and place, esp. unescaping the host name). Message-ID: [EMAIL PROTECTED] Status: * Martin observed a core dump because a ipaddr_chain struct contains a NULL-server pointer when being dereferenced by invoking httpd -S. Message-ID: [EMAIL PROTECTED] Status: Workaround enabled. Clean solution can come after 1.3.19 * long pathnames with many components and no AllowOverride None Workaround is to define Directory / with AllowOverride None, which is something all sites should do in any case. Status: Marc was looking at it. (Will asks 'wasn't this patched?') * Ronald Tschalär's patch to mod_proxy to allow other modules to set headers too (needed by mod_auth_digest) Message-ID: [EMAIL PROTECTED] Status: Available Patches (Most likely, will be ported to 2.0 as appropriate): * A rewrite of ap_unparse_uri_components() by Jeffrey W. Baker [EMAIL PROTECTED] to more fully close some segfault potential. Message-ID: Pine.LNX.4.21.0102102350060.6815-20@desktop Status: Jim +1 (for 1.3.19), Martin +0 * Andrew Ford's patch (1999/12/05) to add absolute times to mod_expires Message-ID: [EMAIL PROTECTED] Status: Martin +1, Jim +1, Ken +1 (on concept) * Raymond S Brand's path to mod_autoindex to fix the header/readme include processing so the envariables are correct for the included documents. (Actually, there are two variants in the patch message, for two different ways of doing it.) Message-ID: [EMAIL PROTECTED] Status: Martin +1(concept) * Jayaram's patch (10/27/99) for bugfix to mod_autoindex IndexIgnore file-extension should hide the files with this file- extension in directory listings. This was NOT happening because the total filename was being compared with the file-extension. Status: Martin +1(untested), Ken +1(untested) * Salvador Ortiz Garcia [EMAIL PROTECTED]' patch to allow DirectoryIndex to refer to URIs for non-static resources. MID: [EMAIL PROTECTED] Status: Ken +1 (on concept), Lars +1 (on concept) * Brian Havard's patch to remove dependency of
[STATUS] (httpd-2.0) Wed Oct 9 23:45:17 EDT 2002
APACHE 2.0 STATUS: -*-text-*- Last modified at [$Date: 2002/10/03 14:38:11 $] Release: 2.0.44 : in development 2.0.43 : rolled October 2, 2002 2.0.42 : released September 24, 2002 as GA. 2.0.41 : rolled September 16, 2002. not released. 2.0.40 : released August 9, 2002 as GA. 2.0.39 : released June 17, 2002 as GA. 2.0.38 : rolled June 16, 2002. not released. 2.0.37 : rolled June 11, 2002. not released. 2.0.36 : released May 6, 2002 as GA. 2.0.35 : released April 5, 2002 as GA. 2.0.34 : tagged March 26, 2002. 2.0.33 : tagged March 6, 2002. not released. 2.0.32 : released Feburary 16, 2002 as beta. 2.0.31 : rolled Feburary 1, 2002. not released. 2.0.30 : tagged January 8, 2002. not rolled. 2.0.29 : tagged November 27, 2001. not rolled. 2.0.28 : released November 13, 2001 as beta. 2.0.27 : rolled November 6, 2001 2.0.26 : tagged October 16, 2001. not rolled. 2.0.25 : rolled August 29, 2001 2.0.24 : rolled August 18, 2001 2.0.23 : rolled August 9, 2001 2.0.22 : rolled July 29, 2001 2.0.21 : rolled July 20, 2001 2.0.20 : rolled July 8, 2001 2.0.19 : rolled June 27, 2001 2.0.18 : rolled May 18, 2001 2.0.17 : rolled April 17, 2001 2.0.16 : rolled April 4, 2001 2.0.15 : rolled March 21, 2001 2.0.14 : rolled March 7, 2001 2.0a9 : released December 12, 2000 2.0a8 : released November 20, 2000 2.0a7 : released October 8, 2000 2.0a6 : released August 18, 2000 2.0a5 : released August 4, 2000 2.0a4 : released June 7, 2000 2.0a3 : released April 28, 2000 2.0a2 : released March 31, 2000 2.0a1 : released March 10, 2000 Please consult the following STATUS files for information on related projects: * srclib/apr/STATUS * srclib/apr-util/STATUS * docs/STATUS Contributors looking for a mission: * just do an egrep on TODO and see what's there CURRENT RELEASE NOTES: RELEASE SHOWSTOPPERS: CURRENT VOTES: * httpd-std.conf and friends a) httpd-std.conf should be tailored by install (from src or binbuild) even if user has existing httpd.conf +1: trawick, slive, gregames, ianh, Ken b) tailored httpd-std.conf should be copied by install to sysconfdir/examples -0: striker c) tailored httpd-std.conf should be installed to sysconfdir/examples or manualdir/exampleconf/ +1: slive, trawick, Ken d) Installing a set of default config files when upgrading a server doesn't make ANY sense at all. +1: rbb, striker ianh - medium/big sites don't use 'standard config' anyway, as it usually needs major customizations -1: Ken * If the parent process dies, should the remaining child processes gracefully self-terminate. Or maybe we should make it a runtime option, or have a concept of 2 parent processes (one being a hot spare). See: Message-ID: [EMAIL PROTECTED] Self-destruct: Ken, Martin Not self-destruct: BrianP, Ian, Cliff, BillS Make it runtime configurable: Aaron, Jim, Justin Have 2 parents: +1: Jim -1: Justin, wrowe [for 2.0] +0: Martin (while standing by, could it do something useful?) * Make the worker MPM the default MPM for threaded Unix boxes. +1: Justin, Ian, Cliff, BillS, striker +0: BrianP, Aaron (mutex contention is looking better with the latest code, let's continue tuning and testing) -0: Lars RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: * There is a bug in how we sort some hooks, at least the pre-config hook. The first time we call the hooks, they are in the correct order, but the second time, we don't sort them correctly. Currently, the modules/http/config.m4 file has been renamed to modules/http/config2.m4 to work around this problem, it should moved back when this is fixed.rbb OtherBill offers that this is a SERIOUS problem. We do not sort correctly by the ordering arguments passed to the register hook functions. This was proven when I reordered the open_logs hook to attempt to open the error logs prior to the access logs. Possibly the entire sorting code needs to be refactored. * pipes deadlock on all platforms with limited pipe buffers (e.g. both Linux and Win32, as opposed to only Win32 on 1.3). The right solution is either GStein's proposal for a CGI Brigade, or OtherBill's proposal for Poll Buckets for Polling Filter Chains. * server pushed CGI's not working. This might be an interaction with the above pipes deadlock issue. PR: 8482 Message-ID: [EMAIL PROTECTED] *
