RE: Structure Array within a Structure...
Where is the URL for the API's on Apache2. I can't seem to find a full explanations for the Apache2 API. I got this link but it is all for Apache1.X http://www.kuzbass.ru/docs/apache_c_mod_perl/1.htm The API reference there is what I like to work with... -Original Message- From: Tikka, Sami [mailto:[EMAIL PROTECTED] Sent: Friday, June 27, 2003 8:45 AM To: [EMAIL PROTECTED] Subject: RE: Structure Array within a Structure... Those functions have been moved to the APR library for Apache 2.0. Try apr_pstrdup. >-Original Message- >From: kibble [mailto:[EMAIL PROTECTED] >Sent: Thursday, June 26, 2003 8:24 PM >To: [EMAIL PROTECTED] >Subject: Structure Array within a Structure... > > >I've got this source code which I'm coiding up to be a module >with some form of caching. > >I've made a structure which has an array which stores all the >recently looked up hosts. [kzvhd_cached] Now I need to beable >to add and update, perhaps even remove records from this >module. I can't seem to access or create room in the array to >add my record and be able to call it back at a later stage to >read from or up date. I've attached the source code and a link >to it... Aany pointers, links url, or even a fix for it would >be great !! :) Thanks in advance... > >The problem during compiling is on line 232: >Making all in mod_kzvhd >make[2]: Entering directory >`/home/kibble/source/compiled/httpd-2.0.46/modules/mod_kzvhd' >make[3]: Entering directory >`/home/kibble/source/compiled/httpd-2.0.46/modules/mod_kzvhd' >/bin/bash /home/kibble/source/compiled/httpd-2.0.46/srclib/apr/libtool >--silent --mode=compile gcc -g -O2 -pthreads-DSOLARIS2=9 >-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT >-DAP_HAVE_DESIGNATED_INITIALIZER >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr/include >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr-util/include >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr-util/xml >/expat/li >b -I. -I/home/kibble/source/compiled/httpd-2.0.46/os/unix >-I/home/kibble/source/compiled/httpd-2.0.46/server/mpm/prefork >-I/home/kibble/source/compiled/httpd-2.0.46/modules/http >-I/home/kibble/source/compiled/httpd-2.0.46/modules/filters >-I/home/kibble/source/compiled/httpd-2.0.46/modules/proxy >-I/home/kibble/source/compiled/httpd-2.0.46/include >-I/usr/local/include/mysql -I/usr/local/ssl/include/openssl >-I/usr/local/ssl/include >-I/home/kibble/source/compiled/httpd-2.0.46/modules/dav/main >-prefer-non-pic -static -c mod_kzvhd.c && touch mod_kzvhd.lo >mod_kzvhd.c: In function `kzvhd_translate_name': >mod_kzvhd.c:323: warning: assignment makes pointer from >integer without a cast /bin/bash >/home/kibble/source/compiled/httpd-2.0.46/srclib/apr/libtool >--silent --mode=link gcc -g -O2 -pthreads-DSOLARIS2=9 >-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT >-DAP_HAVE_DESIGNATED_INITIALIZER >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr/include >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr-util/include >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr-util/xml >/expat/li >b -I. -I/home/kibble/source/compiled/httpd-2.0.46/os/unix >-I/home/kibble/source/compiled/httpd-2.0.46/server/mpm/prefork >-I/home/kibble/source/compiled/httpd-2.0.46/modules/http >-I/home/kibble/source/compiled/httpd-2.0.46/modules/filters >-I/home/kibble/source/compiled/httpd-2.0.46/modules/proxy >-I/home/kibble/source/compiled/httpd-2.0.46/include >-I/usr/local/include/mysql -I/usr/local/ssl/include/openssl >-I/usr/local/ssl/include >-I/home/kibble/source/compiled/httpd-2.0.46/modules/dav/main >-module -export-dynamic >-L/home/kibble/source/compiled/httpd-2.0.46/srclib/apr-util/xml >/expat/li >b -L/usr/local/lib/mysql -R/usr/local/lib/mysql -L/usr/local/ssl/lib >-R/usr/local/ssl/lib -o mod_kzvhd.la mod_kzvhd.lo >make[3]: Leaving directory >`/home/kibble/source/compiled/httpd-2.0.46/modules/mod_kzvhd' >make[2]: Leaving directory >`/home/kibble/source/compiled/httpd-2.0.46/modules/mod_kzvhd' > ># and later # > >make[1]: Entering directory `/home/kibble/source/compiled/httpd-2.0.46' >/bin/bash /home/kibble/source/compiled/httpd-2.0.46/srclib/apr/libtool >--silent --mode=link gcc -g -O2 -pthreads-DSOLARIS2=9 >-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT >-DAP_HAVE_DESIGNATED_INITIALIZER >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr/include >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr-util/include >-I/home/kibble/source/compiled/httpd-2.0.46/srclib/apr-util/xml >/expat/li >b -I. -I/home/kibble/source/compiled/httpd-2.0.46/os/unix >-I/home/kibble/source/compiled/httpd-2.0.46/server/mpm/prefork >-I/home/kibble/source/compiled/httpd-2.0.46/modules/http >-I/home/kibble/source/compiled/httpd-2.0.46/modules/filters >-I/home/kibble/source/compiled/httpd-2.0.46/modules/proxy >-I/home/kibble/source/compiled/httpd-2.0.46/include >-I/usr/local/include/mysql -I/usr/local/ssl/include/openssl >-I/usr/local/ssl/include >-I/home/kibble/source/compiled/httpd-2.0.46/modul
RE: Structure Array within a Structure...
On Fri, 27 Jun 2003, kibble wrote: > Where is the URL for the API's on Apache2. I can't seem to find a full > explanations for the Apache2 API. I got this link but it is all for > Apache1.X http://www.kuzbass.ru/docs/apache_c_mod_perl/1.htm > > The API reference there is what I like to work with... http://httpd.apache.org/docs-2.0/developer/ http://apr.apache.org/docs/ --Cliff
Re: Why Redhat 8.0 / 9.0 still use 2.0.40 (+ security fixes)
Mark J Cox wrote: For those who wonder why Redhat didn't update Apache 2.0 in distro 8.0 and 9.0, just read : http://www.redhat.com/advice/speaks_backport.html Apache httpd was an example that I happened to remember when writing that explanation - Apache is far from the worst offender to mix security updates with other changes in a new release ;) Hi Mark, I understand your concern, and also the quantity of works to release all the related modules (php, mod_perl...), but there is many users who need latest Apache 2.0 since they have to use extended functionnalities (ie mod_deflate logs) or because some modules need them. The problem we encountered in mod_jk was that in 2.0.40 there is no support for apxs -q LIBTOOL and so users couldn't built mod_jk 1.2.4 under Redhat 8.0 or 9.0 (I sent a TRICK to tomcat-dev and tomcat-user lists to overcome this limitation). I get a least one mail by day from happy users for my 'alternate apache rpm' provided at falsehope.com (apache 2.0.46 with mpm). http://rpmfind.net//linux/RPM/falsehope/home/gomez/apache2/apache2-2.0.46-1.7.2.i386.html Regards
Re: [PATCH] modify httpd.conf-dist defaults
On Wed, 25 Jun 2003, Glenn wrote: > Ok. I can accept that, even though we're talking the default config > for new installations. Security is my top priority and the Apache > configuration is _very_ flexible and likewise _very_ complex. Until > I slowly learned the Apache directives one by one and had lots of > experience with different configurations, I took the examples in the > default httpd.conf as gospel, which was a mistake since my priorities > are different than the ones you listed above. For newbies, and even > experienced admins, it would be nice if there were some examples of > secure usage of groups of configuration directives, and why. I'd be > more than happy to contribute to such a document if it existed. There is a security tips doc in the manual. But writing that type of doc is VERY difficult, because it touches on so many different areas, and security means different things to different people. Many of the comments that you included in you message are good. I think they are too much for the config file, but I will try to find a way to work them in elsewhere in the docs. If you want to help out more, you are welcome at the docs project: [EMAIL PROTECTED] Joshua.
Re: [PATCH] ErrorLogsWithVhost for Apache 1.3.28
Hello, Just to add to this discussion-- It would be great to have a configuration directive to separate out stderr messages from messages generated by Apache modules. It's often desirable to parse error logs to generate statistics on 404s, etc. and stderr output makes this more difficult. This would also help the case where you have 100 VirtualHosts, and you want to use something like ErrorLogsWithVhost to use a single error_log. You'd want to redirect stderr to a different place for each VirtualHost (or else you couldn't see which VirtualHost stderr output came from). Humbly, Andrew -- Andrew Ho http://www.tellme.com/ [EMAIL PROTECTED] Engineer1-800-555-TELL Voice 650-930-9062 Tellme Networks, Inc. Fax 650-930-9101 --
Re: [PATCH] ErrorLogsWithVhost for Apache 1.3.28
On Fri, 27 Jun 2003, Andrew Ho wrote: > It would be great to have a configuration directive to separate out stderr > messages from messages generated by Apache modules. It's often desirable > to parse error logs to generate statistics on 404s, etc. and stderr output > makes this more difficult. I don't see a very good justification for this. This type of request-correlated information can just as easily be obtained from examining status codes in the access log. Joshua.
Re: [PATCH] ErrorLogsWithVhost for Apache 1.3.28
On Fri, Jun 27, 2003 at 07:21:09PM -0700, Andrew Ho wrote: > It would be great to have a configuration directive to separate out stderr > messages from messages generated by Apache modules. It's often desirable > to parse error logs to generate statistics on 404s, etc. and stderr output > makes this more difficult. I agree with Joshua that the access log is a much better place from which to generate statistics. > This would also help the case where you have 100 VirtualHosts, and you > want to use something like ErrorLogsWithVhost to use a single error_log. > You'd want to redirect stderr to a different place for each VirtualHost > (or else you couldn't see which VirtualHost stderr output came from). I'm guessing that you are referring to stderr from CGI scripts, which can be voluminous. I believe that Apache 2.x reads in CGI stderr and formats it consistently into the ErrorLog, so if ErrorLogsWithVhost or some facimile thereof eventually makes it into Apache 2.x, then you'll be able to robustly split out a single error log, including CGI stderr output. This is not the case in Apache 1.3 where CGI stderr goes directly to the error log (on unix-like systems because of file descriptor inheritance). Thinking aloud, it might be an interesting project (wish I had time) to create a directive along the lines of ScriptLog that would work with mod_cgi. After mod_cgi fork'ed, the child could open a vhost-specific CGI stderr log and then could dup it to stderr before exec'ing the CGI. This might even work well for mass vhosting. Cheers, Glenn
Finding race conditions and deadlock using Stanford Checker
I'm a member of the metacompilation research group at Stanford (http://www.stanford.edu/~engler). We have a suite of checkers that find bugs at compile time, and we've had quite a bit of success checking the Linux kernel code for errors. Since our checkers can emit false alarms, we filter the reports before we give them to the kernel developers. While some false alarms slip past us to the developers, our limited knowledge of the kernel allows us to recognize most of them. We're currently trying to find race conditions and deadlock (here's an example report to the kernel mailing list: http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/1733.html), but these reports seem to require an intimate knowledge of the code to verify-- knowledge that we don't have. Since the kernel is so large, it is difficult to find the various developers who know the code involving the reports. As a result, many of these bug reports go unconfirmed even though we think they are valid bugs. I'm hoping to find another project to supplement our race condition and deadlock work on the Linux kernel, and I think that Apache might be such a project. So I have some questions for you all to determine if this is a worthwhile venture: Have race conditions and deadlock been a problem in the past? How likely is it that there are race condition and deadlock bugs hiding in the current source? Who are the developers who could answer my "is this a race condition" questions? Is there any documentation about locks in the server? Where they are used? How they are used? What do they protect? What files should I be looking at? Which use locks? Which contain the locking functions? Are there any absolute rules about locks (i.e. all global variables must be protected by locks, orderings of lock acquisition)? Thanks for your time, Ken Ashcraft [EMAIL PROTECTED]
Finding race conditions/deadlock using Stanford Checker
I'm a member of the metacompilation research group at Stanford (http://www.stanford.edu/~engler). We have a suite of checkers that find bugs at compile time, and we've had quite a bit of success checking the Linux kernel code for errors. Since our checkers can emit false alarms, we filter the reports before we give them to the kernel developers. While some false alarms slip past us to the developers, our limited knowledge of the kernel allows us to recognize most of them. We're currently trying to find race conditions and deadlock (here's an example report to the kernel mailing list: http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/1733.html), but these reports seem to require an intimate knowledge of the code to verify-- knowledge that we don't have. Since the kernel is so large, it is difficult to find the various developers who know the code involving the reports. As a result, many of these bug reports go unconfirmed even though we think they are valid bugs. I'm hoping to find another project to supplement our race condition and deadlock work on the Linux kernel, and I think that Apache might be such a project. So I have some questions for you all to determine if this is a worthwhile venture: Have race conditions and deadlock been a problem in the past? How likely is it that there are race condition and deadlock bugs hiding in the current source? Who are the developers who could answer my "is this a race condition" questions? Is there any documentation about locks in the server? Where they are used? How they are used? What do they protect? What files should I be looking at? Which use locks? Which contain the locking functions? Are there any absolute rules about locks (i.e. all global variables must be protected by locks, orderings of lock acquisition)? Thanks for your time, Ken Ashcraft [EMAIL PROTECTED]
Re: Why Redhat 8.0 / 9.0 still use 2.0.40 (+ security fixes)
At 06:47 AM 6/27/2003, Mark J Cox wrote: >> For those who wonder why Redhat didn't update Apache 2.0 in distro >> 8.0 and 9.0, just read : >> >> http://www.redhat.com/advice/speaks_backport.html > >Apache httpd was an example that I happened to remember when writing that >explanation - Apache is far from the worst offender to mix security >updates with other changes in a new release ;) This is a good example of why Jeff Trawick and I spent many posts arguing the benefits of maintaining binary compatibility from update to update within the remaining releases of Apache 2.0 :-) Unfortunately, that doesn't help 2.0.40 deployments or earlier. Bill
Why Redhat 8.0 / 9.0 still use 2.0.40 (+ security fixes)
For those who wonder why Redhat didn't update Apache 2.0 in distro 8.0 and 9.0, just read : http://www.redhat.com/advice/speaks_backport.html
Re: Why Redhat 8.0 / 9.0 still use 2.0.40 (+ security fixes)
> For those who wonder why Redhat didn't update Apache 2.0 in distro > 8.0 and 9.0, just read : > > http://www.redhat.com/advice/speaks_backport.html Apache httpd was an example that I happened to remember when writing that explanation - Apache is far from the worst offender to mix security updates with other changes in a new release ;) Mark -- Mark J Cox ... www.awe.com/mark Apache Software Foundation . OpenSSL Group . Apache Week editor
