[VOTE] Release mod_aspdotnet build 2004?

[William A. Rowe, Jr.]

Build 2004 of mod_aspdotnet is prepared (after a number of abortive
attempts due to the whole 2.0/2.2 partitioning and renaming of apache.exe,
along with switching flavors of InstallShield to a version I have installed)
and seeking voters.  The update is here;

  http://httpd.apache.org/dev/dist/mod_aspdotnet/

Please cast your +/- 1's to release mod_aspdotnet-2.x.0.2004-source.zip
(along with associated binaries ...2.0.0.2004.msi and ...2.2.0.2004.msi,
one corresponding to 2.0.44 and later, the other to 2.2.2 and later).

This is the last expected release on the Visual Studio .NET (al la 2002)
compiler toolchain; the next effort is porting it to VS 2005 (al la, the
one available in a free flavor).  Porting breaks compatibility with the
older tools, since VS 2005's C++.NET schema is miles beyond 2002.  For
example, a reference becomes a reference, not an overloaded psuedo-pointer.

Bill

Re: Authentication headers

[Ruediger Pluem]

On 07/06/2006 08:38 PM, Graham Leggett wrote:
> Andrew Stribblehill wrote:
> 
>> I run an authenticating reverse proxy for a web-app that we outsource
>> to another company. So the process goes:
>>
>> C=client; P=proxy; S=origin server
>>
>> 1 C->P: GET / (no auth)
>> 2 P->C: 401 Auth required
>> 3 C->P: GET / (gives auth)
>> 4  P->S: GET /
>> 5  S->P: stuff
>> 6 P->C: stuff
>>
>> Works very nicely (thanks!) However, as a matter of principle, we
>> don't trust S with our usernames and passwords. The problem is that
>> they get sent in the headers in stage 4 above.
>>
>> There's some comment in mod_proxy.c:764 that mentions filtering out
>> proxy authorization headers; I'm proposing to do as it suggests:
>> patch auth_basic.c and auth_digest.c to remove matching auth and
>> proxy-auth headers from the request object.
>>
>> However, I'm concerned that this approach may upset authentication
>> within subrequests; can anyone confirm or deny this?
> 
> 
> I would suggest making this a configurable option, with the default
> being the current behaviour.
> 
> This is something that could definitely use a definitive solution.

I think we already have something similar :-)

mod_headers

RequestHeader unset Authorization

should solve this in your case. It only does not provide an automation for
auth requests that come from the backend and thus should receive the 
Authorization
header.

Regards

Rüdiger

Re: Commented: (MODPYTHON-172) Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55

[Harold Ship]

Are the memory leaks with the patch still 16K per request?



> 
> And I always see some memory leaks after having installed the patch :
> 

Re: Commented: (MODPYTHON-172) Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55

[Harold Ship]

Hi Nicolas

Howcome I didn't see this post in JIRA? I added my comment there. I also didn't
get email. I just found it in Google.

Anyway, I have an application that was started over a year ago with 3.1.3. We 
switched to 3.2.8 because we had a requirement to upload files and there was a
problem that was fixed in that version.

I observed a memory leak in our application under 3.2.8, and found MODPYTHON-172
on Google. I ran the test program in my first comment on 3.2.8, then tried going
back to 3.1.3 to see if the leak was there too.

This leak seems to be in both 3.1.3 and 3.2.8.

I have added another comment regarding _apachemodule.c, which I include below.

Thanks for your help,
Harold



###  Begin Code ==
Excuse me if this is a dumb question, but I don't know anything about the
Python-C interface.

Is it possible that the code in line 319 of _apachemodule.c (from 3.2.8) is the
problem?

The code is:

if (key && val)
PyList_Append(pairs, Py_BuildValue("(O,O)", key, val));

Does the object returned by Py_BuildValue() need to be dereferenced?
Something like:

if (key && val) {
PyObject * list_elem = Py_BuildValue("(O,O)", key, val);
if (list_elem)
PyList_Append(pairs, list_elem);
Py_XDECREF(list_elem);
}

Re: Help Please

[Jeff Trawick]

On 7/4/06, Tiago Semprebom <[EMAIL PROTECTED]> wrote:

ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,"IP value:
%d",csd->connected);

Why the csd don't appear to me like a structure allow-me to access their
filds like connected, remote_addr, etc?


The structure definition is available only within the implementation
of APR; it is not available within the web server.

FWIW, the "connected" flag down in APR is not so interesting anyway.
What are you trying to debug or trace?

Re: Authentication headers

[Graham Leggett]

Andrew Stribblehill wrote:


I run an authenticating reverse proxy for a web-app that we outsource
to another company. So the process goes:

C=client; P=proxy; S=origin server

1 C->P: GET / (no auth)
2 P->C: 401 Auth required
3 C->P: GET / (gives auth)
4  P->S: GET /
5  S->P: stuff
6 P->C: stuff

Works very nicely (thanks!) However, as a matter of principle, we
don't trust S with our usernames and passwords. The problem is that
they get sent in the headers in stage 4 above.

There's some comment in mod_proxy.c:764 that mentions filtering out
proxy authorization headers; I'm proposing to do as it suggests:
patch auth_basic.c and auth_digest.c to remove matching auth and
proxy-auth headers from the request object.

However, I'm concerned that this approach may upset authentication
within subrequests; can anyone confirm or deny this?


I would suggest making this a configurable option, with the default 
being the current behaviour.


This is something that could definitely use a definitive solution.

Regards,
Graham
--


smime.p7s
Description: S/MIME Cryptographic Signature

Authentication headers

[Andrew Stribblehill]

I run an authenticating reverse proxy for a web-app that we outsource
to another company. So the process goes:

C=client; P=proxy; S=origin server

1 C->P: GET / (no auth)
2 P->C: 401 Auth required
3 C->P: GET / (gives auth)
4  P->S: GET /
5  S->P: stuff
6 P->C: stuff

Works very nicely (thanks!) However, as a matter of principle, we
don't trust S with our usernames and passwords. The problem is that
they get sent in the headers in stage 4 above.

There's some comment in mod_proxy.c:764 that mentions filtering out
proxy authorization headers; I'm proposing to do as it suggests:
patch auth_basic.c and auth_digest.c to remove matching auth and
proxy-auth headers from the request object.

However, I'm concerned that this approach may upset authentication
within subrequests; can anyone confirm or deny this?

Before I dive in and code this, are there any other possible problems
or better approaches?

Thanks.

-- 
BISCAY
NORTHWEST 4 OR 5, OCCASIONALLY 6 AT FIRST, BACKING WEST 3 OR 4.
THUNDERY SHOWERS THEN RAIN. MODERATE OR GOOD

[jira] Commented: (MODPYTHON-172) Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55

[Harold Ship (JIRA)]

[ 
http://issues.apache.org/jira/browse/MODPYTHON-172?page=comments#action_12419534
 ] 

Harold Ship commented on MODPYTHON-172:
---

Excuse me if this is a dumb question, but I don't know anything about the 
Python-C interface.

Is it possible that the code in line 319 of _apachemodule.c (from 3.2.8) is the 
problem?

The code is:

if (key && val)
PyList_Append(pairs, Py_BuildValue("(O,O)", key, val));

Does the object returned by Py_BuildValue() need to be dereferenced? Something 
like:

if (key && val) {
PyObject * list_elem = Py_BuildValue("(O,O)", key, val);
if (list_elem)
PyList_Append(pairs, list_elem);
Py_XDECREF(list_elem);
}



> Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55
> --
>
>  Key: MODPYTHON-172
>  URL: http://issues.apache.org/jira/browse/MODPYTHON-172
>  Project: mod_python
> Type: Bug

>   Components: core
> Versions: 3.2.8
>  Environment: Win32 XP  SP1 / SP2
> Apache 2.0.55  installed from binary (.MSI)
> Python 2.4.2  or  2.4.3installed from binary from www.python.org
> Reporter: Laurent Blanquet

>
> I encounter memory leaks [~ 16 K per request) using the configuration 
> described below.
> =
> Python configuration from Httpd.conf:
> =
> Alias /python/ "d:/python24/B2B/"  
> 
> AddHandler mod_python .py  
> PythonHandler pyHandlerHTTP  
> PythonDebug On 
>
> =
> Test handler -  pyHandlerHTTP.py :
> =
> import mod_python
> from mod_python import util
> def handler(req):
>   #Removing this line solves the problem.
>   F=util.FieldStorage( req )   
>   return mod_python.apache.OK
> =
> HTTP Request (dump using TCPWATCH):
> =
> POST http://localhost:80/python/Alertes.py HTTP/1.0
> Content-Type: multipart/form-data; boundary=061006144341906
> Content-Length: 209
> Proxy-Connection: keep-alive
> Host: www.tx2-localhost
> Accept: text/html, */*
> User-Agent: Mozilla/3.0 (compatible; Indy Library)
> Proxy-Authorization: Basic Og==
>  
> --061006144341906
> Content-Disposition: form-data; name="TYPE"
>  
> LAST_ALERTS
> --061006144341906
> Content-Disposition: form-data; name="FILEAGE"
>  
> 180
>  
> --061006144341906

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

Trunk funky on win32, looking for thoughts.

[William A. Rowe, Jr.]

As part of the 'big picture' to simplify things alot on win32, I'd done away
with individual .rc resource files to provide versioning/descriptive blocks
for our loadable libraries (modules etc.)  All modules compile the file

  http://svn.apache.org/repos/asf/httpd/httpd/trunk/build/win32/httpd.rc

which originally used the magic compile-time command line flags

  /d ICON_FILE=[../...]build/win32/apache.ico  (if this file wants an icon)
  /d BIN_NAME=mod_something.so
  /d LONG_NAME="The Apache HTTP Server something module"
  /d "APP_FILE"  (only for .exe directly-executable stuff)

Now, only a few syntaxes are valid (command line, all of these versions)

  /d "SOME_SYMBOL"
  /d "SOME_SYMBOL=Some String"
  /d SOME_SYMBOL="Some String"

The first form is most common, it's what every version of studio likes to do
with single word def/undef symbols.  No matter which form, I can't find any way
for many Visual Studios to handle either of the last forms.

/d "SOME_SYMBOL=Some String" - load this into VS 98 (6) or earlier, you end
up with /d SOME_SYMBOL=Some String (with the ' String' it's own arg).  This is
definitely broken behavior, but not as broken as...

/d SOME_SYMBOL="Some String" - load this into VS IDE of .NET (2002) and later,
you end up with /d "SOME_SYMBOL="Some String"" -- an entirely bogus construct
that won't compile.

These issues only apply ot the ide, if we use the last form, and compile using
the export .mak files form VS 6, everything's fine on any version of VS.

But, we have alot of IDE users.

I won't revert to using 75 odd .rc files, going back to requiring each and
every component runs an awk script.  That leaves us with a few quick and
dirty options;

  * don't use VC's .rc target, use a custom compile command for the .rc.
  * use 'special' spaces (e.g. 0xA0) (not really language portable)
  * use underbar characters in place of spaces?  (language portable)

Thoughts from my fellow windows hackers?

Re: gcc and httpd

[Philip M. Gollucci]

Never mind, I feel dumb, these versions are already released and we can't 
change it.
Bedtime


Philip M. Gollucci wrote:
> Hi,
> 
> versions of httpd prior to 2.0.49 compile successfully with gcc 3.0+, but 
> upon run, they give a Bus Error (seg fault)
> However, gcc 2.95.3 works fine.  I've heard Geoffery Young seen similiar on 
> some form of linux, and I'm on FreeBSD.
> 
> This should be a ./configure error/check.
> 
> If this is a good idea, I'll craft a patch for this.
> 


-- 

Philip M. Gollucci ([EMAIL PROTECTED]) 323.219.4708
Consultant / http://p6m7g8.net/Resume/resume.shtml
Senior Software Engineer - TicketMaster - http://ticketmaster.com
1024D/A79997FA F357 0FDD 2301 6296 690F  6A47 D55A 7172 A799 97F

"In all that I've done wrong I know I must have done something right to
deserve a hug every morning and butterfly kisses at night."

gcc and httpd

[Philip M. Gollucci]

Hi,

versions of httpd prior to 2.0.49 compile successfully with gcc 3.0+, but upon 
run, they give a Bus Error (seg fault)
However, gcc 2.95.3 works fine.  I've heard Geoffery Young seen similiar on 
some form of linux, and I'm on FreeBSD.

This should be a ./configure error/check.

If this is a good idea, I'll craft a patch for this.

-- 

Philip M. Gollucci ([EMAIL PROTECTED]) 323.219.4708
Consultant / http://p6m7g8.net/Resume/resume.shtml
Senior Software Engineer - TicketMaster - http://ticketmaster.com
1024D/A79997FA F357 0FDD 2301 6296 690F  6A47 D55A 7172 A799 97F

"In all that I've done wrong I know I must have done something right to
deserve a hug every morning and butterfly kisses at night."