[VOTE] Release mod_aspdotnet build 2004?
Build 2004 of mod_aspdotnet is prepared (after a number of abortive attempts due to the whole 2.0/2.2 partitioning and renaming of apache.exe, along with switching flavors of InstallShield to a version I have installed) and seeking voters. The update is here; http://httpd.apache.org/dev/dist/mod_aspdotnet/ Please cast your +/- 1's to release mod_aspdotnet-2.x.0.2004-source.zip (along with associated binaries ...2.0.0.2004.msi and ...2.2.0.2004.msi, one corresponding to 2.0.44 and later, the other to 2.2.2 and later). This is the last expected release on the Visual Studio .NET (al la 2002) compiler toolchain; the next effort is porting it to VS 2005 (al la, the one available in a free flavor). Porting breaks compatibility with the older tools, since VS 2005's C++.NET schema is miles beyond 2002. For example, a reference becomes a reference, not an overloaded psuedo-pointer. Bill
Re: Authentication headers
On 07/06/2006 08:38 PM, Graham Leggett wrote: > Andrew Stribblehill wrote: > >> I run an authenticating reverse proxy for a web-app that we outsource >> to another company. So the process goes: >> >> C=client; P=proxy; S=origin server >> >> 1 C->P: GET / (no auth) >> 2 P->C: 401 Auth required >> 3 C->P: GET / (gives auth) >> 4 P->S: GET / >> 5 S->P: stuff >> 6 P->C: stuff >> >> Works very nicely (thanks!) However, as a matter of principle, we >> don't trust S with our usernames and passwords. The problem is that >> they get sent in the headers in stage 4 above. >> >> There's some comment in mod_proxy.c:764 that mentions filtering out >> proxy authorization headers; I'm proposing to do as it suggests: >> patch auth_basic.c and auth_digest.c to remove matching auth and >> proxy-auth headers from the request object. >> >> However, I'm concerned that this approach may upset authentication >> within subrequests; can anyone confirm or deny this? > > > I would suggest making this a configurable option, with the default > being the current behaviour. > > This is something that could definitely use a definitive solution. I think we already have something similar :-) mod_headers RequestHeader unset Authorization should solve this in your case. It only does not provide an automation for auth requests that come from the backend and thus should receive the Authorization header. Regards RĂ¼diger
Re: Commented: (MODPYTHON-172) Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55
Are the memory leaks with the patch still 16K per request? > > And I always see some memory leaks after having installed the patch : >
Re: Commented: (MODPYTHON-172) Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55
Hi Nicolas Howcome I didn't see this post in JIRA? I added my comment there. I also didn't get email. I just found it in Google. Anyway, I have an application that was started over a year ago with 3.1.3. We switched to 3.2.8 because we had a requirement to upload files and there was a problem that was fixed in that version. I observed a memory leak in our application under 3.2.8, and found MODPYTHON-172 on Google. I ran the test program in my first comment on 3.2.8, then tried going back to 3.1.3 to see if the leak was there too. This leak seems to be in both 3.1.3 and 3.2.8. I have added another comment regarding _apachemodule.c, which I include below. Thanks for your help, Harold ### Begin Code == Excuse me if this is a dumb question, but I don't know anything about the Python-C interface. Is it possible that the code in line 319 of _apachemodule.c (from 3.2.8) is the problem? The code is: if (key && val) PyList_Append(pairs, Py_BuildValue("(O,O)", key, val)); Does the object returned by Py_BuildValue() need to be dereferenced? Something like: if (key && val) { PyObject * list_elem = Py_BuildValue("(O,O)", key, val); if (list_elem) PyList_Append(pairs, list_elem); Py_XDECREF(list_elem); }
Re: Help Please
On 7/4/06, Tiago Semprebom <[EMAIL PROTECTED]> wrote: ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,"IP value: %d",csd->connected); Why the csd don't appear to me like a structure allow-me to access their filds like connected, remote_addr, etc? The structure definition is available only within the implementation of APR; it is not available within the web server. FWIW, the "connected" flag down in APR is not so interesting anyway. What are you trying to debug or trace?
Re: Authentication headers
Andrew Stribblehill wrote: I run an authenticating reverse proxy for a web-app that we outsource to another company. So the process goes: C=client; P=proxy; S=origin server 1 C->P: GET / (no auth) 2 P->C: 401 Auth required 3 C->P: GET / (gives auth) 4 P->S: GET / 5 S->P: stuff 6 P->C: stuff Works very nicely (thanks!) However, as a matter of principle, we don't trust S with our usernames and passwords. The problem is that they get sent in the headers in stage 4 above. There's some comment in mod_proxy.c:764 that mentions filtering out proxy authorization headers; I'm proposing to do as it suggests: patch auth_basic.c and auth_digest.c to remove matching auth and proxy-auth headers from the request object. However, I'm concerned that this approach may upset authentication within subrequests; can anyone confirm or deny this? I would suggest making this a configurable option, with the default being the current behaviour. This is something that could definitely use a definitive solution. Regards, Graham -- smime.p7s Description: S/MIME Cryptographic Signature
Authentication headers
I run an authenticating reverse proxy for a web-app that we outsource to another company. So the process goes: C=client; P=proxy; S=origin server 1 C->P: GET / (no auth) 2 P->C: 401 Auth required 3 C->P: GET / (gives auth) 4 P->S: GET / 5 S->P: stuff 6 P->C: stuff Works very nicely (thanks!) However, as a matter of principle, we don't trust S with our usernames and passwords. The problem is that they get sent in the headers in stage 4 above. There's some comment in mod_proxy.c:764 that mentions filtering out proxy authorization headers; I'm proposing to do as it suggests: patch auth_basic.c and auth_digest.c to remove matching auth and proxy-auth headers from the request object. However, I'm concerned that this approach may upset authentication within subrequests; can anyone confirm or deny this? Before I dive in and code this, are there any other possible problems or better approaches? Thanks. -- BISCAY NORTHWEST 4 OR 5, OCCASIONALLY 6 AT FIRST, BACKING WEST 3 OR 4. THUNDERY SHOWERS THEN RAIN. MODERATE OR GOOD
[jira] Commented: (MODPYTHON-172) Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55
[ http://issues.apache.org/jira/browse/MODPYTHON-172?page=comments#action_12419534 ] Harold Ship commented on MODPYTHON-172: --- Excuse me if this is a dumb question, but I don't know anything about the Python-C interface. Is it possible that the code in line 319 of _apachemodule.c (from 3.2.8) is the problem? The code is: if (key && val) PyList_Append(pairs, Py_BuildValue("(O,O)", key, val)); Does the object returned by Py_BuildValue() need to be dereferenced? Something like: if (key && val) { PyObject * list_elem = Py_BuildValue("(O,O)", key, val); if (list_elem) PyList_Append(pairs, list_elem); Py_XDECREF(list_elem); } > Memory leak with util.fieldstorage using mod_python 3.2.8 on apache 2.0.55 > -- > > Key: MODPYTHON-172 > URL: http://issues.apache.org/jira/browse/MODPYTHON-172 > Project: mod_python > Type: Bug > Components: core > Versions: 3.2.8 > Environment: Win32 XP SP1 / SP2 > Apache 2.0.55 installed from binary (.MSI) > Python 2.4.2 or 2.4.3installed from binary from www.python.org > Reporter: Laurent Blanquet > > I encounter memory leaks [~ 16 K per request) using the configuration > described below. > = > Python configuration from Httpd.conf: > = > Alias /python/ "d:/python24/B2B/" > > AddHandler mod_python .py > PythonHandler pyHandlerHTTP > PythonDebug On > > = > Test handler - pyHandlerHTTP.py : > = > import mod_python > from mod_python import util > def handler(req): > #Removing this line solves the problem. > F=util.FieldStorage( req ) > return mod_python.apache.OK > = > HTTP Request (dump using TCPWATCH): > = > POST http://localhost:80/python/Alertes.py HTTP/1.0 > Content-Type: multipart/form-data; boundary=061006144341906 > Content-Length: 209 > Proxy-Connection: keep-alive > Host: www.tx2-localhost > Accept: text/html, */* > User-Agent: Mozilla/3.0 (compatible; Indy Library) > Proxy-Authorization: Basic Og== > > --061006144341906 > Content-Disposition: form-data; name="TYPE" > > LAST_ALERTS > --061006144341906 > Content-Disposition: form-data; name="FILEAGE" > > 180 > > --061006144341906 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
Trunk funky on win32, looking for thoughts.
As part of the 'big picture' to simplify things alot on win32, I'd done away with individual .rc resource files to provide versioning/descriptive blocks for our loadable libraries (modules etc.) All modules compile the file http://svn.apache.org/repos/asf/httpd/httpd/trunk/build/win32/httpd.rc which originally used the magic compile-time command line flags /d ICON_FILE=[../...]build/win32/apache.ico (if this file wants an icon) /d BIN_NAME=mod_something.so /d LONG_NAME="The Apache HTTP Server something module" /d "APP_FILE" (only for .exe directly-executable stuff) Now, only a few syntaxes are valid (command line, all of these versions) /d "SOME_SYMBOL" /d "SOME_SYMBOL=Some String" /d SOME_SYMBOL="Some String" The first form is most common, it's what every version of studio likes to do with single word def/undef symbols. No matter which form, I can't find any way for many Visual Studios to handle either of the last forms. /d "SOME_SYMBOL=Some String" - load this into VS 98 (6) or earlier, you end up with /d SOME_SYMBOL=Some String (with the ' String' it's own arg). This is definitely broken behavior, but not as broken as... /d SOME_SYMBOL="Some String" - load this into VS IDE of .NET (2002) and later, you end up with /d "SOME_SYMBOL="Some String"" -- an entirely bogus construct that won't compile. These issues only apply ot the ide, if we use the last form, and compile using the export .mak files form VS 6, everything's fine on any version of VS. But, we have alot of IDE users. I won't revert to using 75 odd .rc files, going back to requiring each and every component runs an awk script. That leaves us with a few quick and dirty options; * don't use VC's .rc target, use a custom compile command for the .rc. * use 'special' spaces (e.g. 0xA0) (not really language portable) * use underbar characters in place of spaces? (language portable) Thoughts from my fellow windows hackers?
Re: gcc and httpd
Never mind, I feel dumb, these versions are already released and we can't change it. Bedtime Philip M. Gollucci wrote: > Hi, > > versions of httpd prior to 2.0.49 compile successfully with gcc 3.0+, but > upon run, they give a Bus Error (seg fault) > However, gcc 2.95.3 works fine. I've heard Geoffery Young seen similiar on > some form of linux, and I'm on FreeBSD. > > This should be a ./configure error/check. > > If this is a good idea, I'll craft a patch for this. > -- Philip M. Gollucci ([EMAIL PROTECTED]) 323.219.4708 Consultant / http://p6m7g8.net/Resume/resume.shtml Senior Software Engineer - TicketMaster - http://ticketmaster.com 1024D/A79997FA F357 0FDD 2301 6296 690F 6A47 D55A 7172 A799 97F "In all that I've done wrong I know I must have done something right to deserve a hug every morning and butterfly kisses at night."
gcc and httpd
Hi, versions of httpd prior to 2.0.49 compile successfully with gcc 3.0+, but upon run, they give a Bus Error (seg fault) However, gcc 2.95.3 works fine. I've heard Geoffery Young seen similiar on some form of linux, and I'm on FreeBSD. This should be a ./configure error/check. If this is a good idea, I'll craft a patch for this. -- Philip M. Gollucci ([EMAIL PROTECTED]) 323.219.4708 Consultant / http://p6m7g8.net/Resume/resume.shtml Senior Software Engineer - TicketMaster - http://ticketmaster.com 1024D/A79997FA F357 0FDD 2301 6296 690F 6A47 D55A 7172 A799 97F "In all that I've done wrong I know I must have done something right to deserve a hug every morning and butterfly kisses at night."