Re: hung apache during shutdown
Darryl L. Miles wrote: The hung apache runtime always occur after the leader apache process has been given its signal to terminate. So talking in terms of what web pages it serves makes no sense, since it has already shutdown all further webpage processing. The fatal bug is that the apache leader process does not terminate in good time and remains running. I believe it also hang onto the bound listerning tcp sockets as well, obvious a kill -9 gets rid of it. Some OSes have good tools for process inspection (or: for some OSes I know them): Linux: gstack Solaris: pstack, gcore Most OSes: gdb Regards, Rainer
AW: svn commit: r559837 - /httpd/httpd/trunk/modules/filters/mod_filter.c
-Ursprüngliche Nachricht- Von: Nick Kew Gesendet: Donnerstag, 26. Juli 2007 23:20 An: dev@httpd.apache.org Betreff: Re: svn commit: r559837 - /httpd/httpd/trunk/modules/filters/mod_filter.c Agreed. I'm happy with the changes you imply in this and your other post. On the other hand, removing the check might risk segfaulting in some future update - perhaps something that gets configuration per-request from a database and a rewritemap. I've recently had a similar issue with another module, which started life using match rules defined in httpd.conf, then grew to derive them from rewritemap+dbm. Worked fine until it constructed a match-rule from a corrupted database entry. Ok, so it is a better safe then sorry approach. I am fine with this. I just wanted to clarify if I missed something obvious at the current state that makes these checks necessary :-). So I think it is good to have the checks, but as the conditions should not become true (provider-match.string should not be NULL in these cases) I think it would be good to emit additionally an error message in these cases, as something seems to be rotten then. So the only point that remains is checking for match.regex in front of the regular expression for the sake of clarity. Regards Rüdiger
PATCH: build failure from ./Makefile due to no ability to add CFLAGS to buildmark compile
zOS needs to compile with extra CFLAGS in order to link correctly. After revisions 153273/153266 to ./Makefile.in there is no ability to add any flags as buildmark.c is made without them directly using compile, i.e: PROGRAM_PRELINK = $(COMPILE) $(top_srcdir)/server/buildmark.c This patch will allow any system that needs extra flags on compile to work, while not affecting gcc compiles. Tested on several flavors of linux, aix, zOS svn diff Makefile.in http://makefile.in/ Index: Makefile.in http://makefile.in/ === --- Makefile.in http://makefile.in/ (revision 494665) +++ Makefile.in http://makefile.in/ (working copy) @@ -4,8 +4,8 @@ PROGRAM_NAME = $(progname) PROGRAM_SOURCES = modules.c -PROGRAM_LDADD= buildmark.o $(HTTPD_LDFLAGS) $(PROGRAM_DEPENDENCIES) $(EXTRA_LIBS) $(AP_LIBS) $(LIBS) -PROGRAM_PRELINK = $(COMPILE) -c $(top_srcdir)/server/buildmark .c +PROGRAM_LDADD= buildmark.lo $(HTTPD_LDFLAGS) $(PROGRAM_DEPENDENCIES) $(EXTRA_LIBS) $(AP_LIBS) $(LIBS) +PROGRAM_PRELINK = $(LIBTOOL) --mode=compile $(COMPILE) -c $(top_srcdir)/server/buildmark.c PROGRAM_DEPENDENCIES = \ server/libmain.la \ $(BUILTIN_LIBS) \
mod_disk_cache jumbopatch - 20070727 revision
I have uploaded the version of our mod_disk_cache jumbopatch that we've been using on ftp.acc.umu.se for some time now to http://issues.apache.org/bugzilla/show_bug.cgi?id=39380 for those who wants a one-patch solution to using our modifications. Cutpaste from the bugzilla attachment comment: httpd 2.2.4 - mod_disk_cache jumbo patch - lfs/diskformat/read-while-caching etc. A snapshot from 20070727 of our mod_disk_cache jumbo patch and some assorted additional patches that's needed for stability. We've been running this for a couple of months on ftp.acc.umu.se, they have survived Debian/Ubuntu/Mozilla releases gracefully. This version plays well with other entities using/updating the cache. We are using a open()-wrapper in combination with rsync which lets rsync utilise the cached bodies, and also cache files. This patch is provided mostly as a one-patch solution for other sites that wishes to use these mod_disk_cache modifications. Highlights from previous patch: * More corner case error fixes, most of them triggered by Mozilla releases. * Greatly reduced duplicated data in the cache when using an NFS backend by hashing the body on the source files device and inode when available. HTTPD has already done the stat() of the file for us, so it's essentially free. * Tidied up the handling of updated files, only delete files in cache if they're really obsolete. /Nikke -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | [EMAIL PROTECTED] --- We are ATT of Borg, MCI will be assimilated =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
mod_limitipconn for httpd 2.2 and mod_cache
Hi! Attached is a version of mod_limitipconn.c that works in conjunction with mod_cache and httpd-2.2. We've been using this on ftp.acc.umu.se for some time now without any unwanted issues. The main problem with mod_limitipconn-0.22 was that since mod_cache runs as a quick handler, mod_limitipconn also must run as a quick handler with all those benefits and drawbacks. Download the tarball from http://dominia.org/djao/limitipconn2.html , extract it, and replace mod_limitipconn.c with this version and follow the build instructions. I would really wish that this was made part of httpd, it's really needed when running a file-download site due to the scarily large amount of demented download manager clients out there. However, I have not received any response from the original author on the matter. From what I have understood of the license it should be OK to merge into httpd if you want though, but I think that you guys are way more clued in that matter than me. This is a summary of the changes made: * Rewritten to run as a Quick Handler, before mod_cache. * Configuration directives are now set per VHost (Directory/Location are available after the Quick Handler has been run). This means that any Location containers has to be deleted in existing configs. * Fixed configuration merging, so per-vhost settings use defaults set at the server level. * By running as a Quick Handler we don't go through the entire lookup phase (resolve path, stat file, etc) before we get the possibility to block a request. This gives a clear performance enhancement. * Made the handler exit as soon as possible, doing the easy checks first. * Don't do subrequest to lookup MIME type if we don't have mime-type specific config. * Count connections in closing and logging state too, we don't want to be DOS'd by clients behind buggy firewalls and so on. * Added debug messages for easy debugging. * Reduced loglevel from ERR to INFO for reject-logging. In any case, I hope that this can be of use for others than us. /Nikke -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | [EMAIL PROTECTED] --- We are ATT of Borg, MCI will be assimilated =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/* * Copyright (C) 2000-2002 David Jao [EMAIL PROTECTED] * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the Software), to deal in the Software without * restriction, including without limitation the rights to use, copy, * modify, merge, publish, distribute, sublicense, and/or sell copies * of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice, this permission notice, and the * following disclaimer shall be included in all copies or substantial * portions of the Software. * * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. * */ #include httpd.h #include http_config.h #include http_request.h #include http_protocol.h #include http_core.h #include http_main.h #include http_log.h #include ap_mpm.h #include apr_strings.h #include scoreboard.h #define MODULE_NAME mod_limitipconn #define MODULE_VERSION 0.22 module AP_MODULE_DECLARE_DATA limitipconn_module; static int server_limit, thread_limit; typedef struct { signed int limit; /* max number of connections per IP */ /* array of MIME types exempt from limit checking */ apr_array_header_t *no_limit; int no_limit_set; /* array of MIME types to limit check; all other types are exempt */ apr_array_header_t *excl_limit; int excl_limit_set; } limitipconn_config; static void *limitipconn_create_config(apr_pool_t *p, server_rec *s) { limitipconn_config *cfg = (limitipconn_config *) apr_pcalloc(p, sizeof (*cfg)); /* default configuration: no limit (unset), and both arrays are empty */ cfg-limit = -1; cfg-no_limit = apr_array_make(p, 0, sizeof(char *)); cfg-excl_limit = apr_array_make(p, 0, sizeof(char *)); return cfg; } /* Simple merge: Per vhost entries overrides main server entries */ static void *limitipconn_merge_config(apr_pool_t *p, void *BASE, void *ADD) { limitipconn_config *base = BASE; limitipconn_config *add = ADD; limitipconn_config *cfg =
Re: svn commit: r560373 - in /httpd/httpd/trunk: CHANGES include/util_ldap.h modules/aaa/mod_authnz_ldap.c modules/ldap/util_ldap.c modules/ldap/util_ldap_cache.c modules/ldap/util_ldap_cache.h module
-1. Please revert. You did not have enough votes for backport. You need to have three votes for a backport and you only had your own one. 2.2.x is RTC. Regards Rüdiger On 07/27/2007 10:34 PM, [EMAIL PROTECTED] wrote: Author: rederpj Date: Fri Jul 27 13:34:41 2007 New Revision: 560373 URL: http://svn.apache.org/viewvc?view=revrev=560373 Log: mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability to authorize an authenticated user via a require ldap-group X directive where the user is not in group X, but is in a subgroup contained in X. PR 42891 [Paul J. Reder] Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/include/util_ldap.h httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.h httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c
Re: svn commit: r560373 - in /httpd/httpd/trunk: CHANGES include/util_ldap.h modules/aaa/mod_authnz_ldap.c modules/ldap/util_ldap.c modules/ldap/util_ldap_cache.c modules/ldap/util_ldap_cache.h module
I didn't commit it to 2.2.x. I committed it to trunk and submitted it for backport. Did I miss something? Paul J. Reder Ruediger Pluem wrote: -1. Please revert. You did not have enough votes for backport. You need to have three votes for a backport and you only had your own one. 2.2.x is RTC. Regards Rüdiger On 07/27/2007 10:34 PM, [EMAIL PROTECTED] wrote: Author: rederpj Date: Fri Jul 27 13:34:41 2007 New Revision: 560373 URL: http://svn.apache.org/viewvc?view=revrev=560373 Log: mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability to authorize an authenticated user via a require ldap-group X directive where the user is not in group X, but is in a subgroup contained in X. PR 42891 [Paul J. Reder] Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/include/util_ldap.h httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.h httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c -- Paul J. Reder --- The strength of the Constitution lies entirely in the determination of each citizen to defend it. Only if every single citizen feels duty bound to do his share in this defense are the constitutional rights secure. -- Albert Einstein
Re: svn commit: r560373 - in /httpd/httpd/trunk: CHANGES include/util_ldap.h modules/aaa/mod_authnz_ldap.c modules/ldap/util_ldap.c modules/ldap/util_ldap_cache.c modules/ldap/util_ldap_cache.h module
On 07/28/2007 12:27 AM, Paul J. Reder wrote: I didn't commit it to 2.2.x. I committed it to trunk and submitted it for backport. Did I miss something? Argh. I am sorry. My fault. I should take more time reading my mails before answering them. I guess I got confused because the commit before your commit was on 2.2.x. My apologies. Regards Rüdiger Paul J. Reder Ruediger Pluem wrote: -1. Please revert. You did not have enough votes for backport. You need to have three votes for a backport and you only had your own one. 2.2.x is RTC. Regards Rüdiger On 07/27/2007 10:34 PM, [EMAIL PROTECTED] wrote: Author: rederpj Date: Fri Jul 27 13:34:41 2007 New Revision: 560373 URL: http://svn.apache.org/viewvc?view=revrev=560373 Log: mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability to authorize an authenticated user via a require ldap-group X directive where the user is not in group X, but is in a subgroup contained in X. PR 42891 [Paul J. Reder] Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/include/util_ldap.h httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.h httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c
Re: svn commit: r560373 - in /httpd/httpd/trunk: CHANGES include/util_ldap.h modules/aaa/mod_authnz_ldap.c modules/ldap/util_ldap.c modules/ldap/util_ldap_cache.c modules/ldap/util_ldap_cache.h module
Ruediger Pluem wrote: -1. Please revert. You did not have enough votes for backport. You need to have three votes for a backport and you only had your own one. 2.2.x is RTC. This patch is to trunk, unless my tired brain is playing tricks on me: Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/include/util_ldap.h httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.c httpd/httpd/trunk/modules/ldap/util_ldap_cache.h httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c Regards, Graham -- smime.p7s Description: S/MIME Cryptographic Signature