detect disconnect in CGI
Hi, I am using mod_cgi using Cgicc with C++ on Linux. I need a way to detect disconnects from the client. I think I have a way to do this, but I wanted to make sure if there is no easier way. I am writing a space back to the client every second as part if a custom HTTP response header. When the connection drops, this results in a sigpipe. I am using non-parsed-headers to make sure the spaces are really flushed to the client and not buffered by Apache. Is there a better way to do this? Thank you, Andrej
Question about apache cache data clean
Dear All, In the old version of httpd, such as early 2.0 version, there is a configuration option of CacheGcInterval. It is used to define the period of time (hour) to delete cache data that is larger than the max size. Unfortunately, httpd 2.2 version will not support this configuration. I want to know why remove this option and is there any modules or configuration for replacing this option. Thanks in advance! -- View this message in context: http://www.nabble.com/Question-about-apache-cache-data-clean-tp26023068p26023068.html Sent from the Apache HTTP Server - Dev mailing list archive at Nabble.com.
Re: Question about apache cache data clean
dreamice wrote: In the old version of httpd, such as early 2.0 version, there is a configuration option of CacheGcInterval. It is used to define the period of time (hour) to delete cache data that is larger than the max size. Unfortunately, httpd 2.2 version will not support this configuration. I want to know why remove this option and is there any modules or configuration for replacing this option. Take a look at the htcacheclean tool, which can also run as a daemon. Regards, Graham --
Re: dumping running config
Mark Watts wrote: This may have been asked for before so apologies if it has. In #httpd on FreeNode, we often get people asking if apache httpd can dump its running config to a file for use on other servers or whatever. Is this at all possible; mod_info does some of it so I would think yes, (but I'm not a programmer). Alternative suggestion: use a static config-analysis scripts. I don't recollect names, but I do recollect searching CPAN and finding two likely-looking candidates, of which one did a good job of what I needed. -- Nick Kew
Re: Strange error(parse tlsext bug) in mod_ssl since httpd-2.2.12
Did you say what version of OpenSSL the failing client was using on Windows? It happens with openssl-0.9.8j on client openssl-0.9.8k on server Hmm... could be 0.9.8j sending bad data with invalid extension syntax under rare circumstances. A packet sniffer or logging the errant extensions received by OpenSSL could help trace this further. Find the tcpdump while this failure occurs at http://www.livecipher.com/tlsext_dump/tlsext.dmp Thanks with regards Kamesh Jayachandran
Using Authentication with flood
I'm trying to set up a regression test of sorts for my apache servers to verify new configs. I've been looking at Apache Flood, but I need to authenticate to my web servers and putting the username and password in to the URL doesn't seem to be working. How can I authenticate using flood? Thanks. Eric ___ This e-mail may contain information that is confidential, privileged or otherwise protected from disclosure. If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error. Unless specifically indicated, this e-mail is not an offer to buy or sell or a solicitation to buy or sell any securities, investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Barclays. Any views or opinions presented are solely those of the author and do not necessarily represent those of Barclays. This e-mail is subject to terms available at the following link: www.barcap.com/emaildisclaimer. By messaging with Barclays you consent to the foregoing. Barclays Capital is the investment banking division of Barclays Bank PLC, a company registered in England (number 1026167) with its registered office at 1 Churchill Place, London, E14 5HP. This email may relate to or be sent from other members of the Barclays Group. ___
Re: Strange error(parse tlsext bug) in mod_ssl since httpd-2.2.12
Kamesh Jayachandran wrote: Find the tcpdump while this failure occurs at http://www.livecipher.com/tlsext_dump/tlsext.dmp It seems that you used a URI with an IP address (https://10.2.1.97/...), is that correct? This actually uncovers a - probably unrelated - bug in the OpenSSL client (SNI extensions should never contain literal IPv4 addresses). Could you retry the test and make sure that you use an FQDN in the URI you specify for the client (through an entry in the hosts file or so)? Kaspar
Re: Authentication Basic default format
On Wednesday 21 October 2009, José Miguel Holguín Aparicio wrote: I have a question about htpasswd when creating password hashes for Basic Authentication. Why there isn't any warning message regarding password truncate to 8 characters? As you can see at your own documentation (http://httpd.apache.org/docs/2.2/misc/password_encryptions.html), OpenSSL is already warning us about this issue. In my opinion htpasswd command must show a warning message like OpenSSL does. Do you agree? Yes. Commited to trunk as r829162. Cheers, Stefan
RE: Strange error(parse tlsext bug) in mod_ssl since httpd-2.2.12
It seems that you used a URI with an IP address (https://10.2.1.97/...), is that correct? Yes. Could you retry the test and make sure that you use an FQDN in the URI you specify for the client (through an entry in the hosts file or so)? Yes done, find the dump at http://www.livecipher.com/tlsext_dump/tlsext.dmp.2 Thanks With regards Kamesh Jayachandran
Re: svn commit: r829185 - in /httpd/httpd/trunk: CHANGES modules/cache/mod_socache_shmcb.c
On 10/23/2009 09:27 PM, s...@apache.org wrote: Author: sf Date: Fri Oct 23 19:27:32 2009 New Revision: 829185 URL: http://svn.apache.org/viewvc?rev=829185view=rev Log: Only parse cache size in parens at the end of the string. Fixes SSLSessionCache directive mis-parsing parens in pathname. PR: 47945 Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c Modified: httpd/httpd/trunk/CHANGES URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=829185r1=829184r2=829185view=diff == --- httpd/httpd/trunk/CHANGES [utf-8] (original) +++ httpd/httpd/trunk/CHANGES [utf-8] Fri Oct 23 19:27:32 2009 @@ -10,6 +10,10 @@ mod_proxy_ftp: NULL pointer dereference on error paths. [Stefan Fritsch sf fritsch.de, Joe Orton] + *) mod_socache_shmcb: Only parse cache size in parens at the end of the + string. Fixes SSLSessionCache directive mis-parsing parens in pathname. + PR 47945. [Stefan Fritsch] + *) htpasswd: Improve out of disk space handling. PR 30877. [Stefan Fritsch] *) htpasswd: Use MD5 hash by default on all platforms. [Stefan Fritsch] Modified: httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c?rev=829185r1=829184r2=829185view=diff == --- httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c (original) +++ httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c Fri Oct 23 19:27:32 2009 @@ -278,15 +278,11 @@ ctx-data_file = path = ap_server_root_relative(p, arg); -cp = strchr(path, '('); -if (cp) { +cp = strrchr(path, '('); +cp2 = path + strlen(path) - 1; +if (cp (*cp2 == ')')) { *cp++ = '\0'; - -if (!(cp2 = strchr(cp, ')'))) { -return Invalid argument: no closing parenthesis; -} No error message any longer for missing parenthesis? I doubt that filenames like /somewhere/somefile(something are intended. - -*cp2 = '\0'; +*cp2 = '\0'; ctx-shm_size = atoi(cp); Regards Rüdiger
Re: svn commit: r829162 - /httpd/httpd/trunk/support/htpasswd.c
s...@apache.org wrote: Author: sf Date: Fri Oct 23 18:13:46 2009 New Revision: 829162 URL: http://svn.apache.org/viewvc?rev=829162view=rev Log: Print a warning if a password is truncated by crypt. Modified: httpd/httpd/trunk/support/htpasswd.c Modified: httpd/httpd/trunk/support/htpasswd.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/htpasswd.c?rev=829162r1=829161r2=829162view=diff == --- httpd/httpd/trunk/support/htpasswd.c (original) +++ httpd/httpd/trunk/support/htpasswd.c Fri Oct 23 18:13:46 2009 @@ -186,6 +186,10 @@ pw = pwin; memset(pwv, '\0', sizeof(pwin)); } +if (alg == ALG_CRYPT strlen(pw) 8) { +apr_file_printf(errfile, Warning: Password truncated to 8 characters +by CRYPT algorithm. NL); +} Isn't this platform specific? Seems wrong. Why not test the pw and the pw+1 char to determine if this is, in fact, true. With all our integration into openssl maybe we should add 3des strong crypt for all platforms that don't otherwise offer it? So much easier now that the rules about crypto munitions in open source have been relaxed.