Howto install headerfiles into httpd/include?
Hi list, I've written a module which provides a header file for other modules I've also written. Now I'm in the process of setting up some kind of installer. I want my first module (the one which provides the header file) to have its header installed into the httpd/include directory. As I don't just want to blindly copy the header into the apache install dir, I looked for a standard way to do this. As serveral other modules like mod_rewrite install their own header file, I tried to integrate my module into the apache build. I created my own directory under source/modules, copied a config.m4 and adopted it for my purpose (nothing more than a APACHE_MODPATH_INIT, APACHE_MODULE and APACHE_MODPATH_FINISH). For the sake of simplicity, let's assume it's just a single .c and .h file with minimalistic code (I also tried this simplest case). Than I ran buildconf, my module appears in configure, get's built and installed - but the header file won't be installed into include. I tried to mimic every step mod_rewrite does (except that it's bundled with the other mapper modules), but couldn't find out which step does the trick. Can anybody help me out with that? Any help will be greatly appreciated. The OS is Linux (CentOS 5.4 x64). I use Apache 2.2.15. I think I should mention that I'm kind of a newbie with the autotools. If any further info is needed, just let me know. Btw - why are some of the .m4 files named config9.m4 or config5.m4? Is this on purpose and if yes, why? Kind regards, Edgar
simple mapping module example?
I would like to do a simple mapper: - given some inputs, calculate a file path - let apache serve out that file for me Is there a simple example of how to do this? mod_rewrite is pretty heavy-duty, and I'd like to get a simpler model to follow. Here's what I've got so far, am I on the right track? Many TIA! Mark static int my_mapper(request_rec *r) { mypath = lookup(...); -- e.g. /usr/mydir/myfile.mp4 ap_set_content_type(r, video/mp4); apr_table_add(r-headers_out, Content-disposition, inline; filename=acad.mp4); ap_???(r, mypath); -- tell apache we want to serve this file do this by setting something in r? return ???; -- tell apache to continue to the next step and serve out the file } static void register_mymapper(apr_pool_t *p) { ap_hook_translate_name(my_mapper,NULL,NULL,APR_HOOK_MIDDLE); } module AP_MODULE_DECLARE_DATA mymapper_module = { STANDARD20_MODULE_STUFF, NULL, NULL, NULL, NULL, NULL, register_mymapper }; -- Mark Harrison Pixar Animation Studios
RE: patch for mod_ldap_authnz
This is an alternate path that I considered in my AuthType Cert work. I didn't choose it, because it was actually meaningful in my situation to declare a user with an otherwise valid certificate unauthenticated if no matching LDAP record could be found. I agree with Eric that AUTHENTICATE_ isn't the best prefix [of course, we need to respect the installed base that may be depending upon it]. I think a more appropriate prefix might be LDAP_attributename [semantically I think this is a better way to hint that the value for the attribute came from an LDAP search]. -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Sent: Tuesday, April 27, 2010 10:37 PM To: dev@httpd.apache.org Subject: Re: patch for mod_ldap_authnz On Tue, Apr 27, 2010 at 9:25 PM, Kevin Kalupson kjk...@kevinkal.com wrote: Hi, mod_authnz_ldap will put the attributes from the AuthLdapUrl in the request environmental variables if ldap is the authentication source. However, if mod_authnz_ldap is only providing Authorization and another module is the authentication source, the attributes are not available as request variables. Anyone have feelings about LDAP-as-authorizer adding entries to AUTHENTICATE_*? Seems like an unfortunate name given the nature of the data people are likely to plug into with this. Perhaps hide it behind a directive in mod_authnz_ldap and let users pick the prefix during authz? -- Eric Covener cove...@gmail.com
RE: patch for mod_ldap_authnz
-Original Message- From: Eric Covener Sent: Mittwoch, 28. April 2010 04:37 To: dev@httpd.apache.org Subject: Re: patch for mod_ldap_authnz On Tue, Apr 27, 2010 at 9:25 PM, Kevin Kalupson kjk...@kevinkal.com wrote: Hi, mod_authnz_ldap will put the attributes from the AuthLdapUrl in the request environmental variables if ldap is the authentication source. However, if mod_authnz_ldap is only providing Authorization and another module is the authentication source, the attributes are not available as request variables. Anyone have feelings about LDAP-as-authorizer adding entries to AUTHENTICATE_*? Seems like an unfortunate name given the nature of the data people are likely to plug into with this. We shouldn't use the AUTHENTICATE_* prefix in this case. It should be something different to distiguish the cases. Regards Rüdiger
Re: UTF-8 strings through ap_log_cerror()?
On 28.04.2010 04:29, Sander Temme wrote: According to dr. Stephen, the correct function to call is X509_NAME_print_ex(), but that writes to a BIO. Could a string be made of a BIO? And if one were, would ap_log_cerror() be able to print it in all its UTF-8-y glory? I'm not sure if it's considered the canonical way, but you can use a memory BIO (BIO_s_mem) for this, and then retrieve the string through BIO_get_mem_data(). AFAICT, ap_log_cerror would again escape those UTF-8 sequences, however (T_ESCAPE_LOGITEM is set for all characters 127, see server/gen_test_char.c). Moving away from X509_NAME_oneline() seems like a good idea to me, generally speaking - X509_NAME_print_ex gives you much better control over the output format (XN_FLAG_RFC2253 would probably be a reasonable default choice). Kaspar
Re: patch for mod_ldap_authnz
I agree all around. I would like it if there were a sane default prefix. LDAP_* makes sense to me. I like the idea of being able to set the prefix with a directive in the configuration file. -Kevin On 4/28/10 3:37 AM, Plüm, Rüdiger, VF-Group wrote: -Original Message- From: Eric Covener Sent: Mittwoch, 28. April 2010 04:37 To: dev@httpd.apache.org Subject: Re: patch for mod_ldap_authnz On Tue, Apr 27, 2010 at 9:25 PM, Kevin Kalupson kjk...@kevinkal.com wrote: Hi, mod_authnz_ldap will put the attributes from the AuthLdapUrl in the request environmental variables if ldap is the authentication source. However, if mod_authnz_ldap is only providing Authorization and another module is the authentication source, the attributes are not available as request variables. Anyone have feelings about LDAP-as-authorizer adding entries to AUTHENTICATE_*? Seems like an unfortunate name given the nature of the data people are likely to plug into with this. We shouldn't use the AUTHENTICATE_* prefix in this case. It should be something different to distiguish the cases. Regards Rüdiger
OpenBSD the Apache license problem. Why?
Hello I really wonder why you Apache guys did this: A news from 2004: http://tech.slashdot.org/article.pl?sid=04/06/07/1621254 It is 2010 now, and we're still on Apache 1.3.29. What was that license problem? Let OpenBSD dev guys edit/improve/modify it however they like, please. (Well, unless they won't change the 'Apache' httpd header) They are great at security. That will be good for Apache, too. They're also very well-respected. We all know that. Freedom? Free? If free, then make it free for everyone, every community, every people please. Otherwise it is not free anymore. Oh, by the way, what was your answer for: There is a number of serious security problems in apache that we have fixed, and that have been offered them back, and they refused. @ http://marc.info/?l=openbsd-miscm=108655793112947w=2 May i know what did you refuse and why did you refuse? Thanks.
Re: OpenBSD the Apache license problem. Why?
On Wed, Apr 28, 2010 at 8:05 AM, Tasos Andras kho...@gmail.com wrote: I really wonder why you Apache guys did this: Did what, released our software under a license of our choosing? A news from 2004: http://tech.slashdot.org/article.pl?sid=04/06/07/1621254 It is 2010 now, and we're still on Apache 1.3.29. What was that license problem? Ask someone who objects to the license? Or do your homework before before you start a thread questioning the license? Let OpenBSD dev guys edit/improve/modify it however they like, please. (Well, unless they won't change the 'Apache' httpd header) Like everyone else, they can do whatever they please as long as they abide by the license. Freedom? Free? If free, then make it free for everyone, every community, every people please. Otherwise it is not free anymore. I respect your personal opinion/desires about what software freedom means, but seeing as how you don't know what the actual license objection is, it's pretty odd that you've been able to come to a conclusion. You're always free to create your own webserver, and license it under your own Platitudes License 2.0. Oh, by the way, what was your answer for: There is a number of serious security problems in apache that we have fixed, and that have been offered them back, and they refused. @ http://marc.info/?l=openbsd-miscm=108655793112947w=2 Why would there be an 'answer' to a) a statement and b) something that was posted on somebody elses mailing list? May i know what did you refuse and why did you refuse? You'd have to refer to a specific bug report, patch, mailing list reference, or at least a specific issue for anyone to comment intelligently -- especially if this 6+ years ago. This is probably more on-topic at the users discussion list unless there's an actual question about the development of Apache HTTP Server. -- Eric Covener cove...@gmail.com
Re: OpenBSD the Apache license problem. Why?
On Wed, Apr 28, 2010 at 8:05 AM, Tasos Andras kho...@gmail.com wrote: I really wonder why you Apache guys did this: A news from 2004: http://tech.slashdot.org/article.pl?sid=04/06/07/1621254 It is 2010 now, and we're still on Apache 1.3.29. What was that license problem? With all due respect, do some research yourself. If you can't find documentation on the web of exactly why OpenBSD rejected the Apache license change, go ask there. We don't own that problem. Let OpenBSD dev guys edit/improve/modify it however they like, please. (Well, unless they won't change the 'Apache' httpd header) They are great at security. That will be good for Apache, too. They're also very well-respected. We all know that. Freedom? Free? If free, then make it free for everyone, every community, every people please. Otherwise it is not free anymore. Did you read our license? Oh, by the way, what was your answer for: There is a number of serious security problems in apache that we have fixed, and that have been offered them back, and they refused. @ http://marc.info/?l=openbsd-miscm=108655793112947w=2 May i know what did you refuse and why did you refuse? I guess a diff from the original Apache 1.3.29 to what OpenBSD uses today would be instructive.
Re: OpenBSD the Apache license problem. Why?
On Apr 28, 2010, at 8:51 AM, Eric Covener wrote: Oh, by the way, what was your answer for: There is a number of serious security problems in apache that we have fixed, and that have been offered them back, and they refused. @ http://marc.info/?l=openbsd-miscm=108655793112947w=2 Why would there be an 'answer' to a) a statement and b) something that was posted on somebody elses mailing list? May i know what did you refuse and why did you refuse? You'd have to refer to a specific bug report, patch, mailing list reference, or at least a specific issue for anyone to comment intelligently -- especially if this 6+ years ago. This is probably more on-topic at the users discussion list unless there's an actual question about the development of Apache HTTP Server. Having seen this referenced several times in the last few weeks (was there a news story that resurrected this?) I've wondered about this claim, too. Can someone who remembers this incident please speak up and set the record straight about what actually happened? It seems improbable to me that there's just one side of this story, and that nobody remembers it from our perspective. What was refused, and why? Or is that not actually how it happened? -- Rich Bowen rbo...@rcbowen.com
Re: OpenBSD the Apache license problem. Why?
On Wed, Apr 28, 2010 at 03:05:07PM +0300, Tasos Andras wrote: Oh, by the way, what was your answer for: There is a number of serious security problems in apache that we have fixed, and that have been offered them back, and they refused. @ http://marc.info/?l=openbsd-miscm=108655793112947w=2 The answer is in that thread, from Lars: http://marc.info/?l=openbsd-miscm=108786434622823w=2 The Apache HTTP server security team is not aware of any pending patches/fixes for a security vulnerability (or other bug) in Apache proposed by the OpenBSD team. ...which is still true today. Regards, Joe
Re: OpenBSD the Apache license problem. Why?
Rich Bowen wrote: Having seen this referenced several times in the last few weeks (was there a news story that resurrected this?) I've wondered about this claim, too. Can someone who remembers this incident please speak up and set the record straight about what actually happened? It seems improbable to me that there's just one side of this story, and that nobody remembers it from our perspective. What was refused, and why? Or is that not actually how it happened? Well, I wasted some time on the openbsd-misc list at that time ... Apart from the OpenBSD team claiming that we rejected some of their security patches the main issue was about them liking the Apache license 2.0. They more or less literally said, we don't like the new license because it has more stuff in it. I've given up talking to them after that... If they don't want to use anything with an Apache License 2.0, then it's really the problem of the OpenBSD team, and nothing for us to fix. cheers... -- Lars Eilebrecht l...@eilebrecht.net