Re: Compile failure 2.0.49 on RHEL3
Graham Leggett wrote: Hi all, I have just tried to build v2.0.49 under RHEL3, and I get the failure below. I had the same failure w RH9 see http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18989 Aryeh For some reason, Redhat put krb5.h inside /usr/kerberos/include, and if the include path /usr/kerberos/include is not added to CFLAGS, none of the ssl stuff will compile (as ssl.h includes krb5.h). Is it possible to add a check for krb5.h to the configure script? /home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/srclib/apr/libtool --silent --mode=compile gcc -g -O2 -pthread-DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE -DAP_HAVE_DESIGNATED_INITIALIZER -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/srclib/apr/include -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/srclib/apr-util/include -I. -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/os/unix -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/server/mpm/prefork -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/modules/http -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/modules/filters -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/modules/proxy -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/include -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/modules/generators -I/usr/include/openssl -I/home/gatekeeper/minfrin/src/apache/sandbox/proxy/httpd-2.0.49/modules/dav/main -prefer-pic -c mod_ssl.c touch mod_ssl.slo In file included from /usr/include/openssl/ssl.h:179, from mod_ssl.h:91, from mod_ssl.c:26: /usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory In file included from /usr/include/openssl/ssl.h:179, from mod_ssl.h:91, from mod_ssl.c:26: [snip] Regards, Graham -- -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
using sendfile for posts in ab
Is there any reason not to use sendfile when ab wants to post a file? It seems a little silly to buffer the entire file. -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
buffer overflow in ab.c
Not to mention the kr calling convention...
# diff -u ab.old.c ab.c
--- ab.old.cThu Mar 4 12:32:21 2004
+++ ab.cThu Mar 4 12:32:52 2004
@@ -558,6 +558,7 @@
BIO *bio;
X509 *x509cert;
{
+#define BUFSIZE 64
X509_NAME *dn;
char buf[64];
dn=X509_get_issuer_name(x509cert);
-X509_NAME_oneline(dn, buf, BUFSIZ);
+X509_NAME_oneline(dn, buf, BUFSIZE-1);
BIO_printf(bio,The issuer name is %s\n, buf);
dn=X509_get_subject_name(x509cert);
-X509_NAME_oneline(dn, buf, BUFSIZ);
+X509_NAME_oneline(dn, buf, BUFSIZE-1);
BIO_printf(bio,The subject name is %s\n, buf);
--
Aryeh Katz
SecureD Services
http://www.secured-services.com/
410 653 0700 x 2
Re: buffer overflow in ab.c
One more thing.
Can someone explain this SSL bit for me?
This seems to be an uninit var invocation for pollresults?
const apr_pollfd_t *pollresults;
-snip
if (ssl == 1)
status = APR_SUCCESS;
else
#endif
status = apr_pollset_poll(readbits, aprtimeout, n, pollresults);
if (status != APR_SUCCESS)
apr_err(apr_poll, status);
if (!n) {
err(\nServer timed out\n\n);
}
for (i = 0; i n; i++) {
const apr_pollfd_t *next_fd = (pollresults[i]);
# diff -u ab.old.c ab.c
--
Aryeh Katz
SecureD Services
http://www.secured-services.com/
410 653 0700 x 2
Re: buffer overflow in ab.c
Sander Temme wrote: One more thing. Can someone explain this SSL bit for me? This seems to be an uninit var invocation for pollresults? const apr_pollfd_t *pollresults; -snip if (ssl == 1) status = APR_SUCCESS; else #endif status = apr_pollset_poll(readbits, aprtimeout, n, pollresults); You mean this one? You're passing the pointer by reference, so apr_pollset_poll() can fill it in. It should return a valid array of n apr_pollfd_t structures. I see that my snipping was too effective :). Actually, this was bug 19271, which I've submitted a patch for. In the ssl case, pollresults was never initialized, and we'd then try to set next_fd to the value of pollresults[i], which causes ab to crash. Aryeh S. -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
inserting env var to cgi from input filter
It seems from the code, that any headers an input filter would like to insert in the environment won't be inserted. This is because by the time the input filter has been called (ap_get_brigade on line 696) the environment has been finalized (line with run_cgi_child:ap_create_privileged_process, line 487). What is the recommended way for an input filter to insert data into headers_in so that it is available for all handlers? -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
Re: frustrating build experience *nix/windows
William A. Rowe, Jr. wrote: If I grok what you are asking it would be nice if win32, too, would support VPATH builds with a --srcdir like argument - and throw it's generated files in another directory tree. Did I get the point? This seems doable. That would be perfect. Do I need to bugzilla this? -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
frustrating build experience *nix/windows
I'd like to report a frustrating build experience, that is primarily a windows issue, but it highlights a 1.3/2.0 change. In the 1.3 environment I was able to use the --shadow configure option to use the same source tree for multiple os's. This was quite valuable, as one source code change was needed for all platforms. However, the --shadow option is gone in 2.0. That means I had to use --srcdir to accomplish the same results. All was fine until I came to windows. Then things blew up. Once I did my windows build, my unix build started pulling in all sorts of windows defines, despite the fact that it should have been using the os's include files. I tried to clean it up, but ended up just having to remove the whole tree, and start all over again. And I think I'm not the only one that has this problem. I think everyone does. That's why there are two source packages, windows and UNIX. Can someone tell me why the --shadow option was removed? Aryeh -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
Re: frustrating build experience *nix/windows
William A. Rowe, Jr. wrote: At 09:44 AM 2/6/2004, Aryeh Katz wrote: In the 1.3 environment I was able to use the --shadow configure option to use the same source tree for multiple os's. This was quite valuable, as one source code change was needed for all platforms. However, the --shadow option is gone in 2.0. That's why there are two source packages, windows and UNIX. Actually that's not the reason. The two reasons are: 1. line endings; msvc and msdev studio hate several files with unix line endings and either fail all together (nmake makefile) or produce erroneous results (emitted diagnostic line numbers from .c source files etc.) The win32 package uses srclib/apr/build/lineends.pl to mop text files from one to the other form. Unless you are using a linux toolchain, or working on a volume that supports two views of the same file (e.g. Cygwin 'DOS' mounted unix volumes) this issue seems that it would continue to plague you. This might be the issue *nix to windows. I was having trouble the other direction. After my windows builds my *nix builds were toast. 2. build files; this shouldn't be a hassle for you, it simply includes generated win32 exported makefiles and makefile dependencies from .pdb projects, along with the awk result .rc version files. These aren't present in the Unix build, and are honestly not required to build the project if you use Visual Studio later than version 5. Actually, this was exactly my problem. apr.h, apu.h and a whole bunch of other files were generated by windows (and at least I couldn't get it to clean up). Once those header files get included by the *nix packages (despite the fact they have working apr.h etc in their own tree), the sources won't compile. -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
Re: Need help building module mod_expires
Bob MacMunn wrote: Hello, I am building Apache server 2.0.47 using this configure command ./configure --prefix=/export/home/apache2 --enable-mod-shared=mod_expires try --enable-mods-shared ^ -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
page out of date
http://apache.get-software.com/httpd/binaries/win32/README.html doesn't have the correct version numbers. As an aside, would it make more sense to use SSI, and get the version number from the SERVER_SOFTWARE environment variable (I assume apache.org will always be running the most up to date version of apache). -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
doc patch - http_protocol.h
I leave the formatting up to you, but the patch follows: # diff -u http_protocol.old.h http_protocol.h --- http_protocol.old.h +++ http_protocol.h @@ -528,7 +528,7 @@ * @param r The current request * @param pw The password as set in the headers * @return 0 (OK) if it set the 'pw' argument (and assured - * a correct value in r-connection-user); otherwise it returns + * a correct value in r-user); otherwise it returns * an error code, either HTTP_INTERNAL_SERVER_ERROR if things are * really confused, HTTP_UNAUTHORIZED if no authentication at all * seemed to be in use, or DECLINED if there was authentication -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
Crash - Win32 on restart
I have a win32 apache (with a whole bunch of modules loaded) that crashes on restart. I think the scenario to replicate is: 1) start as service 2) modify conf file (with typo) 3) restart 4) modify conf file (fix typo) 5) restart 6) restart The call stack I'm getting (main-ap_run_post_config-mime_post_config-ap_getword_conf-substring_conf) shows me a crash in substring_conf, and the pointer from apr_palloc is bogus. Interestingly ;-( this occurs in the middle of the parsing of mime.types. All the allocs to this point are fine. The machine is NOT out of memory (I'm typing this on the crashed box, with debugger in session). If I can offer any more information, please let me know. -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 653 0700 x 2
Re: log_error_core escaping change broke things
-- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide --- http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com -- Aryeh Katz SecureD Services http://www.secured-services.com/ 410 673 0700 x 2
Re: ap_invoke_handler
I assume that most filters that buffer data or have other saved state across invocations stash it off of f-ctx. If that exists, you know there is a possibility of corrupting the data stream if you remove the filter. Wouldn't this be better done in remove_any_filter rather than by the module? It's just asking for trouble to make sure that all module developers check f- ctx before calling remove filter. Of course, your comment about state maintainance still applies. If f-ctx doesn't exist, it's less likely but possible of course. Perhaps we should make a rule that if a filter stashes data, it better set f-ctx to non-null. --- Aryeh Katz Secured-Services Inc.
RE: ap_invoke_handler
At 06:06 AM 10/21/2003, Tikka, Sami wrote: -Original Message- From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED] [...] Do not attempt to remove a filter once it's inserted, simple force it to be inert. Serveral Apache filters already do this, although I can't name one offhand (SSL might be, I think.) Perhaps I am just missing something, but is there something wrong in removing a filter, perhaps by itself, using ap_remove_input/output_filter() Once *one* byte of data has passed through a given filter within the filter chain, you cannot know if one filter is sitting on bytes of request or response body that it is waiting for completion. Maybe it has a partial token stored, maybe it's an incomplete multibyte sequence for a given code page translation. In both cases, once a byte is inside the filter chain, during a request (this is what I'm assuming your module does) you cannot add and drop filters. In my input filter, I don't pass ANY data on until I am sure all the filter processing is done (the filter is only inserted selectively). What would be wrong with calling remove_filter then? It was inserted when required, and when I'm ready to return (and pass some data on), remove the filter I just inserted. Those APIs are used for changing the filters before the request is processed. --- Aryeh Katz Secured-Services Inc.
allocator is NULL if I use heap buckets
I've encountered the following issue with my module development, and I was wondering if I could get a pointer. I'm writing an ouput filter that must write independent data like mod_status or mod_info. Rather than using rputs and the like, I used the brigade code. What I'm seeing is, if I allocate my data bucket using transient buckets, all is fine. However, when I allocate a heap bucket, allocator (and ONLY allocator) somehow becomes NULL when the time comes to destroy the brigade (which causes a seg fault). I am using the bucket_allocation function from the connection, and APR_POOL_DEBUG set to all didn't show any pool life problems. Is there something I can look at to find out why I am having bucket lifetime problems with heap buckets, or should I just stick to transient buckets. Aryeh --- Aryeh Katz Secured-Services Inc.
Re: mod_info question
Aryeh Katz wrote:
In mod_info, SERVER_CONFIG_FILE is used in order to determine which
config file the apache server is running with However, this ignores
the -f option. Shouldn't we be printing out ap_conftree-filename?
that sounds right to me... got a patch you have tested that I can
play with? (this time with old file on left and new file on right ;)
Sorry about that last patch :-(
Patch below was tested and it worked in a linux environment.
# diff -u mod_info.old.c mod_info.c
--- mod_info.old.c Mon Sep 15 07:48:59 2003
+++ mod_info.c Mon Sep 15 07:50:18 2003
@@ -405,7 +405,7 @@
ap_rprintf(r, dtstrongServer Root:/strong
tt%s/tt/dt\n, ap_server_root);
ap_rprintf(r, dtstrongConfig File:/strong
- tt%s/tt/dt\n, SERVER_CONFIG_FILE);
+ tt%s/tt/dt\n, ap_conftree-filename);
ap_rputs(/dlhr /, r);
}
for (modp = ap_top_module; modp; modp = modp-next) {
---
Aryeh Katz
Secured-Services Inc.
mod_info question
In mod_info, SERVER_CONFIG_FILE is used in order to determine which config file the apache server is running with However, this ignores the -f option. Shouldn't we be printing out ap_conftree-filename? --- Aryeh Katz Secured-Services Inc.
Re: configure --with-berkeley-db=/my/local/db40 does not work?
configure ./configure --prefix=/my/local --with-berkeley-db=/wfhome/local/db40 does work, compile works, but starting http gives the error: ld.so.1: httpd: fatal: libdb-4.0.so: open failed: No such file or directory Killed httpd expects libdb-4.0.so in /my/local/lib. how can i set the parameters correctly? Make sure the library is in your shared library path e.g. export LD_LIBRARY_PATH=/my/local/lib __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com --- Aryeh Katz Secured-Services Inc.
Re: updated debugging doc
Aryeh Katz wrote: I was looking at http://httpd.apache.org/docs-2.0/developer/debugging.html and it seems to be incorrect. I can't seem to find any of the #defines mentioned here, only APR_POOL_DEBUG. Is there any updated debugging doc? this isn't exactly what you were looking for, but try srclib/apr/configure --help | grep pool more doc is needed, of course :( I found the .gdbinit stuff (dump_brigade, dump_table) to be EXTREMELY helpful, and I would never have found it unless I'd stumbled across it on google. I think it would pay to document that (even if it doesn't help the windbg people). --- Aryeh Katz Secured-Services Inc.
Re: ap_sub_req_method_uri and POST
Aryeh Katz wrote: Is it possible to change a GET to a POST, and add post data to the POST request by using get_brigade and pass_brigade and ap_sub_req_method_uri? Theoretically yes. You would have to define an input filter that emulates the POST body data reading. But I've never tried it. Thanks. The reason I was asking was the comment in request.c saying that there was no input filter for a subrequest. I thought that might mean that the filter chain wasn't traversed in a subrequest, in which case it would be impossible to change a GET to a POST nd Aryeh --- Aryeh Katz Secured-Services Inc.
lifetime of r-user in 2.0 tree
There is a comment in protocol.c which states that the lifetime of r-user is per connection. Yet, the code only allocates from the request pool. Tracing this back, I see that in the 1.3 tree, the allocation is in fact from the connection. Can someone explain why the user information's lifespan was changed to per connection to per request? (not to mention updating the misleading comment in the 2.0 tree). Aryeh --- Aryeh Katz Secured-Services Inc.
Re: lifetime of r-user in 2.0 tree
From: André Malo [EMAIL PROTECTED] The request is independent from the connection. I'd count the storage of the request user in r-connection in 1.3 as wrongly designed. The second is a technical reason. In 2.x connection and request are *really* separated, so storing the user in the connection structure would be even more problematic. patch to remove erroneous comment supplied --- protocol.c Thu Sep 4 10:03:11 2003 +++ protocol-2.0.47.c Thu Sep 4 10:02:59 2003 @@ -1142,6 +1142,10 @@ } t = ap_pbase64decode(r-pool, auth_line); +/* Note that this allocation has to be made from r-connection-pool + * because it has the lifetime of the connection. The other allocations + * are temporary and can be tossed away any time. + */ r-user = ap_getword_nulls (r-pool, t, ':'); r-ap_auth_type = Basic; nd --- Aryeh Katz Secured-Services Inc.
ap_sub_req_method_uri and POST
Is it possible to change a GET to a POST, and add post data to the POST request by using get_brigade and pass_brigade and ap_sub_req_method_uri? --- Aryeh Katz Secured-Services Inc.
updated debugging doc
I was looking at http://httpd.apache.org/docs-2.0/developer/debugging.html and it seems to be incorrect. I can't seem to find any of the #defines mentioned here, only APR_POOL_DEBUG. Is there any updated debugging doc? --- Aryeh Katz Secured-Services Inc.
ap_run_sub_req and content length
I wrote here earlier about using ap_run_sub_req to send a response to a client, and I receieved excellent advice, thank you. There is one thing I was wondering. I see that the Encoding is chunked. I would prefer to set the Content-Length to the correct length, rather than use chunked encoding. How can I do this (other than reading the brigades, then running ap_set_content)? Aryeh --- Aryeh Katz Secured-Services Inc.
Re: ap_run_sub_req and content length
I wrote here earlier about using ap_run_sub_req to send a response to a client, and I receieved excellent advice, thank you. There is one thing I was wondering. I see that the Encoding is chunked. I would prefer to set the Content-Length to the correct length, rather than use chunked encoding. How can I do this (other than reading the brigades, then running ap_set_content)? You don't really have the ability to directly control this. The content-length filter in combination with ap_set_keepalive determine whether chunking is used. Generally speaking, if the first ap_pass_brigade call contains the EOS, Content-Length will be sent. Thanks. Aryeh --- Aryeh Katz Secured-Services Inc.
ap_run_sub_req problem
In certain circumstances, I need to do an internal redirect on the client's request (without sending back a redirect to the client). I tried using ap_sub_req_method_uri (specifying NULL for the filter), and then ap_run_sub_req. I see that the content type of the new request is correct (in my case, image/gif). However, when the request is sent to the client, the content type is text/plain. Thus, the reply to the client doesn't render properly. I suspect I am not invoking ap_run_sub_req properly. Is there something I should know about how to invoke run_sub_req? Thanks. Aryeh --- Aryeh Katz Secured-Services Inc.
Re: ap_run_sub_req problem
The NULL argument for the filter is *ONLY* to be used for testing subrequests that are not actually run to the client. E.g. mod_autoindex uses the NULL arg to consider what files might be served, and if they are, in fact, actually valid content files, or if they have been protected or otherwise cannot be handled. You must pass the appropriate filter arg in order to pass the response through the filter stack back to the client. Thanks for the heads up. Aryeh Look, instead, at mod_include.c or another module that actually serves the subrequest, for an example of the appropriate way to use this API. Bill At 02:37 PM 8/6/2003, Aryeh Katz wrote: In certain circumstances, I need to do an internal redirect on the client's request (without sending back a redirect to the client). I tried using ap_sub_req_method_uri (specifying NULL for the filter), and then ap_run_sub_req. I see that the content type of the new request is correct (in my case, image/gif). However, when the request is sent to the client, the content type is text/plain. Thus, the reply to the client doesn't render properly. I suspect I am not invoking ap_run_sub_req properly. Is there something I should know about how to invoke run_sub_req? Thanks. Aryeh --- Aryeh Katz Secured-Services Inc. --- Aryeh Katz Secured-Services Inc.
per_dir_config
What is the earliest stage at which r-per_dir_config is populated with the per_dir information that my module sets? Using some tests, I determined that it's sometime after post_read, and before fixup. Can someone narrow it down for me? --- Aryeh Katz Secured-Services Inc.
Re: per_dir_config
What is the earliest stage at which r-per_dir_config is populated with the per_dir information that my module sets? Using some tests, I determined that it's sometime after post_read, and before fixup. Can someone narrow it down for me? header_parser. That is the same hook, which mod_setenvif uses for setting its per-dir variables. HTH, nd It does, thank you. --- Aryeh Katz Secured-Services Inc.
suggested patch to mpm_common.c
I don't understand why ap_mpm_set_pidfile checks GLOBAL_ONLY
and cmd-server-is_virtual.
Checking cmd-server-is_virtual is enough.
If you want to maintain consistency with the other functions, then flip the
deletion to remove the check of -is_virtual
Aryeh
# diff -u mpm_common.old.c mpm_common.c
--- mpm_common.old.cThu Jul 24 15:16:10 2003
+++ mpm_common.cThu Jul 24 15:16:09 2003
@@ -571,11 +571,6 @@
const char *ap_mpm_set_pidfile(cmd_parms *cmd, void *dummy,
const char *arg)
{
-const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
-if (err != NULL) {
-return err;
-}
-
if (cmd-server-is_virtual) {
return PidFile directive not allowed in VirtualHost;
}
---
Aryeh Katz
Secured-Services Inc.
different module building semantics
In order to build the non-standard modules, configure requires a command line option of the form --enable-module-name. The problem with this (other than being unable to use the --enable-module=) syntax, is that you can't choose to build as a shared library. This causes much work in order add a non-standard module, because you have to rebuild the entire server just to get one more module enabled. --- Aryeh Katz VASCO www.vasco.com
Re: different module building semantics
Aryeh Katz wrote: In order to build the non-standard modules, configure requires a command line option of the form --enable-module-name. The problem with this (other than being unable to use the --enable-module=) syntax, is that you can't choose to build as a shared library. This causes much work in order add a non-standard module, because you have to rebuild the entire server just to get one more module enabled. --- Aryeh Katz VASCOwww.vasco.com Hi Aryeh. have a look at apxs. this might be a better approach for your development, as all you require are the header files and the libraries to create a module. I was referring to modules that are in the experimental directory... --- Aryeh Katz VASCO www.vasco.com
Re: different module building semantics
I was referring to modules that are in the experimental directory... you mean something like --enable-cache=shared doesn't work for you? I used --enable-shared=all to force shared libraries. That's what I meant in my original post about different module building semantics. Once I set it to =shared, then it was in fact a shared module. I would just prefer the ability to do --enable-module=... and --enable-shared once, whether it is a supported module or not. Does it make sense to have duplicate logic that doesn't work across the board? 1) enable-my-module 2) enable-module=my_module If I'm not mistaken, I can write --enable-shared=all, and case 2 will make it shared. --- Aryeh Katz VASCO www.vasco.com
2.0 book
I saw that Ryan Bloom is (was) scheduled to release a book on the 2.0 server. Does that book have information for developers, or is it intended for sysadmins? If this is not for developers, is there any who will be releasing a 2.0 book that discusses the APIs (particularly the APR)? I hate to say this, but the header files aren't really enough documentation Thanks. Aryeh --- Aryeh Katz VASCO www.vasco.com
Re: 2.0 book
On Thu, 27 Jun 2002, Aryeh Katz wrote: I saw that Ryan Bloom is (was) scheduled to release a book on the 2.0 server. Does that book have information for developers, or is it intended for sysadmins? It definitely has information for developers. Lots of it. :) Do you know when it it's going to be released? Aryeh --- Aryeh Katz VASCO www.vasco.com
ab with ssl for win32
Is there any planned ssl support for ab on win32? It seems like a trivial makefile change... --- Aryeh Katz VASCO www.vasco.com
Re: ab with ssl for win32
At 02:43 PM 6/20/2002, you wrote: Is there any planned ssl support for ab on win32? It seems like a trivial makefile change... It's already there. See the abs.dsp project. Thanks. I was looking at ab.mak and dsp, and naturally I didn't see it there. I didn't think to open up the other makefiles, and I didn't catch the executable name change on the win_compiling directions page. --- Aryeh Katz VASCO www.vasco.com
Memory leak in experimental module - mod_case_filter_in
I was looking over mod_case_filter_in for some pointers on filter handling, and I noticed there was a memory leak in CaseFilterInFilter (line 149). Since apr_bucket_heap_create doesn't specify a free function, apr_bucket_heap_make will allocate h-base, and copy the data (buf) there. The buf allocated through malloc (in CaseFilterInFilter) never gets freed, and will leak the amount of data read through ap_bucket_read on every request. Since this is just an experimental module it's no big deal, but it probably pays to clean this up. Aryeh --- Aryeh Katz VASCO www.vasco.com
Re: Memory leak in experimental module - mod_case_filter_in
Please ignore. I didn't look at the heap_create code carefully. Sorry. I was looking over mod_case_filter_in for some pointers on filter handling, and I noticed there was a memory leak in CaseFilterInFilter (line 149). Since apr_bucket_heap_create doesn't specify a free function, apr_bucket_heap_make will allocate h-base, and copy the data (buf) there. The buf allocated through malloc (in CaseFilterInFilter) never gets freed, and will leak the amount of data read through ap_bucket_read on every request. Since this is just an experimental module it's no big deal, but it probably pays to clean this up. Aryeh --- Aryeh Katz VASCOwww.vasco.com --- Aryeh Katz VASCO www.vasco.com
