Re: Authentication
Greg Stein says: On Tue, Oct 01, 2002 at 11:13:55PM -0600, Jerry Baker wrote: Jerry Baker says: Jerry Baker says: Yet, when I access that directory, I am just given an empty directory listing. No prompt for a username or pass. Nevermind. It's just something else that DAV broke. Turning off DAV fixed the problem. Please accept my apologies for the spam. The problem is not with DAV, but with LimitExcept GET HEAD POST. When I remove the LimitExcept directive, basic authentication works again. Makes no difference whether Dav On or Dav Off. Right. You were saying require authentication *except* for those methods, so (of course) a GET request would not demand a user/pass. Except for that directory is configured to require authentication. See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13218 -- Jerry Baker
Re: Authentication
André Malo says: * Jerry Baker wrote: Except for that directory is configured to require authentication. See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13218 Location sections override Directory, see http://httpd.apache.org/docs-2.0/sections.html#mergin Sorry, I can't believe, that it worked ever before the way you described. Are you sure, that you've changed nothing else? Absolutely. My config file backups show that before yesterday, I hadn't changed anything in that file for 5 months. -- Jerry Baker
Re: Authentication
André Malo says: Sorry, I can't believe, that it worked ever before the way you described. Are you sure, that you've changed nothing else? So Location matches are even more important than .htaccess matches? That doesn't make sense. I would think that a directive in .htaccess is always more specific than one in the config files. -- Jerry Baker
Re: Authentication
André Malo says: Sorry, I can't believe, that it worked ever before the way you described. Are you sure, that you've changed nothing else? If there's no way to have a LimitExcept *and* separate directories requiring authentication for everything, how in the world could you have a DAV enabled server while still being able to restrict directories with authentication requirements? -- Jerry Baker
Re: Authentication
Joshua Slive says: This has the effect of leaving GET unrestricted, according to the bug report. Is this correct behavior? It seems like, since the other methods are not change by the limitexcept, the require should still apply to them. That's what I thought at first, but there are two ways of looking at it. At first I looked at LimitExcept as a negative declaration. Negative in the sense that it meant ignore GET HEAD POST for the following directives. Instead, Apache is treating it as a positive declaration that is saying, do not limit GET HEAD POST. It's a fine distinction, but one that may cause confusion. -- Jerry Baker
Re: Authentication
Joshua Slive says: This has the effect of leaving GET unrestricted, according to the bug report. Is this correct behavior? It seems like, since the other methods are not change by the limitexcept, the require should still apply to them. I agree. The LimitExcept directive implies that the limit will apply to everything with the exception of what follows (POST, HEAD, GET, etc.). Except is negative in nature - meaning exclusion. It implies that nothing will be done to those requests since the directive says they are to be excluded. Since Apache uses the LimitExcept directive to apply some sort of context to the HTTP requests in that directive, it's not really excluding those requests from the directive. It's semantics, but important ones. Users get clues about how config directives work by the meaning of the words used. In this case, except is misleading. It should be changed to DontLimit GET HEAD POST. There is a difference. -- Jerry Baker
Authentication
Currently, authentication is broken with the standard Windows config file and current HEAD. Where is the documentation on the complete mess-up of the auth modules and how to get it working again? Thanks. -- Jerry Baker
Re: Authentication
Jerry Baker says: Yet, when I access that directory, I am just given an empty directory listing. No prompt for a username or pass. Nevermind. It's just something else that DAV broke. Turning off DAV fixed the problem. -- Jerry Baker
Re: Authentication
Jerry Baker says: Jerry Baker says: Yet, when I access that directory, I am just given an empty directory listing. No prompt for a username or pass. Nevermind. It's just something else that DAV broke. Turning off DAV fixed the problem. Please accept my apologies for the spam. The problem is not with DAV, but with LimitExcept GET HEAD POST. When I remove the LimitExcept directive, basic authentication works again. Makes no difference whether Dav On or Dav Off. -- Jerry Baker
Re: Authentication
Jerry Baker says: Currently, authentication is broken with the standard Windows config file and current HEAD. Where is the documentation on the complete mess-up of the auth modules and how to get it working again? Perhaps I should be more clear. I have a directory containing an .htaccess file. The config for this directory includes AllowOverride All. The contents of the .htaccess are: AuthUserFile D:/Web Sites/www/users.pwd AuthName Protected Area AuthType Basic Require valid-user I have the following modules loaded in the httpd.conf: mod_authn_anon.so mod_authn_dbm.so mod_authn_default.so mod_authn_file.so mod_authz_dbm.so mod_authz_default.so mod_authz_groupfile.so mod_authz_host.so mod_authz_user.so mod_auth_basic.so mod_auth_digest.so Yet, when I access that directory, I am just given an empty directory listing. No prompt for a username or pass. -- Jerry Baker
POST
For some reason POST doesn't work with the latest HEAD. I can't say when it stopped working, but I can tell you that GET works. If I have a form and set the action to GET, the script runs flawlessly. If I set the same form's action to POST, Apache returns the source of the Perl script as if it were text/plain. I was surprised that Apache was giving out the source code to my scripts, and now I'm afraid to imagine for how long it has been doing this. -- Jerry Baker
Re: POST
Justin Erenkrantz says: I could not reproduce your problem in my tests. Do you have a clear reproduction case? (POSTing to a DAV resource for me yields a 404.) Here's the relevant parts of my conf: ScriptAlias /cgi-bin/ C:/www/cgi-bin/ Location / Dav On AuthUserFile AuthName AuthType Basic LimitExcept GET HEAD POST require valid-user /LimitExcept /Location -- Jerry Baker
Re: [Win32] Compiling error missing apr-iconv.h
Juergen Heckel says: Hi, since 6 days I can't compile the latest snapshots:-( I get the following error: apr_uri.c xlate.c F:\Projects\MSVC\httpd-2.0\srclib\apr-util\xlate\xlate.c(83) : fatal error C1083: Cannot open include file: 'apr_iconv.h': No such file or directory apr_xml.c Generating Code... Error executing cl.exe. Apache.exe - 1 error(s), 5 warning(s) Juergen There is now an additional module you have to checkout from CVS. In addition to http-2.0, apr, and apr-util, you need to check out apr-iconv. I use the following: cvs -z3 co httpd-2.0 cd httpd-2.0\srclib cvs -z3 checkout apr cvs -z3 checkout apr-util cvs -z3 checkout apr-iconv
Re: HTTP 403 served as text/plain
Greg Ames says: Jerry Baker wrote: Using the current CVS, Apache 2.0.40-dev is sending HTTP 403 messages as text/plain. When I set up a deny from [my ip], I get a plain text message that looks like this: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title403 Forbidden/title yeah, we have hacks on top of hacks in ap_send_error_response and functions it calls, resulting in content-type being set in the wrong request_req sometimes when we put out canned error messages. I tried cleaning up some of the hacks a while back, but it was more complex than I thought. I suppose we could just focus on getting the content-type and other related fields set in the correct request_req and make it look prettier at the browser. Greg Incidentally, it was fixed at some point after this email, and before 07-16.
HTTP 403 served as text/plain
Using the current CVS, Apache 2.0.40-dev is sending HTTP 403 messages as text/plain. When I set up a deny from [my ip], I get a plain text message that looks like this: !DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN htmlhead title403 Forbidden/title /headbody h1Forbidden/h1 pYou don't have permission to access /mozilla/voting/Berkjg;ljfg on this server./p pAdditionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request./p hr / addressApache/2.0.40-dev Server at jerbaker.dhs.org Port 80/address /body/html
Re: Christopher Williamson: URGENT: Bug/compatability issue in Apache 1.3.26
Aaron Bannert wrote: On Wed, Jul 03, 2002 at 03:15:51PM -0400, Rodent of Unusual Size wrote: I can feel their pain.. Same here, I'm sympathetic. I think that it might be beneficial to introduce an Enable old behavior for backward-compatibility mode, for just these occasions where we have altered the behaviour of the server to be more strict on protocol parsing. -aaron Can't they offer a patch for their existing user base? I'm not unsympathetic, but introducing these kind of hacks seems like it would make the code grow more complicated with each change in server behavior. -- Jerry Baker
Re: Christopher Williamson: URGENT: Bug/compatability issue in Apache 1.3.26
Aaron Bannert wrote: Can't they offer a patch for their existing user base? I'm not unsympathetic, but introducing these kind of hacks seems like it would make the code grow more complicated with each change in server behavior. That might work in some cases, but if they are under a controlled/hosting environment, it is unlikely that their hosts will allow unchecked patches to be applied to the server. It just seems to me like one of those times where we inadvertently broke the principle of least surprise. -aaron I meant a patch to their product, not Apache. -- Jerry Baker
Re: URL parsing changed between 1.3.23 and 1.3.26?
Garey Mills wrote: NOTE: The URL will not work as it stands because it points to a web application and needs to have a session established. But I guarantee that it does work in 1.3.23 and not in 1.3.26, both having mod_ssl and a special module called 'mod_webz' enabled. The URL has spaces in it. That is a big no no for one. URL's with spaces only work in IE even though the HTTP specification prohibits them. -- Jerry Baker
Re: [PATCH] Start Making Documentation Valid XHTML
Jerry Baker wrote: This patch covers the root of ../docs/manual only. It does not cover any subdirectories. This patch fixes numerous errors that caused the documents to fail XHTML validation. -- Jerry Baker Name: docs-manual.patch.gz docs-manual.patch.gzType: application/x-gzip Encoding: base64 Is there some other way that I should be submitting doc patches? -- Jerry Baker
Bug 8730 - RotateLogs Doesn't
This is marked as fixed, but it still doesn't work here with HEAD. ? -- Jerry Baker
Re: SSLRequireSSL Doesn't Work?
Cliff Woolley wrote: On Tue, 25 Jun 2002, Jerry Baker wrote: directive in a Directory container in the SSL virtual host container and I was also able to gain access via HTTP. WTH? I don't suppose you have Satisfy Any in effect, do you? No sir. Hmph. Well, maybe it's just busted. :) I'll try to take a peek tomorrow if I have time. --Cliff I see what it is. AllowOverride must be set in each and every virtual host. It does not carry over from the default server config. This was causing my .htaccess not to be read. -- Jerry Baker
Virtual Hosts Docs Bug?
The doc at http://httpd.apache.org/docs-2.0/vhosts/name-based.html has a misleading statement. Configuration directives set in the main server context (outside any VirtualHost container) will be used only if they are not overriden by the virtual host settings. This led me to the erroneous conclusion that any directive set in the main server config would be applied to all virtual hosts unless explicitly overridden in a particular virtual host config. This is not the case. There are a few directives that are not carried over from the default config at all. The options that I have noticed do not carry over are Options, Alias, and AllowOverride. I'm sure there are more. -- Jerry Baker
Re: Virtual Hosts Docs Bug?
Joshua Slive wrote: Jerry Baker wrote: The doc at http://httpd.apache.org/docs-2.0/vhosts/name-based.html has a misleading statement. Configuration directives set in the main server context (outside any VirtualHost container) will be used only if they are not overriden by the virtual host settings. This led me to the erroneous conclusion that any directive set in the main server config would be applied to all virtual hosts unless explicitly overridden in a particular virtual host config. This is not the case. There are a few directives that are not carried over from the default config at all. The options that I have noticed do not carry over are Options, Alias, and AllowOverride. I'm sure there are more. No. The docs above are correct in genearl. The only exception I can think of is mod_rewrite when the inherit rewriteoption is not set. Most likely, you have a configuration problem. Otherwise, you have found a bug in the code, not the documentation. Joshua. I am open to providing my config files over private email to anyone willing to take a look at this. I don't think there are any errors in the configs, but I may easily be mistaken. -- Jerry Baker
SSLRequireSSL Doesn't Work?
I placed an .htaccess file in a directory with this directive in it and I was able to access it through HTTP anyway. I then tried putting the directive in a Directory container in the SSL virtual host container and I was also able to gain access via HTTP. WTH? -- Jerry Baker
Re: SSLRequireSSL Doesn't Work?
Cliff Woolley wrote: On Mon, 24 Jun 2002, Jerry Baker wrote: I placed an .htaccess file in a directory with this directive in it and I was able to access it through HTTP anyway. I then tried putting the directive in a Directory container in the SSL virtual host container and I was also able to gain access via HTTP. WTH? I don't suppose you have Satisfy Any in effect, do you? --Cliff No sir. -- Jerry Baker
[PATCH] Start Making Documentation Valid XHTML
This patch covers the root of ../docs/manual only. It does not cover any subdirectories. This patch fixes numerous errors that caused the documents to fail XHTML validation. -- Jerry Baker docs-manual.patch.gz Description: GNU Zip compressed data
HEAD Executes CGI on HEAD
Is it correct for Apache to be executing includes when a HEAD request is issued for a document that contains includes? -- Jerry Baker
Re: SSL Error in Head
William A. Rowe, Jr. wrote: Just a thought... make sure you are using the very same *.dll's for ssleay32 and libeay32 ... perhaps they are different. Also make sure you use the very same build flags (NO_WHATEVER) for mod_ssl.dsp that you use when you build openssl. See httpd.apache.org/docs-2.0/platform/win_compiling.html for my comments. No different dll's or flags. unexpected error makes me ask if things just aren't out of sync, before even digging in. I'll check mozilla RC1 again and bump to RC3. BTW - there is no unpatched XP box in the mix, is there? Yes. I thought the XP thing was an error with chunking. Anyways, IE6 works fine and it does HTTP 1.1 also. At 02:27 AM 6/1/2002, Jerry Baker wrote: I'm getting SSL errors with Mozilla 1.0RC3. Netscape 4.79 and IE6 appear to work ok. SSL Library Error: 336151538 error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message Any ideas? -- Jerry Baker
Re: SSL Error in Head
Jerry Baker wrote: William A. Rowe, Jr. wrote: Just a thought... make sure you are using the very same *.dll's for ssleay32 and libeay32 ... perhaps they are different. Also make sure you use the very same build flags (NO_WHATEVER) for mod_ssl.dsp that you use when you build openssl. See httpd.apache.org/docs-2.0/platform/win_compiling.html for my comments. No different dll's or flags. unexpected error makes me ask if things just aren't out of sync, before even digging in. I'll check mozilla RC1 again and bump to RC3. BTW - there is no unpatched XP box in the mix, is there? Yes. I thought the XP thing was an error with chunking. Anyways, IE6 works fine and it does HTTP 1.1 also. Let me rephrase that. IE6 works most of the time, but the errors I do see in IE6 do not prompt error messages to pop up in the browser, nor do they cause entries in the error log. The IE6 errors are see under SSL are things like images only loading halfway and the access log shows a 206 for those images. The Mozilla error caused a pop-up alert from Mozilla itself that said the server sent an unexpected value. The error log contained what I sent here. -- Jerry Baker
Re: libhttpd.dsp use of xcopy /y breaks compile on NT 4.0
Bill Stoddard wrote: Heads-up. I am backing out this patch to get compiles on NT 4.0 working again. Is there some reason why xcopy is preferred over copy on Win32? If so, you can set COPYCMD=/Y. Windows NT should ignore this, but xcopy on platforms that support the /Y switch will pick it up. -- Jerry Baker
Re: [PATCH] Re: libhttpd.dsp use of xcopy /y breaks compile on NT 4.0
Bill Stoddard wrote: This patch seems to work ok on both NT 4.0 and 2K. I don't know what's going on with the USERDEP change though... (from USERDEP__WIN32 to USERDEP_GEN_T). Does MSVC really spawn a new shell for every command? I wouldn't be surprised, but if not, the env CMDCOPY should only need to be set once. -- Jerry Baker
Re: cvs commit: httpd-dist README.html
Aaron Bannert wrote: On Thu, May 23, 2002 at 06:45:03PM -, [EMAIL PROTECTED] wrote: slive 02/05/23 11:45:02 ... +pDo not download from www.apache.org. Please use a mirror site + to help use save apache.org bandwidth. + a href=http://www.apache.org/dyn/closer.cgi/httpd/;Go here to find your nearest mirror./a/p May I suggest that we put this notice in HEADER.html? Otherwise it shows up underneath the links that allow downloads from apache.org directly, which means that many people won't even see the message. -aaron I think another thing to address is that the mirrors are not true mirrors of the Apache dist site. The have different directory trees which may confuse people into just getting it from apache.org. -- Jerry Baker
Win32 Build Failure
Configuration: ApacheMonitor - Win32 Release Linking... ApacheMonitor.obj : error LNK2001: unresolved external symbol __imp__CoUninitialize@0 ApacheMonitor.obj : error LNK2001: unresolved external symbol __imp__CoInitialize@4 Release/ApacheMonitor.exe : fatal error LNK1120: 2 unresolved externals Error executing link.exe. Apache.exe - 3 error(s), 0 warning(s) -- Jerry Baker
Re: 2.0.36
William A. Rowe, Jr. wrote: Not acked. Would anyone care to reread the notes at /dist/httpd/ and /dist/httpd/binaries/win32/ and see if they can figure out how someone fails to get from 'here' to 'there'? As I just revised 'em, apparently my reasoning was incomplete. Another set of eyes would be great. Well, http://www.apache.org/dist/httpd/binaries/win32/ says: The two -no_src versions, both the .exe and .msi installers DO NOT contain the source code. There is no other difference, and if you do not know the C language, or have no C compiler installed, these versions are faster to download. There is no other difference between these packages and the -src .msi version. There is no -no_src version there that I can see. Just apache_2.0.36-win32-x86-no_ssl.msi. -- Jerry Baker
Re: 2.0.36
Jerry Baker wrote: There is no -no_src version there that I can see. Just apache_2.0.36-win32-x86-no_ssl.msi. -- Jerry Baker It took me reading that a few times to realize that it was only applicable to the 1.3.X releases. I'm not sure how to make it more clear though. -- Jerry Baker
Re: FW: suggestion
From: Professor of Information Technologies [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: suggestion Date: Wed, 31 May 2000 00:23:40 -0400 How about a default distribution of robots.txt that blocks email siphon programs like www.extractorpro.com and any others you can find? I think they're a menace, and I suspect most users of your server software would agree... a Couldn't hurt, but does anybody think that people unscrupulous enough to strip-mine the Web for potential spam victims will develop some principles wrt robots.txt? I doubt it. -- Jerry Baker
Apache.dsw Lost mod_deflate
mod_deflate moved from ../modules/experimental to ../modules/filters. The apache.dsw file still thinks it should be in /experimental. -- Jerry Baker
[PATCH] Re: Apache.dsw Lost mod_deflate (and makefile.win)
The following appears to work fine here. Index: Apache.dsw === RCS file: /home/cvspublic/httpd-2.0/Apache.dsw,v retrieving revision 1.79 diff -u -r1.79 Apache.dsw --- Apache.dsw 1 May 2002 15:23:13 - 1.79 +++ Apache.dsw 7 May 2002 07:35:14 - -750,7 +750,7 ### -Project: mod_deflate=.\modules\experimental\mod_deflate.dsp - Package Owner=4 +Project: mod_deflate=.\modules\filters\mod_deflate.dsp - Package Owner=4 Package=5 {{{ Index: Makefile.win === RCS file: /home/cvspublic/httpd-2.0/Makefile.win,v retrieving revision 1.98 diff -u -r1.98 Makefile.win --- Makefile.win29 Apr 2002 19:53:55 - 1.98 +++ Makefile.win7 May 2002 07:40:11 - -81,8 +81,8 !IF EXIST(srclib\zlib) _tryzlib: -!IF EXIST(modules\experimental\mod_deflate.mak) - cd modules\experimental +!IF EXIST(modules\filters\mod_deflate.mak) + cd modules\filters $(MAKE) $(MAKEOPT) -f mod_deflate.mak CFG=mod_deflate - Win32 $(LONG) RECURSE=0 .\$(LONG)\mod_deflate.so cd ..\.. !ELSE -208,11 +208,11 $(MAKE) $(MAKEOPT) -f mod_mem_cache.mak CFG=mod_mem_cache - Win32 $(LONG) RECURSE=0 $(CTARGET) $(MAKE) $(MAKEOPT) -f mod_disk_cache.mak CFG=mod_disk_cache - Win32 $(LONG) RECURSE=0 $(CTARGET) $(MAKE) $(MAKEOPT) -f mod_ext_filter.mak CFG=mod_ext_filter - Win32 $(LONG) RECURSE=0 $(CTARGET) + cd ..\.. + cd modules\filters !IF EXIST(srclib\zlib) $(MAKE) $(MAKEOPT) -f mod_deflate.mak CFG=mod_deflate - Win32 $(LONG) RECURSE=0 $(CTARGET) !ENDIF - cd ..\.. - cd modules\filters $(MAKE) $(MAKEOPT) -f mod_include.mak CFG=mod_include - Win32 $(LONG) RECURSE=0 $(CTARGET) cd ..\.. cd modules\generators -459,7 +459,7 } } - copy modules\experimental\$(LONG)\mod_deflate.so $(INSTDIR)\modules .y + copy modules\filters\$(LONG)\mod_deflate.so $(INSTDIR)\modules .y !ENDIF copy support\$(LONG)\htdbm.exe $(INSTDIR)\bin .y copy support\$(LONG)\htdigest.exe $(INSTDIR)\bin .y -- Jerry Baker
Win32 Build Failure (mod_rewrite.c)
Anyone aware of this? - Compiling... mod_rewrite.c D:\Apache\httpd-2.0\modules\mappers\mod_rewrite.c(967) : warning C4013: 'unixd_set_global_mutex_perms' undefined; assuming extern returning int Linking... Creating library Release/mod_rewrite.lib and object Release/mod_rewrite.exp mod_rewrite.obj : error LNK2001: unresolved external symbol _unixd_set_global_mutex_perms Release/mod_rewrite.so : fatal error LNK1120: 1 unresolved externals Error executing link.exe. Apache.exe - 2 error(s), 1 warning(s) - -- Jerry Baker
InstallBin Error
copy modules\experimental\Release\mod_ext_filter.so \Apache2\modules .y The system cannot find the file specified. NMAKE : fatal error U1077: 'copy' : return code '0x1' Stop. Error executing NMAKE. Apache.exe - 1 error(s), 4 warning(s) All I did was run InstallBin - Build Apache.exe. -- Jerry Baker
Re: Final bump and roll of 2.0.36
Sander Striker wrote: Hi, I've done the final bump. Files marked with a [T] have made it to the roll. Files marked with [-] haven't. I have included the logs of the changes for your convenience. Lines marked RM: are lines with my commentary. Tarballs are available at: httpd.apache.org/dev/dist/ I haven't had the time to create zipfiles yet, sorry. Please test and vote accordingly ;) Sander I assume that pulling the APACHE_2_0_36 tag gets me the same things as the aforementioned tarballs? If so, built and ran on Windows XP ok. PS - There is some trouble with a couple of the awk actions on Windows XP at least. The following lines from makefile.win result in a crash: awk -f script.awk srclib\openssl\LICENSE $(INSTDIR)\LICENSE.txt awk -f script.awk docs\conf\httpd-win.conf $(INSTDIR)\conf\httpd.default.conf $(INSTDIR) awk -f script.awk support\dbmmanage.in $(INSTDIR)\bin\dbmmanage.pl Each one of these lines causes the following error: The NTVDM CPU has encountered an illegal instruction. CS:0596 IP:001d OP: ff ff ff ff ff Chose 'Close' to terminate the application. Don't worry too much. This has been going on for quite some time. -- Jerry Baker
Re: Final bump and roll of 2.0.36
Jerry Baker wrote: Don't worry too much. This has been going on for quite some time. Nevermind. Sorry. It was a problem with the Cygwin awk.exe. It isn't really an executable, but a symlink to gawk.exe. Problem is that Windows doesn't have symlinks. Renaming gawk.exe to awk.exe fixed it. :::stupid redhat::: -- Jerry Baker
Re: Final bump and roll of 2.0.36
William A. Rowe, Jr. wrote: Ok... now I see your second post - tack on this discrepancy and retitle the bug Some versions of awk disagree with Win32 builds. Cygwin Awk Incompatible With Apache Build http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8726 -- Jerry Baker
Re: Apache 1.3: avoid virus attack logging
Günter Knauf wrote: Hi all, I (and many others) use the following for getting virus attacks into attack_log instead of access_log: # configuration to direct logging of virus attacks to separate log # make sure you comment out your old CustomLog directive! # for more information refer to /manual/mod/mod_setenvif.html SetEnvIfNoCase Request_URI default\.ida?|root\.|cmd\.exe is_attack CustomLog logs/access_log common env=!is_attack CustomLog logs/attack_log common env=is_attack this works fine when I test from browser, but when the virus tries to access default.ida it is still logged in the access_log. The only difference you can see in the log is that the virus access is with HTTP/1.0 while my access from browser is with HTTP/1.1; now my question: is it possible that this the reason why the above config doesnt work as I expect?? Guenter. Escape the question mark. That might help. -- Jerry Baker
Re: Apache 2.0.* and SSL
Eli Marmor wrote: Contrary to past versions, this one is a dramatic change in the integration of SSL. No more patches, no more re-compilations with -DEAPI, no more 3rd party modules which cause Apache to crash because these modules were not compiled using this flag, no more specific versions of mod_ssl per each version of Apache, no more repeating merges of the patches of mod_ssl. Except that SSL stopped working for me in 2.0-something. I had it set up back around 2.0.16 or so, but somewhere along the line it just stopped working. Any attempt to load an https URL from my server in my browser would yield Document contained no data and the ErrorLog would read Invalid method in request I. -- Jerry Baker
Re: 2.0.34 up-to-date wrt cvs HEAD
William A. Rowe, Jr. wrote: The 2.0.34 tag is now refreshed to cvs HEAD, please test and report before we go ahead a roll in a day or so. Bill Can't build from CVS at 10:08 -0700. Here is the error: Compiling... apr_brigade.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_brigade.c(434) : error C2152: 'function' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_brigade.c(434) : warning C4024: 'apr_bucket_heap_create' : different types for formal and actual parameter 3 apr_buckets.c apr_buckets_eos.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_eos.c(80) : error C2152: '=' : pointers to functions with different attributes apr_buckets_file.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_file.c(168) : error C2152: 'function' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_file.c(168) : warning C4024: 'apr_bucket_heap_make' : different types for formal and actual parameter 4 D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_file.c(179) : error C2152: '=' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_file.c(214) : error C2152: '=' : pointers to functions with different attributes apr_buckets_flush.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_flush.c(80) : error C2152: '=' : pointers to functions with different attributes apr_buckets_heap.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_heap.c(96) : error C2152: '=' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_heap.c(122) : error C2152: '=' : pointers to functions with different attributes apr_buckets_mmap.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_mmap.c(114) : error C2152: '=' : pointers to functions with different attributes apr_buckets_pipe.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_pipe.c(99) : error C2152: 'function' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_pipe.c(99) : warning C4024: 'apr_bucket_heap_make' : different types for formal and actual parameter 4 D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_pipe.c(145) : error C2152: '=' : pointers to functions with different attributes apr_buckets_pool.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_pool.c(153) : error C2152: '=' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_pool.c(168) : error C2152: '=' : pointers to functions with different attributes apr_buckets_refcount.c apr_buckets_simple.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_simple.c(112) : error C2152: '=' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_simple.c(152) : error C2152: '=' : pointers to functions with different attributes apr_buckets_socket.c D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_socket.c(102) : error C2152: 'function' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_socket.c(102) : warning C4024: 'apr_bucket_heap_make' : different types for formal and actual parameter 4 D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_buckets_socket.c(140) : error C2152: '=' : pointers to functions with different attributes apr_sha1.c apr_dbm.c apr_dbm_berkeleydb.c apr_dbm_gdbm.c apr_dbm_sdbm.c apr_base64.c apr_hooks.c apr_date.c Generating Code... Compiling... apr_rmm.c sdbm.c sdbm_hash.c sdbm_lock.c sdbm_pair.c apr_uri.c apr_xml.c Generating Code... Error executing cl.exe. Apache.exe - 17 error(s), 4 warning(s) -- Jerry Baker
Re: 2.0.34 up-to-date wrt cvs HEAD
Cliff Woolley wrote: On Sun, 31 Mar 2002, Jerry Baker wrote: D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_brigade.c(434) : error C2152: 'function' : pointers to functions with different attributes D:\Apache\httpd-2.0\srclib\apr-util\buckets\apr_brigade.c(434) : warning C4024: 'apr_bucket_heap_create' : different types for formal and actual parameter 3 apr_buckets.c apr_buckets_eos.c Are you sure you have the most up-to-date version of apr_buckets.h? --Cliff -- Cliff Woolley [EMAIL PROTECTED] Charlottesville, VA All I did was this: cvs -z6 co httpd-2.0 cd httpd-2.0\srclib cvs -z6 checkout apr cvs -z6 checkout apr-util and then built it. It was a fresh pull so everything was as up-to-date as CVS is. -- Jerry Baker
Re: 2.0.34 up-to-date wrt cvs HEAD
Cliff Woolley wrote: On Sun, 31 Mar 2002, Jerry Baker wrote: cvs -z6 co httpd-2.0 cd httpd-2.0\srclib cvs -z6 checkout apr cvs -z6 checkout apr-util Odd do this for me. cd httpd-2.0\srclib\apr type include\CVS\Entries type buckets\CVS\Entries and send me the result. I just have to be sure we're looking at the same things. :) Thanks, Cliff -- Cliff Woolley [EMAIL PROTECTED] Charlottesville, VA /.cvsignore/1.4/Sat Feb 10 11:59:58 2001// /.indent.pro/1.1/Tue Aug 24 05:50:42 1999// /ap_compat.h/1.4/Wed May 23 13:56:34 2001// /ap_config.h/1.67/Wed Mar 13 20:47:42 2002// /ap_listen.h/1.30/Wed Mar 13 20:47:42 2002// /ap_mmn.h/1.41/Fri Mar 29 08:17:19 2002// /ap_mpm.h/1.33/Wed Mar 13 20:47:42 2002// /ap_release.h/1.57/Tue Mar 26 20:41:11 2002// /http_config.h/1.96/Wed Mar 27 22:42:16 2002// /http_connection.h/1.54/Fri Mar 29 08:17:19 2002// /http_core.h/1.64/Wed Mar 20 02:05:42 2002// /http_log.h/1.33/Wed Mar 13 20:47:42 2002// /http_main.h/1.22/Wed Mar 13 20:47:42 2002// /http_protocol.h/1.75/Fri Mar 29 08:17:19 2002// /http_request.h/1.39/Wed Mar 13 20:47:42 2002// /http_vhost.h/1.14/Wed Mar 13 22:34:45 2002// /httpd.h/1.182/Fri Mar 29 08:17:19 2002// /mpm_common.h/1.36/Fri Mar 29 16:21:48 2002// /pcreposix.h/1.3/Sun Mar 11 14:54:13 2001// /rfc1413.h/1.8/Wed Mar 13 20:47:42 2002// /scoreboard.h/1.46/Fri Mar 29 16:21:48 2002// /util_cfgtree.h/1.8/Wed Mar 13 20:47:42 2002// /util_charset.h/1.9/Wed Mar 13 20:47:42 2002// /util_ebcdic.h/1.13/Wed Mar 13 20:47:42 2002// /util_filter.h/1.71/Wed Mar 13 20:47:42 2002// /util_ldap.h/1.5/Wed Mar 13 20:47:42 2002// /util_md5.h/1.19/Wed Mar 13 20:47:42 2002// /util_script.h/1.17/Sat Mar 23 23:19:40 2002// /util_time.h/1.5/Thu Mar 21 10:10:40 2002// /util_xml.h/1.9/Wed Mar 13 20:47:42 2002// There are multiple buckets directories so I am not sure which one you want. I'll include srclib/apr-util/buckets: /.cvsignore/1.1/Sat Dec 2 16:13:48 2000// /Makefile.in/1.16/Fri Mar 29 08:12:08 2002// /apr_brigade.c/1.37/Fri Mar 29 08:12:08 2002// /apr_buckets.c/1.55/Wed Mar 13 20:40:46 2002// /apr_buckets_alloc.c/1.4/Sat Mar 30 12:43:07 2002// /apr_buckets_eos.c/1.33/Fri Mar 29 08:12:08 2002// /apr_buckets_file.c/1.66/Fri Mar 29 22:29:19 2002// /apr_buckets_flush.c/1.25/Fri Mar 29 08:12:08 2002// /apr_buckets_heap.c/1.42/Fri Mar 29 22:19:03 2002// /apr_buckets_mmap.c/1.48/Fri Mar 29 08:12:08 2002// /apr_buckets_pipe.c/1.46/Fri Mar 29 22:29:19 2002// /apr_buckets_pool.c/1.28/Fri Mar 29 22:19:02 2002// /apr_buckets_refcount.c/1.19/Wed Mar 13 20:40:46 2002// /apr_buckets_simple.c/1.38/Fri Mar 29 08:12:08 2002// /apr_buckets_socket.c/1.36/Fri Mar 29 08:12:08 2002// -- Jerry Baker
Re: 2.0.34 up-to-date wrt cvs HEAD
Cliff Woolley wrote: On Sun, 31 Mar 2002, Jerry Baker wrote: cvs -z6 co httpd-2.0 cd httpd-2.0\srclib cvs -z6 checkout apr cvs -z6 checkout apr-util Odd do this for me. cd httpd-2.0\srclib\apr type include\CVS\Entries type buckets\CVS\Entries and send me the result. I just have to be sure we're looking at the same things. :) Thanks, Cliff -- Cliff Woolley [EMAIL PROTECTED] Charlottesville, VA Oh...and apr_buckets.h: /apr_buckets.h/1.133/Fri Mar 29 08:12:08 2002// -- Jerry Baker
Re: 2.0.34 up-to-date wrt cvs HEAD
Cliff Woolley wrote: On Sun, 31 Mar 2002, Jerry Baker wrote: cd httpd-2.0\srclib\apr I meant to say apr-util... There are multiple buckets directories so I am not sure which one you want. I'll include srclib/apr-util/buckets: But anyway this was what I wanted. I'm just more confused than ever now. The versions you list should all be perfectly fine... I don't know. I'll look closer when I get back in a few hours. scratches head.. --Cliff -- Cliff Woolley [EMAIL PROTECTED] Charlottesville, VA The entire build log is available for viewing: http://jerbaker.dhs.org/InstallBin.html -- Jerry Baker
Re: 2.0.34 up-to-date wrt cvs HEAD
William A. Rowe, Jr. wrote: The 2.0.34 tag is now refreshed to cvs HEAD, please test and report before we go ahead a roll in a day or so. Bill Pulled and built the APACHE_2_0_34 tag successfully. Still has the .var file content-type bug, but other than that it appears ok. -- Jerry Baker
HTTP 404 Served As text/plain UPDATE
I just noticed something about this problem. If you request /nonexistentfile.html then the error response is sent back with text/html, but if you request /nonexistentfile then it still comes back as text/plain. -- Jerry Baker
Re: 2.0.34 tag planned for 1200 PST 03-26-02
William A. Rowe, Jr. wrote: With no objections ... I'll grab a tag at the appointed time and we can spend a day differing over what patches should be rolled in/rolled out of that tag for a real candidate. Bill I know I have no meaningful say in the matter, but shouldn't a beta be able to serve an ErrorDocument with the correct content-type? The bug still exists. -- Jerry Baker
Re: HTTP 404 Served As text/plain UPDATE
Jerry Baker wrote: I just noticed something about this problem. If you request /nonexistentfile.html then the error response is sent back with text/html, but if you request /nonexistentfile then it still comes back as text/plain. -- Jerry Baker Not only that. If you request /nonexistentfile.exe, it gets sent back as application/octet-stream. The ErrorDocument is being returned with whatever content-type matches the file extension of the requested document. I doubt many people want to download the ErrorDocument in the case that they request a non-existent application/octet-stream URI. -- Jerry Baker
Re: server-status
Daniel Abad wrote: Hi all! I´m having a little problem with server-status that it´s returning me forbidden every time i try it. Below you can see my configuration in httpd.conf, and the error returned in the logs. Location /server-status SetHandler server-status Order deny,allow Deny from all Allow from localhost /Location [Sun Mar 17 18:24:59 2002] [error] [client 127.0.0.1] client denied by server configuration: /home/vhosts/l As you can see i´m using mod_vhosts compiled into apache, and also mod_info and mod_status. The strange thing is when i open the permition to Allow all and coment the deny line, it works fine, but for security reasons it can´t happens. Anyone can help me? Thaks in advanced. Dan. Try changing localhost to 127.0.0.1. I imagine that Apache never sees that your machine is called localhost since it is probably not set up to resolve IP addresses accessing it. -- Jerry Baker
Re: Apache 2.0.34-dev Sends Wrong Content-Type
William A. Rowe, Jr. wrote: Jerry Baker wrote: Apache 2.0.33-dev (from CVS today) crashes if I request a non-existent file. Filtering just changed significantly... fixed as of this morning [late last evening, actually. Please try cvs up and if you can repeat, email [EMAIL PROTECTED] Thanks Jerry! Apache 2.0.34-dev pulled from CVS today is sending text/plain as the content-type on 404 responses. See example below: HTTP/1.1 404 Not Found Date: Thu, 07 Mar 2002 21:23:10 GMT Server: Apache/2.0.34-dev (Win32) Vary: accept-language Content-Length: 794 Connection: close Content-Type: text/plain; charset=ISO-8859-1 This, or course, makes the 404 response appear as a screen full of HTML code instead of how it should. -- Jerry Baker
Re: [PATCH] Re: Apache 2.0.34-dev Sends Wrong Content-Type on 404
[EMAIL PROTECTED] wrote: I think this is a general problem with get_canned_error_string - something like the following should fix that This patch does not appear to remedy the problem here on Win32. -- Jerry Baker
Re: [PATCH] Re: Apache 2.0.34-dev Sends Wrong Content-Type on 404
[EMAIL PROTECTED] wrote: I think this is a general problem with get_canned_error_string - something like the following should fix that Do you think that Apache is not reading the HTTP_NOT_FOUND.html.var file correctly which explicitly states that it should be text/html? -- Jerry Baker
Re: [PATCH] Re: Apache 2.0.34-dev Sends Wrong Content-Type on 404
[EMAIL PROTECTED] wrote: On Thu, 7 Mar 2002, Jerry Baker wrote: Do you think that Apache is not reading the HTTP_NOT_FOUND.html.var file correctly which explicitly states that it should be text/html? is it showing the content from that var file? what is the content you are seeing (the plain html). sterling Straight out of the var file (from the en section). -- Jerry Baker
2.0.25 Problem with SSI
I have a script that does this on Windows 2000: foreach (`tracert -h 20 $ip`) { chomp $_; print $_ . br; } If I include this in an SSI with include virtual Apache inserts the HTTP headers into the SSI document as well.
Re: [PATCH] Add mod_gz to httpd-2.0
Ryan Bloom wrote: You know what's really funny? Every time this has been brought up before, the Apache core has always said, if you want to have gzip'ed data, then gzip it when you create the site. That way, your computer doesn't have to waste cycles while it is trying hard to serve requests. I personally stand by that statement. If you want to use gzip, then zip your data before putting it on-line. That doesn't help generated pages, but perl can already do gzip, as can PHP. Gzip'ing html into files is a hopeless waste of disk space and clutter. That means for every file you have to have a gzipped and non-gzipped version for browsers that cannot handle it. Then you have to configure Apache to check for and serve the proper file to the proper browser. It makes Web page maintenance a severe PITA as you have to re-gzip a doc everytime it is modified and upload both files. -- Jerry Baker PGP Key: http://www.jerrybaker.org/pgp.html LAME MP3 Encoder Binaries: http://www.jerrybaker.org/lame/ Apache 2.0 Web server Installer: http://www.jerrybaker.org/apache/
Re: 2.0.25 on FreeBSD 4.2-R -- 404 returns text/plain error page
William A. Rowe, Jr. wrote: I'll try reproducing on Win32. [Dang me for testing with IE! Mozilla from now on, promise!!! Whatever happened to that little 'show http headers' feature from Mozilla .91???] I dunno, but I have a tiny little VB utility to get HTTP headers without having to do the whole telnet thing. Lemme know if you want it. -- Jerry Baker PGP Key: http://www.jerrybaker.org/pgp.html LAME MP3 Encoder Binaries: http://www.jerrybaker.org/lame/ Apache 2.0 Web server Installer: http://www.jerrybaker.org/apache/
Re: Fw: HTTP response problem on 2.0.24
William A. Rowe, Jr. wrote: This is the reason that the huge number of folks offering their 'binaries' irks me. Here's the problem: On *nix machines you can get a compiler for free and figure out how to use it. If you can figure out how to use it, then you're probably smart enough to know what you're getting into by building an alpha quality product. With the Windows platform the compiler costs a minimum of $100+. That is out of the range for many qualified persons to afford (I couldn't even afford it now). It is also out of the range of persons who primarily run *nix but do some testing on Windows. That is the reason for my binaries. It is not to let anyone and everyone download Apache. If I knew of a way to stop unqualified individuals from downloading it I would do it. Do you know any way? PS - Sorry for the OT spam, but I could not find these posts on my NNTP server. -- Jerry Baker PGP Key: http://www.jerrybaker.org/pgp.html LAME MP3 Encoder Binaries: http://www.jerrybaker.org/lame/ Apache 2.0 Web server Installer: http://www.jerrybaker.org/apache/