Re: [VOTE] release httpd mod_fcgid-2.3.4
William A. Rowe, Jr. wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID Further testing of our application has shown up a problem. With the following configuration we are seeing the request body of POST messages get stripped out if FcgidAuthorizer is used for Location /player. If we comment out the Require onelan magic the POSTs work. Have I misconfigured or is this a bug in mod_fcgid? Barry ... LoadModule fcgid_module modules/mod_fcgid.so FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1 VirtualHost *:80 #+ Rewrite Web API Rules RewriteEngine on # security - deny TRACE and TRACK requests RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #- Rewrite Web API Rules #+ Rewrite Web API Rules # make the URLs hide the use of dsm.fcgi RewriteRule ^/$ /dsm.fcgi [L] RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) /dsm.fcgi/$1$2 [L] #- Rewrite Web API Rules #+ Rewrite XML API Rules # make the URLs hide the use of dsmxml.fcgi RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L] #- Rewrite XML API Rules #+ Rewrite VPN ReWriteMap ntb_ip_address prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address RewriteRule ^/player/(\d+)\.(.*) http://${ntb_ip_address:$1}:8080/player/$1.$2 [P] #- Rewrite VPN #+ Locations Web VPN API Location /player #+ HTTP auth file Order allow,deny Allow from all AuthType Digest AuthName Manager System AuthGroupFile /etc/onelan/common/http.group AuthUserFile /etc/onelan/common/http.passwd Require onelan magic #- HTTP auth file FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi /Location /VirtualHost
Re: [VOTE] release httpd mod_fcgid-2.3.4
Barry Scott wrote: William A. Rowe, Jr. wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID Further testing of our application has shown up a problem. With the following configuration we are seeing the request body of POST messages get stripped out if FcgidAuthorizer is used for Location /player. If we comment out the Require onelan magic the POSTs work. Have I misconfigured or is this a bug in mod_fcgid? Barry ... LoadModule fcgid_module modules/mod_fcgid.so FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1 VirtualHost *:80 #+ Rewrite Web API Rules RewriteEngine on # security - deny TRACE and TRACK requests RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #- Rewrite Web API Rules #+ Rewrite Web API Rules # make the URLs hide the use of dsm.fcgi RewriteRule ^/$ /dsm.fcgi [L] RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) /dsm.fcgi/$1$2 [L] #- Rewrite Web API Rules #+ Rewrite XML API Rules # make the URLs hide the use of dsmxml.fcgi RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L] #- Rewrite XML API Rules #+ Rewrite VPN ReWriteMap ntb_ip_address prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address RewriteRule ^/player/(\d+)\.(.*) http://${ntb_ip_address:$1}:8080/player/$1.$2 [P] #- Rewrite VPN #+ Locations Web VPN API Location /player #+ HTTP auth file Order allow,deny Allow from all AuthType Digest AuthName Manager System AuthGroupFile /etc/onelan/common/http.group AuthUserFile /etc/onelan/common/http.passwd Require onelan magic #- HTTP auth file FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi /Location /VirtualHost Looking at bridge_request we see the code is reading the input buckets and feeding then to the Authorizer. It seems to us that: Either this must not happen if the fcgid is an authorizer or the buckets must be put back for whatever handles the POST to process. Barry
Re: [VOTE] release httpd mod_fcgid-2.3.4
On Fri, Oct 9, 2009 at 11:00 AM, Barry Scott barry.sc...@onelan.co.uk wrote: Barry Scott wrote: William A. Rowe, Jr. wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID Further testing of our application has shown up a problem. With the following configuration we are seeing the request body of POST messages get stripped out if FcgidAuthorizer is used for Location /player. If we comment out the Require onelan magic the POSTs work. Have I misconfigured or is this a bug in mod_fcgid? Barry ... LoadModule fcgid_module modules/mod_fcgid.so FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1 VirtualHost *:80 #+ Rewrite Web API Rules RewriteEngine on # security - deny TRACE and TRACK requests RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #- Rewrite Web API Rules #+ Rewrite Web API Rules # make the URLs hide the use of dsm.fcgi RewriteRule ^/$ /dsm.fcgi [L] RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) /dsm.fcgi/$1$2 [L] #- Rewrite Web API Rules #+ Rewrite XML API Rules # make the URLs hide the use of dsmxml.fcgi RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L] #- Rewrite XML API Rules #+ Rewrite VPN ReWriteMap ntb_ip_address prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address RewriteRule ^/player/(\d+)\.(.*) http://${ntb_ip_address:$1}:8080/player/$1.$2 [P] #- Rewrite VPN #+ Locations Web VPN API Location /player #+ HTTP auth file Order allow,deny Allow from all AuthType Digest AuthName Manager System AuthGroupFile /etc/onelan/common/http.group AuthUserFile /etc/onelan/common/http.passwd Require onelan magic #- HTTP auth file FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi /Location /VirtualHost Looking at bridge_request we see the code is reading the input buckets and feeding then to the Authorizer. It seems to us that: Either this must not happen if the fcgid is an authorizer or the buckets must be put back for whatever handles the POST to process. yeah; looks like bridge_request() doesn't look at role (FCGI_RESPONDER vs. FCGID_AUTHORIZER) (unless you think this is a regression, start a new thread and/or open a Bugzilla entry)
Re: [VOTE] release httpd mod_fcgid-2.3.4
Jeff Trawick wrote: On Fri, Oct 9, 2009 at 11:00 AM, Barry Scott barry.sc...@onelan.co.uk wrote: Barry Scott wrote: William A. Rowe, Jr. wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID Further testing of our application has shown up a problem. With the following configuration we are seeing the request body of POST messages get stripped out if FcgidAuthorizer is used for Location /player. If we comment out the Require onelan magic the POSTs work. Have I misconfigured or is this a bug in mod_fcgid? Barry ... LoadModule fcgid_module modules/mod_fcgid.so FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1 VirtualHost *:80 #+ Rewrite Web API Rules RewriteEngine on # security - deny TRACE and TRACK requests RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #- Rewrite Web API Rules #+ Rewrite Web API Rules # make the URLs hide the use of dsm.fcgi RewriteRule ^/$ /dsm.fcgi [L] RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) /dsm.fcgi/$1$2 [L] #- Rewrite Web API Rules #+ Rewrite XML API Rules # make the URLs hide the use of dsmxml.fcgi RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L] #- Rewrite XML API Rules #+ Rewrite VPN ReWriteMap ntb_ip_address prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address RewriteRule ^/player/(\d+)\.(.*) http://${ntb_ip_address:$1}:8080/player/$1.$2 [P] #- Rewrite VPN #+ Locations Web VPN API Location /player #+ HTTP auth file Order allow,deny Allow from all AuthType Digest AuthName Manager System AuthGroupFile /etc/onelan/common/http.group AuthUserFile /etc/onelan/common/http.passwd Require onelan magic #- HTTP auth file FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi /Location /VirtualHost Looking at bridge_request we see the code is reading the input buckets and feeding then to the Authorizer. It seems to us that: Either this must not happen if the fcgid is an authorizer or the buckets must be put back for whatever handles the POST to process. yeah; looks like bridge_request() doesn't look at role (FCGI_RESPONDER vs. FCGID_AUTHORIZER) (unless you think this is a regression, start a new thread and/or open a Bugzilla entry) 2.3.1 is broken the same way - I guess its a day one bug. Bug report and new thread started. Barry
Re: [VOTE] release httpd mod_fcgid-2.3.4
On Fri, Oct 9, 2009 at 12:04 PM, Barry Scott barry.sc...@onelan.co.uk wrote: Jeff Trawick wrote: On Fri, Oct 9, 2009 at 11:00 AM, Barry Scott barry.sc...@onelan.co.uk wrote: Barry Scott wrote: William A. Rowe, Jr. wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID Further testing of our application has shown up a problem. With the following configuration we are seeing the request body of POST messages get stripped out if FcgidAuthorizer is used for Location /player. If we comment out the Require onelan magic the POSTs work. Have I misconfigured or is this a bug in mod_fcgid? Barry ... LoadModule fcgid_module modules/mod_fcgid.so FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1 FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1 VirtualHost *:80 #+ Rewrite Web API Rules RewriteEngine on # security - deny TRACE and TRACK requests RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] #- Rewrite Web API Rules #+ Rewrite Web API Rules # make the URLs hide the use of dsm.fcgi RewriteRule ^/$ /dsm.fcgi [L] RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) /dsm.fcgi/$1$2 [L] #- Rewrite Web API Rules #+ Rewrite XML API Rules # make the URLs hide the use of dsmxml.fcgi RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L] #- Rewrite XML API Rules #+ Rewrite VPN ReWriteMap ntb_ip_address prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address RewriteRule ^/player/(\d+)\.(.*) http://${ntb_ip_address:$1}:8080/player/$1.$2 [P] #- Rewrite VPN #+ Locations Web VPN API Location /player #+ HTTP auth file Order allow,deny Allow from all AuthType Digest AuthName Manager System AuthGroupFile /etc/onelan/common/http.group AuthUserFile /etc/onelan/common/http.passwd Require onelan magic #- HTTP auth file FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi /Location /VirtualHost Looking at bridge_request we see the code is reading the input buckets and feeding then to the Authorizer. It seems to us that: Either this must not happen if the fcgid is an authorizer or the buckets must be put back for whatever handles the POST to process. yeah; looks like bridge_request() doesn't look at role (FCGI_RESPONDER vs. FCGID_AUTHORIZER) (unless you think this is a regression, start a new thread and/or open a Bugzilla entry) 2.3.1 is broken the same way - I guess its a day one bug. We'd also be worried if 2.2 is NOT broken the same way. (regression over what lots of people are using) Bug report and new thread started. Cool... Testing simple patch now.
[VOTE] release httpd mod_fcgid-2.3.4
Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID
Re: [VOTE] release httpd mod_fcgid-2.3.4
William A. Rowe, Jr. wrote: [X] +1 to release as 2.3.4-beta [X] +1 to release as 2.3.4-GA Unless anyone renames newly-named directives in the next 2 1/2 days, I really don't see a reason to call this beta anymore. We already concur it's above the quality of the often-deployed mod_fcgid that was contributed in the first place, and we now have docs which surpass the random collection of notes spread across the web. Bill
Re: [VOTE] release httpd mod_fcgid-2.3.4
On Thu, Oct 8, 2009 at 3:33 AM, William A. Rowe, Jr. wr...@rowe-clan.net wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Thank you! [X] +1 to release as 2.3.4-beta [X] +1 to release as 2.3.4-GA It builds cleanly and holds up to a variety of requests under load with these platforms and levels of httpd: OpenSolaris 2009.06 x64 with Sun Studio 12: httpd 2.0.x 32-bit httpd 2.2.x 32-bit httpd 2.2.x 64-bit httpd 2.3-dev 32-bit (Event MPM) Ubuntu 8.0.4 x86: httpd 2.0.x httpd 2.2.x httpd 2.3-dev (Event MPM)
Re: [VOTE] release httpd mod_fcgid-2.3.4
On Oct 8, 2009, at 8:30 AM, Jeff Trawick wrote: On Thu, Oct 8, 2009 at 3:33 AM, William A. Rowe, Jr. wr...@rowe-clan.net wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Thank you! [X] +1 to release as 2.3.4-beta [X] +1 to release as 2.3.4-GA +1
Re: [VOTE] release httpd mod_fcgid-2.3.4
William A. Rowe, Jr. wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID FYI if I had a vote: +1 Authorizer and normal page serving works in our application with 2.3.4. Barry
Re: [VOTE] release httpd mod_fcgid-2.3.4
On Thu, Oct 8, 2009 at 9:56 AM, Barry Scott barry.sc...@onelan.co.uk wrote: William A. Rowe, Jr. wrote: Thanks to Jeff's catch, we scuttled 2.3.3. We have yet another candidate for your consideration. Please fetch up the newly minted mod_fcgid-2.3.4.tar.gz (or .tar.bz2) or the win32/netware suitable package mod_fcgid-2.3.3-crlf.zip from: http://httpd.apache.org/dev/dist/mod_fcgid/ review, take it for a spin, and cast your choice [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?) [ ] +1 to release as 2.3.4-beta [ ] +1 to release as 2.3.4-GA For getting started, http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID FYI if I had a vote: +1 Authorizer and normal page serving works in our application with 2.3.4. It is great information to have, whether or not it is a formal vote. Thanks!
Re: [VOTE] release httpd mod_fcgid-2.3.4
[x] +1 to release as 2.3.4-beta No time to play enough to vote GA. -- Eric Covener cove...@gmail.com
Re: [VOTE] release httpd mod_fcgid-2.3.4
William A. Rowe, Jr. wrote: [X] +1 to release as 2.3.4-beta Chris. -- GPG Key ID: 366A375B GPG Key Fingerprint: 485E 5041 17E1 E2BB C263 E4DE C8E3 FA36 366A 375B