Re: Be carefull with apache 1.3.24
Did not tested with that one... I was having problems with cookies only... Or so I thought :) On Mon, Apr 01, 2002 at 11:22:10PM +0200, Eric Cholet wrote: --On lundi 1 avril 2002 17:12 +0100 Pedro Melo Cunha [EMAIL PROTECTED] wrote: It seems to be fixed in CVS Haven't tried it yet... As far as I can tell the chunked response bug hasn't been fixed yet. Best regards, On Fri, Mar 29, 2002 at 01:26:43PM -0500, John Siracusa wrote: On 3/29/02 1:11 PM, John Siracusa wrote: On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: Looking at the change log, they mention a bug that multiple set-cookie's will fail (only the last one will be sent to the client, the proxy will eat the others). And it was true... The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. This was a show-stopper for my application. So I sat down, read the proxy code, and made a patch to solve the bug. Applied the attached patch to 1.3.24, but it complained: --- % patch -i ../mod_proxy_patch.diff src/modules/proxy/proxy_http.c patching file src/modules/proxy/proxy_http.c Reversed (or previously applied) patch detected! Assume -R? [n] y --- I'm not sure what that means Heh, n e v e r m i n d... :) Anyway, now that I have patched, working versions, what's the status on apache.org fixing this bug in the real distribution? -John -- Pedro Melo Cunha - [EMAIL PROTECTED] Novis Telecom, S.A. - Dir. Rede - ISP http://www.novis.pt/ Edifício Novis - Estrada da Outurela, 118 - 2795-606 Carnaxide tel: +351 21 0104340 - fax: +351 21 0104301 -- Eric Cholet Logilune -- Pedro Melo Cunha - [EMAIL PROTECTED] Novis Telecom, S.A. - Dir. Rede - ISP http://www.novis.pt/ Edifício Novis - Estrada da Outurela, 118 - 2795-606 Carnaxide tel: +351 21 0104340 - fax: +351 21 0104301
Re: Be carefull with apache 1.3.24
--On vendredi 29 mars 2002 13:26 -0500 John Siracusa [EMAIL PROTECTED] wrote: Anyway, now that I have patched, working versions, what's the status on apache.org fixing this bug in the real distribution? The Set-Cookie issue has been fixed in apache CVS, but the chunked response issue hasn't yet. Forward any ideas/patches to the [EMAIL PROTECTED] or to mod_proxy's maintainer, minfrin at sharp dot fm. -- Eric Cholet
Re: Be carefull with apache 1.3.24
It seems to be fixed in CVS Haven't tried it yet... Best regards, On Fri, Mar 29, 2002 at 01:26:43PM -0500, John Siracusa wrote: On 3/29/02 1:11 PM, John Siracusa wrote: On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: Looking at the change log, they mention a bug that multiple set-cookie's will fail (only the last one will be sent to the client, the proxy will eat the others). And it was true... The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. This was a show-stopper for my application. So I sat down, read the proxy code, and made a patch to solve the bug. Applied the attached patch to 1.3.24, but it complained: --- % patch -i ../mod_proxy_patch.diff src/modules/proxy/proxy_http.c patching file src/modules/proxy/proxy_http.c Reversed (or previously applied) patch detected! Assume -R? [n] y --- I'm not sure what that means Heh, n e v e r m i n d... :) Anyway, now that I have patched, working versions, what's the status on apache.org fixing this bug in the real distribution? -John -- Pedro Melo Cunha - [EMAIL PROTECTED] Novis Telecom, S.A. - Dir. Rede - ISP http://www.novis.pt/ Edifício Novis - Estrada da Outurela, 118 - 2795-606 Carnaxide tel: +351 21 0104340 - fax: +351 21 0104301
Re: Be carefull with apache 1.3.24
--On lundi 1 avril 2002 17:12 +0100 Pedro Melo Cunha [EMAIL PROTECTED] wrote: It seems to be fixed in CVS Haven't tried it yet... As far as I can tell the chunked response bug hasn't been fixed yet. Best regards, On Fri, Mar 29, 2002 at 01:26:43PM -0500, John Siracusa wrote: On 3/29/02 1:11 PM, John Siracusa wrote: On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: Looking at the change log, they mention a bug that multiple set-cookie's will fail (only the last one will be sent to the client, the proxy will eat the others). And it was true... The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. This was a show-stopper for my application. So I sat down, read the proxy code, and made a patch to solve the bug. Applied the attached patch to 1.3.24, but it complained: --- % patch -i ../mod_proxy_patch.diff src/modules/proxy/proxy_http.c patching file src/modules/proxy/proxy_http.c Reversed (or previously applied) patch detected! Assume -R? [n] y --- I'm not sure what that means Heh, n e v e r m i n d... :) Anyway, now that I have patched, working versions, what's the status on apache.org fixing this bug in the real distribution? -John -- Pedro Melo Cunha - [EMAIL PROTECTED] Novis Telecom, S.A. - Dir. Rede - ISP http://www.novis.pt/ Edifício Novis - Estrada da Outurela, 118 - 2795-606 Carnaxide tel: +351 21 0104340 - fax: +351 21 0104301 -- Eric Cholet Logilune
[slightly OT] Re: Be carefull with apache 1.3.24
On Mon, 1 Apr 2002, Eric Cholet wrote: The Set-Cookie issue has been fixed in apache CVS, but the chunked response issue hasn't yet. Forward any ideas/patches to the [EMAIL PROTECTED] or to mod_proxy's maintainer, minfrin at sharp dot fm. I have not yet been able to get 1.3.23 successfully patched to fix the Set-Cookie issue, and I can't use 1.3.24 because of the chunking problem. (Plus, the 1.3.23 problem of the proxy hanging on to back-end connections until it's done talking with the client pretty much defeats the purpose of using it in accelerator mode.) Does anyone know the most recent Apache version where the Set-Cookie and chunked problems were *not* an issue for mod_proxy? I have an old 1.3.14 instance that seems to work, but I'd rather not go back that far... Thanks! Larry Leszczynski [EMAIL PROTECTED]
Re: [slightly OT] Re: Be carefull with apache 1.3.24
--On lundi 1 avril 2002 16:44 -0500 Larry Leszczynski [EMAIL PROTECTED] wrote: On Mon, 1 Apr 2002, Eric Cholet wrote: The Set-Cookie issue has been fixed in apache CVS, but the chunked response issue hasn't yet. Forward any ideas/patches to the [EMAIL PROTECTED] or to mod_proxy's maintainer, minfrin at sharp dot fm. I have not yet been able to get 1.3.23 successfully patched to fix the Set-Cookie issue, and I can't use 1.3.24 because of the chunking problem. (Plus, the 1.3.23 problem of the proxy hanging on to back-end connections until it's done talking with the client pretty much defeats the purpose of using it in accelerator mode.) Does anyone know the most recent Apache version where the Set-Cookie and chunked problems were *not* an issue for mod_proxy? I have an old 1.3.14 instance that seems to work, but I'd rather not go back that far... I know the chunking bug wasn't in 1.3.22, but I do not know about the Set-Cookie status in that release because I didn't notice it until much later (customer setting multiple cookies complained). The chunking bug is of course much more visible since it breaks Netscape browsers completely. -- Eric Cholet Logilune
Re: Be carefull with apache 1.3.24
On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. Another problem that bit me is that 1.3.24 mod_proxy is returning HTTP/1.1 chunked encoding responses to HTTP/1.0 clients: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7513 (For those who might not know it if they saw it, chunked encoding adds a length (specified in hex) at the very beginning of a response, and a zero at the end.) Larry Leszczynski [EMAIL PROTECTED]
Re: Be carefull with apache 1.3.24
On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: Looking at the change log, they mention a bug that multiple set-cookie's will fail (only the last one will be sent to the client, the proxy will eat the others). And it was true... The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. This was a show-stopper for my application. So I sat down, read the proxy code, and made a patch to solve the bug. Applied the attached patch to 1.3.24, but it complained: --- % patch -i ../mod_proxy_patch.diff src/modules/proxy/proxy_http.c patching file src/modules/proxy/proxy_http.c Reversed (or previously applied) patch detected! Assume -R? [n] y --- I'm not sure what that means, but I forced it through anyway, and the bug remains! (As tested by your attached cookie.cgi script.) Just to make sure I wasn't crazy, I also re-tried my unpatched version of 1.3.24 and it showed the bug too. So, what's the status on this? Is 1.3.25 due out soon to fix this? Does anyone have a working patch? -John
Re: Be carefull with apache 1.3.24
On 3/29/02 1:11 PM, John Siracusa wrote: On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: Looking at the change log, they mention a bug that multiple set-cookie's will fail (only the last one will be sent to the client, the proxy will eat the others). And it was true... The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. This was a show-stopper for my application. So I sat down, read the proxy code, and made a patch to solve the bug. Applied the attached patch to 1.3.24, but it complained: --- % patch -i ../mod_proxy_patch.diff src/modules/proxy/proxy_http.c patching file src/modules/proxy/proxy_http.c Reversed (or previously applied) patch detected! Assume -R? [n] y --- I'm not sure what that means Heh, n e v e r m i n d... :) Anyway, now that I have patched, working versions, what's the status on apache.org fixing this bug in the real distribution? -John
Re: Be carefull with apache 1.3.24
On 3/29/02 1:26 PM, John Siracusa wrote: Anyway, now that I have patched, working versions... Scratch that: the patch doesn't seem to work when I build a server with mod_ssl in it. Hrm... -John
Re: Be carefull with apache 1.3.24
Does anyone know how I can put my ProxyIOBufferSize config line in a conditional that'll keep it from blowing up if I'm using a version of apache earlier than 1.3.24? -John
Re: Be carefull with apache 1.3.24
John Siracusa [EMAIL PROTECTED] on Mar 25, 2002: Does anyone know how I can put my ProxyIOBufferSize config line in a conditional that'll keep it from blowing up if I'm using a version of apache earlier than 1.3.24? You could use IfDefine but that would mean that the command that starts apache needs to be aware of which version you are using and modifying startup params accordingly. See http://httpd.apache.org/docs/mod/core.html#ifdefine
Re: Be carefull with apache 1.3.24
At 11:14 AM -0500 3/25/02, John Siracusa wrote: Does anyone know how I can put my ProxyIOBufferSize config line in a conditional that'll keep it from blowing up if I'm using a version of apache earlier than 1.3.24? -John In /path/to/apache1.3.24/bin/apachectl add a -DAPACHE_1_3_24 to the httpd command. In your httpd.conf add IfDefined APACHE_1_3_24 ProxyIOBufferSize 10 /IfDefined I think that should work Rob -- When I used a Mac, they laughed because I had no command prompt. When I used Linux, they laughed because I had no GUI.
Re: Be carefull with apache 1.3.24
In /path/to/apache1.3.24/bin/apachectl add a -DAPACHE_1_3_24 to the
httpd command.
In your httpd.conf add
IfDefined APACHE_1_3_24
ProxyIOBufferSize 10
/IfDefined
I think that should work
you could also do something hackish like this to avoid command line switches
Perl
my ($version) = Apache::Constants::SERVER_VERSION =~ m/(\d{2})/;
$ProxyIOBufferSize = 1 if $version = 24
/Perl
good luck
---Geoff
Re: Be carefull with apache 1.3.24
On 3/25/02 11:39 AM, Geoffrey Young wrote:
In /path/to/apache1.3.24/bin/apachectl add a -DAPACHE_1_3_24 to the
httpd command.
In your httpd.conf add
IfDefined APACHE_1_3_24
ProxyIOBufferSize 10
/IfDefined
I think that should work
you could also do something hackish like this to avoid command line switches
Perl
my ($version) = Apache::Constants::SERVER_VERSION =~ m/(\d{2})/;
$ProxyIOBufferSize = 1 if $version = 24
/Perl
I don't want to use defines if I can help it, and it's a proxy server
without mod_perl, so the Perl section is out. Hm, you'd think apache
would have a directive for this, especially since it pukes when it sees
unknown conf directives. Maybe I'll go nag the apache devs... :)
-John
Re: Be carefull with apache 1.3.24
Hi Pedro, On Sun, 24 Mar 2002, Pedro Melo Cunha wrote: [snip,snip] Looking at the change log, they mention a bug that multiple set-cookie's will fail (only the last one will be sent to the client, the proxy will eat the others). And it was true... The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. This was a show-stopper for my application. So I sat down, read the proxy code, and made a patch to solve the bug. [snip] Anyway, I attached here. Maybe someone here can push it into apache for the next release, and in the meantime you can use it, if you want. I also attach a cgi that set's two cookies, to demonstrate the problem. Pedro, thanks a real bunch! You just saved me a load of work! If we ever meet, I'll buy you a beer, I promise! 73, Ged.
Be carefull with apache 1.3.24
Hi,
a bit of history: I read on the documentation the new mod_proxy feature
called ProxyIOBufferSize which allows for even better handling of lasrge
mod_perl httpd's. This babby, and another little patch that also made it
(closing the backend connection as soon as possible) allows for me to
have a split of 100 modproxy process for only 10 backend mod_perl
process... neat! :) (BTW, using this and mod_gzip, and you can save a
bundle instead of buying those nice redline boxes :)
the problem is that it's only available on 1.3.24 (at the time, 2 or 3
days ago, it wasnt available yet), so I used the CVS version.
Looking at the change log, they mention a bug that multiple set-cookie's
will fail (only the last one will be sent to the client, the proxy will
eat the others). And it was true... The problem is that 1.3.24 final
also has that bug: only the last set-cookie will reach your browser.
This was a show-stopper for my application. So I sat down, read the
proxy code, and made a patch to solve the bug. I then sent the patch to
the apache bug database (i really hate gnats ;), but they drop it (as a
duplicate). I admit i could not attach my patch to the existing bug
report on this subject (I said I hated gnat's :). So my patch did not
made it the 1.3.24...
Anyway, I attached here. Maybe someone here can push it into apache for
the next release, and in the meantime you can use it, if you want.
I also attach a cgi that set's two cookies, to demonstrate the problem.
Best regards,
PS: mod_perl totally rocks... serving well over 70.000.000 pageviews
with mason...
--
Pedro Melo Cunha - [EMAIL PROTECTED]
Novis Telecom, S.A. - Dir. Rede - ISP http://www.novis.pt/
Edifício Novis - Estrada da Outurela, 118 - 2795-606 Carnaxide
tel: +351 21 0104340 - fax: +351 21 0104301
Index: proxy_http.c
===
RCS file: /home/cvspublic/apache-1.3/src/modules/proxy/proxy_http.c,v
retrieving revision 1.88
diff -u -r1.88 proxy_http.c
--- proxy_http.c21 Mar 2002 11:38:03 - 1.88
+++ proxy_http.c22 Mar 2002 01:21:39 -
@@ -136,6 +136,20 @@
return url;
}
+
+/* copies header key/value into table p if it's a cookie header.
+ * this is a callback function for a ap_table_do below.
+ */
+int ap_proxy_copy_cookie_headers(void *p, const char *key, const char *value)
+{
+table *d = (table *)p;
+
+if (!strcasecmp(key, Set-Cookie) || !strcasecmp(key, Set-Cookie2))
+ ap_table_add(d, key, value);
+
+return 1;
+}
+
/*
* This handles http:// URLs, and other URLs using a remote proxy over http
* If proxyhost is NULL, then contact the server directly, otherwise
@@ -529,8 +543,20 @@
ap_proxy_write_headers(c, ap_pstrcat(p, HTTP/1.1 , r-status_line, NULL),
resp_hdrs);
}
-/* Setup the headers for our client from upstreams response-headers */
+/* Setup the headers for our client from upstreams response-headers.
+ * We use resp_hdrs to keep all the Set-Cookie and Set-Cookie2 headers,
+ * and then call ap_overlap_table, because it keep's only the last one.
+ * The we copy all the cookies back.
+*/
+ap_table_do(ap_proxy_copy_cookie_headers, resp_hdrs, r-headers_out, NULL);
+
ap_overlap_tables(r-headers_out, resp_hdrs, AP_OVERLAP_TABLES_SET);
+
+ap_table_unset(r-headers_out, Set-Cookie);
+ap_table_unset(r-headers_out, Set-Cookie2);
+
+ap_table_do(ap_proxy_copy_cookie_headers, r-headers_out, resp_hdrs, NULL);
+
/* Add X-Cache header - be careful not to obliterate any upstream headers */
ap_table_mergen(r-headers_out, X-Cache,
ap_pstrcat(r-pool, MISS from ,
#!/usr/local/bin/perl -w
use CGI qw( :standard );
use CGI::Cookie;
my $c1 = new CGI::Cookie(-name='ID',-value=123456);
my $c2 = new CGI::Cookie(-name='preferences',
-value={ font = Helvetica, size = 12 });
print header(-cookie=[$c1,$c2]);
print Done;
Re: Be carefull with apache 1.3.24
Pedro Melo Cunha wrote:
Hi,
a bit of history: I read on the documentation the new mod_proxy feature
called ProxyIOBufferSize which allows for even better handling of lasrge
mod_perl httpd's. This babby, and another little patch that also made it
(closing the backend connection as soon as possible) allows for me to
have a split of 100 modproxy process for only 10 backend mod_perl
process... neat! :) (BTW, using this and mod_gzip, and you can save a
bundle instead of buying those nice redline boxes :)
the problem is that it's only available on 1.3.24 (at the time, 2 or 3
days ago, it wasnt available yet), so I used the CVS version.
Looking at the change log, they mention a bug that multiple set-cookie's
will fail (only the last one will be sent to the client, the proxy will
eat the others). And it was true... The problem is that 1.3.24 final
also has that bug: only the last set-cookie will reach your browser.
This was a show-stopper for my application. So I sat down, read the
proxy code, and made a patch to solve the bug. I then sent the patch to
the apache bug database (i really hate gnats ;), but they drop it (as a
duplicate). I admit i could not attach my patch to the existing bug
report on this subject (I said I hated gnat's :). So my patch did not
made it the 1.3.24...
Pedro, please send it to dev @ httpd.apache.org.
Anyway, I attached here. Maybe someone here can push it into apache for
the next release, and in the meantime you can use it, if you want.
I also attach a cgi that set's two cookies, to demonstrate the problem.
Best regards,
PS: mod_perl totally rocks... serving well over 70.000.000 pageviews
with mason...
Index: proxy_http.c
===
RCS file: /home/cvspublic/apache-1.3/src/modules/proxy/proxy_http.c,v
retrieving revision 1.88
diff -u -r1.88 proxy_http.c
--- proxy_http.c 21 Mar 2002 11:38:03 - 1.88
+++ proxy_http.c 22 Mar 2002 01:21:39 -
@@ -136,6 +136,20 @@
return url;
}
+
+/* copies header key/value into table p if it's a cookie header.
+ * this is a callback function for a ap_table_do below.
+ */
+int ap_proxy_copy_cookie_headers(void *p, const char *key, const char *value)
+{
+table *d = (table *)p;
+
+if (!strcasecmp(key, Set-Cookie) || !strcasecmp(key, Set-Cookie2))
+ ap_table_add(d, key, value);
+
+return 1;
+}
+
/*
* This handles http:// URLs, and other URLs using a remote proxy over http
* If proxyhost is NULL, then contact the server directly, otherwise
@@ -529,8 +543,20 @@
ap_proxy_write_headers(c, ap_pstrcat(p, HTTP/1.1 , r-status_line, NULL),
resp_hdrs);
}
-/* Setup the headers for our client from upstreams response-headers */
+/* Setup the headers for our client from upstreams response-headers.
+ * We use resp_hdrs to keep all the Set-Cookie and Set-Cookie2 headers,
+ * and then call ap_overlap_table, because it keep's only the last one.
+ * The we copy all the cookies back.
+ */
+ap_table_do(ap_proxy_copy_cookie_headers, resp_hdrs, r-headers_out, NULL);
+
ap_overlap_tables(r-headers_out, resp_hdrs, AP_OVERLAP_TABLES_SET);
+
+ap_table_unset(r-headers_out, Set-Cookie);
+ap_table_unset(r-headers_out, Set-Cookie2);
+
+ap_table_do(ap_proxy_copy_cookie_headers, r-headers_out, resp_hdrs, NULL);
+
/* Add X-Cache header - be careful not to obliterate any upstream headers */
ap_table_mergen(r-headers_out, X-Cache,
ap_pstrcat(r-pool, MISS from ,
#!/usr/local/bin/perl -w
use CGI qw( :standard );
use CGI::Cookie;
my $c1 = new CGI::Cookie(-name='ID',-value=123456);
my $c2 = new CGI::Cookie(-name='preferences',
-value={ font = Helvetica, size = 12 });
print header(-cookie=[$c1,$c2]);
print Done;
--
__
Stas BekmanJAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide --- http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com
