Re: [users@httpd] .htaccess

2017-09-18 Thread Rondon 
Hi Yann,

But I need to have both working..
By Referer bypass the user authentication
if Referer is different it needs the user authentication.

Cheers,

Rondon

-
Your life is shaped by your mind and you become what you think.
Dhampada - Twin Verses.

2017-09-16 14:46 GMT-03:00 Yann Ylavic :

> Hi Rondon,
>
> On Fri, Sep 15, 2017 at 12:27 AM, Rondon  wrote:
> > Hi Folks,
> >
> > Sorry to bother you.
> > My website is using apache at Dreamhost.
> >
> > I'm authenticating using a require valid-user at .htaccess
> > But I need to add more directives to authenticate the access by Referer.
> >
> > If the user comes from a specific referer, the user doesn't have to
> receive
> > the authentication box and bypass the authentication.
>
> First I must say that it's IMHO not a wise thing to do!
> Keep in mind that the Referer can be forged at wish one by any user,
> fooling your authorizations...
>
> >
> > Is that possible?
>
> If you really want to though, possibly something like:
>
> >
> > My .htaccess file is:
> >
> > AuthName "My Security Area"
> > AuthType Basic
> > AuthUserFile  /myusersfilepath/
>
> SetEnvIf Referer ^https?://my.referer.host/and/path let_me_in
> Require env let_me_in
> > require valid-user
>
> in that order.
>
>
> Regards,
> Yann.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

[users@httpd] Update OCSP stapling response in advance

2017-09-18 Thread Marat Khalili 

Dear list,
good time of the day,

Is it possible to make Apache start requesting fresh OCSP response some 
time before previous one expires, in order to prevent outages due to 
poor OCSP server availability? SSLStaplingResponseMaxAge directive looks 
promising, but will it return older response if fresh one cannot be 
obtained, or will it just fail?


(Sorry if discussed earlier, I remember something along these lines, but 
don't remember of some solution or workaround was found.)


--

With Best Regards,
Marat Khalili

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Request_URI and ErrorDocument interaction ?

2017-09-18 Thread Cordente Emmanuel 
Yes. Thank again.

Emmanuel


-Original Message-
From: Yann Ylavic [mailto:ylavic@gmail.com] 
Sent: lundi 18 septembre 2017 12:06
To: users@httpd.apache.org
Subject: Re: [users@httpd] Request_URI and ErrorDocument interaction ?

On Mon, Sep 18, 2017 at 11:48 AM, Cordente Emmanuel 
 wrote:
>
> Is there any documentation explaining the all the env variable of the 
> previous request are stored under REDIRECT_xxx ?

https://httpd.apache.org/docs/2.4/custom-error.html#variables seems to mention 
that.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] how to get apr_pool_t when need to call ap_md5

2017-09-18 Thread eeadev dev 
thank u, Eric.
I just saw your reply.

2017-09-07 16:54 GMT-07:00 Eric Covener :

> On Thu, Sep 7, 2017 at 12:07 PM, eeadev dev  wrote:
> > In my function I need to get the checksum using md5.
> >
> > I saw that there is this function ap_md5(apr_pool_t *a, const unsigned
> char
> > *string);
> >
> > but it needs apr_pool_t
> >
> > how can I get it?
> >
> > char key[] = "abc";
> >
> > key_md5 = ap_md5(mem_pool, key);
>
> Most request processing hooks are passed the request_rec which has a
> pool with request lifetime.  Similar for connection-level hooks and
> conn_rec.
>
> While parsing directives, you have pools passed on the cmd_* structure
> which are either temporary or very long-lived.
>
> Finally, you can create & destroy a new pool if you are in some very weird
> code.
>
> Could you elaborate on the context?
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [users@httpd] Request_URI and ErrorDocument interaction ?

2017-09-18 Thread Yann Ylavic 
On Mon, Sep 18, 2017 at 11:48 AM, Cordente Emmanuel
 wrote:
>
> Is there any documentation explaining the all the env variable of the 
> previous request are stored under REDIRECT_xxx ?

https://httpd.apache.org/docs/2.4/custom-error.html#variables seems to
mention that.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Request_URI and ErrorDocument interaction ?

2017-09-18 Thread Cordente Emmanuel 
That's working !
Thanks a lot, this make my day :-)

Is there any documentation explaining the all the env variable of the previous 
request are stored under REDIRECT_xxx ?

Emmanuel


-Original Message-
From: Yann Ylavic [mailto:ylavic@gmail.com] 
Sent: lundi 18 septembre 2017 10:10
To: users@httpd.apache.org
Subject: Re: [users@httpd] Request_URI and ErrorDocument interaction ?

On Mon, Sep 18, 2017 at 10:06 AM, Yann Ylavic  wrote:
> Typo below.
>
> On Mon, Sep 18, 2017 at 9:50 AM, Yann Ylavic  wrote:
>>
>> RewriteCond %{ENV:originalPath} ^$
>
> The above should be:
> RewriteCond %{ENV:REDIRECT_originalPath} ^$
>
>> RewriteRule ^ - [E=originalPath:%{REQUEST_URI}]
>>
>> RewriteCond %{ENV:REDIRECT_originalPath} ^(.+)$ RewriteRule ^ - 
>> [E=originalPath:%1]

Argh, no, the order is not correct, please try:

RewriteCond %{ENV:REDIRECT_originalPath} ^(.+)$ RewriteRule ^ - 
[E=originalPath:%1]

RewriteCond %{ENV:originalPath} ^$
RewriteRule ^ - [E=originalPath:%{REQUEST_URI}]

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Request_URI and ErrorDocument interaction ?

2017-09-18 Thread Yann Ylavic 
On Mon, Sep 18, 2017 at 10:06 AM, Yann Ylavic  wrote:
> Typo below.
>
> On Mon, Sep 18, 2017 at 9:50 AM, Yann Ylavic  wrote:
>>
>> RewriteCond %{ENV:originalPath} ^$
>
> The above should be:
> RewriteCond %{ENV:REDIRECT_originalPath} ^$
>
>> RewriteRule ^ - [E=originalPath:%{REQUEST_URI}]
>>
>> RewriteCond %{ENV:REDIRECT_originalPath} ^(.+)$
>> RewriteRule ^ - [E=originalPath:%1]

Argh, no, the order is not correct, please try:

RewriteCond %{ENV:REDIRECT_originalPath} ^(.+)$
RewriteRule ^ - [E=originalPath:%1]

RewriteCond %{ENV:originalPath} ^$
RewriteRule ^ - [E=originalPath:%{REQUEST_URI}]

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Request_URI and ErrorDocument interaction ?

2017-09-18 Thread Yann Ylavic 
Typo below.

On Mon, Sep 18, 2017 at 9:50 AM, Yann Ylavic  wrote:
>
> RewriteCond %{ENV:originalPath} ^$

The above should be:
RewriteCond %{ENV:REDIRECT_originalPath} ^$

> RewriteRule ^ - [E=originalPath:%{REQUEST_URI}]
>
> RewriteCond %{ENV:REDIRECT_originalPath} ^(.+)$
> RewriteRule ^ - [E=originalPath:%1]

>
>
> Regards,
> Yann.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Request_URI and ErrorDocument interaction ?

2017-09-18 Thread Yann Ylavic 
Sorry for the delay, I missed your response.

On Mon, Sep 11, 2017 at 1:56 PM, Cordente Emmanuel
 wrote:
> Thank you for the proposition, I tried  it without success.
>
> I've used:
> RewriteCond %{ENV:REDIRECT_URL} ^(.+)$
> RewriteRule ^ - [E=originalPath:%1]
>
> RewriteCond %{ENV:originalPath} ^$
> RewriteRule ^ - [E=originalPath:%{REQUEST_URI}]
>
> ErrorDocument 404 /pagenotfound
>
> In the rewrite log I see something strange:
>  [11/Sep/2017:13:27:18 +0200] [myvhost/sid#1df93xx][rid# 
> 7f98e8154870/initial] (5) setting env variable 'originalPath' to '/nothing'
>  [11/Sep/2017:13:27:18 +0200] [myvhost/sid#1df93xx][rid# 
> 7f98e80aced8/initial/redir#1] (5) setting env variable 'originalPath' to 
> '/pagenotfound'
>
> The 1st line is what we wanted, but I don't understand the second line.
> It's like the internal redirect of the ErrorDocument run again the rewrite 
> rule like if it is a brand new request in another context (without the env 
> variable defined before)

Yes, the internal redirect "restarts" the request processing, hence
rewrite rules too.
I missed that REDIRECT_URL was defined in CGI context only, the
general scheme for redirects is that env variables from the previous
request are prefixed with "REDIRECT_".

>
> Any idea ?

Given that, maybe the below?

RewriteCond %{ENV:originalPath} ^$
RewriteRule ^ - [E=originalPath:%{REQUEST_URI}]

RewriteCond %{ENV:REDIRECT_originalPath} ^(.+)$
RewriteRule ^ - [E=originalPath:%1]


Regards,
Yann.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org