httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Barry Scott <barry.sc...@onelan.co.uk>
Subject Re: [VOTE] release httpd mod_fcgid-2.3.4
Date Fri, 09 Oct 2009 15:00:10 GMT
Barry Scott wrote:
> William A. Rowe, Jr. wrote:
> > Thanks to Jeff's catch, we scuttled 2.3.3.  We have yet another 
> candidate
> > for your consideration.  Please fetch up the newly minted 
> mod_fcgid-2.3.4.tar.gz
> > (or .tar.bz2) or the win32/netware suitable package 
> mod_fcgid-2.3.3-crlf.zip from:
> >
> >   http://httpd.apache.org/dev/dist/mod_fcgid/
> >
> > review, take it for a spin, and cast your choice
> >
> >   [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?)
> >   [ ] +1 to release as 2.3.4-beta
> >   [ ] +1 to release as 2.3.4-GA
> >
> > For getting started,
> >
> > http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID
> >
> >
>
> Further testing of our application has shown up a problem.
>
> With the following configuration we are seeing the request body
> of POST messages get stripped out if FcgidAuthorizer is used for
> Location /player.  If we comment out the "Require onelan magic" the
> POSTs work.
>
> Have I misconfigured or is this a bug in mod_fcgid?
>
> Barry
>
>
> ...
> LoadModule fcgid_module modules/mod_fcgid.so
>
> FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1
> FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1
> FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1
>
>
> <VirtualHost *:80>
>
>    #+ Rewrite Web API Rules
>    RewriteEngine on
>
>    # security - deny TRACE and TRACK requests
>    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
>    RewriteRule .* - [F]
>    #- Rewrite Web API Rules
>
>    #+ Rewrite Web API Rules
>    # make the URLs hide the use of dsm.fcgi
>    RewriteRule ^/$ /dsm.fcgi [L]
>    RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$) 
> /dsm.fcgi/$1$2 [L]
>    #- Rewrite Web API Rules
>
>    #+ Rewrite XML API Rules
>    # make the URLs hide the use of dsmxml.fcgi
>    RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L]
>    #- Rewrite XML API Rules
>
>    #+ Rewrite VPN
>    ReWriteMap ntb_ip_address 
> prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address
>    RewriteRule ^/player/(\d+)\.(.*) 
> http://${ntb_ip_address:$1}:8080/player/$1.$2 [P]
>    #- Rewrite VPN
>
>    #+ Locations Web VPN API
>    <Location /player>
>          #+ HTTP auth file
>        Order allow,deny
>        Allow from all
>        AuthType Digest
>        AuthName "Manager System"
>        AuthGroupFile /etc/onelan/common/http.group
>        AuthUserFile /etc/onelan/common/http.passwd
>        Require onelan magic
>        #- HTTP auth file
>
>        FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi
>    </Location>
> </VirtualHost>
>
>

Looking at bridge_request we see the code is reading the input buckets
and feeding then to the Authorizer.

It seems to us that:

Either this must not happen if the fcgid is an authorizer
or the buckets must be put back for whatever handles
the POST to process.

Barry


Mime
View raw message