httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Barry Scott <barry.sc...@onelan.co.uk>
Subject Re: [VOTE] release httpd mod_fcgid-2.3.4
Date Fri, 09 Oct 2009 16:04:49 GMT
Jeff Trawick wrote:
> On Fri, Oct 9, 2009 at 11:00 AM, Barry Scott <barry.scott@onelan.co.uk> wrote:
>   
>> Barry Scott wrote:
>>     
>>> William A. Rowe, Jr. wrote:
>>>       
>>>> Thanks to Jeff's catch, we scuttled 2.3.3.  We have yet another
>>>> candidate
>>>> for your consideration.  Please fetch up the newly minted
>>>> mod_fcgid-2.3.4.tar.gz
>>>> (or .tar.bz2) or the win32/netware suitable package
>>>> mod_fcgid-2.3.3-crlf.zip from:
>>>>
>>>>   http://httpd.apache.org/dev/dist/mod_fcgid/
>>>>
>>>> review, take it for a spin, and cast your choice
>>>>
>>>>   [ ] -1 for any release of 2.3.4 (regressed from 2.3.1?)
>>>>   [ ] +1 to release as 2.3.4-beta
>>>>   [ ] +1 to release as 2.3.4-GA
>>>>
>>>> For getting started,
>>>>
>>>> http://svn.apache.org/repos/asf/httpd/mod_fcgid/tags/2.3.4/README-FCGID
>>>>
>>>>
>>>>         
>>> Further testing of our application has shown up a problem.
>>>
>>> With the following configuration we are seeing the request body
>>> of POST messages get stripped out if FcgidAuthorizer is used for
>>> Location /player.  If we comment out the "Require onelan magic" the
>>> POSTs work.
>>>
>>> Have I misconfigured or is this a bug in mod_fcgid?
>>>
>>> Barry
>>>
>>>
>>> ...
>>> LoadModule fcgid_module modules/mod_fcgid.so
>>>
>>> FcgidCmdOptions /usr/local/onelan/html/dsmauthorizer.fcgi MaxProcesses 1
>>> FcgidCmdOptions /usr/local/onelan/html/dsm.fcgi MaxProcesses 1
>>> FcgidCmdOptions /usr/local/onelan/html/dsmxml.fcgi MaxProcesses 1
>>>
>>>
>>> <VirtualHost *:80>
>>>
>>>   #+ Rewrite Web API Rules
>>>   RewriteEngine on
>>>
>>>   # security - deny TRACE and TRACK requests
>>>   RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
>>>   RewriteRule .* - [F]
>>>   #- Rewrite Web API Rules
>>>
>>>   #+ Rewrite Web API Rules
>>>   # make the URLs hide the use of dsm.fcgi
>>>   RewriteRule ^/$ /dsm.fcgi [L]
>>>   RewriteRule ^/(status|options|organisation|tools|setup|help)($|.*$)
>>> /dsm.fcgi/$1$2 [L]
>>>   #- Rewrite Web API Rules
>>>
>>>   #+ Rewrite XML API Rules
>>>   # make the URLs hide the use of dsmxml.fcgi
>>>   RewriteRule ^/(XML)($|.*$) /dsmxml.fcgi/$1$2 [L]
>>>   #- Rewrite XML API Rules
>>>
>>>   #+ Rewrite VPN
>>>   ReWriteMap ntb_ip_address
>>> prg:/usr/local/onelan/dsm/bin/vpn_lookup_ip_address
>>>   RewriteRule ^/player/(\d+)\.(.*)
>>> http://${ntb_ip_address:$1}:8080/player/$1.$2 [P]
>>>   #- Rewrite VPN
>>>
>>>   #+ Locations Web VPN API
>>>   <Location /player>
>>>         #+ HTTP auth file
>>>       Order allow,deny
>>>       Allow from all
>>>       AuthType Digest
>>>       AuthName "Manager System"
>>>       AuthGroupFile /etc/onelan/common/http.group
>>>       AuthUserFile /etc/onelan/common/http.passwd
>>>       Require onelan magic
>>>       #- HTTP auth file
>>>
>>>       FcgidAuthorizer /usr/local/onelan/html/dsmauthorizer.fcgi
>>>   </Location>
>>> </VirtualHost>
>>>
>>>
>>>       
>> Looking at bridge_request we see the code is reading the input buckets
>> and feeding then to the Authorizer.
>>
>> It seems to us that:
>>
>> Either this must not happen if the fcgid is an authorizer
>> or the buckets must be put back for whatever handles
>> the POST to process.
>>     
>
> yeah; looks like bridge_request() doesn't look at role (FCGI_RESPONDER
> vs. FCGID_AUTHORIZER)
>
> (unless you think this is a regression, start a new thread and/or open
> a Bugzilla entry)
>
>   

2.3.1 is broken the same way - I guess its a day one bug.

Bug report and new thread started.

Barry


Mime
View raw message