httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Barry Scott <barry.sc...@onelan.co.uk>
Subject Re: mod_fcgid POST broken if FcgiAuthorizer is run
Date Fri, 09 Oct 2009 17:26:17 GMT
Jeff Trawick wrote:
> On Fri, Oct 9, 2009 at 12:04 PM, Barry Scott <barry.scott@onelan.co.uk> wrote:
>   
>> This has been filed as issue
>> https://issues.apache.org/bugzilla/show_bug.cgi?id=47973
>>
>> Further testing of our application has shown up a problem using
>> mod_fcgid 2.3.4.
>>
>> With the following configuration we are seeing the request body
>> of POST messages get stripped out if FcgidAuthorizer is used for
>> Location /player.  If we comment out the "Require onelan magic" the
>> POSTs work.
>>
>> Looking at bridge_request we see the code is reading the input buckets
>> and feeding then to the Authorizer.
>>
>> It seems to us that:
>>
>> Either this must not happen if the fcgid is an authorizer
>>     
>
> right
>
>   
>> or the buckets must be put back for whatever handles
>> the POST to process.
>>
>> Barry
>>     
>
> See patch attached to the PR.  Thanks!
>
>   

No joy I get internal server error.

But the patch below works for my case.

Note: I don't understand the details of HTTPD to know if this patch is
going to cause problems in other use cases, or indeed is only working
by luck.

One test that needs doing is to have a Responder and an Authorizer running
for the same request. I'll see if I can do that test for you next week 
with the pieces
I have.

Index: modules/fcgid/fcgid_bridge.c
===================================================================
--- modules/fcgid/fcgid_bridge.c    (revision 823573)
+++ modules/fcgid/fcgid_bridge.c    (working copy)
@@ -470,6 +470,8 @@
         return HTTP_INTERNAL_SERVER_ERROR;
     }
 
+    if (role == FCGI_RESPONDER) {
+
     /* Stdin header and body */
     /* XXX HACK: I have to read all the request into memory before 
sending it
        to fastcgi application server, this prevents slow clients from
@@ -624,6 +626,7 @@
         apr_brigade_destroy(input_brigade);
     }
     while (!seen_eos);
+    } /* end handling request body for responders */
 
     /* Append an empty body stdin header */
     stdin_request_header = apr_bucket_alloc(sizeof(FCGI_Header),


Mime
View raw message