Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 35765 invoked from network); 9 Oct 2009 19:31:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 9 Oct 2009 19:31:55 -0000 Received: (qmail 49231 invoked by uid 500); 9 Oct 2009 19:31:54 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 49158 invoked by uid 500); 9 Oct 2009 19:31:53 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 49149 invoked by uid 99); 9 Oct 2009 19:31:53 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 09 Oct 2009 19:31:53 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of trawick@gmail.com designates 72.14.220.155 as permitted sender) Received: from [72.14.220.155] (HELO fg-out-1718.google.com) (72.14.220.155) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 09 Oct 2009 19:31:43 +0000 Received: by fg-out-1718.google.com with SMTP id 22so2301848fge.12 for ; Fri, 09 Oct 2009 12:30:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=w2RuqW4XRu3UC7EAmuRZ9ikR6g3nBPkxZMQl86HZY28=; b=HlXvfeTQssOtKXuBO93rFbdl/DLY1glpL0pa9qJ8JBm8f5YiGzqa3gj2j0plG65/XH VIXlypDf1HO9DWaDuWYZoHQIgrxWWUCBXow4LQ6UDQW5z485xL7DVsonmGpcXdtX3eGC EhTqslA/b1b97PkT/ixDdidgUYWmkUwOBUylU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=aR2nrdZOOdFOP3/JEegXptvu5l7tPr0sCTg0TrG8oljHqCK7yFnU/WDu9K/i1Lku5y CTW8bre/RQ4oxOujy/ctwpyjnmtP8ToGW0A2K8JtYevoKWyndlPzZauzjDVA9YXWuDJK Jwq0CfIhYyjUmYVauDyYhKlFcd5O2eJw6X+QY= MIME-Version: 1.0 Received: by 10.86.221.25 with SMTP id t25mr2779933fgg.19.1255116623307; Fri, 09 Oct 2009 12:30:23 -0700 (PDT) In-Reply-To: <4ACF7239.3070307@onelan.co.uk> References: <4ACF5F0A.7050706@onelan.co.uk> <4ACF7239.3070307@onelan.co.uk> Date: Fri, 9 Oct 2009 15:30:23 -0400 Message-ID: Subject: Re: mod_fcgid POST broken if FcgiAuthorizer is run From: Jeff Trawick To: dev@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Virus-Checked: Checked by ClamAV on apache.org On Fri, Oct 9, 2009 at 1:26 PM, Barry Scott wrot= e: > Jeff Trawick wrote: >> >> On Fri, Oct 9, 2009 at 12:04 PM, Barry Scott >> wrote: >> >>> >>> This has been filed as issue >>> https://issues.apache.org/bugzilla/show_bug.cgi?id=3D47973 >>> >> See patch attached to the PR. =A0Thanks! >> >> > > No joy I get internal server error. > > But the patch below works for my case. ... > Index: modules/fcgid/fcgid_bridge.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > --- modules/fcgid/fcgid_bridge.c =A0 =A0(revision 823573) > +++ modules/fcgid/fcgid_bridge.c =A0 =A0(working copy) > @@ -470,6 +470,8 @@ > =A0 =A0 =A0 =A0return HTTP_INTERNAL_SERVER_ERROR; > =A0 =A0} > > + =A0 =A0if (role =3D=3D FCGI_RESPONDER) { > + > =A0 =A0/* Stdin header and body */ > =A0 =A0/* XXX HACK: I have to read all the request into memory before sen= ding it > =A0 =A0 =A0 to fastcgi application server, this prevents slow clients fro= m > @@ -624,6 +626,7 @@ > =A0 =A0 =A0 =A0apr_brigade_destroy(input_brigade); > =A0 =A0} > =A0 =A0while (!seen_eos); > + =A0 =A0} /* end handling request body for responders */ > > =A0 =A0/* Append an empty body stdin header */ > =A0 =A0stdin_request_header =3D apr_bucket_alloc(sizeof(FCGI_Header), > > Variation number three: As with your patch, it remembers to add the eos bucket to the brigade of data sent to the app. As with my earlier patch, it doesn't send the trailing FCGI_STDIN record. In the spec (http://www.fastcgi.com/devkit/doc/fcgi-spec.html#S6.3), there's no mention of FCGI_STDIN for an FCGI_AUTHORIZER. I double-checked that mod_fcgid.c strips any CONTENT_LENGTH when calling the authorizer, which the spec does call for. I won't be shocked if it still fails for you; in that case I think we need to try to understand exactly why the trailing FCGI_STDIN record is needed. (FWIW, my authorizer is Perl using the FCGI module. The protocol implementation on the app side could explain the difference in our observations.) --- modules/fcgid/fcgid_bridge.c.orig 2009-10-09 12:09:12.032405619 -0400 +++ modules/fcgid/fcgid_bridge.c 2009-10-09 15:12:25.838920760 -0400 @@ -470,6 +470,8 @@ return HTTP_INTERNAL_SERVER_ERROR; } + if (role =3D=3D FCGI_RESPONDER) { + /* Stdin header and body */ /* XXX HACK: I have to read all the request into memory before sending= it to fastcgi application server, this prevents slow clients from @@ -640,6 +642,8 @@ } APR_BRIGADE_INSERT_TAIL(output_brigade, bucket_header); + } /* end handling request body for responders */ + /* The eos bucket now */ bucket_eos =3D apr_bucket_eos_create(r->connection->bucket_alloc); APR_BRIGADE_INSERT_TAIL(output_brigade, bucket_eos); --=20 Born in Roswell... married an alien...