httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben <...@redsnapper.net>
Subject Re: [users@httpd] A NetHack-esque Journey of the dark arts for DBD(mysql) under httpd-2.2.3
Date Wed, 30 Aug 2006 14:38:24 GMT
The next installment...

It was time for me to add some meaningful messages to mod_authn_dbd.c
Heads up to you apache developers: Try to be more imaginative when  
writing error messages - At least make each message unique!!
There are six "Error looking up %s in database." errors in  
mod_autn_dbd.c - why not be a little bit more informative?

Well, the good news is that I managed to get authentication working -  
after a new build and a couple of conf tweaks.

Here is a breakdown of some of the  [crit]  messages - and what they  
appear to mean..

(70023)This function has not been implemented on this platform: DBD:  
driver for [DBDriver unset] not available
(70023)This function has not been implemented on this platform: DBD:  
failed to initialise

---- This means that you have stuck the DBD settings inside a  
VirtualHost! It will pass configtest, it is (supposedly) supported,  
but it will fry your httpd! Rawr!

Here is a breakdown of some of the  [error]  messages - and what they  
appear to mean..
"DBD: No driver for mysql"				     Your mysql_client_r  is not linked  
properly!  Try:  ldd (apache install directory)/lib/libaprutil-1.so |  
grep libmysqlclient_r
"Error looking up testuser in database"       One of a whole bunch of  
things - including no database connection
"user testuser not found ..."                             The user is  
not in the table specified - (or the table doesn't exist, or the  
query fails... )
"user testuser: authentication failure ..."       Good news! The user  
table / record was found - just the password was entered wrong! (or  
the field isn't encrypted)

There is no return message saying whether or not the sql query  
actually worked. It would be nice for a developer to stick in a debug  
of the queries themselves.. (hint!)
Also, LogDebug for .. dynamic library loading, function calling, sql  
connections, database connections, handle creation, sql query  
creation, the actual sql queries, the execution, an ERROR for sql  
error messages, LogDebug for number of records returned, the value of  
the password returned the and the value of the encrypted password it  
is trying to match - you know what LogDebug is useful for???  
Debugging. (hint!) (hint!) (hint!)

Also, I got a bit wobbly about which encrypt function to use.. So I  
tried the lot, and it turned out to be encrypt (doh)
An example insert user query is:

insert into users set user='test5', password=encrypt('test','test');

The conf settings that are working for me are:

<VirtualHost xxxxx:80>
      DBDParams "dbname=client06 user=dbdauth"
      [........]
	<Directory />
      		AuthType Basic
       		AuthName "Database access"
       		AuthBasicProvider dbd
      		 Require valid-user
       		AuthDBDUserPWQuery "select password from users where user = %s"
	 </Directory>
      [........]
</VirtualHost>

Also - at the top of the httpd.conf file

DBDriver mysql
DBDPersist Off
DBDMin  1
DBDKeep 1
DBDMax 1
#DBDExptime 10

Now all but the first of these settings remain mysterious and magical  
to me - but I think I have trouble with other settings.
I still don't know what causes a massive increase of active httpd  
threads that invariably burns the server to the ground - but hey..  
here be dragons ...

I am a little worried about touching anything.  Eighteen hours and  
several levels of pain later - my keyboard dripping with the blood of  
ripped code - directories filled with random notes and partial files  
- and things work  - but my confidence is in tatters.

Unless the server keels over in the next few days - this adventure  
appears to be done!

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message