Re: What do you think about Lighttpd?

> I use it too, and have meddled with it enough at a source level to feel
> comfortable running it. It has obvious, documented, problems (don't use
> it with mod_ssl),

I didn't make it clear earlier -- I do use the event mpm.
Successfully. What *is* the problem with mod_ssl anyway??? I have used
the two together, and I haven't seen a problem....

BTW: FastCGI is not necessary as you can use all Apache all the time:

1. Compile once Apache 2.2 with the event MPM. This is your normal web
server on port 80.

2. Compile another Apache 2.2 with the prefork MPM and mod_php. This
is your PHP server. Run it on another port.

3. Use Apache's rewrite and proxy to forward the php requests from #1
server to #2 server. It seems a little heavy, but you can eliminate
FastCGI altogether. If needed, you can also have your "PHP" server on
another machine than your "Web" server. And you can have more PHP
servers and use the proxy balancer to load balance them.

Just seems a bit heavy weight when its going on a single machine. I
don't have real numbers on how much more weight this is than using
FastCGI. Anyone know? Config would be easier though... :)

Some questions:

1. What is the issue with event mpm and mod_ssl to a end-user?
2. How much more "heavy" is the above setup than using FastCGI?

Re: Using mod_proxy from another module

I can't find how to do that, could you help me ?

Thanks,

Marc

*//*

Jim Jagielski wrote:
> Yep. No problem.
>
> On Feb 21, 2007, at 4:50 AM, Marc Stern wrote:
>
>> Is it also possible to make a post with this ?
>> This is what I need.
>>
>>
>> Jim Jagielski wrote:
>>>> How could we use mod_proxy for outgoing connections from another 
>>>> module ?
>>>> Is there any simple way ?
>>>> Is there any standard (I mean documented) way, or would it rely on 
>>>> internals only ? In the latter case, we would have to recode 
>>>> everything when mod_proxy changes.
>>>>
>>>
>>> You would do something like this:
>>>
>>>     rr = ap_sub_req_method_uri("OPTIONS", "*", r, NULL); /* this 
>>> MUST succeed! */

Re: What do you think about Lighttpd?

--- steve <iamstever <at> gmail.com> wrote:

> > I use it too, and have meddled with it enough at a source level to feel
> > comfortable running it. It has obvious, documented, problems (don't use
> > it with mod_ssl),
> 
> I didn't make it clear earlier -- I do use the event mpm.
> Successfully. What *is* the problem with mod_ssl anyway??? I have used
> the two together, and I haven't seen a problem....

I had something to do with the event mpm also, but I've been out of the loop on
it for some time, so the following may not be quite right.

basically mod_ssl's input filters and check_pipeline_flush() have different
views of how to tell when there is no more input data queued.  there used to be
the possibility that when a client uses HTTP pipelining (multiple requests
back-to-back without waiting for a response after each), mod_ssl could have
data stashed in its input filters for requests after the first request, and the
httpd core (check_pipeline_flush() ) wouldn't realize it and make a bad
decision.  that could result in hangs or lost input.  you are unlikely to see
this problem without pipelining enabled in a browser.

it's fixable, just a simple matter of programming...

Greg

 
____________________________________________________________________________________
Sucker-punch spam with award-winning protection. 

Re: [PATCH 39299] - Patch review request

Thanks Nick for responding to my request.

My comments are in between.

On Wed, Feb 28, 2007 at 10:49:48PM +0000, Nick Kew wrote:
> On Wed, 28 Feb 2007 14:31:19 -0800
> Basant Kukreja <Basant.Kukreja <at> Sun.COM> wrote:
> 
> > Hi,
> >    I am Basant. I work in web tier group in Sun Microsystems Inc.
> > 
> > I have submitted the patch for bug 39299.
> > Summary : Internal Server Error (500) on COPY
> > URI : http://issues.apache.org/bugzilla/show_bug.cgi?id=39299
> > 
> > 
> > Can some of the committer kindly review my patch please to see if it
> > is acceptable or not?
> > Patch is against 2.2.x branch.
> 
> 409 implies a condition the client can fix.  Your patch tests for
> a particular condition that is likely to be fixable in a server
> with DAV up&running.  But AFAICS it could also give a bogus 409,
> for example in the case of a newly-installed and misconfigured
> server.
Can you kindly elaborate more? How newly misconfigured server can
send 409? Here is my test case :

DavLockDB /disk/apache/apache2/var/DAVLockFs
<Directory "/disk/apache/apache2/htdocs/DAVtest">

Re: What do you think about Lighttpd?

Ah, OK.... so I shouldn't panic until a browser ships with pipelining
enabled by default. HTTP pipelining would be nice, as in limited
tests, it had a nice performance increase on sites with lots of little
images/css/etc.

On 3/1/07, Greg Ames <ames_greg <at> yahoo.com> wrote:
>
> --- steve <iamstever <at> gmail.com> wrote:
>
> > > I use it too, and have meddled with it enough at a source level to feel
> > > comfortable running it. It has obvious, documented, problems (don't use
> > > it with mod_ssl),
> >
> > I didn't make it clear earlier -- I do use the event mpm.
> > Successfully. What *is* the problem with mod_ssl anyway??? I have used
> > the two together, and I haven't seen a problem....
>
> I had something to do with the event mpm also, but I've been out of the loop on
> it for some time, so the following may not be quite right.
>
> basically mod_ssl's input filters and check_pipeline_flush() have different
> views of how to tell when there is no more input data queued.  there used to be
> the possibility that when a client uses HTTP pipelining (multiple requests
> back-to-back without waiting for a response after each), mod_ssl could have
> data stashed in its input filters for requests after the first request, and the
> httpd core (check_pipeline_flush() ) wouldn't realize it and make a bad
> decision.  that could result in hangs or lost input.  you are unlikely to see
> this problem without pipelining enabled in a browser.
>
> it's fixable, just a simple matter of programming...

Re: util_ldap.c use of hardcoded sizelimit on ldap_search_ext_s causing error

Re: [PATCH 39299] - Patch review request

> -----Ursprüngliche Nachricht-----
> Von: Basant.Kukreja <at> Sun.COM [mailto:Basant.Kukreja <at> Sun.COM] 
> Gesendet: Freitag, 2. März 2007 02:15
> An: dev <at> httpd.apache.org
> Betreff: Re: [PATCH 39299] - Patch review request
> 
> 
> Thanks Nick for responding to my request.
> 
> My comments are in between.
> 
> On Wed, Feb 28, 2007 at 10:49:48PM +0000, Nick Kew wrote:
> > On Wed, 28 Feb 2007 14:31:19 -0800
> > Basant Kukreja <Basant.Kukreja <at> Sun.COM> wrote:
> > 
> > > Hi,
> > >    I am Basant. I work in web tier group in Sun Microsystems Inc.
> > > 
> > > I have submitted the patch for bug 39299.
> > > Summary : Internal Server Error (500) on COPY
> > > URI : http://issues.apache.org/bugzilla/show_bug.cgi?id=39299
> > > 
> > > 
> > > Can some of the committer kindly review my patch please 
> to see if it
> > > is acceptable or not?
> > > Patch is against 2.2.x branch.
> > 
> > 409 implies a condition the client can fix.  Your patch tests for
> > a particular condition that is likely to be fixable in a server
> > with DAV up&running.  But AFAICS it could also give a bogus 409,
> > for example in the case of a newly-installed and misconfigured
> > server.
> Can you kindly elaborate more? How newly misconfigured server can
> send 409? Here is my test case :
> 
> DavLockDB /disk/apache/apache2/var/DAVLockFs
> <Directory "/disk/apache/apache2/htdocs/DAVtest">
> Options Indexes FollowSymLinks
> AllowOverride None
> order allow,deny
> allow from all
> AuthName "SMA Development server"
> AuthType Basic
> DAV On
> </Directory>
> 
> Now assuming, I misconfigured the server and I intended to 
> configure /DAVtest1 instead of
> /DAVtest, if I send a request.
> 
> ----------------------------------------------
> COPY /DAVtest1/litmus/copysrc HTTP/1.1
> Host: myhostname.mydomain:4004
> User-Agent: litmus/0.11 neon/0.25.5
> Connection: TE
> TE: trailers
> Depth: 0
> Destination: 
> http://myhostname.mydomain:4004/DAVtest/litmus/nonesuch/foo
> Overwrite: F
> X-Litmus: copymove: 5 (copy_nodestcoll

I guess Nicks Idea was the other way round:

COPY /DAVtest/litmus/copysrc

Destination: http://myhostname.mydomain:4004/DAVtest1/litmus/nonesuch/foo

IMHO this direction would also better match the problem described in PR39299.

Regards

Rüdiger

Re: [PATCH 39299] - Patch review request

On Fri, Mar 02, 2007 at 08:39:25AM +0100, Plüm, Rüdiger, VF EITO wrote:
> 
> 
> > -----Ursprüngliche Nachricht-----
> > Von: Basant.Kukreja <at> Sun.COM [mailto:Basant.Kukreja <at> Sun.COM] 
> > Gesendet: Freitag, 2. März 2007 02:15
> > An: dev <at> httpd.apache.org
> > Betreff: Re: [PATCH 39299] - Patch review request
> > 
> > 
> > Thanks Nick for responding to my request.
> > 
> > My comments are in between.
> > 
> > On Wed, Feb 28, 2007 at 10:49:48PM +0000, Nick Kew wrote:
> > > On Wed, 28 Feb 2007 14:31:19 -0800
> > > Basant Kukreja <Basant.Kukreja <at> Sun.COM> wrote:
> > > 
> > > > Hi,
> > > >    I am Basant. I work in web tier group in Sun Microsystems Inc.
> > > > 
> > > > I have submitted the patch for bug 39299.
> > > > Summary : Internal Server Error (500) on COPY
> > > > URI : http://issues.apache.org/bugzilla/show_bug.cgi?id=39299
> > > > 
> > > > 
> > > > Can some of the committer kindly review my patch please 
> > to see if it
> > > > is acceptable or not?
> > > > Patch is against 2.2.x branch.
> > > 
> > > 409 implies a condition the client can fix.  Your patch tests for
> > > a particular condition that is likely to be fixable in a server
> > > with DAV up&running.  But AFAICS it could also give a bogus 409,
> > > for example in the case of a newly-installed and misconfigured
> > > server.
> > Can you kindly elaborate more? How newly misconfigured server can
> > send 409? Here is my test case :
> > 
> > DavLockDB /disk/apache/apache2/var/DAVLockFs
> > <Directory "/disk/apache/apache2/htdocs/DAVtest">
> > Options Indexes FollowSymLinks
> > AllowOverride None
> > order allow,deny
> > allow from all
> > AuthName "SMA Development server"
> > AuthType Basic
> > DAV On
> > </Directory>
> > 
> > Now assuming, I misconfigured the server and I intended to 
> > configure /DAVtest1 instead of
> > /DAVtest, if I send a request.
> > 
> > ----------------------------------------------
> > COPY /DAVtest1/litmus/copysrc HTTP/1.1
> > Host: myhostname.mydomain:4004
> > User-Agent: litmus/0.11 neon/0.25.5
> > Connection: TE
> > TE: trailers
> > Depth: 0
> > Destination: 
> > http://myhostname.mydomain:4004/DAVtest/litmus/nonesuch/foo
> > Overwrite: F
> > X-Litmus: copymove: 5 (copy_nodestcoll
> 
> I guess Nicks Idea was the other way round:
> 
> COPY /DAVtest/litmus/copysrc
> 
> Destination: http://myhostname.mydomain:4004/DAVtest1/litmus/nonesuch/foo
> 
There is a crash issue in that case. I need to address the issue along
with the current fix. I have update the PR.

Regards,
Basant.

> IMHO this direction would also better match the problem described in PR39299.
> 
> Regards
> 
> Rüdiger
> 
> 

Re: Module Crashes if build as a shared object

On 2/28/07, MKhurana <at> in.safenet-inc.com <MKhurana <at> in.safenet-inc.com> wrote:
>
>
>
> Hi all
>
> One of my apache module crashes if it is used as shared module but works
> fine if it is build as static module.

Watch out for static variable usage in your module.  That's a common
cause of this type of problem.  Static variables don't retain their
values between the multiple calls to the post-config hook when your
module is built as a DSO.

> Also it was working fine as shared module before I upgraded to kernel 2.6
> and glibc 2.3.4.

shrug

> Following is the back trace
>
>
> (gdb) bt
> #0  0xffffe410 in __kernel_vsyscall ()
> #1  0xb7d43bbb in pthread_setspecific () from /lib/libpthread.so.0
> #2  0x080c92de in child_main (child_num_arg=0) at worker.c:1258

child_main doesn't call pthread_setspecific(), so some info is missing
or just incorrect.

I'd recommend stepping through your module's initialization hooks and
looking for unexpected behavior.

Re: util_ldap.c use of hardcoded sizelimit on ldap_search_ext_s causing error

Looks good, I think I like your first suggestion better, putting the #ifdef in apr_ldap.h.in.  This seems a
little more straight forward rather than hiding the value in configure.

Brad

>>> On 3/1/2007 at 7:07 PM, in message
<3ce0569d0703011807g15dcba1eq20bb20c57df6774b <at> mail.gmail.com>, "David Jones"
<oscaremma <at> gmail.com> wrote:
> How about:
> changes to apr_ldap.h.in:
> #define APR_HAS_ZOS_LDAPSDK        <at> apu_has_ldap_zos <at> 
> 
> #if APR_LDAP_HAS_ZOS_LDAPSDK
> #define APR_LDAP_SIZELIMIT  LDAP_NO_LIMIT
> #else
> #ifdef LDAP_DEFAULT_LIMIT
> #define APR_LDAP_SIZELIMIT LDAP_DEFAULT_LIMIT
> #else
> #define APR_LDAP_SIZELIMIT -1 /* equivalent to LDAP_DEFAULT_LIMIT */
> #endif
> #endif
> 
> 
> This part of  the util_ldap.c patch at the bottom could allow util_ldap.c to
> compile regardless of apr-util level, but would not typically commit it?
> +#ifndef APR_LDAP_SIZELIMIT
> +#define APR_LDAP_SIZELIMIT -1
>  #endif
> 
> 
> 
> Or could add info to apu-conf.m4 for each SDK, eliminating the need for the
> ZOS specific #if (would just need #define APR_LDAP_SIZELIMIT
>  <at> apu_ldap_sizelimit)
> (If get any input from other SDKs then could replace its  -1 with
> LDAP_DEFAULT_LIMIT or LDAP_NO_LIMIT as i did for z/OS)
> 
> Index: apu-conf.m4
> ===================================================================
> RCS file: /m0xa/cvs/phoenix/2.2.4/srclib/apr-util/build/apu-conf.m4,v
> retrieving revision 1.2
> diff -u -d -b -r1.2 apu-conf.m4
> --- apu-conf.m4 12 Feb 2007 18:19:20 -0000      1.2
> +++ apu-conf.m4 1 Mar 2007 20:07:26 -0000
> 
>  <at>  <at>  -267,10 +273,13  <at>  <at> 
>  apu_has_ldap_sslinit="0"
>  apu_has_ldapssl_install_routines="0"
>  apu_has_ldap_openldap="0"
>  +apu_has_ldap_sizelimit="0"
>  <at>  <at>  -354,42 +363,57  <at>  <at> 
>            AC_EGREP_CPP([OpenLDAP], [$lber_h
>                         $ldap_h
>                         LDAP_VENDOR_NAME], [apu_has_ldap_openldap="1"
> +                                           apu_ldap_sizelimit="-1"
>                                             apr_cv_ldap_toolkit="OpenLDAP"])
>          fi
>          if test "x$apr_cv_ldap_toolkit" = "x"; then
>            AC_EGREP_CPP([Sun Microsystems Inc.], [$lber_h
>                         $ldap_h
>                         LDAP_VENDOR_NAME], [apu_has_ldap_solaris="1"
> +                                           apu_ldap_sizelimit="-1"
>                                             apr_cv_ldap_toolkit="Solaris"])
>          fi
>          if test "x$apr_cv_ldap_toolkit" = "x"; then
>            AC_EGREP_CPP([Novell], [$lber_h
>                         $ldap_h
>                         LDAP_VENDOR_NAME], [apu_has_ldap_novell="1"
> +                                           apu_ldap_sizelimit="-1"
>                                             apr_cv_ldap_toolkit="Novell"])
>          fi
>          if test "x$apr_cv_ldap_toolkit" = "x"; then
>            AC_EGREP_CPP([Microsoft Corporation.], [$lber_h
>                         $ldap_h
>                         LDAP_VENDOR_NAME], [apu_has_ldap_microsoft="1"
> +                                           apu_ldap_sizelimit="-1"
> 
> apr_cv_ldap_toolkit="Microsoft"])
>          fi
>          if test "x$apr_cv_ldap_toolkit" = "x"; then
>            AC_EGREP_CPP([Netscape Communications Corp.], [$lber_h
>                         $ldap_h
>                         LDAP_VENDOR_NAME], [apu_has_ldap_netscape="1"
> +                                           apu_ldap_sizelimit="-1"
>                                             apr_cv_ldap_toolkit="Netscape"])
>          fi
>          if test "x$apr_cv_ldap_toolkit" = "x"; then
>            AC_EGREP_CPP([mozilla.org], [$lber_h
>                         $ldap_h
>                         LDAP_VENDOR_NAME], [apu_has_ldap_mozilla="1"
> +                                           apu_ldap_sizelimit="-1"
>                                             apr_cv_ldap_toolkit="Mozilla"])
>          fi
>          if test "x$apr_cv_ldap_toolkit" = "x"; then
> +          AC_EGREP_CPP([IBM], [$lber_h
> +                       $ldap_h
> +                       LDAP_VENDOR_NAME], [apu_has_ldap_zos="1"
> +
> apu_ldap_sizelimit="LDAP_NO_LIMIT"
> +                                           apr_cv_ldap_toolkit="ZOS"])
> +        fi
> +        if test "x$apr_cv_ldap_toolkit" = "x"; then
>            apu_has_ldap_other="1"
> +          apu_ldap_sizelimit="-1"
>            apr_cv_ldap_toolkit="unknown"
>          fi
> +
>        ])
>      fi
> 
>  <at>  <at>  -398,15 +422,20  <at>  <at> 
>      LIBS=$save_libs
>    ])
> 
> +AC_SUBST(apu_ldap_sizelimit)
>  AC_SUBST(ldap_h)
>  AC_SUBST(lber_h)
>  AC_SUBST(ldap_ssl_h)
> 
>  <at>  <at>  -415,6 +444,7  <at>  <at> 
>  AC_SUBST(apu_has_ldap_microsoft)
>  AC_SUBST(apu_has_ldap_netscape)
>  AC_SUBST(apu_has_ldap_mozilla)
> +AC_SUBST(apu_has_ldap_zos)
>  AC_SUBST(apu_has_ldap_other)
> 
>  ])
> 
> 
> 
> 
> And finally this same either way except for the question on #ifndef
> APR_LDAP_SIZELIMIT
> Index: util_ldap.c
> ===================================================================
> RCS file: /m0xa/cvs/phoenix/2.2.4/modules/ldap/util_ldap.c,v
> retrieving revision 1.3
> diff -u -d -b -r1.3 util_ldap.c
> --- util_ldap.c 15 Feb 2007 18:55:41 -0000      1.3
> +++ util_ldap.c 1 Mar 2007 20:19:39 -0000
>  <at>  <at>  -45,15 +45,8  <at>  <at> 
>  #include "unixd.h"
>  #endif
> 
> -#ifndef LDAP_NO_LIMIT
> -#define LDAP_NO_LIMIT -1
> +#ifndef APR_LDAP_SIZELIMIT
> +#define APR_LDAP_SIZELIMIT -1
>  #endif
> 
>  module AP_MODULE_DECLARE_DATA ldap_module;
>  <at>  <at>  -681,7 +681,7  <at>  <at> 
>      /* search for reqdn */
>      if ((result = ldap_search_ext_s(ldc->ldap, (char *)reqdn,
> LDAP_SCOPE_BASE,
>                                      "(objectclass=*)", NULL, 1,
> -                                    NULL, NULL, NULL, LDAP_NO_LIMIT, &res))
> +                                    NULL, NULL, NULL, APR_LDAP_SIZELIMIT,
> &res))
>              == LDAP_SERVER_DOWN)
>      {
>          ldc->reason = "DN Comparison ldap_search_ext_s() "
>  <at>  <at>  -960,13 +961,14  <at>  <at> 
>      if ((result = ldap_search_ext_s(ldc->ldap,
>                                      (char *)basedn, scope,
>                                      (char *)filter, attrs, 0,
> -                                    NULL, NULL, NULL, LDAP_NO_LIMIT, &res))
> +                                    NULL, NULL, NULL, APR_LDAP_SIZELIMIT,
> &res))
>              == LDAP_SERVER_DOWN)
>      {
>          ldc->reason = "ldap_search_ext_s() for user failed with server
> down";
> 
>  <at>  <at>  -1200,14 +1202,14  <at>  <at> 
>      if ((result = ldap_search_ext_s(ldc->ldap,
>                                      (char *)basedn, scope,
>                                      (char *)filter, attrs, 0,
> -                                    NULL, NULL, NULL, LDAP_NO_LIMIT, &res))
> +                                    NULL, NULL, NULL, APR_LDAP_SIZELIMIT,
> &res))
>              == LDAP_SERVER_DOWN)
>      {
>          ldc->reason = "ldap_search_ext_s() for user failed with server
> down"