Christopher Stanley | 30 Oct 20:10 2014
Picon

Trouble upgrading to 2.2.29 from 2.2.8 - mod_deflate error

Hey guys!

I am having trouble upgrading from Apache 2.2.8 -> 2.2.29 with the following error occurring after running 'make'

/usr/local/apache2/build/libtool --silent --mode=compile gcc -g -O2 -pthread    -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE    -I/opt/vignette/software/apache/srclib/pcre -I. -I/opt/vignette/software/apache/os/unix -I/opt/vignette/software/apache/server/mpm/prefork -I/opt/vignette/software/apache/modules/http -I/opt/vignette/software/apache/modules/filters -I/opt/vignette/software/apache/modules/proxy -I/opt/vignette/software/apache/include -I/opt/vignette/software/apache/modules/generators -I/opt/vignette/software/apache/modules/mappers -I/opt/vignette/software/apache/modules/database -I/usr/local/apache2/include -I/opt/vignette/software/apache/modules/proxy/../generators -I/usr/kerberos/include -I/opt/vignette/software/apache/modules/ssl -I/opt/vignette/software/apache/modules/dav/main  -prefer-non-pic -static -c mod_deflate.c && touch mod_deflate.lo
mod_deflate.c: In function `deflate_out_filter':
mod_deflate.c:790: error: `APR_INT32_MAX' undeclared (first use in this function)
mod_deflate.c:790: error: (Each undeclared identifier is reported only once
mod_deflate.c:790: error: for each function it appears in.)
mod_deflate.c: In function `deflate_in_filter':
mod_deflate.c:1165: error: `APR_INT32_MAX' undeclared (first use in this function)
mod_deflate.c: In function `inflate_out_filter':
mod_deflate.c:1550: error: `APR_INT32_MAX' undeclared (first use in this function)
make[3]: *** [mod_deflate.lo] Error 1
make[3]: Leaving directory `/opt/vignette/software/httpd-2.2.29/modules/filters'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/opt/vignette/software/httpd-2.2.29/modules/filters'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/opt/vignette/software/httpd-2.2.29/modules'
make: *** [all-recursive] Error 1

I am running RHEL4 (I know it's bad)

Any help would be much appreciated!

Thanks!
Jan Cartman | 30 Oct 13:05 2014

Override or set authenticated user in Apache 2.4 in conf

Hi all,

 

I need to override the current authenticated user, e.g.

 

Joe Smith ABC fhjsdj342

to

fhjsdj342

As you can see, there's a fixed scheme (last token).

The new user id is needed for authorization.

I appreciate any hints or comments. But here are some more concrete questions:

  1. Is the authenticated user stored in any way usable in the config? I know, for logging it can be received by %u. Then, there's the Apache variable REMOTE_USER, but as far as I understand this is intended to be used by CGI or SSI scripts and not for Rewrite or similiar?

  2. If it is possible to modify the authenticated user, where would be the place to do so? Is it possible and reasonable to do it in a rewrite block?

Cheers,

Jan

 

Rose, John B | 29 Oct 20:25 2014
Picon

Red Hat 7 Apache 2.4

We have installed Red Hat 7 and have been working on setting up some web sites for testing in that environment.

It looks like the version bundled with RH7 has the issues mentioned in this 


We have done a yum update but I guess what we have is the latest version available via that method.

Here is what we are getting …

"service httpd graceful
Passing arguments to httpd using apachectl is no longer supported.
You can only start/stop/restart httpd using this script.
If you want to pass extra arguments to httpd, edit the
/etc/sysconfig/httpd config file."

Doing a process listing gives httpd processes with this "/usr/sbin/httpd –DFOREGROUND"

httpd -V
Server version: Apache/2.4.6 (Red Hat)

Any suggestions?

Thanks

Gaurav Khanna | 28 Oct 20:27 2014

Two x509 SSL certificates with different signature algorithms differing only in the hash

Hi,

I have apache configured with 2 SSL X509 certificates with differing signature algorithms as in:

1. sha1WithRSAEncryption
2. sha256WithRSAEncryption

Now it seems "that the certificate with "sha256WithRSAEncryption" is always utilized when SSL / TLS is established. Tested with the latest browsers and "openssl s_client". 

Is this a supported combination while configuring TLS in Apache?

Apache: 2.4.10
OpenSSL: 1.0.2 beta

Regards,
Gaurav


Eddie B | 28 Oct 19:29 2014

Tracking the reason for graceful restarts

I would like to track what is causing apache to gracefully restart. I already have a log monitor alert me when “[notice] Graceful restart requested, doing restart” shows up in the logs.  It is not a log rotation: it happens at irregular times time through the day, but they are scheduled for once a week. It also isn’t the logs getting rotated due to growing too large (they logs are well under the maximum size).

 

I would like to find out who is responsible for the graceful restarts.

 

(if you are interested in why I need to know that, it’s because every time apache restarts I get these errors:

[emerg] [client xxx.xxx.41.129] (43)Identifier removed: mod_fcgid: can't lock process table in pid 1325, referer: https://domain.com/, and it causes problems with my application. The issue is a modfcgid bug which should have been solved, but it still occurs in modfcgid 2.3.7)

 

 

John Mark Mitchell | 28 Oct 18:06 2014

Mod_Rewrite with Location Directive

All,
I have worked with Apache for well over a decade now and have come to understand that there is usually more than one way to accomplish desired outcomes. I have been trying for a couple of weeks to troubleshoot something that I thought at first would be a simple conf error or mis-use of a module/context but I am starting to wonder if I am trying to get apache to do something it not able to handle. If you would, please give the following a read and let me know what you think.

In short, I am trying get Location directives in my vhost conf to match after using mod_rewrite in my .htaccess file.

I have the following in .htaccess:

# pass through non-matched files (e.g., anything but assets) to codeigniter
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

And, in a vhost conf I have the following:

# cache /virtualpath/ content for 30 days
<Location /virtualpath/>
      ExpiresActive On
      ExpiresDefault "access plus 30 days"
      Header Set Pragma "public"
      Header Set Cache-Control "public"
</Location>

# cache /realpath/ content for 15 days
<Location /realpath/>
      ExpiresActive On
      ExpiresDefault "access plus 15 days"
      Header Set Pragma "public"
      Header Set Cache-Control "public"
</Location>

I have found that real paths (physical files on the file system) get the headers added while virtual files paths (those processed by codeigniter) do not. This has stumped me for days. I believe this is because the path env var is rewritten when the htacess rewrite rule kicks in.  A recent day of googling uncovered this very informative writeup: http://stackoverflow.com/a/10128290/171475. From that writeup, I am guessing there is no way to use a Location match on the original request path. Would you agree or is there another creative way you would suggest trying to solve the conflict between the rewrite and the Location directive?

Any pointers or help you can provide would be greatly appreciated.


Thanks all!


-John Mark Mitchell

 

  Director of Digital Innovation

  American Bible Society

  jmitchell <at> americanbible.org

Tom Lobato | 28 Oct 17:47 2014
Picon

gzip request and rewrite

Hello guys,

I`m facing a very annoying issue. I tried a lot of searches and maybe
because it is too specific I couldn`t find references.

I`ve setup a app and apache to run gzipped post requests. It`s working
perfectly when I send directly to a test php file.
But as I`m using zend php framework I need to do rewrite with
RewriteRule ^.*$ index.php [NC,L]
and when index.php receive the request, looks like it was not
unzipped. $_POST variable is:

Array
(
    [^_~K^H] => w~ <at> ?e^G^G??bg...
...
...

So, looks like the rewrite is changing the gzipped body handling. Is
it possible? And any idea about how to make index.php receive the
correct, unzipped, body?

Thanks,
Tom
Tony Middleton | 28 Oct 17:08 2014

REMOTE_USER not set for unprotected pages

I wish to have two parts to a website:

Part that is protected by authentication (Require valid-user).

Part that is available to all but processing takes into account whether
the user has authenticated previously.

In the second part I am trying to identify whether the user has
authenticated by looking at REMOTE_USER but it appears that it is not
set for those parts not covered by Require valid-user.

Is there any way to require that REMOTE_USER be set even for unprotected
pages once a user/password has been entered?

Regards

Tony

Juan Carvajal B. | 28 Oct 15:37 2014

PipedLogs and OpenGL

Hello List!

I created an app with GUI that gets data from the apache served through the functionality called piped logs.

My app works just fine when I launch it from codeblocks or when I start it myself via gui or from command line, even if I lunch it as Root.

However: when Apache launches the application fails to create the openGL window (some cout output located at main() before creating the openGL window is shown in the command line). I digged into the apache error logs and I found the following messages:

[ error ] ofAppGLFWWindow: 65542: X11: Failed to open X display
[ error ] ofAppGLFWWindow: couldn't init GLFW
[ error ] ofAppGLFWWindow: 65537: The GLFW library is not initialized
[ error ] ofFbo: GL frame buffer object not supported by this graphics card
Segmentation fault (core dumped)

My  app worked fine in windows (GUI included). However for technical reasons I need to use it in linux (Ubuntu 12.04 64 bits). And I'm facing the problem described above. My app is based in openframworks i.e. openGL.

I'm almost sure that this has to do with the context in which apache is being run. However, this is beyond my tech expertise.

Every piece of help is highly appreciated!

Basic data:

Ubuntu 12.04 64bits

Apache2

OF 0.84



--
Join our mailing list (Max 1-mail / month)

Knacktus | 28 Oct 13:38 2014

mod_ssl: Failed to set r->user to 'SSL_CLIENT_S_DN_Email'

Hi all,

I'm using mod_ssl to authenticate user by a client certificate. The certificate contains the E-Mail address as subject alternative name:

...
        X509v3 extensions:
            X509v3 Subject Alternative Name:
                email:joe.johnson <at> jojo.de
...

mod_ssl is configured as

...
SSLOptions +StdEnvVars +ExportCertData
SSLUserName SSL_CLIENT_S_DN_Email
...

The documentation says: ...

x509 specifies a component of an X.509 DN; one of C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email.

Now, in my case, the subject DN itself is only:

DC=JOJO, CN=JOHNSON JOE SOME_ABBREVATION SOME_NUMBER

Any ideas of how to extract the E-Mail Adresse from the X509v3 extension an map it to th SSLUserName?

Cheers,

Jan
Andre.Wendel | 28 Oct 11:13 2014
Picon
Picon

After 414 error page will not be delievered, because of long referer?

Hello,

 

i have a problem with customized ErrorDocuments within the Apache, because if I send an GET request to the webserver which provokes an 414 (i.e. an URL which is to long), the apache is not able to deliver the error page, only the standard page within the related browser will be displayed?

 

Also I found another problem that, if I create an 403 with an long URL on an customized page, additional elements i.e. pictures will not be loaded, because the request for the images within the error page breaks, because of an Bad Request 400, it seems that the referrer within the request is with the additional picture URL leads to an header which is too long.

 

Is there any possibility to delimit the referrer or to get the customized ErrorDocuments working? Or is there another configuration which needs to be added?

 

Regards,

André


Gmane