headers
Jan Kneschke | 2 Sep 2004 00:06
Picon
Gravatar

Re: problems with fcgi

On Sun, Aug 29, 2004 at 07:40:02PM -0500, Mike wrote:
> fcgi.c:1145
>             buffer_append_string(hctx->response_header, hctx->response->ptr);
> this code makes it trivial for a bad fcgi to core lighttpd.  If there
> is no \r\n\r\n in the resopnse, this case gets called instead.  The
> response buffer is not null terminated, and at best buffer_append_string 
> will get random data into the buffer after calling strlen() on it.  The
> more likely scenario is a core when strlen() hits top of heap.

Just checked the code. The terminator was removed by a #ifdef. Changing 

buffer_append_string(hctx->response_header, hctx->response->ptr);

to

buffer_append_string_buffer(hctx->response_header, hctx->response);

fixes the problem.

> Mike
> 
    Jan

--

-- 
Jan Kneschke                                     http://jan.kneschke.de/
Perhaps you want to say 'thank you, jan':    http://jk.123.org/wishlist/
Permalink | Reply | 2 comments |
headers
Jan Kneschke | 2 Sep 2004 17:02
Picon
Gravatar

PRE-RELEASE: lighttpd-1.2.7-20040902-1654.tar.gz


I just want to show a new feature of the upcoming 1.2.7:

http://jan.kneschke.de/rrd/

Documentation is at:

http://jan.kneschke.de/projects/lighttpd/documentation/rrdtool.html

Code at:

http://jan.kneschke.de/projects/lighttpd/download/lighttpd-1.2.7-20040902-1654.tar.gz

    Jan

--

-- 
Jan Kneschke                                     http://jan.kneschke.de/
Perhaps you want to say 'thank you, jan':    http://jk.123.org/wishlist/
Permalink | Reply | 0 comments |
headers
Jan Kneschke | 2 Sep 2004 20:07
Picon
Gravatar

Re: lighttpd mit cygwin - undefined reference to ...

On Thu, Sep 02, 2004 at 07:49:47PM +0200, Marcel Wunderlich wrote:
> hallo, ich versuche momentan den lighttpd mit cygwin zu compilieren. hab nun
> verschiedene versionen ausprobiert, auch die v1.2.7. klappt allerdings
> nicht. folgenden fehler kriege ich beim compilieren:
> 
> 
> usw... setzt sich das leider mit verschiedenen funktionen fort. wenn ich das
> richtig verstehe, fehlen da wohl ein paar libs? nur welchen könnten das
> sein?

Im Gegenteil. Die ganzen Module wollen Symbole aus dem Binary haben. Und
das kann der cygwin linker nicht. 

    Jan

--

-- 
Jan Kneschke                                     http://jan.kneschke.de/
Perhaps you want to say 'thank you, jan':    http://jk.123.org/wishlist/
Permalink | Reply | 0 comments |
headers
Viktors Rotanovs | 3 Sep 2004 11:20

configuration questions

Hi,

a pair of lite questions:

1) can I rely on mimetype.assign to deny access to files not mentioned 
there and in fastcgi handler? Currently it says File Not Found but maybe 
there is some way to access these I'm not aware of. BTW if it works well 
then url.access-deny doesn't have much sense.

2) expire.url is good - but is it possible to do something like 
ExpireByType or maybe specify urls in format similar to url.access-deny?

Best Wishes,
Viktors
Happy lighttpd user :)
Permalink | Reply | 3 comments |
headers
Viktors Rotanovs | 3 Sep 2004 12:35

cgi module keeps crashing

Hi,

I've enabled cgi module in addition to fastcgi to run perl chat script, 
and now lighttpd keeps crashing (but some requests are served). What 
should I check first?

grsec: From 217.198.224.13: signal 11 sent to 
/opt/lighttpd/sbin/lighttpd[lighttpd:6682] uid/euid:1023/1023 
gid/egid:416/416, parent /usr/bin/supervise[supervise:17431] 
uid/euid:0/0 gid/egid:0/0

I tried lighttpd-1.2.7-20040902-1654 and lighttpd-1.2.7-20040829-1207.
It also seems that lighttpd crashes not only when calling cgi script, 
but also on other requests.

Thanks for any help!

Best Wishes,
Viktors
Permalink | Reply | 1 comment |
headers
Jan Kneschke | 3 Sep 2004 20:26
Picon
Gravatar

Re: configuration questions

On Fri, Sep 03, 2004 at 12:20:00PM +0300, Viktors Rotanovs wrote:
> Hi,
> 
> a pair of lite questions:
> 
> 1) can I rely on mimetype.assign to deny access to files not mentioned 
> there and in fastcgi handler? Currently it says File Not Found but maybe 
> there is some way to access these I'm not aware of. BTW if it works well 
> then url.access-deny doesn't have much sense.

if the mimetype is not known application/octet-stream is used. It should
not deny any access itself.

> 2) expire.url is good - but is it possible to do something like 
> ExpireByType or maybe specify urls in format similar to url.access-deny?

$HTTP["url"] =~ "\.(txt|jpg)$" {
  expire.url = ( "" => "..." )
}

should work.

> Best Wishes,
> Viktors
> Happy lighttpd user :)
> 
    Jan

--

-- 
Jan Kneschke                                     http://jan.kneschke.de/
(Continue reading)

Permalink | Reply | 2 comments |
headers
Jan Kneschke | 3 Sep 2004 20:27
Picon
Gravatar

Re: cgi module keeps crashing

On Fri, Sep 03, 2004 at 01:35:00PM +0300, Viktors Rotanovs wrote:
> Hi,
> 
> I've enabled cgi module in addition to fastcgi to run perl chat script, 
> and now lighttpd keeps crashing (but some requests are served). What 
> should I check first?
> 
> grsec: From 217.198.224.13: signal 11 sent to 
> /opt/lighttpd/sbin/lighttpd[lighttpd:6682] uid/euid:1023/1023 
> gid/egid:416/416, parent /usr/bin/supervise[supervise:17431] 
> uid/euid:0/0 gid/egid:0/0
> 
> I tried lighttpd-1.2.7-20040902-1654 and lighttpd-1.2.7-20040829-1207.
> It also seems that lighttpd crashes not only when calling cgi script, 
> but also on other requests.

Can you run strace on lighttpd and the cgi request ? 

$ strace -f -s 500 lighttpd -D -f ...

> Thanks for any help!
> 
> Best Wishes,
> Viktors
> 
    Jan

--

-- 
Jan Kneschke                                     http://jan.kneschke.de/
Perhaps you want to say 'thank you, jan':    http://jk.123.org/wishlist/
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jan Kneschke | 4 Sep 2004 15:31
Picon
Gravatar

PATCH: conditional config in 1.2.7


Dear users,

lighttpd 1.2.7 contained non-functional conditional config support. 
Please apply the following patch if neccesary.

http://jan.kneschke.de/projects/lighttpd/download/lighttpd-1.2.7-cond.patch

RPMs are update accordinly:

http://jan.kneschke.de/projects/lighttpd/download/lighttpd-1.2.7-2.i586.rpm
http://jan.kneschke.de/projects/lighttpd/download/lighttpd-1.2.7-2.src.rpm

    Jan

--

-- 
Jan Kneschke                                     http://jan.kneschke.de/
Perhaps you want to say 'thank you, jan':    http://jk.123.org/wishlist/
Permalink | Reply | 0 comments |
headers
Mike | 4 Sep 2004 17:39

still having issues with fcgi

I must be real unluky - if I'm the only one that is having these
FastCGI issues...  any input/suggestions are welcome.

I have a REALLY simple fcgi running, with lighttpd 1.2.7; using
a browser, everything works correctly.  However running

ab -n 1000 -c 5 http://salvator:2080/x.html

gets "stuck" practically every time after some number of requests
are completed.  I've recompiled fcgi.c after removing all of the
#if 0 's that surround log messages, and it's pretty clear that
something special happens on the request that gets stuck
(please note the "didn't get full header" message)

Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1068) offset:  6 8 6 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1085) offset:  6 104 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1103) len 96 Content-type:
text/html^M ^M <head>^M <title>untitled</title>^M </head>^M <body >^M
<p>99</p></body>^M  
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1122) Header: Content-type:
text/html^M ^M  
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1139) body-len 69 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1068) offset:  6 112 6 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1085) offset:  6 112 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1068) offset:  6 120 3 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1085) offset:  6 128 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1068) offset:  6 8 6 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1085) offset:  6 105 
Sep  4 11:24:22 salvator lighttpd: (fcgi.c.1103) len 97 Content-type:
text/html^M ^M <head>^M <title>untitled</title>^M </head>^M <body >^M
(Continue reading)

Permalink | Reply | 1 comment |
headers
Jan Kneschke | 4 Sep 2004 17:57
Picon
Gravatar

Re: still having issues with fcgi

On Sat, Sep 04, 2004 at 10:39:10AM -0500, Mike wrote:
> I must be real unluky - if I'm the only one that is having these
> FastCGI issues...  any input/suggestions are welcome.
> 
> I have a REALLY simple fcgi running, with lighttpd 1.2.7; using
> a browser, everything works correctly.  However running
> 
> ab -n 1000 -c 5 http://salvator:2080/x.html
> 
> gets "stuck" practically every time after some number of requests
> are completed.  I've recompiled fcgi.c after removing all of the
> #if 0 's that surround log messages, and it's pretty clear that
> something special happens on the request that gets stuck
> (please note the "didn't get full header" message)

truss ... is this solaris or freebsd ? 

If FreeBSD, please use the strace port as it provides a lot more output.
Otherwise it is hard to tell what was on the wire. 

You can use dump_packet() from reponse.c to display the packet which
failed to be parsed. That we I can tell what is really going on there.

> Sep  4 11:24:31 salvator lighttpd: (fcgi.c.1045) didn't get the full header: 
> 0 8 20 

 
> Mike

    Jan
(Continue reading)

Permalink | Reply | 0 comments |

Gmane