RE: [us...@httpd] How do I pick up correct version of SSL

[Paul Jacques]

Dears,

I rebuilt the openssl 0.9.8k with so and installed it at /usr/local/ssl

I also add the path in front of LD_LIBRARY_PATH.

The ldd does not show libssl library, may be due to the fact that is using 
DSO...
libm.so.6 => /lib/i686/libm.so.6 (0x4002d000)
libaprutil-1.so.0 => /usr/local/apache2/lib/libaprutil-1.so.0 (0x4005)
libexpat.so.0 => /usr/local/apache2/lib/libexpat.so.0 (0x4006a000)
libapr-1.so.0 => /usr/local/apache2/lib/libapr-1.so.0 (0x40086000)
libpthread.so.0 => /lib/i686/libpthread.so.0 (0x400a8000)
librt.so.1 => /lib/librt.so.1 (0x400bd000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x400d)
libdl.so.2 => /lib/libdl.so.2 (0x400fd000)
libc.so.6 => /lib/i686/libc.so.6 (0x40101000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)

The map file under proc is still showing:
/proc/17730/maps:40526000-40529000 rw-p 00029000 03:01 416496 
/lib/libssl.so.0.9.6b

How can I make apache to use the library in /usr/local/ssl iso 
/lib/libssl.so.0.9.6b?
Does DSO automatically add /lib in library path?

Regards,

P.


  
_
Hotmail: Trusted email with powerful SPAM protection.
https://signup.live.com/signup.aspx?id=60969

RE: [us...@httpd] How do I pick up correct version of SSL

[daniel . goulder]

  From: Paul Jacques  [mailto:Paul Jacques
]
  Sent: 25 February 2010 09:15
  To: users@httpd.apache.org
  Subject: RE: [us...@httpd] How do I pick up correct version of SSL



  Dears,

  I rebuilt the openssl 0.9.8k with so and installed it at
/usr/local/ssl

  I also add the path in front of LD_LIBRARY_PATH.

  The ldd does not show libssl library, may be due to the fact that is
using DSO...
  libm.so.6 => /lib/i686/libm.so.6 (0x4002d000)
  libaprutil-1.so.0 => /usr/local/apache2/lib/libaprutil-1.so.0
(0x4005)
  libexpat.so.0 => /usr/local/apache2/lib/libexpat.so.0
(0x4006a000)
  libapr-1.so.0 => /usr/local/apache2/lib/libapr-1.so.0
(0x40086000)
  libpthread.so.0 => /lib/i686/libpthread.so.0 (0x400a8000)
  librt.so.1 => /lib/librt.so.1 (0x400bd000)
  libcrypt.so.1 => /lib/libcrypt.so.1 (0x400d)
  libdl.so.2 => /lib/libdl.so.2 (0x400fd000)
  libc.so.6 => /lib/i686/libc.so.6 (0x40101000)
  /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)

  The map file under proc is still showing:
  /proc/17730/maps:40526000-40529000 rw-p 00029000 03:01 416496
/lib/libssl.so.0.9.6b

  How can I make apache to use the library in /usr/local/ssl iso
/lib/libssl.so.0.9.6b?
  Does DSO automatically add /lib in library path?

  Regards,

  P.



You will need to check the ldd output from the mod_ssl.so in the Apache
modules directory. Looks like you have done it against the httpd binary.
Also, I think the right place to set/change LD_LIBRARY_PATH is in the
envvars file in the Apache /bin directory...

Please send us the output of ldd mod_ssl.so (unless of course you have
built it statically which is not always a good idea)




__
This e-mail and any attached files are intended for the named addressee only. 
It contains information, which may be confidential and legally privileged and 
also protected by copyright. Unless you are the named addressee (or authorised 
to receive for the addressee) you may not copy or use it, or disclose it to 
anyone else. If you received it in error please notify the sender immediately 
and then delete it from your system. Please be advised that the views and 
opinions expressed in this e-mail may not reflect the views and opinions of 
Associated Newspapers Limited or any of its subsidiary companies. We make every 
effort to keep our network free from viruses. However, you do need to check 
this e-mail and any attachments to it for viruses as we can take no 
responsibility for any computer virus which may be transferred by way of this 
e-mail. Use of this or any other e-mail facility signifies consent to any 
interception we might lawfully carry out to prevent abuse of these faciliti
 es.
Associated Newspapers Ltd. Registered Office: Northcliffe House, 2 Derry St, 
Kensington, London, W8 5TT. Registered No 84121 England.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] How do I pick up correct version of SSL

[Paul Jacques]

You are right, I ran it against httpd

The output of ldd on mod_ssl.so is:
libldap_r.so.2 => /lib/libldap_r.so.2 (0x4016)
liblber.so.2 => /lib/liblber.so.2 (0x4018c000)
libc.so.6 => /lib/i686/libc.so.6 (0x40196000)
libsasl.so.7 => /usr/lib/libsasl.so.7 (0x402d1000)
libkrb4.so.2 => /usr/kerberos/lib/libkrb4.so.2 (0x402dc000)
libdes425.so.3 => /usr/kerberos/lib/libdes425.so.3 (0x402f)
libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x402f5000)
libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3 (0x4034d000)
libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x4035e000)
libssl.so.2 => /lib/libssl.so.2 (0x40361000)
libcrypto.so.2 => /lib/libcrypto.so.2 (0x4038e000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000)
libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x40451000)
libdl.so.2 => /lib/libdl.so.2 (0x40459000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x4045d000)
libpam.so.0 => /lib/libpam.so.0 (0x4048a000)
libresolv.so.2 => /lib/libresolv.so.2 (0x40492000)

In my test before, I exported already the path in envar...

Thanks,

P.

> Date: Thu, 25 Feb 2010 10:22:07 +
> To: users@httpd.apache.org
> From: daniel.goul...@and.co.uk
> Subject: RE: [us...@httpd] How do I pick up correct version of SSL
> 
> 
> 
> 
> 
> 
>   From: Paul Jacques  [mailto:Paul Jacques
> ]
>   Sent: 25 February 2010 09:15
>   To: users@httpd.apache.org
>   Subject: RE: [us...@httpd] How do I pick up correct version of SSL
> 
> 
> 
>   Dears,
> 
>   I rebuilt the openssl 0.9.8k with so and installed it at
> /usr/local/ssl
> 
>   I also add the path in front of LD_LIBRARY_PATH.
> 
>   The ldd does not show libssl library, may be due to the fact that is
> using DSO...
>   libm.so.6 => /lib/i686/libm.so.6 (0x4002d000)
>   libaprutil-1.so.0 => /usr/local/apache2/lib/libaprutil-1.so.0
> (0x4005)
>   libexpat.so.0 => /usr/local/apache2/lib/libexpat.so.0
> (0x4006a000)
>   libapr-1.so.0 => /usr/local/apache2/lib/libapr-1.so.0
> (0x40086000)
>   libpthread.so.0 => /lib/i686/libpthread.so.0 (0x400a8000)
>   librt.so.1 => /lib/librt.so.1 (0x400bd000)
>   libcrypt.so.1 => /lib/libcrypt.so.1 (0x400d)
>   libdl.so.2 => /lib/libdl.so.2 (0x400fd000)
>   libc.so.6 => /lib/i686/libc.so.6 (0x40101000)
>   /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)
> 
>   The map file under proc is still showing:
>   /proc/17730/maps:40526000-40529000 rw-p 00029000 03:01 416496
> /lib/libssl.so.0.9.6b
> 
>   How can I make apache to use the library in /usr/local/ssl iso
> /lib/libssl.so.0.9.6b?
>   Does DSO automatically add /lib in library path?
> 
>   Regards,
> 
>   P.
> 
> 
> 
> You will need to check the ldd output from the mod_ssl.so in the Apache
> modules directory. Looks like you have done it against the httpd binary.
> Also, I think the right place to set/change LD_LIBRARY_PATH is in the
> envvars file in the Apache /bin directory...
> 
> Please send us the output of ldd mod_ssl.so (unless of course you have
> built it statically which is not always a good idea)
> 
> 
> 
> 
> __
> This e-mail and any attached files are intended for the named addressee only. 
> It contains information, which may be confidential and legally privileged and 
> also protected by copyright. Unless you are the named addressee (or 
> authorised to receive for the addressee) you may not copy or use it, or 
> disclose it to anyone else. If you received it in error please notify the 
> sender immediately and then delete it from your system. Please be advised 
> that the views and opinions expressed in this e-mail may not reflect the 
> views and opinions of Associated Newspapers Limited or any of its subsidiary 
> companies. We make every effort to keep our network free from viruses. 
> However, you do need to check this e-mail and any attachments to it for 
> viruses as we can take no responsibility for any computer virus which may be 
> transferred by way of this e-mail. Use of this or any other e-mail facility 
> signifies consent to any interception we might lawfully carry out to prevent 
> abuse of these faciliti
>  es.
> Associated Newspapers Ltd. Registered Office: Northcliffe House, 2 Derry St, 
> Kensington, London, W8 5TT. Registered No 84121 England.
> 
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
  
_

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Rupert Reid]

On 25 Feb 2010, at 01:40, Jonathan Zuckerman wrote:




On Wed, Feb 24, 2010 at 5:20 PM, Daniel Reinhardt  
 wrote:


--
From: "Jonathan Zuckerman" 
Sent: 24 February, 2010 21:08
To: 
Subject: Re: [us...@httpd] Apache 1.3 OS X 10.4 help

On Wed, Feb 24, 2010 at 3:26 AM, Rupert Reid  
wrote:



On 23 Feb 2010, at 21:43, Daniel Reinhardt wrote:


--
From: "Rupert Reid" 
Sent: 23 February, 2010 18:27
To: 
Subject: Re: [us...@httpd] Apache 1.3 OS X 10.4 help

 On 18 Feb 2010, at 20:12, Daniel Reinhardt wrote:


--
From: "Rupert Reid" 
Sent: 17 February, 2010 16:04
To: 
Subject: [us...@httpd] Apache 1.3 OS X 10.4 help

 Hello,



I am new to this but hope that you can help me.


I have 2 virtual domain websites published at http://  
80.189.101.120/isinglive/ and

http://80.189.101.120/cantoenvivo/  respectively.

The following domains: http://isinglive.co.uk and http://
cantoenvivo.com are respectively forwarded to the above url's  using
 my hosts framed web forwarding.

For example when browser clicks on page http://80.189.101.120/ 
isinglive/rosario.php the browser url bar will show http://

isinglive.co.uk.


What I want to achieve is that when a browser clicks on http://
80.189.101.120/isinglive/rosario.php, I want apache to send  http://
isinglive.co.uk/rosario.php to the browser (not the  former) or if
http://80.189.101.120/cantoenvivo/filosofia.php is  clicked show
http://cantoenvivo.com/filosofia.php.

How can I get apache to do dynamically this dynamically for each
virtual domain?

It is really important for me that the URL as described is sent  to
 the browser - without it browsers cannot bookmark pages.



If there is any more information that you need to help with this
please let me know and i will post it.





Thanks Rupert

Never b sharp, never b flat, always b natural.

-
The official User-To-User support forum of the Apache HTTP Server
 Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org


Actually,

What you are wanting is already being done.  I just tried it, and  it
displays as you wish.

Thanks,
Daniel

-
The official User-To-User support forum of the Apache HTTP Server
 Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



Hello Daniel,
You are correct.
The browser displays only http://isinglive.co.uk for each and every
 page and any page can be bookmarked and returned to using that  
bookmak.


Hoowever, all bookmarked pages have the same address: http://
isinglive.co.uk meaning that only pne page from this site can be
 bookmarked at a time.  If an attempt to bookmark a second page  
with  the
same browser is made then the current bookmarked page will be   
replaced by

the new bookmarked page because they have the same name:
http://isinglive.co.uk. meaning that only pne page from this site can
 be bookmarked at a time.

What I would prefer is that the full URL is displayed in the  
browser  so

that pages can be differentiated.

How can I do this?

Thanks Rupert
Never b sharp, never b flat, alway's b natural




-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org


Rupert,

This is already being done.  I bookmarked like 5 pages, and all go to
their respective targets.

Thanks,
Daniel

-
The official User-To-User support forum of the Apache HTTP Server  
Project.

See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




Thanks Daniel,

It must be IE that is the problem.  I will try with other browsers  
when I

get the chance.


Rupert
Never b sharp, never b flat, alway's b natural

-
The official User-To-User support forum of the Apache HTTP Server  
Project.

See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.ap

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Rupert Reid]

On 25 Feb 2010, at 04:43, Jonathan Zuckerman wrote:

On Wed, Feb 24, 2010 at 6:19 PM, Daniel Reinhardt  
 wrote:


--
From: "Jonathan Zuckerman" 
Sent: 25 February, 2010 1:40

To: 
Subject: Re: [us...@httpd] Apache 1.3 OS X 10.4 help

On Wed, Feb 24, 2010 at 5:20 PM, Daniel Reinhardt
wrote:


--
From: "Jonathan Zuckerman" 
Sent: 24 February, 2010 21:08
To: 
Subject: Re: [us...@httpd] Apache 1.3 OS X 10.4 help

 On Wed, Feb 24, 2010 at 3:26 AM, Rupert Reid  

>wrote:


On 23 Feb 2010, at 21:43, Daniel Reinhardt wrote:


 --
From: "Rupert Reid" 
Sent: 23 February, 2010 18:27
To: 
Subject: Re: [us...@httpd] Apache 1.3 OS X 10.4 help

 On 18 Feb 2010, at 20:12, Daniel Reinhardt wrote:



 --
From: "Rupert Reid" 
Sent: 17 February, 2010 16:04
To: 
Subject: [us...@httpd] Apache 1.3 OS X 10.4 help

 Hello,




I am new to this but hope that you can help me.


I have 2 virtual domain websites published at http://
80.189.101.120/isinglive/ and
http://80.189.101.120/cantoenvivo/  respectively.

The following domains: http://isinglive.co.uk and http://
cantoenvivo.com are respectively forwarded to the above url's  using
 my hosts framed web forwarding.

For example when browser clicks on page
http://80.189.101.120/isinglive/rosario.php the browser url bar will
show http://
isinglive.co.uk.


What I want to achieve is that when a browser clicks on http://
80.189.101.120/isinglive/rosario.php, I want apache to send  http://
isinglive.co.uk/rosario.php to the browser (not the  former) or if
http://80.189.101.120/cantoenvivo/filosofia.php is  clicked show
http://cantoenvivo.com/filosofia.php.

How can I get apache to do dynamically this dynamically for each
virtual domain?

It is really important for me that the URL as described is sent  to
 the browser - without it browsers cannot bookmark pages.



If there is any more information that you need to help with this
please let me know and i will post it.





Thanks Rupert

Never b sharp, never b flat, always b natural.

-
The official User-To-User support forum of the Apache HTTP Server
 Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org


 Actually,

What you are wanting is already being done.  I just tried it, and  it
displays as you wish.

Thanks,
Daniel

-
The official User-To-User support forum of the Apache HTTP Server
 Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



 Hello Daniel,
You are correct.
The browser displays only http://isinglive.co.uk for each and every
 page and any page can be bookmarked and returned to using that
bookmak.

Hoowever, all bookmarked pages have the same address: http://
isinglive.co.uk meaning that only pne page from this site can be
 bookmarked at a time.  If an attempt to bookmark a second page with
 the
same browser is made then the current bookmarked page will be   
replaced

by
the new bookmarked page because they have the same name:
http://isinglive.co.uk. meaning that only pne page from this site can
 be bookmarked at a time.

What I would prefer is that the full URL is displayed in the browser
 so
that pages can be differentiated.

How can I do this?

Thanks Rupert
Never b sharp, never b flat, alway's b natural




-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org


 Rupert,

This is already being done.  I bookmarked like 5 pages, and all go to
their respective targets.

Thanks,
Daniel

-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




Thanks Daniel,

It must be IE that is the problem.  I will try with other browsers  
when I

get the chance.


Rupert
Never b sharp, never b flat, alway's b natural

-

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Rupert Reid]

On 25 Feb 2010, at 07:10, Lester Caine wrote:


Jonathan Zuckerman wrote:

From: "Rupert Reid" What I want to achieve is that  
when

a browser clicks on http://
80.189.101.120/isinglive/ 
rosario.php
,

I want apache to send  http://
isinglive.co.uk/rosario.php

to the browser (not the   
former) or if
http://80.189.101.120/ 
cantoenvivo/filosofia.php

is  clicked show
http://cantoenvivo.com/ 
filosofia.php.


How can I get apache to do
dynamically this dynamically  
for each

virtual domain?

It is really important for me  
that

the URL as described is sent  to
  the browser - without it  
browsers

cannot bookmark pages.

If there is any more information
that you need to help with this
please let me know and i will  
post it.


Cutt the crap  then people might realize who is asking and who  
is answering




Im not doing anything weird at all.  I am going to each page, and
bringing down the book mark menu and selecting Bookmark This Page
and then select Done on the window.

I'm saying your webpage is weird, can you explain why your links are
using the IP instead of the hostname?


Jonathan ... Daniel is just trying to help Robert out.
It is Robert that has the 'weird webpages', and I suspect is is  
because he is unable to view his pages locally because a third  
party is providing the dns mapping.


Robert ... first thing to do is replace the ip addresses with the  
proper host address http://80.189.101.120/isinglive/ -> http:// 
isinglive.co.uk/ then at least we have the page looking right. This  
may give you a problem LOOKING at the site from your machine, in  
which case adding

80.189.101.120 isinglive.co.uk
to the 'host' file should get around that problem, but the / 
isinglive/ bit will then be a problem locally, but that is the bit  
apache virtual hosts should be taking care of.
Before I had proper dns serving of my own website I used to have to  
look at it from the outside. I could not see it properly inside my  
IP address ;)


--
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php

-
The official User-To-User support forum of the Apache HTTP Server  
Project.

See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



Thanks for the advice Lester,

Robert ... first thing to do is replace the ip addresses with the  
proper host address http://80.189.101.120/isinglive/ -> http:// 
isinglive.co.uk/ then at least we have the page looking right.


If i do this in dns, then won't requests loop back to itself and  
never reach my machine?


This may give you a problem LOOKING at the site from your machine,  
in which case adding

80.189.101.120 isinglive.co.uk


Without changing the changing the hosts file, I am able to view the  
site locally at http:isinglive.co.uk/rootfolder/ or by http:// 
192.168.1.4/


This is my setup:

This is what is in the hosts file:
192.168.1.4 isinglive.co.uk

This is what is in the :


  ServerAdmin   ad...@isinglive.co.uk
  DocumentRoot /Server/isinglive
  ServerNamewww.isinglive.co.uk
  ServerAlias   isinglive


This is what is in the OSX Network Preferences
Show = isinglive.co.uk
TCP/IP
Configure iPv4 = manually
iP Address = 192.168.1.4

This is what the router has in LAN clients
IP Address  HostnameMAC Type
192.168.1.4 isinglive.co.uk 00:19:e3:3b:b7:13   Static

What is wrong with this setup?

Thanks Rupert


-
The official User-To-User support forum of the Apa

RE: [us...@httpd] How do I pick up correct version of SSL

[daniel . goulder]

How about if you set LD_LIBRARY_PATH prior to running ldd?

i.e. LD_LIBRARY_PATH=:$LD_LIBRARY_PATH ldd
mod_ssl.so

Not 100% sure on Linux but on Solaris you can pass -R/lib with
LDFLAGS when you build - do any Linux-heads know any similar tricks?


  From: Paul Jacques  [mailto:Paul Jacques
]
  Sent: 25 February 2010 10:46
  To: users@httpd.apache.org
  Subject: RE: [us...@httpd] How do I pick up correct version of SSL


  You are right, I ran it against httpd

  The output of ldd on mod_ssl.so is:
  libldap_r.so.2 => /lib/libldap_r.so.2 (0x4016)
  liblber.so.2 => /lib/liblber.so.2 (0x4018c000)
  libc.so.6 => /lib/i686/libc.so.6 (0x40196000)
  libsasl.so.7 => /usr/lib/libsasl.so.7 (0x402d1000)
  libkrb4.so.2 => /usr/kerberos/lib/libkrb4.so.2 (0x402dc000)
  libdes425.so.3 => /usr/kerberos/lib/libdes425.so.3 (0x402f)
  libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x402f5000)
  libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3
(0x4034d000)
  libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x4035e000)
  libssl.so.2 => /lib/libssl.so.2 (0x40361000)
  libcrypto.so.2 => /lib/libcrypto.so.2 (0x4038e000)
  /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000)
  libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x40451000)
  libdl.so.2 => /lib/libdl.so.2 (0x40459000)
  libcrypt.so.1 => /lib/libcrypt.so.1 (0x4045d000)
  libpam.so.0 => /lib/libpam.so.0 (0x4048a000)
  libresolv.so.2 => /lib/libresolv.so.2 (0x40492000)

  In my test before, I exported already the path in envar...

  Thanks,

  P.

  > Date: Thu, 25 Feb 2010 10:22:07 +
  > To: users@httpd.apache.org
  > From: daniel.goul...@and.co.uk
  > Subject: RE: [us...@httpd] How do I pick up correct version of SSL
  >
  >
  >
  >
  > 
  >
  > From: Paul Jacques  [mailto:Paul Jacques
  > ]
  > Sent: 25 February 2010 09:15
  > To: users@httpd.apache.org
  > Subject: RE: [us...@httpd] How do I pick up correct version of SSL
  >
  >
  >
  > Dears,
  >
  > I rebuilt the openssl 0.9.8k with so and installed it at
  > /usr/local/ssl
  >
  > I also add the path in front of LD_LIBRARY_PATH.
  >
  > The ldd does not show libssl library, may be due to the fact that
is
  > using DSO...
  > libm.so.6 => /lib/i686/libm.so.6 (0x4002d000)
  > libaprutil-1.so.0 => /usr/local/apache2/lib/libaprutil-1.so.0
  > (0x4005)
  > libexpat.so.0 => /usr/local/apache2/lib/libexpat.so.0
  > (0x4006a000)
  > libapr-1.so.0 => /usr/local/apache2/lib/libapr-1.so.0
  > (0x40086000)
  > libpthread.so.0 => /lib/i686/libpthread.so.0 (0x400a8000)
  > librt.so.1 => /lib/librt.so.1 (0x400bd000)
  > libcrypt.so.1 => /lib/libcrypt.so.1 (0x400d)
  > libdl.so.2 => /lib/libdl.so.2 (0x400fd000)
  > libc.so.6 => /lib/i686/libc.so.6 (0x40101000)
  > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)
  >
  > The map file under proc is still showing:
  > /proc/17730/maps:40526000-40529000 rw-p 00029000 03:01 416496
  > /lib/libssl.so.0.9.6b
  >
  > How can I make apache to use the library in /usr/local/ssl iso
  > /lib/libssl.so.0.9.6b?
  > Does DSO automatically add /lib in library path?
  >
  > Regards,
  >
  > P.
  >
  > 
  >
  > You will need to check the ldd output from the mod_ssl.so in the
Apache
  > modules directory. Looks like you have done it against the httpd
binary.
  > Also, I think the right place to set/change LD_LIBRARY_PATH is in
the
  > envvars file in the Apache /bin directory...
  >
  > Please send us the output of ldd mod_ssl.so (unless of course you
have
  > built it statically which is not always a good idea)
  >
  >
  >
  >
  >
__
  > This e-mail and any attached files are intended for the named
addressee only. It contains information, which may be confidential and
legally privileged and also protected by copyright. Unless you are the
named addressee (or authorised to receive for the addressee) you may not
copy or use it, or disclose it to anyone else. If you received it in error
please notify the sender immediately and then delete it from your system.
Please be advised that the views and opinions expressed in this e-mail may
not reflect the views and opinions of Associated Newspapers Limited or any
of its subsidiary companies. We make every effort to keep our network free
from viruses. However, you do need to check this e-mail and any attachments
to it for viruses as we can take no responsibility for any computer virus
which may be transferred by way of this e-mail. 

RE: [us...@httpd] How do I pick up correct version of SSL

[Paul Jacques]

Does not seem to help the ldd output is the same.

I did another try by using LoadFile directive but the maps file shows now that 
it uses both versions :-(

/proc/17944/maps:4023c000-40278000 r-xp  03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17944/maps:40278000-4027c000 rw-p 0003b000 03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17944/maps:4066a000-40694000 r-xp  03:01 416496 
/lib/libssl.so.0.9.6b
/proc/17944/maps:40694000-40697000 rw-p 00029000 03:01 416496 
/lib/libssl.so.0.9.6b
/proc/17948/maps:4023c000-40278000 r-xp  03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17948/maps:40278000-4027c000 rw-p 0003b000 03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17948/maps:4066a000-40694000 r-xp  03:01 416496 
/lib/libssl.so.0.9.6b
/proc/17948/maps:40694000-40697000 rw-p 00029000 03:01 416496 
/lib/libssl.so.0.9.6b
/proc/17950/maps:4023c000-40278000 r-xp  03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17950/maps:40278000-4027c000 rw-p 0003b000 03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17950/maps:4066a000-40694000 r-xp  03:01 416496 
/lib/libssl.so.0.9.6b
/proc/17950/maps:40694000-40697000 rw-p 00029000 03:01 416496 
/lib/libssl.so.0.9.6b
/proc/17951/maps:4023c000-40278000 r-xp  03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17951/maps:40278000-4027c000 rw-p 0003b000 03:03 1177552
/home/local/ssl/lib/libssl.so.0.9.8
/proc/17951/maps:4066a000-40694000 r-xp  03:01 416496 
/lib/libssl.so.0.9.6b
/proc/17951/maps:40694000-40697000 rw-p 00029000 03:01 416496 
/lib/libssl.so.0.9.6b

Any other idea is welcomed..

P.

> Date: Thu, 25 Feb 2010 12:44:05 +
> To: users@httpd.apache.org
> From: daniel.goul...@and.co.uk
> Subject: RE: [us...@httpd] How do I pick up correct version of SSL
> 
> 
> How about if you set LD_LIBRARY_PATH prior to running ldd?
> 
> i.e. LD_LIBRARY_PATH=:$LD_LIBRARY_PATH ldd
> mod_ssl.so
> 
> Not 100% sure on Linux but on Solaris you can pass -R/lib with
> LDFLAGS when you build - do any Linux-heads know any similar tricks?
> 
> 
>   From: Paul Jacques  [mailto:Paul Jacques
> ]
>   Sent: 25 February 2010 10:46
>   To: users@httpd.apache.org
>   Subject: RE: [us...@httpd] How do I pick up correct version of SSL
> 
> 
>   You are right, I ran it against httpd
> 
>   The output of ldd on mod_ssl.so is:
>   libldap_r.so.2 => /lib/libldap_r.so.2 (0x4016)
>   liblber.so.2 => /lib/liblber.so.2 (0x4018c000)
>   libc.so.6 => /lib/i686/libc.so.6 (0x40196000)
>   libsasl.so.7 => /usr/lib/libsasl.so.7 (0x402d1000)
>   libkrb4.so.2 => /usr/kerberos/lib/libkrb4.so.2 (0x402dc000)
>   libdes425.so.3 => /usr/kerberos/lib/libdes425.so.3 (0x402f)
>   libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x402f5000)
>   libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3
> (0x4034d000)
>   libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x4035e000)
>   libssl.so.2 => /lib/libssl.so.2 (0x40361000)
>   libcrypto.so.2 => /lib/libcrypto.so.2 (0x4038e000)
>   /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000)
>   libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x40451000)
>   libdl.so.2 => /lib/libdl.so.2 (0x40459000)
>   libcrypt.so.1 => /lib/libcrypt.so.1 (0x4045d000)
>   libpam.so.0 => /lib/libpam.so.0 (0x4048a000)
>   libresolv.so.2 => /lib/libresolv.so.2 (0x40492000)
> 
>   In my test before, I exported already the path in envar...
> 
>   Thanks,
> 
>   P.
> 
>   > Date: Thu, 25 Feb 2010 10:22:07 +
>   > To: users@httpd.apache.org
>   > From: daniel.goul...@and.co.uk
>   > Subject: RE: [us...@httpd] How do I pick up correct version of SSL
>   >
>   >
>   >
>   >
>   > 
>   >
>   > From: Paul Jacques  [mailto:Paul Jacques
>   > ]
>   > Sent: 25 February 2010 09:15
>   > To: users@httpd.apache.org
>   > Subject: RE: [us...@httpd] How do I pick up correct version of SSL
>   >
>   >
>   >
>   > Dears,
>   >
>   > I rebuilt the openssl 0.9.8k with so and installed it at
>   > /usr/local/ssl
>   >
>   > I also add the path in front of LD_LIBRARY_PATH.
>   >
>   > The ldd does not show libssl library, may be due to the fact that
> is
>   > using DSO...
>   > libm.so.6 => /lib/i686/libm.so.6 (0x4002d000)
>   > libaprutil-1.so.0 => /usr/local/apache2/lib/libaprutil-1.so.0
>   > (0x4005)
>   > libexpat.so.0 => /usr/local/apache2/lib/libexpat.so.0
>   > (0x4006a000)
>   > libapr-1.so.0 => /usr/local/apache2/lib/libapr-1.so.0
>   > (0x40086000)
>   > libpthread.so.0 => /lib/i686/libpthread.so.0 (0x400a8000)
>   > librt.so.1 => /lib/librt.so.1 (0x

Re: [us...@httpd] Bugs or problem?

[Rich Bowen]

On Feb 24, 2010, at 4:45 PM, Ruiyuan Jiang wrote:

> Well, I posted the problem two weeks ago and nobody responded. I will do it 
> again.

I'm sorry. I missed that.

> 
> 2. The problem that I have now is:
> 
> Solaris 10, Apache 2.2.14 reverse proxy --> HPUX 11.23, Apache 2.0.59, Tomcat 
> 5.5 AJP --> Oracle DB
> 
> The web sites are having user login page. Once the users enter their user 
> names and passwords, the page does not refresh itself to tell the users that 
> they have logged in. Rather the web page still shows login page until the 
> users click F5 to refresh the web page and then the web page shows the users 
> are logged in. The same happened when the users logged out.
> 
> Now I tested with this setup:
> 
> Solaris 10, Apache 2.0.59 reverse proxy --> HPUX 11.23, Apache 2.0.59, Tomcat 
> 5.5 AJP --> Oracle DB
> 
> The problem went away. 
> 
> Note those Apache are pre-compiled either by HP or internet, I did not 
> compile myself although I can. At the time the latest version compiled by HP 
> was Apache 2.2.8. 


The use of the term "login page" makes me wonder if maybe the error lies at 
some higher layer than Apache. Apache implements authentication in ways that 
don't involve a "login page", and so presumably this login page is from some 
third-party application, or something you have coded yourself, Is there a HTTP 
Redirect involved in this page refresh, or is it a AJAX action? Can you watch 
the traffic (either something like Firebug, or something on the server) to 
observe what's happening, and where the message is getting dropped?


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Rich Bowen]

On Feb 25, 2010, at 2:10 AM, Lester Caine wrote:

>> I'm saying your webpage is weird, can you explain why your links are
>> using the IP instead of the hostname?
> 
> Jonathan ... Daniel is just trying to help Robert out.
> It is Robert that has the 'weird webpages', and I suspect is is because he is 
> unable to view his pages locally because a third party is providing the dns 
> mapping.

If I might step in here and cut through the noise ...

There's no mystery here at all. Let me explain what is happening.

You are using a web forwarding service. They are not a DNS mapper, or even a 
real forwarder. Instead, they are loading your website in a Frame set. You can 
see this quite clearly by going to http://isinglive.co.uk/ and viewing the 
source. Since your site is loading in a frame, when you set a bookmark it is 
not a bookmark for the content of the frame, but for the frame container.

The solution to this problem is to not use this forwarding service. It is not 
possible to do what you want while using a frame-based forwarding service.

As to why someone else was able to make bookmarks - that's simply because 
they're not looking at the same URL. Instead of looking at the top-frame 
container, they are looking at the frame content page.

Again, this is no mystery, and is a very common problem - even expected - with 
this type of forwarder.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Re: Can I have 2 httpd servers running on 2 different ports?

[LuKreme]

On 24-Feb-10 10:49, Sheryl wrote:

Instead, just have a different directory for each instance.  For instance

/usr/local/apache -- where you install your software

/opt/server1 -- first server
 bin, build, error, icons, include, lib, man, manual, modules,
mime-types, magic are links to equivalent in /usr/local/apache
 cgi-bin, conf, htdocs, logs are directories; conf should be a copy of
/usr/local/apache/conf


What benefit does this give you over running VirtualHost?

--
NO. I CANNOT BE BIDDEN. I CANNOT BE FORCED. I WILL DO ONLY THAT WHICH I 
KNOW TO BE RIGHT. --Mort


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Re: Apache 1.3 OS X 10.4 help

[LuKreme]

On 24-Feb-10 14:08, Jonathan Zuckerman wrote:

are respectively forwarded to the above url's  using  my hosts framed
web forwarding.


This sound, then, like the issue is with the framed web forwarding which 
is specifically designed to do what you are describing. Your host would 
need to be setup as a real virtualhost for you to get the full and 
correct URLs you want.


--
NO. I CANNOT BE BIDDEN. I CANNOT BE FORCED. I WILL DO ONLY THAT WHICH I 
KNOW TO BE RIGHT. --Mort


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Re: Apache 1.3 OS X 10.4 help

[LuKreme]

On 24-Feb-10 21:43, Jonathan Zuckerman wrote:

I'm saying your webpage is weird, can you explain why your links are
using the IP instead of the hostname?


Can someone explain why these posts are 1) in HTML 2) contain multiple 
copies of the list footers 3) have no quote levels?


I replied to the first post, but I'm about ready to kill the thread 
based on these follow-ups.


I could have sworn I set TB3 to show in text-only. Sigh.

--
NO. I CANNOT BE BIDDEN. I CANNOT BE FORCED. I WILL DO ONLY THAT WHICH I 
KNOW TO BE RIGHT. --Mort


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Lester Caine]

Rupert
See Rich's post
It explains the problem nicely. I was off teack a little as my own setup needed 
ip addresses for different reasons when I set it up.

It is the 'forwarding' that needs to be 'fixed' rather than your end :(

--
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Re: Apache 1.3 OS X 10.4 help

[Lester Caine]

LuKreme wrote:

On 24-Feb-10 21:43, Jonathan Zuckerman wrote:

I'm saying your webpage is weird, can you explain why your links are
using the IP instead of the hostname?


Can someone explain why these posts are 1) in HTML 2) contain multiple
copies of the list footers 3) have no quote levels?


1 - No HTML on any of the messages here ...
2 - They were not being trimmed properly ...
3 - >> correctly being added to the text for indenting ...


I replied to the first post, but I'm about ready to kill the thread
based on these follow-ups.

I could have sworn I set TB3 to show in text-only. Sigh.


I've got text set here and am not seeing a problem on Seamonkey ...

--
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] disable linking with libssl

[Igor Galić]

- "Brad Cagle"  wrote:

> upgrading from 1.3 to 2.2
> 
> I have configured apache 2.2.14 like:
> 
> ./configure --disable-ssl
> (is disabled by default anyhow)
> 
> however httpd is still linked with libssl
> 
> varified by ldd:
> r...@s12:~/httpd-2.2.14 # ldd httpd | grep ssl
> libssl.so.0 => /usr/lib/libssl.so.0 (0xb7dfb000)

Are you sure that no other dependency is linked against libssl?

> Im building the httpd binary for a system that does not have libssl,
> and It can not have libssl.

Can you build on the target?
 
> Any ideas???
> 
> --
> Brad Cagle
> Vice President of Research & Development
> Innovative Converged Technologies, Inc.
> http://www.vistaplex.com
> Office: 817-457-2053 x208
> Mobile: 469-360-6625
> 
> "Everybody thinks that everybody knows about everybody else but nobody
> knows
> anything about themselves because their all worried about everybody
> else" -Jack Johnson


Bye,
-- 
Igor Galić

Tel: +43 (0) 699 122 96 338
Fax: +43(0) 1 91 333 41
Mail: i.ga...@brainsware.org
URL: http://brainsware.org/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Re: Can I have 2 httpd servers running on 2 different ports?

[Tom Evans]

On Thu, Feb 25, 2010 at 2:00 PM, LuKreme  wrote:
> On 24-Feb-10 10:49, Sheryl wrote:
>>
>> Instead, just have a different directory for each instance.  For instance
>>
>> /usr/local/apache -- where you install your software
>>
>> /opt/server1 -- first server
>>     bin, build, error, icons, include, lib, man, manual, modules,
>> mime-types, magic are links to equivalent in /usr/local/apache
>>     cgi-bin, conf, htdocs, logs are directories; conf should be a copy of
>> /usr/local/apache/conf
>
> What benefit does this give you over running VirtualHost?
>

(I wouldn't set up a second instance like suggested, but..)

1) You can load different modules in different instances
2) Separation of concerns
3) Different global configuration options
4) Different compile time options

For instance, on our reverse proxies, we run two instances of apache,
one handles SSL and runs prefork MPM, and one handles regular HTTP and
runs the event MPM.

Cheers

Tom

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] disable linking with libssl

[Brad Cagle]

Solved. My Build system had an old libapr that is dependant on libssl..

I configure apache like this now:
./configure --with-included-apr

This will tell make to build/and install the apr include with apache 2.2.14
Thanks

2010/2/25 Igor Galić 

>
> - "Brad Cagle"  wrote:
>
> > upgrading from 1.3 to 2.2
> >
> > I have configured apache 2.2.14 like:
> >
> > ./configure --disable-ssl
> > (is disabled by default anyhow)
> >
> > however httpd is still linked with libssl
> >
> > varified by ldd:
> > r...@s12:~/httpd-2.2.14 # ldd httpd | grep ssl
> > libssl.so.0 => /usr/lib/libssl.so.0 (0xb7dfb000)
>
> Are you sure that no other dependency is linked against libssl?
>
> > Im building the httpd binary for a system that does not have libssl,
> > and It can not have libssl.
>
> Can you build on the target?
>
> > Any ideas???
> >
> > --
> > Brad Cagle
> > Vice President of Research & Development
> > Innovative Converged Technologies, Inc.
> > http://www.vistaplex.com
> > Office: 817-457-2053 x208
> > Mobile: 469-360-6625
> >
> > "Everybody thinks that everybody knows about everybody else but nobody
> > knows
> > anything about themselves because their all worried about everybody
> > else" -Jack Johnson
>
>
> Bye,
> --
> Igor Galić
>
> Tel: +43 (0) 699 122 96 338
> Fax: +43(0) 1 91 333 41
> Mail: i.ga...@brainsware.org
> URL: http://brainsware.org/
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>


-- 
Brad Cagle
Vice  President of Research & Development
Innovative Converged Technologies, Inc.
http://www.vistaplex.com
Office: 817-457-2053 x208
Mobile: 469-360-6625

"Everybody thinks that everybody knows about everybody else but nobody knows

anything about themselves because their all worried about everybody else"
-Jack Johnson

RE: [us...@httpd] Bugs or problem?

[Ruiyuan Jiang]

Hi, Rich

Yes the login page for the user authentication comes from Tomcat server. The 
traffic between Solaris Apache and HPUX Apache server are strictly 'http', HPUX 
Apache redirect traffic to AJP port of Tomcat through mod_jk. In my Apache 
2.2.14 test, except downgraded Apache from v2.2.14 to 2.0.15 on Solaris and its 
related configuration changes in httpd.conf, there is no other changes made. 
That is why I think there is a problem in Apache v2.2.14.

I should make it clear. In my previous HPUX Apache v2.2.8 problem, the Apache 
on HPUX had two separate virtual servers. At the time, one virtual web server 
had strictly static html web pages and served by Apache directly. The other 
virtual web server uses mod_jk for the communication between Apache and Tomcat. 
When the problem happened, clients could access web server with static web 
pages no problem. Clients could not access the web server with Apache and 
Tomcat. Restart Tomcat did not help. Restart Apache helped. It could last for 
several days no problem. After that, the problem happened again and needed to 
restart Apache again. Once I downgraded Apache from v2.2.8 to v2.0.59 without 
other changes, the problem is gone.

Ryan

-Original Message-
From: Rich Bowen [mailto:rbo...@rcbowen.com] 
Sent: Thursday, February 25, 2010 8:49 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Bugs or problem?


On Feb 24, 2010, at 4:45 PM, Ruiyuan Jiang wrote:

> Well, I posted the problem two weeks ago and nobody responded. I will do it 
> again.

I'm sorry. I missed that.

> 
> 2. The problem that I have now is:
> 
> Solaris 10, Apache 2.2.14 reverse proxy --> HPUX 11.23, Apache 2.0.59, Tomcat 
> 5.5 AJP --> Oracle DB
> 
> The web sites are having user login page. Once the users enter their user 
> names and passwords, the page does not refresh itself to tell the users that 
> they have logged in. Rather the web page still shows login page until the 
> users click F5 to refresh the web page and then the web page shows the users 
> are logged in. The same happened when the users logged out.
> 
> Now I tested with this setup:
> 
> Solaris 10, Apache 2.0.59 reverse proxy --> HPUX 11.23, Apache 2.0.59, Tomcat 
> 5.5 AJP --> Oracle DB
> 
> The problem went away. 
> 
> Note those Apache are pre-compiled either by HP or internet, I did not 
> compile myself although I can. At the time the latest version compiled by HP 
> was Apache 2.2.8. 


The use of the term "login page" makes me wonder if maybe the error lies at 
some higher layer than Apache. Apache implements authentication in ways that 
don't involve a "login page", and so presumably this login page is from some 
third-party application, or something you have coded yourself, Is there a HTTP 
Redirect involved in this page refresh, or is it a AJAX action? Can you watch 
the traffic (either something like Firebug, or something on the server) to 
observe what's happening, and where the message is getting dropped?


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended 
recipient, please notify the sender immediately by 
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Bugs or problem?

[Rich Bowen]

On Feb 25, 2010, at 10:30 AM, Ruiyuan Jiang wrote:

> Hi, Rich
> 
> Yes the login page for the user authentication comes from Tomcat server. The 
> traffic between Solaris Apache and HPUX Apache server are strictly 'http', 
> HPUX Apache redirect traffic to AJP port of Tomcat through mod_jk. In my 
> Apache 2.2.14 test, except downgraded Apache from v2.2.14 to 2.0.15 on 
> Solaris and its related configuration changes in httpd.conf, there is no 
> other changes made. That is why I think there is a problem in Apache v2.2.14.
> 
> I should make it clear. In my previous HPUX Apache v2.2.8 problem, the Apache 
> on HPUX had two separate virtual servers. At the time, one virtual web server 
> had strictly static html web pages and served by Apache directly. The other 
> virtual web server uses mod_jk for the communication between Apache and 
> Tomcat. When the problem happened, clients could access web server with 
> static web pages no problem. Clients could not access the web server with 
> Apache and Tomcat. Restart Tomcat did not help. Restart Apache helped. It 
> could last for several days no problem. After that, the problem happened 
> again and needed to restart Apache again. Once I downgraded Apache from 
> v2.2.8 to v2.0.59 without other changes, the problem is gone.

Ruiyuan,

I'm sorry to have wasted your time assuming that this was a problem that could 
be easily resolved. It seems like maybe this is a difference in how mod_proxy 
handles stuff - I assume you're using ProxyPass and mod_proxy_http.

I would suggest that you post your situation on 
https://issues.apache.org/bugzilla/ , with as much detail as possible, 
including your ProxyPass configuration.

--Rich
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Performance drop on Solaris 10U8 intel platfom

[Jeff Trawick]

On Wed, Feb 24, 2010 at 9:39 AM, Luc Bastiaenssen
 wrote:
> Since our last upgrade to Solaris 10U8 on a Sun Fire X4200(2 cores, 8GB
> memory) and Sun Fire X4450 (16 cores, 36GB memory), we notice
> a serious apache  performance drop.
> Especially when you disable the keepalive directive, web pages seems to hang
> for a moment before completing.
> The following tests show that it might be related to the combination of
> Solaris 10 U 8, Apache APR
> and the Intel e1000g Gigabit Ethernet Adapter.
> When we inject an extra layer based on NCA into the network stack, the
> problem is gone.

no good ideas here, but as nobody else had one either I'll throw these in:

* contact Solaris support :)

* see if it is related to the EnableSendfile setting (NCA has some
relationship to the sendfilev API, but I don't know the details)
** if EnableSendfile is currently on, you could see if turning it off
results in the same performance before and after the upgrade (whether
or not that is similar to any of the results with EnableSendfile on)

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Bugs or problem?

[Ruiyuan Jiang]

Thanks, Rich. 

Ryan

-Original Message-
From: Rich Bowen [mailto:rbo...@rcbowen.com] 
Sent: Thursday, February 25, 2010 10:49 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Bugs or problem?


On Feb 25, 2010, at 10:30 AM, Ruiyuan Jiang wrote:

> Hi, Rich
> 
> Yes the login page for the user authentication comes from Tomcat server. The 
> traffic between Solaris Apache and HPUX Apache server are strictly 'http', 
> HPUX Apache redirect traffic to AJP port of Tomcat through mod_jk. In my 
> Apache 2.2.14 test, except downgraded Apache from v2.2.14 to 2.0.15 on 
> Solaris and its related configuration changes in httpd.conf, there is no 
> other changes made. That is why I think there is a problem in Apache v2.2.14.
> 
> I should make it clear. In my previous HPUX Apache v2.2.8 problem, the Apache 
> on HPUX had two separate virtual servers. At the time, one virtual web server 
> had strictly static html web pages and served by Apache directly. The other 
> virtual web server uses mod_jk for the communication between Apache and 
> Tomcat. When the problem happened, clients could access web server with 
> static web pages no problem. Clients could not access the web server with 
> Apache and Tomcat. Restart Tomcat did not help. Restart Apache helped. It 
> could last for several days no problem. After that, the problem happened 
> again and needed to restart Apache again. Once I downgraded Apache from 
> v2.2.8 to v2.0.59 without other changes, the problem is gone.

Ruiyuan,

I'm sorry to have wasted your time assuming that this was a problem that could 
be easily resolved. It seems like maybe this is a difference in how mod_proxy 
handles stuff - I assume you're using ProxyPass and mod_proxy_http.

I would suggest that you post your situation on 
https://issues.apache.org/bugzilla/ , with as much detail as possible, 
including your ProxyPass configuration.

--Rich
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended 
recipient, please notify the sender immediately by 
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Bugs or problem?

[Ruiyuan Jiang]

Yes, Rich

I do use proxypass, proxypassreverse, mod_proxy and mod_proxy_http.

Ryan

-Original Message-
From: Rich Bowen [mailto:rbo...@rcbowen.com] 
Sent: Thursday, February 25, 2010 10:49 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Bugs or problem?


On Feb 25, 2010, at 10:30 AM, Ruiyuan Jiang wrote:

> Hi, Rich
> 
> Yes the login page for the user authentication comes from Tomcat server. The 
> traffic between Solaris Apache and HPUX Apache server are strictly 'http', 
> HPUX Apache redirect traffic to AJP port of Tomcat through mod_jk. In my 
> Apache 2.2.14 test, except downgraded Apache from v2.2.14 to 2.0.15 on 
> Solaris and its related configuration changes in httpd.conf, there is no 
> other changes made. That is why I think there is a problem in Apache v2.2.14.
> 
> I should make it clear. In my previous HPUX Apache v2.2.8 problem, the Apache 
> on HPUX had two separate virtual servers. At the time, one virtual web server 
> had strictly static html web pages and served by Apache directly. The other 
> virtual web server uses mod_jk for the communication between Apache and 
> Tomcat. When the problem happened, clients could access web server with 
> static web pages no problem. Clients could not access the web server with 
> Apache and Tomcat. Restart Tomcat did not help. Restart Apache helped. It 
> could last for several days no problem. After that, the problem happened 
> again and needed to restart Apache again. Once I downgraded Apache from 
> v2.2.8 to v2.0.59 without other changes, the problem is gone.

Ruiyuan,

I'm sorry to have wasted your time assuming that this was a problem that could 
be easily resolved. It seems like maybe this is a difference in how mod_proxy 
handles stuff - I assume you're using ProxyPass and mod_proxy_http.

I would suggest that you post your situation on 
https://issues.apache.org/bugzilla/ , with as much detail as possible, 
including your ProxyPass configuration.

--Rich
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended 
recipient, please notify the sender immediately by 
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Bugs or problem?

[Tom Evans]

On Thu, Feb 25, 2010 at 4:00 PM, Ruiyuan Jiang  wrote:
> Yes, Rich
>
> I do use proxypass, proxypassreverse, mod_proxy and mod_proxy_http.
>
> Ryan
>

I thought you were using mod_proxy_ajp?

Tom

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Bugs or problem?

[Ruiyuan Jiang]

Hi, Tom

In the Solaris box, I use proxypass, proxypassreverse, mod_proxy and 
mod_proxy_http. On the HP box, I use mod_proxy_ajp.

Ryan

-Original Message-
From: Tom Evans [mailto:tevans...@googlemail.com] 
Sent: Thursday, February 25, 2010 11:10 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Bugs or problem?

On Thu, Feb 25, 2010 at 4:00 PM, Ruiyuan Jiang  wrote:
> Yes, Rich
>
> I do use proxypass, proxypassreverse, mod_proxy and mod_proxy_http.
>
> Ryan
>

I thought you were using mod_proxy_ajp?

Tom

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended 
recipient, please notify the sender immediately by 
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Rupert Reid]

On 25 Feb 2010, at 14:13, Lester Caine wrote:


Rupert
See Rich's post
It explains the problem nicely. I was off teack a little as my own  
setup needed ip addresses for different reasons when I set it up.
It is the 'forwarding' that needs to be 'fixed' rather than your  
end :(


--
Lester Caine - G8HFL


Thank you Rich and Lester,

This is what I thought from the begining.  Before contacting this  
list I contacted my dns host 123-reg.c.uk and asked how I could  
resolve this - they told me that the problem was with my host (me)  
and I should contect them.. "... the URL on the address bar may  
change after the domain is forwarded to the destination host and it  
is outside our control."


My DNS host is unhelpful.  Is there a dns host that I could transfer  
to that would would allow me to abandon forwarding and fix this problem?


Thanks Rupert



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Lester Caine]

Rupert Reid wrote:


On 25 Feb 2010, at 14:13, Lester Caine wrote:


Rupert
See Rich's post
It explains the problem nicely. I was off teack a little as my own
setup needed ip addresses for different reasons when I set it up.
It is the 'forwarding' that needs to be 'fixed' rather than your end :(

--
Lester Caine - G8HFL


Thank you Rich and Lester,

This is what I thought from the begining. Before contacting this list I
contacted my dns host 123-reg.c.uk and asked how I could resolve this -
they told me that the problem was with my host (me) and I should contect
them.. "... the URL on the address bar may change after the domain is
forwarded to the destination host and it is outside our control."

My DNS host is unhelpful. Is there a dns host that I could transfer to
that would would allow me to abandon forwarding and fix this problem?


I have a fixed IP address here AND I use 1and1 as well but it's not the cheapest 
approach ;) 1 and 1 are my off site backup which is why I don't mind paying.


--
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Tom Evans]

On Thu, Feb 25, 2010 at 4:33 PM, Rupert Reid  wrote:
> My DNS host is unhelpful.  Is there a dns host that I could transfer to that
> would would allow me to abandon forwarding and fix this problem?
>
> Thanks Rupert

I use 123-reg and do exactly this.

Log in, choose the domain, click manage domain.
In the menu that appears, click Manage DNS
Add appropriate A records pointing www and any other subdomains at your IP.
Remember to remove any web forwarding you have set up on that domain.

Cheers

Tom

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Rupert Reid]

On 25 Feb 2010, at 17:01, Tom Evans wrote:

On Thu, Feb 25, 2010 at 4:33 PM, Rupert Reid  
 wrote:
My DNS host is unhelpful.  Is there a dns host that I could  
transfer to that

would would allow me to abandon forwarding and fix this problem?

Thanks Rupert


I use 123-reg and do exactly this.

Log in, choose the domain, click manage domain.
In the menu that appears, click Manage DNS
Add appropriate A records pointing www and any other subdomains at  
your IP.

Remember to remove any web forwarding you have set up on that domain.

Cheers

Tom


Tom I tried your advice but it did not work.

123-reg does not allow one to opt out of web forwarding as such.   
There is an option for "No web forwarding" but this will compulsorily  
point to 123-Reg default page if anyone typing isinglive.co.uk into a  
web browser.


There is only a real choice between framed or non-framed forwarding.
- Framed forwarding will only show a fixed url of your choice e.g.  
http://isinglive.co.uk.
- Non-framed forwarding will show the host address e.g. http:// 
80.189.101.120/isinglive/.


In this circumstance I do not want to use non-framed forwarding  
because some browser (IE) creates an alert message warning the  
browser that the web address is non standard.


How have you been able to overcome this with 123-reg?

Ideally I want the 80.189.101.120 part of the url to be replaced with  
isinglive.co.uk in the browser.


Thanks Rupert

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Re: Can I have 2 httpd servers running on 2 different ports?

[Sheryl]

>> What benefit does this give you over running VirtualHost?
>>
>
> (I wouldn't set up a second instance like suggested, but..)

Curious about why not...

BTW, my example was a little simplified.  In practice we actually make a
link "base" which points to the apache directory and the link bin to
base/bin, etc.  That way, when we compile a new version we put it in its
own directory and change the link.  Easy to upgrade, easy to back off if
it doesn't work.

More recently we have been moving toward multiple compiles because we're
trying to put everything in its own stack in preparation for moving to
VMs. But we still do the linking in order to make upgrades easier.

> 1) You can load different modules in different instances
> 2) Separation of concerns
> 3) Different global configuration options
> 4) Different compile time options

All of those apply, but most of it has to do with what I assume you mean
by (2).  We have several different customer groups and many applications.
Although we do run VirtualHost, each instance of apache belongs to one
organizational entity.  That way, two groups with different missions don't
have to agree on a restart for changing a paramter (and for that matter
don't have to agree to the change, which relates to (3) above).  Also,
easier to co-ordinate software upgrades.

> For instance, on our reverse proxies, we run two instances of apache,
> one handles SSL and runs prefork MPM, and one handles regular HTTP and
> runs the event MPM.
>
> Cheers
>
> Tom
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 1.3 OS X 10.4 help

[Rich Bowen]

On Feb 25, 2010, at 2:34 PM, Rupert Reid wrote:

> 123-reg does not allow one to opt out of web forwarding as such.  There is an 
> option for "No web forwarding" but this will compulsorily point to 123-Reg 
> default page if anyone typing isinglive.co.uk into a web browser.
> 
> There is only a real choice between framed or non-framed forwarding.
> - Framed forwarding will only show a fixed url of your choice e.g. 
> http://isinglive.co.uk.
> - Non-framed forwarding will show the host address e.g. 
> http://80.189.101.120/isinglive/.
> 
> In this circumstance I do not want to use non-framed forwarding because some 
> browser (IE) creates an alert message warning the browser that the web 
> address is non standard.
> 
> How have you been able to overcome this with 123-reg?
> 
> Ideally I want the 80.189.101.120 part of the url to be replaced with 
> isinglive.co.uk in the browser.

You can't.

It's a direct consequence of "framed forwarding", as you call it. If you use 
frames, this is how it's going to work.

What you need, instead, is to have your hostname isinglive.co.uk pointing to 
your IP address 80.189.101.120 in an actual DNS server. Without that, you 
cannot do what you are trying to do. This is not something that you can work 
around. To do what you want you MUST have DNS resolution of your 
hostname/domainname to your IP address. That is the only way.

--Rich

[us...@httpd] Apache 2.2 mod rewrite issue... or something

[Brandon Stout]

I have this on my new server:


SuexecUserGroupbrasto brasto
ServerName flfn.org
ServerAliaswww.flfn.org
ServerAdminad...@flfn.org
DocumentRoot   /home/brasto/www/flfn

Options Indexes FollowSymLinks
AllowOverride All

CustomLog  /var/log/httpd/brasto/flfn/access_log combined
ErrorLog   /var/log/httpd/brasto/flfn/error_log
#Next three lines I'll want after fixing rewrite problem:
#RewriteEngine On
#RewriteCond %{HTTP_HOST} !^flfn\.org$ [NC]
#RewriteRule ^(.*)$ http://flfn.org$1 [R=301,L]


Don't try to see the issue on FLFN.org since the site is still on my old
server.  I access it by modifying /etc/hosts with the new IP until the
site is working.  I have mod rewrite installed, and I can verify it by
uncommenting the last three lines of that vhost.  That rewrite works
just fine.  However, if I install Wordpress or Drupal and try to turn on
friendly urls, they create a .htaccess file with these lines:


  RewriteEngine on
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_URI} !=/favicon.ico
  RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]


With that the whole site seems to work except I can't go to
http://flfn.org/ .  If I ask for http://flfn.org/index.php it works. 
All friendly URLs work.  In the .htaccess file, if I comment out every
line except 'RewritEngine on' I still have the same problem, and can't
request http://flfn.org/ without index.php.  If I move the .htaccess
file and put those lines in the vhost config, I get a browser error but
nothing in the server error logs (not the vhost error logs or the
default error logs).  Here's what I get in the browser with the
.htaccess info added to the vhost:

Bad Request

Your browser sent a request that this server could not understand.
Apache/2.2.3 (CentOS) Server at flfn.org Port 80

Here's what I get in the vhost error logs when I request http://flfn.org
without /index.php:

[Wed Feb 24 15:05:50 2010] [error] [client 67.182.203.21] Options
FollowSymLinks or SymLinksIfOwnerMatch is off which implies that
RewriteRule directive is forbidden: /home/brasto/www/flfn/, referer:
http://flfn.org/admin/reports/status

As you can see, I have Options FollowSymLinks set in the vhost.  The
.htaccess file also has Options +FollowSymLinks in it.

I've sent this same thing to the Utah PHP Users group and so far haven't fixed 
it.  Here's some of what's been done there:

Yes, I've tried SymLinksIfOwnerMatch.  It didn't make a difference.

All files are owned by brasto:apache.

Yes, DirectoryIndex has index.php as a server default, and even when I put it 
in the vhost, it didn't resolve the issue.  Note that if I comment out all 
rules and conditions and the only line in the .htaccess file is "RewriteEngine 
on" the problem occurs.

One person asked if PHP has mod rewrite compiled in.  I said:

I'm not sure:

# php -i | grep modules
extension_dir => /usr/lib64/php/modules => /usr/lib64/php/modules
# ls /usr/lib64/php/modules
curl.so  json.so  pdo_mysql.so   sqlite.so xsl.so
dom.so   mbstring.so  pdo.so wddx.so   zip.so
fileinfo.so  mysqli.sopdo_sqlite.so  xmlreader.so
gd.somysql.so phar.soxmlwriter.so

that seems to tell me no.  However phpinfo() tells me it's loaded.  I
put it here:

http://chsalumni.net/phpinfo.php

At least until this is resolved.

In case of a DNS issue, I have duplicated the issue, this time with a 
Wordpress-driven site, with http://chsalumni.net (on the same new server) since 
I can bear it having the issue for a little while until we can hopefully 
resolve it.  Here's the vhost and .htaccess file:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]


# END WordPress

Once again, if I comment out every line except RewriteEngine On, I have
the same problem (with or without wrapping it in ).  The vhost is almost identical:


SuexecUserGroupbrasto brasto
ServerName chsalumni.net
ServerAliaswww.chsalumni.net chs91.org www.chs91.org
ServerAdminad...@chsalumni.net
DocumentRoot   /home/brasto/www/chsalumni

Options Indexes FollowSymLinks
AllowOverride All

CustomLog  /var/log/httpd/brasto/chsalumni/access_log combined
ErrorLog   /var/log/httpd/brasto/chsalumni/error_log
#RewriteEngine On
#RewriteCond %{HTTP_HOST} !^chsalumni\.net$ [NC]
#RewriteRule ^(.*)$ http://chsalumni.net$1 [R=301,L]


Again, if I turn on Rewrite Engine using the vhost and use the rule and
condition that are commented out right now, they work fine, but if I try
to use the rules and conditions in the .htaccess file within the vhost,
I get the bad request error, with nothing in the error logs anywhere.
With the .htaccess as it is and vhost as it is, I still get these
entries in the logs when requesting http://chsalumn

Re: [us...@httpd] Apache 2.2 mod rewrite issue... or something

[Brandon Stout]

On 02/25/2010 11:29 AM, Brandon Stout wrote:

> I have this on my new server...
>   
I've found a hack I guess I'll live with.  I commented out the
ErrorDocument line here:

# cat /etc/httpd/conf.d/welcome.conf
#
# This configuration file enables the default "Welcome"
# page if there is no default index page present for
# the root URL.  To disable the Welcome page, comment
# out all the lines below.
#

Options Indexes
#ErrorDocument 403 /error/noindex.html


Then I add this to the bottom of the vhost (uncommenting my own rewrite
rule designed redirect any ServerAliase to the ServerName):

RewriteEngine On
RewriteOptions Inherit
RewriteCond %{HTTP_HOST} !^flfn\.org$ [NC]
RewriteRule ^(.*)$ http://flfn.org$1 [R=301,L]
#Hack:
ErrorDocument 403 /index.php

Now it all works just fine.  The underlying problem is still there, but
without a real solution, I'll take the hack and move on.

Brandon

RE: [us...@httpd] Controlling which handlers run, and when

[Thomas, Peter]

I continue to fight with this.  I added in "stub" handlers for Access,
I've determined that the authorization check of mod_authnz_ldap is being
executed in the Access phase of AAA.  This isn't documented; it's
causing two problems:  early auth failure as well as a side-effect of an
extra, useless LDAP query with a blank filter.
 
How do I instruct Apache to remove mod_authnz_ldap's authorization
handler from the access phase, while leaving it in for authorization?
 
Warmly,
 
--Pete
 
 


From: Thomas, Peter [mailto:ptho...@hpti.com] 
Sent: Thursday, February 25, 2010 12:53 PM
To: users@httpd.apache.org
Subject: [us...@httpd] Controlling which handlers run, and when



I'm trying to combine mod_authnz_ldap with a mod_perl PerlAuthenHandler.
I've got everything working correctly except that the mod_authnz_ldap
handler is being called twice...once before my PerlAuthenHandler [when
the request has not been properly configured] and once after.

This is a problem.  I've been able to see this flow by using
AuthzLDAPAuthoritative off. [to get a "DECLINED" out of the first
invocation].  When I do, my require ldap-filter, etc., directives are
not treated as authoritative on the "second pass" when the request user
has been set correctly.

--Pete 

--- 
Peter L. Thomas, ptho...@hpti.com   
(w) 703-682-5308 (c) 703-615-7806 (pgr) 877-383-8910 
<> 

Re: [us...@httpd] Controlling which handlers run, and when

[Eric Covener]

On Thu, Feb 25, 2010 at 4:35 PM, Thomas, Peter  wrote:
> I continue to fight with this.  I added in "stub" handlers for Access, I've
> determined that the authorization check of mod_authnz_ldap is being executed
> in the Access phase of AAA.  This isn't documented; it's causing two
> problems:  early auth failure as well as a side-effect of an extra, useless
> LDAP query with a blank filter.
>
> How do I instruct Apache to remove mod_authnz_ldap's authorization handler
> from the access phase, while leaving it in for authorization?
>

That doesn't seem possible, as mod_authnz_ldap doesn't hook
access_checker (and access_checker is before e.g. mod_auth_basic can
even perform authn -- how can you do authz if you don't know who the
user is?)

-- 
Eric Covener
cove...@gmail.com

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Controlling which handlers run, and when

[Thomas, Peter]

Eric Covener replied:
>That doesn't seem possible, as mod_authnz_ldap doesn't hook
access_checker (and access_checker is before e.g. mod_auth_basic can
even perform authn -- how can you do authz if you don't know who the
user is?)

And yet it moves...see log excerpt below...

The only other possibility is that first ONLY the mod_authnz_ldap
authorization mechanism is running--and failing, and only THEN my two
mod_perl handlers [Access & Authen] run, followed by another invocation
of the mod_authnz_ldap authorization routine--which would work, except
for the first failure [ldap server bug, see below].  Is it possible that
what I'm seeing is actually two passes through the AAA stack for one
request?  If so, why would this happen?

I am looking at the debug logs, and [once the mod_ssl debug spew is
done], I have...

[time...] [info] Initial (No.1) HTTPS request received for child 0
(server servername:443)

  okay, we're in...

[time...] [warn] [client address...] ldap authorize: Userid is blank,
AuthType=(null)

  But--right away--we're already trying to run mod_authnz_ldap's
authorization handler!

[time...] [debug] mod_authnz_ldap.c(582) [client address...] ldap
authorize: Creating LDAP req structure
[time...] [debug] mod_authnz_ldap.c(582) [client address...] auth_ldap
authorise: User DN not found, ldap_seach_ext_s() for user failed

  Unsurprisingly, it fails, as I haven't set the request->user(...),
request->ap_auth_type(...), etc...

[time...] [info] [client address...] AccessHandler: SSL_CLIENT_S_DN_CN =
MyCN...

  Ah-ha!  Now my access handler is running, great!

[time...] [info] [client address...] AuthenHandler: SSL_CLIENT_S_DN_CN =
MyCN...

  Followed by my authentication handler...no worries...

[time...] [debug] mod_authnz_ldap.c(582) [client address...] ldap
authorize: Creating LDAP req structure
[time...] [debug] mod_authnz_ldap.c(582) [client address...] auth_ldap
authorise: User DN not found, ldap_seach_ext_s() for user failed

  This pass through SHOULD work, right?  Sadly, my directory
administrator tells me that due to a bug in our LDAP server at this
point my connection has been "scrogged" [his word] by the earlier
invalid--and undesired--call from mod_authnz_ldap.

If it helps, my config stanza looks like this:


  SSLOptions +StdEnvVars +OptRenegotiate
  SSLUserName HTTPS_CLIENT_S_DN
  SetHandler ldap-status

  AuthType Basic
  AuthName "Certificate Authentication"
  
  AuthzLDAP Authoritative off
  AuthLDAPURL "https://server/c=us?dn";
  # Hack to force authorization hook to run; it short circuits if there
is no Require ldap-* clause
  Require ldap-filter "cn=*"
  # May be redundant, as the filter expression will always work,
assuming we find any user at all
  Require valid-user

  # both handlers set user name, set auth type, and spit out logging so
we know where we are...theoretically I should only need one
  PerlAccessHandler ORG::AccessSSL
  PerlAuthenHandler ORG::AuthnSSL



Warmly,

--Pete

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] IP address in access_log are always 0.0.0.0

[William A. Rowe Jr.]

On 2/24/2010 12:39 PM, Frank Chiulli wrote:
> 
> I was asked to update subversion to 1.6.6 on this box as well as
> others.  As part of that update, I updated both apr and apr-util from
> 0.9.4 to 0.9.13.  Initially everything seemed to be ok.  Then someone
> noticed that all the IP addresses in /var/log/httpd/access_log had
> changed from IPv4 to IPv6.

Pick up httpd 2.0.63 and the current apr versions!  You need to understand
that 0.9.4 -> 0.9.13 (which is already years too old!!!) was a larger
jump than binary compatibility will permit, and that you broke binary
compatibility again when you let APR pick up the presence of IPv6, which
might or might not have been present when the 0.9.4 was first installed.

0.9 doesn't exactly respect the same binary compatibility rules as versions
1.0 and later, because the rules were still evolving rapidly.  When finally
the httpd 2.2 shipped, using apr 1.x, things had settled in and both the
projects are better able to enforce binary compatibility.

With your old and new APR libraries, you just swapped in a BMW engine
underneath the hood of your VW beetle, and this probably isn't the only
side effect of a badly fit component.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Re: Upgrading from Apache1 1.x to 2.1.14

[William A. Rowe Jr.]

On 2/21/2010 12:07 PM, Paul McFerrin wrote:
> I gave up on Xampp as a web server.  Too many problems with not having
> symbolic links.  Went and got Apache version 2.0.63 and I'm trying to
> port it to Cygwin.

That's a really foolish idea, since the httpd security model depends upon
a case sensitive filesystem or specific canonical support of the file system
that won't be found in the cygwin portability layer.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org