Apache 2.2.20
Dave Saville
sort of logging going on to the VIO window it starts in. Wonder if Paul
left some debug code in there?
Odd thing is I start apache with:
bin\httpd.exe -d . 2>&1 >> d:\apps\apache2\logs\stderr-out
So I don't see why there is anything in the window anyway.
--
Kind regards
Dave Saville
Paul Smedley
On 07/09/11 18:28, Dave Saville wrote:
> Just tried Paul's latest and the first thing I see is there is now some
> sort of logging going on to the VIO window it starts in. Wonder if Paul
> left some debug code in there?
Not that I'm aware of but anything's possible....
Dave Saville
Seems to be dumping the environment to the VIO window for every access.
Paul Smedley
Not happening here.....
Dave Saville
>
>Hi Dave,
>
>On 10/09/11 18:14, Dave Saville wrote:
>>On Wed, 07 Sep 2011 18:58:26 +0930 Paul Smedley wrote:
>>>
>>>Hi Dave,
>>>
>>>On 07/09/11 18:28, Dave Saville wrote:
>>>>Just tried Paul's latest and the first thing I see is there is now some
>>>>sort of logging going on to the VIO window it starts in. Wonder if Paul
>>>>left some debug code in there?
>>>Not that I'm aware of but anything's possible....
>>>
>>
>>Seems to be dumping the environment to the VIO window for every access.
>Not happening here.....
>
Well *something* is different. 2.2.17 does not do it. The only
difference is that the script that does it is accessed on port 40 and
other scripts on 80 work fine. The config has not changed. Making the
window bigger I get
Attempting to exec H:/home/DB/web2/admin/cgi-bin/cars.pl as CGI child
(argv0 = H:/home/DB/web2/admin/cgi-bin/cars.pl)
Environment:
Dave Saville
with DEBUG_CGI true.
And the reason I could not redirect the stream is it is neither stdout
nor stderr
#ifdef OS2
/* Under OS/2 need to use device con. */
FILE *dbg = fopen("con", "w");
fprintf(dbg, "Attempting to exec %s as CGI child (argv0 = %s)\n",
Hey ho.
Paul Smedley
On 11/09/11 18:36, Dave Saville wrote:
> Cracked it by looking at the mod_cgi source. Must have been compiled
> with DEBUG_CGI true.
>
> And the reason I could not redirect the stream is it is neither stdout
> nor stderr
>
> #ifdef OS2
> /* Under OS/2 need to use device con. */
> FILE *dbg = fopen("con", "w");
>
> fprintf(dbg, "Attempting to exec %s as CGI child (argv0 = %s)\n",
Yep you're correct - sorry for the inconvenience :(
Cheers,
Paul
Dave Saville
Thanks Paul - that's fixed it.
Dave Saville
The authentication seems broken - Flags all attempts as password
mismatch. Restored 2.2.17 and all is well again.
Anyone got authentication working on this release?
Lewis G Rosenthal
On 09/12/11 05:40 am, Dave Saville thus wrote :
> Oh dear
>
> The authentication seems broken - Flags all attempts as password
> mismatch. Restored 2.2.17 and all is well again.
>
> Anyone got authentication working on this release?
>
I was going to test the build a couple of nights ago, to see if I could
replicate the noise you were getting in the VIO window. It got late, and
I figured I'd wait. Yesterday morning, I saw Paul's post about the
updated build to address that, but again got involved with other things,
and didn't have an opportunity to dig in.
I'll install it on my ThinkPad and see what I get. I have a couple
password protected areas which utilize AuthType Basic. Is that the type
causing you difficulty?
--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS
Rosenthal& Rosenthal, LLC www.2rosenthals.com
Need a managed Wi-Fi hotspot? www.hautspot.com
visit my IT blog www.2rosenthals.net/wordpress
please do not add my address to any non-bcc mass mailings
-------------------------------------------------------------
Dave Saville
>
>Hi, Dave!
>
>On 09/12/11 05:40 am, Dave Saville thus wrote :
>>Oh dear
>>
>>The authentication seems broken - Flags all attempts as password
>>mismatch. Restored 2.2.17 and all is well again.
>>
>>Anyone got authentication working on this release?
>> I was going to test the build a couple of nights ago, to see if I could replicate the noise you were getting in the VIO window. It got late, and I figured I'd wait.
>Yesterday morning, I saw Paul's post about the updated build to address that, but again got involved with other things, and didn't have an opportunity to dig in.
>
>I'll install it on my ThinkPad and see what I get. I have a couple password protected areas which utilize AuthType Basic. Is that the type causing you difficulty?
>
Hi Lewis, Yes Basic.
Dave Saville
>
>
>On 09/12/11 05:40 am, Dave Saville thus wrote :
>>Oh dear
>>
>>The authentication seems broken - Flags all attempts as password
>>mismatch. Restored 2.2.17 and all is well again.
>>
>>Anyone got authentication working on this release?
>> I was going to test the build a couple of nights ago, to see if I could replicate the noise you were getting in the VIO window. It got late, and I figured I'd wait.
>Yesterday morning, I saw Paul's post about the updated build to address that, but again got involved with other things, and didn't have an opportunity to dig in.
>
>I'll install it on my ThinkPad and see what I get. I have a couple password protected areas which utilize AuthType Basic. Is that the type causing you difficulty?
>
Hi Lewis
Have you found time to test this? Have opened a mantis ticket #487
Piersante Sestini
On Sep 12, 11:40 am, "Dave Saville" <d...@deezee.org> wrote:
>
> The authentication seems broken - Flags all attempts as password
> mismatch. Restored 2.2.17 and all is well again.
>
> Anyone got authentication working on this release?
>
appears to work here.
Tested only from localhost, though.
Piersante
Lewis G Rosenthal
Cheers/2
--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE
Rosenthal& Rosenthal, LLC www.2rosenthals.com
Need a managed Wi-Fi hotspot? www.hautspot.com
visit my IT blog www.2rosenthals.net/wordpress
-------------------------------------------------------------
Lewis G Rosenthal
On 09/18/11 09:29 am, Piersante Sestini thus wrote :
Basic auth is *not* working here. The 2.2.20 version of auth_bas.dll
does not seem to want to properly handle passwords generated from an
earlier Apache2 htpasswd.exe, however, the reverse does seem to work (I
can use htpasswd.exe to generate a new password file and then replace
the one on the server running Apache 2.2.15 and it will properly
decrypt. So, whatever happened seems to have only impacted the
decryption side of the situation, namely, the dll.
The log simply shows a failed password; no specifics.
Dave, apologies for taking so long to actually test this.
Anyone else?
--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS
Rosenthal& Rosenthal, LLC www.2rosenthals.com
Need a managed Wi-Fi hotspot? www.hautspot.com
visit my IT blog www.2rosenthals.net/wordpress
Dave Saville
>Basic auth is *not* working here. The 2.2.20 version of auth_bas.dll does
>not seem to want to properly handle passwords generated from an earlier
>Apache2 htpasswd.exe, however, the reverse does seem to work (I can use
>htpasswd.exe to generate a new password file and then replace the one on
>the
>server running Apache 2.2.15 and it will properly decrypt. So, whatever
>happened seems to have only impacted the decryption side of the situation,
>namely,
>the dll.
>
>The log simply shows a failed password; no specifics.
>
You think this may have something to do with it? From the 2.2.18 changelog
*) htpasswd: Change the default algorithm for htpasswd to MD5 on all
platforms. Crypt with its 8 character limit is not useful anymore;
improve out of disk space handling (PR 30877); print a warning if
a password is truncated by crypt. [Stefan Fritsch]
Paul Smedley
I'd wager this is the root cause of the issue...
Cheers,
Paul
Lewis G Rosenthal
In my case, I can workaround by re-generating new password files. Why,
though, have I come up empty searching even Apache's bugzilla for
mentions of this under other platforms?
Odd...
BTW, I *am* using MD5 in my password files, and these did *not* match up
to the new ones. I generated a new file, specifying MD5 on the command
line, too.
Cheers/2
Piersante Sestini
Piersante
Hi, Piersante...Basic auth is *not* working here. The 2.2.20 version of auth_bas.dll does not seem to want to properly handle passwords generated from an earlier Apache2 htpasswd.exe, however, the reverse does seem to work (I can use htpasswd.exe to generate a new password file and then replace the one on the server running Apache 2.2.15 and it will properly decrypt. So, whatever happened seems to have only impacted the decryption side of the situation, namely, the dll.
Dave Saville
Neither could I find anything. Therefore I am forced to the conclusion it
must be an OS.2 problem. In my case the password file is using CRYPT (the
old default) and fails. I cannot regenerate the file as users are able to
change their passwords - I have over a thousand :-(
Steven Levine
at 09:40 AM, "Dave Saville" <da...@deezee.org> said:
Hi,
>>BTW, I *am* using MD5 in my password files, and these did *not* match up
>>to the new ones. I generated a new file, specifying MD5 on the command
>>line, too.
>Neither could I find anything. Therefore I am forced to the conclusion it
> must be an OS.2 problem. In my case the password file is using CRYPT
>(the old default) and fails. I cannot regenerate the file as users are
>able to change their passwords - I have over a thousand :-(
I have to suspect that problem is in
apr-trunk\crypto\apr_md5.c
The code is supposed to be backwards compatible. There is some code that
disables crypt for Windows and a couple of other platforms, but not OS/2.
I've not installed Paul's latest build yet, so I can't test here. What
happens if you generate a crypt hash with the old and the new
htpasswd.exe? If they differ when the new htpasswd is run with the -d
switch, I would say there's some sort of regression.
Steven
--
----------------------------------------------------------------------
"Steven Levine" <ste...@earthlink.net> eCS/Warp/DIY etc.
www.scoug.com www.ecomstation.com
----------------------------------------------------------------------