boa-devel Mailing List for Boa (Page 9)
Brought to you by:
jnelson
You can subscribe to this list here.
2000 |
Jan
(31) |
Feb
(42) |
Mar
(77) |
Apr
(8) |
May
(8) |
Jun
(16) |
Jul
|
Aug
(4) |
Sep
(20) |
Oct
(1) |
Nov
(11) |
Dec
(1) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2001 |
Jan
|
Feb
(9) |
Mar
(3) |
Apr
|
May
(3) |
Jun
|
Jul
(3) |
Aug
|
Sep
(5) |
Oct
|
Nov
(1) |
Dec
(1) |
2002 |
Jan
(2) |
Feb
|
Mar
|
Apr
(4) |
May
|
Jun
|
Jul
(1) |
Aug
(2) |
Sep
(7) |
Oct
(15) |
Nov
(6) |
Dec
(41) |
2003 |
Jan
(32) |
Feb
(20) |
Mar
(1) |
Apr
(1) |
May
(3) |
Jun
(1) |
Jul
(9) |
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
(12) |
2004 |
Jan
(2) |
Feb
(5) |
Mar
(5) |
Apr
(1) |
May
(10) |
Jun
(3) |
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
(2) |
2005 |
Jan
(1) |
Feb
|
Mar
|
Apr
(2) |
May
(1) |
Jun
(2) |
Jul
|
Aug
(1) |
Sep
(2) |
Oct
|
Nov
(2) |
Dec
(8) |
2006 |
Jan
(10) |
Feb
(3) |
Mar
(1) |
Apr
(1) |
May
(6) |
Jun
(13) |
Jul
(12) |
Aug
(13) |
Sep
(4) |
Oct
(23) |
Nov
(29) |
Dec
(26) |
2007 |
Jan
(15) |
Feb
(19) |
Mar
(29) |
Apr
(79) |
May
(74) |
Jun
(112) |
Jul
(44) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Jon N. <jn...@ja...> - 2003-07-03 02:41:45
|
This is the small patch I've been using since 0.94.14rc17 came out. It's really quite small, fixes no bugs, and is only really useful to a handful of people. Questions, comments? -- No more monkey ducks, jumping on the bed! Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Rachel <ra...@pu...> - 2003-06-04 01:32:05
|
Dear Sir or Madam, I have the pleasure to know your esteemed Corp. We are a manufacturer of garments and bags in Quanzhou, China. I think we can cooperate and supply you with garments and bags as you need. The following is some introductions about our company. Set up: 1988 Type: manufacturer & exporter Product: knitted garments and bags Employees: 1300 persons ( garments factory: 500 bags factory: 800) Product data: product (main items) capacity(/year) brief 2,000,000dzs baby body 1,800,000dzs boxer short 200,000dzs pajama 50,000dzs soft bag 1,500,000pcs hard bag 500,000pcs Mimn order: 300dzs for garments 500pcs for bags Payment: irrevocable L/C at sight Our garment factory mainly specialize in Lady's and men's underwear, children's wear, baby's wear, pajama, boxer shorts, T-shirt, etc. The materials we often use are cotton, T/C, Polyester, Polyamide, Elasthan, and Polyamide. Our products are design with PAD system, produced with advanced equipment, processed in highly quality control system with seasoned workmanship and high efficiency. Our main market is Europe, Australia, Japan. We also accept the orders designed and required by costumers. Our bag factory was founded in 1988, too. We produce all kinds of bags, including suitcase, backpack, travel bag, shoulder bag, sport bag, trolley, camera bag, tote bag, school bag, computer case, luggage,waist bag, notecase, etc. And the goods have met a great favor in the Europe countries, Australia and America because of their good quality, beautiful design and competitive price. Thank you very much. Hope you will give us an opportunity to do business together and we will try our level best to fulfill your present requirement. Should you therefore need any more details for your clarification, pls do not hesitate to contact us. And you are welcome to visit our factories. With best regards Rachel Wang Mob:0086-13960286700 Jason Chen Mob:0086-13959893400 Vicki Wang Mob:0086-13960228599 ----------------------------------------------------------------------------- SENWER GARMENTS CO., LTD. ADD: Room F202, Fugui Renjia Building, Liuguan Road, Quanzhou, Fujian, China. Tel: 0086-595-2506700 Fax: 0086-595-2563400 P.C.:362000 E-mail: ra...@pu... ----------------------------------------------------------------------------- |
From: Rachel <se...@pu...> - 2003-05-21 16:23:03
|
Dear Sir or Madam, I have the pleasure to know your esteemed corp. We are a manufacturer & exporter of garments and bags in Quanzhou, China. I think we can cooperate and supply you with garments as you need. The following is some introductions about our company. Set up: 1988 Type: manufacturer & exporter Product: knitted garments and bags Employees: 1300 persons ( garments factory: 500 bags factory: 800) Product data: product (main items) capacity(/year) brief 2,000,000dzs baby body 1,800,000dzs boxer short 200,000dzs pajama 50,000dzs soft bag 1,500,000pcs hard bag 500,000pcs Mimn order: 300dzs for garments Payment: irrevocable L/C at sight Bank: BANK OF CHINA Our garment factory mainly specialize in Lady's and men's underwear, children's wear, baby's wear, pajama, boxer shorts, T-shirt, etc. The materials we often use are cotton, T/C, Polyester, Polyamide, Elasthan, and Polyamide. Our products are design with PAD system, produced with advanced equipment, processed in highly quality control system with seasoned workmanship and high efficiency. Our main market is Europe, Australia, Japan and America. We also accept the orders designed and required by costumers. You can see some pictures of our samples through our web http://www.senwer.com. (For more pictures in your interesting, pls kindly contact us directly). Our bag factory was founded in 1988, too. We produce all kinds of bags, including suitcase, backpack, travel bag, shoulder bag, sport bag, trolley, camera bag, tote bag, school bag, computer case, luggage,waist bag, notecase, etc. And the goods have met a great favor in the Europe countries, Australia and America because of their good quality, beautiful design and competitive price. Thank you very much. Hope you will give us an opportunity to do business together and we will try our level best to fulfill your present requirement. Should you therefore need any more details for your clarification, pls do not hesitate to contact us. And you are welcome to visit our factories. With best regards Rachel Wang Mob:0086-13960286700 E-mail:ra...@se... Jason Chen Mob:0086-13959893400 E-mail: jas...@se... Vicki Wang Mob:0086-13960228599 E-mail: vi...@se... ----------------------------------------------------------------------------- SENWER GARMENTS CO., LTD. ADD: Room F202, Fugui Renjia Building, Liuguan Road, Quanzhou, Fujian, China. Tel: 0086-595-2506700 Fax: 0086-595-2563400 P.C.:362000 Http://www.senwer.com E-mail: se...@pu... ----------------------------------------------------------------------------- |
From: Rachel <se...@pu...> - 2003-05-19 16:22:07
|
Dear Sir, I have the pleasure to know your esteemed corp. We are a manufacturer & exporter of garments and bags in Quanzhou, China. I think we can cooperate and supply you with garments as you need. The following is some introductions about our company. Set up: 1988 Type: manufacturer & exporter Product: knitted garments and bags Employees: 1300 persons ( garments factory: 500 bags factory: 800) Product data: product (main items) capacity(/year) brief 2,000,000dzs baby body 1,800,000dzs boxer short 200,000dzs pajama 50,000dzs soft bag 1,500,000pcs hard bag 500,000pcs Mimn order: 300dzs for garments Payment: irrevocable L/C at sight Bank: BANK OF CHINA Our garment factory mainly specialize in Lady's and men's underwear, children's wear, baby's wear, pajama, boxer shorts, T-shirt, etc. The materials we often use are cotton, T/C, Polyester, Polyamide, Elasthan, and Polyamide. Our products are design with PAD system, produced with advanced equipment, processed in highly quality control system with seasoned workmanship and high efficiency. Our main market is Europe, Australia, Japan and America. We also accept the orders designed and required by costumers. You can see some pictures of our samples through our web http://www.senwer.com. (For more pictures in your interesting, pls kindly contact us directly). Our bag factory was founded in 1988, too. We produce all kinds of bags, including suitcase, backpack, travel bag, shoulder bag, sport bag, trolley, camera bag, tote bag, school bag, computer case, luggage,waist bag, notecase, etc. And the goods have met a great favor in the Europe countries, Australia and America because of their good quality, beautiful design and competitive price. Thank you very much. Hope you will give us an opportunity to do business together and we will try our level best to fulfill your present requirement. Should you therefore need any more details for your clarification, pls do not hesitate to contact us. And you are welcome to visit our factories. With best regards Rachel Wang Mob:0086-13960286700 E-mail:ra...@se... Jason Chen Mob:0086-13959893400 E-mail: jas...@se... Vicki Wang Mob:0086-13960228599 E-mail: vi...@se... ----------------------------------------------------------------------------- SENWER GARMENTS CO., LTD. ADD: Room F202, Fugui Renjia Building, Liuguan Road, Quanzhou, Fujian, China. Tel: 0086-595-2506700 Fax: 0086-595-2563400 P.C.:362000 Http://www.senwer.com E-mail: se...@pu... ----------------------------------------------------------------------------- |
From: tok <ok...@ma...> - 2003-05-07 04:14:20
|
hi all, let me start by thanking all boa devs for their work. though i was unhappy with the level of access control, so here is a patch to allow something like this in a boa.conf: Deny /var/www/cgi-bin/shutdown.cgi Allow /var/www/cgi-bin/shutdown.cgi 192.168.1.0/24 Allow /var/www/cgi-bin/shutdown.cgi 127.0.0.1 Deny phpmyadmin/* Allow phpmyadmin/* 192.168.1.0/24 Allow phpmyadmin/* 127.0.0.1 Deny local/* Allow local/* 192.168.1.0/24 Allow local/* 127.0.0.1 the first line of each block looks like the old way, but for now all non-absolute pathes are prefixed with document root while reading the config. this imo allows much cleaner config files, but requires some more thought to work with vhost. i am not entirely happy with this, but haven't found a better idea. furthermore i'm not sure if "fnmatch" is a good way to do the check, as i don't see how wildcards like "*.pm" w/o any specific (script) dir could ever work. the optional second param may be single ip or range in above format. after rewriting my first try (which seemed are more elegant implementation but segfaulted most of the time) and tweaking it a bit after some more thought: it does not seem to kill boa on instant, it does seem to do something like i want it to, it could use a better way of specifying the path/regexp. in the end, i wouldn't trust sensitive data to this code (so far). i would appreciate feedback if anyone finds use for this. this might be a little of your goals with boa, but now can replace apache and lighten the load of my old box ;-) thanks again, tok |
From: <lib...@gm...> - 2003-04-03 23:47:31
|
Hi all, attached is a patch against boa-0.94.14rc16 which modifies the Allow/Deny feature as follows: 1) set one default rule for a pattern syntax: Allow {pattern} [the old access control] 2) set arbitrary rules based on IP & netmask syntax: Allow {pattern} {ip} or: Allow {pattern} {ip}/{netmask} if not set, the default is to allow. if the pattern is not an absolute path, it is prefixed with the document root. problems: 1) this is not ipv6 ready 2) the ordering of rules may require some thinking... searching for matching entries stops after the first match (on both levels; patterns first). thus something like this would not work: --- Deny private/* Allow private/* 127.0.0.1 #fine till here, but assume you want to Allow private/something.html 192.168.5.0/24 --- this is a new pattern, but requests to it would match the earlier private/* pattern and never reach the new one. think huffman codes ;-) any comments howto improve this? by the way: thanks for boa regards, tok ps: please cc to s.k6[at]hamburg[dot]de when replying, i'm not on the list -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! |
From: Jon N. <jn...@ja...> - 2003-03-11 16:18:14
|
Boa 0.94.14rc17 has been released. 0.94.14rc17 is a cleanup release, and is the result of continuing efforts to clean and improve the code. The relevant additions to the changelog are: * #define QUIET_DISCONNECT to silence read and write errors to client * when range requests are determined to be invalid, use log_error_doc * make log messages when URI contains invalid characters or doesn't start with a '/' less scary * if creating a temporary file, or setting it to close-on-exec fails, send_r_error * if key or value for an http header is invalid, log it. * be more strict with range parsing * handle 0-byte sendfile attempt better -- Applying computer technology is simply finding the right wrench to pound in the correct screw. Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-23 00:04:15
|
This is 0.94.14rc16. This is a cleanup release. An extensive effort was made to generally improve the code. The relevant additions to the changelog are: * be more stringent about verifying that all of the proper variables * got allocated in create_common_env * when unable to add an environment to the CGI space, note what the key and values are to the error log. * use log_error_doc instead of log_error_time in some places * make sure to _exit if strdup fails in create_argv * DO NOT accept control characters in the http header stream * DO NOT accept control characters in the decoded URI * warn when the hash function is sent an NULL or empty value * warn when find_alias is sent a uri_len of 0. * clean up and fix some of the path construction code paths * add log_error_doc in some places * when checking for a user home dir, if the full URI is "/~" then log it and send back a bad request response * mild clean up of req_write_escape_html * refactor code so all hash functions start with hash * check for and complain about empty or NULL keys and values in the various hash function * change the maximum number of environment variables to 100 from 50 -- "Never try to write to ROM - it wastes your time and annoys the ROM." Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-18 17:11:24
|
On Tue, 18 Feb 2003, Jon Nelson wrote: > Boa 0.94.14rc15 has been released. > It contains a fix to a potential Denial of Service attack that could > cause Boa to segmentation fault. OK, the website has also been updated! Make sure the tarball matches the GPG signature, or at least that the tarball sizes match what is displayed on the web page at http://www.boa.org/news.html -- "Never try to write to ROM - it wastes your time and annoys the ROM." Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-18 16:54:17
|
Boa 0.94.14rc15 has been released. It contains a fix to a potential Denial of Service attack that could cause Boa to segmentation fault. -- "Never try to write to ROM - it wastes your time and annoys the ROM." Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-18 05:24:06
|
My proposed patch is wrong. Please disregard. We'll have a better patch and probably a new release candidate very soon, perhaps tomorrow. Anybody needing anything earlier please let us know, and we'll try to accomodate. *I* am going to bed, it's 11:30 PM where I am. -- "Never try to write to ROM - it wastes your time and annoys the ROM." Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-18 05:04:51
|
I am including my proposed patch for 0.94.14rc14, although it should apply fairly cleanly for many 0.94.14rc's. If anybody doesn't have 0.94.14rc14 but wants it (because I pulled it from the website), please let me know, I'll get it to you. If the original author wishes it, public thanks will be given later. diff -ur boa-0.94.14rc14/src/request.c boa-0.94.14rc14.patched/src/request.c --- boa-0.94.14rc14/src/request.c 2003-02-01 23:02:19.000000000 -0600 +++ boa-0.94.14rc14.patched/src/request.c 2003-02-17 22:55:54.000000000 -0600 @@ -614,15 +614,47 @@ /* advance STOP until first '/' after host */ stop += strlen(SERVER_METHOD) + 3; host = stop; - while (*stop != '\0' && *stop != '/') + while(*stop != '\0' && *stop != '/' && *stop != ' ') ++stop; - if (stop == host || *stop == '\0') { + + if (stop2 < stop) { + /* Corruption in absolute URI */ + /* This prevents a DoS attack from format string attacks */ + log_error_doc(req); + fprintf(stderr, "corruption in absolute URI: %d \"%s\"\n", + stop2 - stop, req->logline); + send_r_bad_request(req); + return(0); + } else if (stop == stop2) { + /* nothing *at all* after http:// */ /* no host in absolute URI */ - log_error_time(); - fprintf(stderr, "no host in absolute URI: \"%s\"\n", - req->request_uri); + log_error_doc(req); + fprintf(stderr, "nothing after http:// in absolute URI: \"%s\"\n", req->request_uri); send_r_bad_request(req); - return (0); + return(0); + } + + /* stop2 > stop */ + if (stop == host) { + /* host is one letter? */ + if (*stop == '/') { + /* no host in absolute URI */ + log_error_doc(req); + fprintf(stderr, "no host in absolute URI: \"%s\"\n", req->request_uri); + send_r_bad_request(req); + return(0); + } else { + /* host is valid, but there is no URL. */ + log_error_doc(req); + fprintf(stderr, "no URL in absolute URI: \"%s\"\n", req->request_uri); + send_r_bad_request(req); + return(0); + } + } else { + /* stop2 < stop, so we have *something* after http:// + * stop > host, thus host is good, and we have an URL + */ + ; } /* copy the URI */ memcpy(req->request_uri, stop, stop2 - stop); -- "Never try to write to ROM - it wastes your time and annoys the ROM." Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-18 04:25:39
|
Well, a DoS was discovered in all versions of Boa 0.94.14rc4 and more recent. This does *not* include prior versions of Boa. In the meantime, please do not use any version of 0.94.14 until a proper patch can be made. We do not yet know whether the DoS is exploitable to gain access. -- "Never try to write to ROM - it wastes your time and annoys the ROM." Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-09 23:28:47
|
Just FYI, I goofed on rc14 -- I forgot to change the version number. -- Democracy is two wolves and a sheep voting on what to have for dinner. Liberty is two wolves attempting to have a sheep for dinner and finding a well-informed, well-armed sheep. Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-08 01:15:10
|
Boa 0.94.14rc14 is a minor cleanup of rc13. The relevant additions to the changelog are: * fix more spelling errors (LRD) and remove use of const int * better sa_family_t detection on *BSD (Peter Pentchev) -- Democracy is two wolves and a sheep voting on what to have for dinner. Liberty is two wolves attempting to have a sheep for dinner and finding a well-informed, well-armed sheep. Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: <all...@li...> - 2003-02-05 19:29:55
|
On 2003-02-04 12:17:02, Jon Nelson wrote: > The httpd *still* has to parse all of the headers, and convert it to > *something*. I understand, but I was really thinking a 2nd time on the client side (raw vs partially or fully digested messages). > However, if Boa *were* to support more than just CGI, then the logical > thing to do is have an intermediate format that is much less > expensive, probably a key/value struct, from which either format could > be generated inexpensively. Interesting, if cgi was just another module one might choose to rip it out in favor of a better mechanism (however you define "best"). /Allan --=20 Allan Wind P.O. Box 2022 Woburn, MA 01888-0022 USA |
From: Jon N. <jn...@ja...> - 2003-02-04 18:40:49
|
On Tue, 4 Feb 2003, Allan Wind wrote: > > However the mechanism, it's an unimportant detail really. It's far > > easier IMO that the FastCGI spec which is quite a bit more complex. > > Furthermore, if I read it properly, I don't think the httpd even needs > > to re-parse the output, making SCGI a "smarter" NPH. > > Lost me there. Unless the httpd already parses things as netstrings it > would have to at least generate this special format, no? What about > just passing the whole message through, possible decorated with a header > containing meta information (ip, server root and maybe even an index to > parse the message itself) so you end up doing something like: > > send(header(request)) > send(message) > > where request is assumed to contain meta information. The httpd *still* has to parse all of the headers, and convert it to *something*. Right now, they are simply added to an array (fixed size) of environment variables for the CGI. I wrote a quick proof-of-concept scgi.c file that took that information and converted it. However, if Boa *were* to support more than just CGI, then the logical thing to do is have an intermediate format that is much less expensive, probably a key/value struct, from which either format could be generated inexpensively. -- Democracy is two wolves and a sheep voting on what to have for dinner. Liberty is two wolves attempting to have a sheep for dinner and finding a well-informed, well-armed sheep. Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: <all...@li...> - 2003-02-04 18:22:29
|
On 2003-02-04 10:43:15, Jon Nelson wrote: > SOAP is expensive. That was my gut feeling as well. > Basically SCGI uses the netstrings specification, as in http://python.ca/nas/scgi/protocol.txt? > which when boiled down means that every "string" is prefixed by its > length, and \0 is the seperator (versus \n, \r\n, \r, tab, and others). Why is the header and body two different such strings? Opposed to one such string per header "line" and one for the body? > Header names are not from a fixed set. Ok. > There are some environment variables that should always be present, > others that are usually present, and yet others that are purely > optional. If you send to a CGI the header "foo: bar" the CGI should > get HTTP_FOO=3Dbar in its environment. All "unrecognized" header values > get prefixed with HTTP_. Ok, I was aware of the how that worked, but not if CGI just lagged behind time. > However the mechanism, it's an unimportant detail really. It's far > easier IMO that the FastCGI spec which is quite a bit more complex. > Furthermore, if I read it properly, I don't think the httpd even needs > to re-parse the output, making SCGI a "smarter" NPH. Lost me there. Unless the httpd already parses things as netstrings it would have to at least generate this special format, no? What about just passing the whole message through, possible decorated with a header containing meta information (ip, server root and maybe even an index to parse the message itself) so you end up doing something like: send(header(request)) send(message) where request is assumed to contain meta information. > Another bonus of SCGI is that the httpd has its choice if reliable > transports (tcp/ip or fifo/socket), thus the SCGI "server" could be on a > different machine than the httpd, the bonus there being able to sustain > far higher load and possibly even load balancing *right at the network > layer*. Yes, I am with totally with you there. /Allan --=20 Allan Wind P.O. Box 2022 Woburn, MA 01888-0022 USA |
From: Jon N. <jn...@ja...> - 2003-02-04 17:07:03
|
On Tue, 4 Feb 2003, Allan Wind wrote: > On 2003-02-04 07:52:49, Jon Nelson wrote: > > Another possibility that I've been playing with recently is SCGI: > > http://www.mems-exchange.org/software/scgi/ > > I read the SCGI specification eariler, and found the pre-pending of > string size a little odd, it leaves them with only \0 to seperate header > field and value. Is it _that_ time consuming to parse http headers > twice? Isn't the header names a fixed set (possible extended from > HTTP to provide the information the environment does in CGI)? What > about SOAP (which I know hardly anything about, btw)? SOAP is expensive. Basically SCGI uses the netstrings specification, which when boiled down means that every "string" is prefixed by its length, and \0 is the seperator (versus \n, \r\n, \r, tab, and others). Header names are not from a fixed set. There are some environment variables that should always be present, others that are usually present, and yet others that are purely optional. If you send to a CGI the header "foo: bar" the CGI should get HTTP_FOO=bar in its environment. All "unrecognized" header values get prefixed with HTTP_. However the mechanism, it's an unimportant detail really. It's far easier IMO that the FastCGI spec which is quite a bit more complex. Furthermore, if I read it properly, I don't think the httpd even needs to re-parse the output, making SCGI a "smarter" NPH. Another bonus of SCGI is that the httpd has its choice if reliable transports (tcp/ip or fifo/socket), thus the SCGI "server" could be on a different machine than the httpd, the bonus there being able to sustain far higher load and possibly even load balancing *right at the network layer*. -- Democracy is two wolves and a sheep voting on what to have for dinner. Liberty is two wolves attempting to have a sheep for dinner and finding a well-informed, well-armed sheep. Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: <all...@li...> - 2003-02-04 15:43:07
|
On 2003-02-04 07:52:49, Jon Nelson wrote: > Another possibility that I've been playing with recently is SCGI: > http://www.mems-exchange.org/software/scgi/ I read the SCGI specification eariler, and found the pre-pending of string size a little odd, it leaves them with only \0 to seperate header field and value. Is it _that_ time consuming to parse http headers twice? Isn't the header names a fixed set (possible extended from HTTP to provide the information the environment does in CGI)? What about SOAP (which I know hardly anything about, btw)? /Allan --=20 Allan Wind P.O. Box 2022 Woburn, MA 01888-0022 USA |
From: Jon N. <jn...@ja...> - 2003-02-04 14:16:37
|
Another possibility that I've been playing with recently is SCGI: http://www.mems-exchange.org/software/scgi/ It's like FastCGI but easier to impliment. I also have laying around some code to do loadable module support, which worked well, but needed improvement. The loadable module support was able to hook into Boa at various times and stages: 1. When Boa starts up 2. When Boa shuts down 3. When a request is first accepted 4. When a request is shutdown 5. several stages during the reading and parsing of the request At the time, there were loadable modules for a. directory generation (pulled out of Boa proper) b. ssl c. virtualhosting (no long req'd.) d. some other stuff. I forget. ;-) -- Democracy is two wolves and a sheep voting on what to have for dinner. Liberty is two wolves attempting to have a sheep for dinner and finding a well-informed, well-armed sheep. Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Jon N. <jn...@ja...> - 2003-02-04 14:05:35
|
On Tue, 4 Feb 2003, Charles Mitchell wrote: > Hi > > Have tried unsuccessfully to find docs/howtos on the Internet about > setting up Boa 0.94.13 with OpenSSL. > > Only info I found recommended making sure to use a version of Boa that > supports SSL. > > I'm Stuck ! Hope this helps you get unstuck. Currently, there are no versions of Boa that support SSL. Consider using stunnel to wrap the http service: 1. Bind Boa to localhost, and whatever port you like. 2. Bind stunnel to whatever IP you want, and port 443 3. Tell stunnel to forward unencrypted connections to localhost and the port that you bound Boa to. 4. test There are some caveats, and I'm sure the 4 steps outlined above are incomplete in some way, but that's what I would do, at least from an outline point of view. Future versions of Boa may support SSL using GNUTLS. -- Democracy is two wolves and a sheep voting on what to have for dinner. Liberty is two wolves attempting to have a sheep for dinner and finding a well-informed, well-armed sheep. Jon Nelson <jn...@ja...> C and Python Code Gardener |
From: Charles M. <ch...@da...> - 2003-02-04 10:19:02
|
Hi Have tried unsuccessfully to find docs/howtos on the Internet about setting up Boa 0.94.13 with OpenSSL. Only info I found recommended making sure to use a version of Boa that supports SSL. I'm Stuck ! -- Thanks in advance Charles Mitchell datalocate.net |
From: <all...@li...> - 2003-02-04 04:47:14
|
On 2003-02-03 20:04:07, la...@do... wrote: > Instead of embedding an interpreter, you could instead simply "plug-in" > the application program, with a dynamic loader. I was thinking along the same lines with a plugin "manager" to load and unload such modules. Stability, and maybe even scalability, may dictate one or more seperate such manager processes (similiar in philosophy to fastcgi or even postfix's Local Mail Transfer Protocol). Is there anything along these lines already, which then would reduce the readers exercise to simply connect the dots? CORBA (as in IIOP) might be a suitable transport, but it's big fat and possible heavy dependency to slap on. The application side of any interface has to be web server independent. /Allan --=20 Allan Wind P.O. Box 2022 Woburn, MA 01888-0022 USA |
From: <la...@do...> - 2003-02-04 04:04:42
|
Allan - > Has anyone thought about a faster alternative to CGI for serving dynamic > content with boa? Yes. Oh, you want an answer, too? ;-) > I am aware of the general approach of embedding an > interpreter in the web server, and there is of course fastcgi which is > scary in a different way. Neither seem compatible to small is good > philosophy. What would be? IMHO, fastcgi merely postpones the problem. Instead of embedding an interpreter, you could instead simply "plug-in" the application program, with a dynamic loader. That latter possibility places complete control in the hands of the application to never stall. It might be better to keep control, in the form of a properly designed and debugged interpreter. Any candidate interpreter has to be able to perform direct (in-memory, not network transaction based) database queries, using something like gdbm. The output is obviously HTML. It's OK to have "source code" compiled down to "byte code" that the server "interprets". The interpreter has to keep "per-thread" state explicitly (not just in the Boa program counter), so when a buffer fills, Boa's main file-descriptor loop can take over. Like I said, I have thought about this off-and-on for years, and never put anything in. I have studied the available code base, e.g., php and other scripting languages, and never found anything that was programming-model compatible with Boa. Some things that come close, like php, are license-incompatible. I'm not scared to code something up, if I think it makes sense, could do real-world work, and people would use it. - Larry |