XDMCP fatal error: Session declined Maximum number of open sessions from your host
May 31, 2011 by admin · Leave a Comment
This is usually caused by a router using NAT. The problem is the host thinks the router is a Xserver trying to connect and because several users might be connecting to the host through the router, the host stops allowing the router to open new sessions. The fix for this is to increase the Displays per host on your Linux or UNIX host.
Under Linux, this setting is in the /etc/gdm/gdm.schemas file and the /etc/kde/kdm/kdmrc file. Here’s the part of the file(s) you need to look at:
<schema>
<key>xdmcp/DisplaysPerHost</key>
<signature>i</signature>
<default>1</default>
</schema>
Increasing DisplaysPerHost will allow more users to connect before this error happens.
/etc/gdm/gdm.schemas configures more host connections for Gnome.
/etc/kde/kdm/kdmrc file configures more host connections for KDE.
If there are too many sessions, rebooting the host will fix this problem as well. However, the problem will return once the Displays per host is exceeded again.
Opera 11.50 Beta1 Released
May 31, 2011 by admin · Leave a Comment
Opera 11.50 Beta1 has been released.
New in 11.50 beta
Live, dynamic Speed Dial
This release furthers one of the Opera browser’s most popular features, Speed Dial, with new Speed Dial extensions. In your Speed Dial, you can show live, animated content such as news feeds, the weather, a collection of your favorite photos and much more. Speed Dial extensions can also be customized to your preferences. A growing collection of Speed Dial extensions is available from our extensions catalog.
Keep your passwords in sync
Opera Link synchronizes bookmarks and other browser information across multiple computers. Opera’s security has been enhanced to ensure that your passwords are kept safe in Opera Link. With this feature, it is important to ensure that your Opera Link password is strong, and the Opera browser now even helps with this.
Perl with FastCGI authorization example
May 31, 2011 by admin · Leave a Comment
Perl with FastCGI authorization example:
#!/usr/bin/perluse strict;use DBI;use FCGI;use constant PATH_NEVER => 0;use constant PATH_MAYBE => 1;use constant PATH_ALWAYS => 2;# normally, I would abstract this stuff out into a sitewide config module,# but for didactic reasons, I’ll just define some constants here:use constant COOKIE_NAME => ‘AUTH_TOKEN’;use constant DBI_DSN => ‘dbi:mysql:hostname=DBHOSTNAME;database=DBNAME’;use constant DBI_USR => ‘monty’;use constant DBI_PWD => ‘widenius’;use constant AUTH_ERR => -1;use constant AUTH_NOK => 0;use constant AUTH_OK => 1;use constant AUTH_QUERY => <<AQ_SQL;select count(*) as authorizedfrom login_tablewhere user = ?and token = ?and expiry > unix_timestamp()AQ_SQLuse vars qw($DBH $STH $N);sub _init ();sub _exit ();sub authorized ($$$);sub get_login_cookie ();sub query_decode (;@);_init();for ($N = 0; FCGI::accept() >= 0; $N++){# check the path to see if we want/need to authorize access:my $path_auth = check_path($ENV{REQUEST_URI});if($path_auth == PATH_MAYBE){my $auth = undef();my $user;my $token;my $cookie;# get the login cookie and decompose it into user + token:# cookie format: USERNAME:OPAQUETOKENFROMDB$cookie = get_login_cookie();($user,$token) = split(/:/,$cookie,2);# check to see if an unexpired entry exists in the db:$auth = authorized($STH, $user, $token);if($auth == AUTH_OK){# return 200 Ok, and set the AUTH_USER_NAME env variable# in case there is a dynamic content generator:# variables you want to set for the requested script/page# need to be prefixed w. the string ‘Variable-’,# or they will be passed back to the client, not the server.print(STDOUT “Status: 200 Authorized\r\n”);print(STDOUT “Variable-AUTH_USER_NAME: $user\r\n”);print(STDOUT “\r\n”);}elsif($auth == AUTH_NOK){# Not authorized.# You can make your login page the default# 401 page with the htaccess ErrorDocument 401 directive:print(STDOUT “Status: 401 Not Authorized\r\n”);print(STDOUT “WWW-Authenticate: basic realm=\”foo\”\r\n”);print(STDOUT “\r\n”);}else{# Waah. Something blew up.print(STDOUT “Status: 500 Internal Auth Error\r\n”);print(STDOUT “\r\n”);}}elsif($path_auth == PATH_NEVER){# we never allow anyone in to these:print(STDOUT “Status: 403 Denied\r\n”);print(STDOUT “\r\n”);}elsif($path_auth == PATH_ALWAYS){# these we don’t really care about, just let them in.# your error pages, icon, etc should all fall into this# category, as should your login page:print(STDOUT “Status: 200 Ok\r\n”);print(STDOUT “\r\n”);}else{# This should not be able to happen: If it does,# your site needs attention from you:print(STDOUT “Status: 500 Internal Auth Error\r\n”);print(STDOUT “\r\n”);}}_exit();############### Access rules, first match wins:# /auth/login.cgi is always allowed# /sharecreate table login_table (token char(32) not null,user char(32) not null,expiry int(11) not null)
WARNING: unknown config-key: fastcgi.server (ignored)
May 31, 2011 by admin · Leave a Comment
WARNING: unknown config-key: fastcgi.server (ignored)
This means you need to include the line
server.modules += ( “mod_fastcgi” )
or
include “conf.d/fastcgi.conf”
(which should have the line server.modules += ( “mod_fastcgi” ) by default)
in your lighttpd.conf file. Without this, you’ll get the error
WARNING: unknown config-key: fastcgi.server (ignored)
when trying to use lighttpd with fastcgi and, for example, php.
Wsgiauthorizer Installation
May 31, 2011 by admin · Leave a Comment
Wsgiauthorizer Installation:
svn checkout http://wsgiauthorizer.googlecode.com/svn/trunk/ wsgiauthorizer-read-only
cd wsgiauthorizer-read-only
sudo python setup.py install
Install Django with FastCGI, SCGI
May 31, 2011 by admin · Leave a Comment
A good tutorial on howto Install Django with FastCGI, SCGI:
Although the current preferred setup for running Django is Apache with mod_wsgi, many people use shared hosting, on which protocols such as FastCGI, SCGI or AJP are the only viable options. In some setups, these protocols may provide better performance than mod_wsgi.
Nginx FastCGI Example
May 31, 2011 by admin · Leave a Comment
First thing, I recommend keeping all your typical FCGI settings in a single file and importing them.
For example you might have an /etc/nginx/fastcgi.conf (or /etc/nginx/fastcgi_params: installed by default on debian) file that looks like this:
#fastcgi.conf fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name;
This allows you to keep your individual FCGI configurations as simple as possible. You may also want to replace $document_root in SCRIPT_FILENAME and DOCUMENT_ROOT with an actual path, the $document_root variable is hardcoded and may not reflect your install (will cause variations on ‘script not found’ errors, usually)
To use Nginx + Virtual Host + PHP you should ommit the SCRIPT_NAME variable in order for PHP to choose the correct DOCUMENT_ROOT.
Spawning a FastCGI Process
Unlike Apache or Lighttpd, Nginx does not automatically spawn FCGI processes. You must start them separately. In fact, FCGI is a lot like proxying. There’s a few ways to start FCGI programs, but luckily PHP5 will auto-spawn as many as you set in the PHP_FCGI_CHILDREN environment variable. So we simply run php -b 127.0.0.1:9000 manually, or create an init script like so:
#!/bin/bash
BIND=127.0.0.1:9000
USER=www-data
PHP_FCGI_CHILDREN=15
PHP_FCGI_MAX_REQUESTS=1000
PHP_CGI=/usr/bin/php-cgi
PHP_CGI_NAME=`basename $PHP_CGI`
PHP_CGI_ARGS="- USER=$USER PATH=/usr/bin PHP_FCGI_CHILDREN=$PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS=$PHP_FCGI_MAX_REQUESTS $PHP_CGI -b $BIND"
RETVAL=0
start() {
echo -n "Starting PHP FastCGI: "
start-stop-daemon --quiet --start --background --chuid "$USER" --exec /usr/bin/env -- $PHP_CGI_ARGS
RETVAL=$?
echo "$PHP_CGI_NAME."
}
stop() {
echo -n "Stopping PHP FastCGI: "
killall -q -w -u $USER $PHP_CGI
RETVAL=$?
echo "$PHP_CGI_NAME."
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
*)
echo "Usage: php-fastcgi {start|stop|restart}"
exit 1
;;
esac
exit $RETVAL
Save this to /etc/init.d/ (or wherever your init scripts are) as php-fcgi Install the usual way (for this debian init script, it’s update-rc.d php-fcgi defaults) and start it.
Connecting Nginx to the running FastCGI Process
Now that the FCGI process is running, we must tell Nginx to proxy requests to it via the FCGI protocol:
location ~ \.php$ {
include /etc/nginx/fcgi_params; #or whatever you named it
fastcgi_pass 127.0.0.1:9000;
}
Restart Nginx.
Secure your upload directory!!
Too many example configs fail to secure the “uploads” directory of the application. Remember that if someone can upload a file named xyz.php and the uploads dir is publically accessible then you have given the attacker an easy way to insert PHP onto your site…
So if your app has an upload dir “/images/” then insert if ($uri !~ “^/images/”) before fastcgi_pass, as so:
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
if ($uri !~ "^/images/") {
fastcgi_pass 127.0.0.1:9000;
}
}
Reference: FastCGI Example
FastCGI Sample Program
May 31, 2011 by admin · Leave a Comment
FastCGI Sample Program:
FastCGI Uploads Example
May 31, 2011 by admin · Leave a Comment
FastCGI Uploads Example:
//
#include <boost/cgi/fcgi.hpp>
#include <boost/cgi/utility/stencil.hpp>
namespace cgi = boost::fcgi;
namespace http = boost::fcgi::http;
int main()
{
try {
cgi::service service;
// Construct a request. Parses all GET, POST and environment data,
// as well as cookies.
cgi::request req(service);
cgi::acceptor acceptor(service);
int ret(0);
for(;;)
{
acceptor.accept(req);
try {
req.load(cgi::parse_all);
// Using a response is the simplest way to write data back to the client.
cgi::stencil resp;
resp<< cgi::content_type("text/html");
resp.set("filename", req.post["file"]);
resp.set("path", req.uploads["file"].path.parent_path().string());
resp.set("filename_check", req.uploads["file"].filename);
resp.set("content_type", req.uploads["file"].content_type);
resp.set("content_disposition", req.uploads["file"].content_disposition);
resp.expand("upload.html");
ret = cgi::commit(req, resp);
} catch(boost::system::system_error& e) {
using namespace std;
cerr<< "Error " << e.code() << ": " << e.what() << endl;
boost::system::error_code ec;
ret = req.close(http::internal_server_error, 1, ec);
} catch(std::exception& e) {
using namespace std;
cerr<< "Error: " << e.what() << endl;
boost::system::error_code ec;
ret = req.close(http::internal_server_error, 1, ec);
}
}
// Leave this function, after sending the response and closing the request.
// Returns 0 on success.
return ret;
} catch(std::exception& e) {
using namespace std;
cerr<< "Error: " << e.what() << endl;
cin.get();
return 1;
} catch(...) {
using namespace std;
cerr<< "Unexpected exception." << endl;
cin.get();
return 1;
}
}
FastCGI Prime Number Generator Example
May 31, 2011 by admin · Leave a Comment
FastCGI Prime Number Generator Example:
Consider a responder application that generates the n-th prime number.
A CGI application would have no efficient way of solving this problem. For example, if the user asks for the 50,000th prime number, a CGI application would have to calculate the first prime number, then the second, and so on, up until the 50,000th. The application would then terminate, taking with it all its hard-earned calculations. If a client then asks for the 49,000th prime number, the server will have to spawn a new CGI application which will have to start calculating prime numbers from scratch.
FastCGI applications can be much more efficient at this sort of problem, since they can maintain state. A FastCGI application can calculate an extensive table of prime numbers in its initialization phase and then keep the table around indefinitely. Whenever a client requests a particular prime number, the response loop merely needs to look it up in the table.
Here is the code for the prime number example:
#include "fcgi_stdio.h"
#include <stdlib.h>
#include <string.h>
#define POTENTIALLY_PRIME 0
#define COMPOSITE 1
#define VALS_IN_SIEVE_TABLE 1000000
#define MAX_NUMBER_OF_PRIME_NUMBERS 78600
long int sieve_table[VALS_IN_SIEVE_TABLE];
long int prime_table[MAX_NUMBER_OF_PRIME_NUMBERS];
void
initialize_prime_table(void)
{
long int prime_counter=1;
long int current_prime=2, c, d;
prime_table[prime_counter]=current_prime;
while (current_prime < VALS_IN_SIEVE_TABLE) {
for (c = current_prime; c <= VALS_IN_SIEVE_TABLE;
c += current_prime) {
sieve_table[c] = COMPOSITE;
}
for (d=current_prime+1; sieve_table[d] == COMPOSITE; d++);
prime_table[++prime_counter]=d;
current_prime=d;
}
}
void main(void)
{
char *query_string;
long int n;
initialize_prime_table();
while(FCGI_Accept() >= 0) {
printf("Content-type: text/html\r\n"
"\r\n");
printf("<title>Prime FastCGI</title>\n"
"<h1>Prime FastCGI</h1>\n");
query_string = getenv("QUERY_STRING");
if(query_string == NULL) {
printf("Usage: Specify a positive number in the query string.\n");
} else {
query_string = strchr(query_string, `=') + 1;
n = strtol(query_string);
if(n < 1) {
printf("The query string `%s' is not a positive number.\n",
query_string);
} else if(n > MAX_NUMBER_OF_PRIME_NUMBERS) {
printf("The number %d is too large for this program.\n", n);
} else
printf("The %ldth prime number is %ld.\n", n, prime_table[n]);
}
}
}
}
This application has a noticeable start up cost while it initializes the table, but subsequent accesses are fast.
Building
This section explains how to build and debug FastCGI applications written in C.
The C preprocessor needs to know the location of the fcgi_stdio.h header file, which is at the following pathname:
$toolkit/include/fcgi_stdio.h
where $toolkit symbolizes the directory in which you have installed the Software Development Kit for FastCGI.
The linker needs to know the location of the libfcgi.a library file, which is at the following pathname:
$toolkit/libfcgi/libfcgi.a
If your linker does not search the Berkeley socket library, then you must add linker directives to force this search.
We provide a sample application Makefile at the following pathname:
$toolkit/examples/Makefile
This Makefile contains the necessary rules and pathnames to build the C FastCGI applications accompanying the toolkit. To build all the applications, type:
$ ./configure $ make
Next Page »
