Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:73053
Return-Path: <ant_mail@inbox.ru>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 15882 invoked from network); 10 Mar 2014 17:31:33 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 10 Mar 2014 17:31:33 -0000
Authentication-Results: pb1.pair.com smtp.mail=ant_mail@inbox.ru; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=ant_mail@inbox.ru; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain inbox.ru designates 94.100.177.90 as permitted sender)
X-PHP-List-Original-Sender: ant_mail@inbox.ru
X-Host-Fingerprint: 94.100.177.90 smtp30.i.mail.ru  
Received: from [94.100.177.90] ([94.100.177.90:38237] helo=smtp30.i.mail.ru)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 4E/23-29996-3F6FD135 for <internals@lists.php.net>; Mon, 10 Mar 2014 12:31:32 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=inbox.ru; s=mail;
	h=Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:To:Message-ID:From:Date; bh=PoHGy7nr/ULG+MoEKtBMPR/1ENnBpHvH118Bqbwt96w=;
	b=fCcTO+1d0ifpxMBPZVR+rUlVMv+fjLzI0wYv/EnGeD507gaBwOtskzb5rFizGJf4clWBJrPzC4CK7GsyAmppihrMQ8gt0jfD2FFjA1shSs+RNKg8RTl3DI0ZJjA7U5rKjxvodRw/bLFUdtm73AN9+9EewtaRfqSMV+Opnlrij9E=;
Received: from [91.190.115.253] (port=63630 helo=[192.168.192.11])
	by smtp30.i.mail.ru with esmtpa (envelope-from <ant_mail@inbox.ru>)
	id 1WN42x-00042Q-HG
	for internals@lists.php.net; Mon, 10 Mar 2014 21:31:27 +0400
Date: Mon, 10 Mar 2014 21:31:22 +0400
X-Priority: 3 (Normal)
Message-ID: <343525739.20140310213122@inbox.ru>
To: internals@lists.php.net
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Spam: Not detected
X-Mras: Ok
Subject: PHP as FastCGI Authorizer
From: ant_mail@inbox.ru (Anthony Pankov)

Dear All!

Is there any chance to use php as FastCGI authorizer?

As  i see, php-fpm has no options to use predefined script and support
only Responder role.

I tried php-cgi as authorizer as following:
1.  Configure  apache  to  use php-cgi as FastCGIServer (php-cgi under
FastCGI  process  management),  than  start  php-cgi  as  "php-cgi  -f
.../authscript.php".

I see this in sapi/cgi/cgi_main.c line 2246:
                            if (script_file) {
                                        /* override path_translated if -f on command line */
So i used -f switch.

There no output (including errors) in any log and no evidence that script was launched.

May be there is a broken magic in determination of fastcgi mode:
sapi/cgi/fastcgi.c
                if (getpeername(0, (struct sockaddr *)&sa, &len) != 0 && errno == ENOTCONN) {
                        fcgi_setup_signals();
                        return is_fastcgi = 1;
                } else {
                        return is_fastcgi = 0;
                }

Because of  fcgi_listen contain unambiguous:
 is_fastcgi = 1;

 i  tried next variant:

2.  Configure   apache   to  use php-cgi as FastCGIExternalServer. Php
used as
 "php-cgi  -b .../gsock -f .../authscript.php"

 Socket is created, FastCGI report that connection is done.
 But, again, no output in any log and no evidence that script was launched.

 In every apache configuration  script included as FastCGIAuthorizer , of course.

 Any suggestion?



-- 
Best regards,
 Anthony                          mailto:ant_mail@inbox.ru