Hi Carlos,
despite the fact that the logger statement is a leftover from a
refactoring step and you can therefore ignore those warnings
The value of "service" is set to "scep" from the constructor
our$config= OpenXPKI::Client::Config->new('scep');
but you are right that the Regex does not work with the "pkiclient.exe"
suffix. I will try to add a fix and also a test fpr this in the next
release.
Oliver
Am 24.08.21 um 19:10 schrieb Carlos Velasco:
> Hi,
>
> Sorry, I missed 1 line, both $ep and $rt are uninitialized:
> scep.fcgi: Use of uninitialized value $ep in concatenation (.) or
> string at /usr/lib64/perl5/site_perl/5.32.0/OpenXPKI/Client/Config.pm
> line 345.
> scep.fcgi: Use of uninitialized value $rt in concatenation (.) or
> string at /usr/lib64/perl5/site_perl/5.32.0/OpenXPKI/Client/Config.pm
> line 345.
>
> Further troubleshooting modifying Config.pm, I see the envs are ok:
> SCRIPT_URL: /scep/otro/pkiclient.exe [pid=710817]
> SCRIPT_URI: /scep/otro/pkiclient.exe?operation=GetCACert&message=test
> [pid=710817]
>
> I suppose the problem is then in the regex:
> ===
> my ($ep, $nn, $rt);
> if (defined $ENV{SCRIPT_URL}) {
> ($ep, $nn, $rt) = $ENV{SCRIPT_URL} =~
> qq|${service}/([^/]+)(/([\\w\\-\\/]*))?\$|;
> } elsif (defined $ENV{REQUEST_URI}) {
> ($ep, $nn, $rt) = $ENV{REQUEST_URI} =~
> qq|${service}/([^/\?]+)(/([\\w\\-\\/]*))?(\\?.*)?\$|;
> }
> $self->logger()->warn("Parsed URI: $ep => $rt".($rt||''));
> ===
>
> I'm using a Cisco router as SCEP client.
> But "pkiclient.exe", that I think is causing the problem, is added
> automatically by the SCEP client in the Cisco router (IOS-XE) and it
> cannot be omitted.
>
> Regards,
> Carlos Velasco
>
> Carlos Velasco escribió el 24/08/2021 a las 18:42:
>> Hi,
>>
>> I'm currently testing SCEP in OpenXPKI v3.14.2.
>>
>> I added a new realm and then I tried to setup new endpoint for SCEP
>> for this new realm. I did all setup however I see these errors when
>> requesting (GET) a GetCAcert:
>>
>> ===
>> WAR Parsed URI: => [pid=708328]
>> -
>> scep.fcgi: Use of uninitialized value $rt in concatenation (.) or
>> string at /usr/lib64/perl5/site_perl/5.32.0/OpenXPKI/Client/Config.pm
>> line 345.
>> ===
>>
>> It seems not to be getting the URI of the GET.
>>
>> Troubleshooting I replaced scep.fcgi for this script:
>> ===
>> #!/usr/bin/perl
>> use FCGI ();
>> my %fenv;
>> my $request = FCGI::Request(\*STDIN, \*STDOUT, \*STDERR, \%fenv, 0,
>> FCGI::FAIL_ACCEPT_ON_INTR);
>> use Data::Dumper ();
>> $Data::Dumper::Sortkeys = 1;
>> while($request->Accept() >= 0) {
>> print("Content-Type: text/plain\r\n\r\n");
>> print("fenv: " . Data::Dumper::Dumper(\%fenv));
>> print("ENV: " . Data::Dumper::Dumper(\%ENV));
>> }
>> ===
>>
>> And indeed it gets the URI request from the Apache server:
>> ===
>> fenv: $VAR1 = {
>> 'CONTEXT_DOCUMENT_ROOT' =>
>> '/htdocs/xxxxxxxxx/pki/cgi-bin/scep.fcgi',
>> 'CONTEXT_PREFIX' => '/scep',
>> 'DOCUMENT_ROOT' => '/htdocs/xxxxxxxxx/pki',
>> 'FCGI_ROLE' => 'RESPONDER',
>> 'GATEWAY_INTERFACE' => 'CGI/1.1',
>> 'HTTP_ACCEPT' => '*/*',
>> 'HTTP_ACCEPT_ENCODING' => 'identity',
>> 'HTTP_CONNECTION' => 'close',
>> 'HTTP_HOST' => 'pki.xxxxxxxxx',
>> 'HTTP_USER_AGENT' => 'Wget/1.20.3 (linux-gnu)',
>> 'LD_LIBRARY_PATH' => '/usr/lib64',
>> 'PATH' =>
>> '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
>> 'PATH_INFO' => '/otro/pkiclient.exe',
>> 'PATH_TRANSLATED' =>
>> '/htdocs/xxxxxxxxx/pki/otro/pkiclient.exe',
>> 'QUERY_STRING' => 'operation=GetCACert&message=test',
>> 'REMOTE_ADDR' => '10.204.196.1',
>> 'REMOTE_PORT' => '54486',
>> 'REQUEST_METHOD' => 'GET',
>> 'REQUEST_SCHEME' => 'http',
>> 'REQUEST_URI' =>
>> '/scep/otro/pkiclient.exe?operation=GetCACert&message=test',
>> 'SCRIPT_FILENAME' => '/htdocs/xxxxxxxxx/pki/cgi-bin/scep.fcgi',
>> 'SCRIPT_NAME' => '/scep',
>> 'SCRIPT_URI' => 'http://pki.xxxxxxxxx/scep/otro/pkiclient.exe',
>> 'SCRIPT_URL' => '/scep/otro/pkiclient.exe',
>> 'SERVER_ADDR' => '10.204.196.1',
>> 'SERVER_ADMIN' => 'webmaster@xxxxxxxxx',
>> 'SERVER_NAME' => 'pki.xxxxxxxxx',
>> 'SERVER_PORT' => '80',
>> 'SERVER_PROTOCOL' => 'HTTP/1.1',
>> 'SERVER_SIGNATURE' => '',
>> 'SERVER_SOFTWARE' => 'Apache',
>> 'UNIQUE_ID' => 'YSUd9Zo5HQgmfJMYbA0wsQAAAJI'
>> };
>> ENV: $VAR1 = {
>> 'LD_LIBRARY_PATH' => '/usr/lib64',
>> 'PATH' =>
>> '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
>> };
>> ===
>>
>> So, discarding web server I look into the code.
>> I'm not a Perl expert, but looking into Config.pm it seems env values
>> should be set by the call to "$self->service()", but I don't know
>> where to look for this function.
>> ===
>> # generate name of the environemnt values from the service name
>> my $service = $self->service();
>>
>> $self->endpoint('');
>> $self->route('');
>>
>> # Test for specific config file based on script name
>> # SCRIPT_URL is only available with mod_rewrite
>> my ($ep, $nn, $rt);
>> if (defined $ENV{SCRIPT_URL}) {
>> ($ep, $nn, $rt) = $ENV{SCRIPT_URL} =~
>> qq|${service}/([^/]+)(/([\\w\\-\\/]*))?\$|;
>> } elsif (defined $ENV{REQUEST_URI}) {
>> ($ep, $nn, $rt) = $ENV{REQUEST_URI} =~
>> qq|${service}/([^/\?]+)(/([\\w\\-\\/]*))?(\\?.*)?\$|;
>> }
>> $self->logger()->warn("Parsed URI: $ep => $rt".($rt||''));
>> ===
>>
>> Versions:
>> perl v5.32.0
>> CGI v4.51
>> CGI::Fas v2.15
>>
>> Regards,
>> Carlos Velasco
>
>
>
> _______________________________________________
> OpenXPKI-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
