Re: How to run a secure mod_perl ?
I'd like to thank you all. I've been enlightened by this thread. Apparently mod_perl/apache _can_ be crashed, but then only the specific httpd child process will crash. Or did I get it wrong? On the other hand, it _is_ possible to use a mod_perl/apache server on a high port using mod_rewrite in such a way that it is transparent to the end user. And then I 'll have to choose whether I still want to work with this ISP, as I've had many offers that I'll be taking into consideration. Thanks for that too. Hey! I love this list guys! you're wonderfully helpful ! martin -- - Martin Langhoff @ S C I M Multimedia Technology - - http://www.scim.net | God is real until - - mailto:[EMAIL PROTECTED] | declared integer -
The Free CVS Book
A CVS book has been released for free - See http://cvsbook.red-bean.com/ Why do I send this - many folks who wanted to contribute to the modperl cvs didn't know where to start from. Now you don't have any more excuses not to contribute :) Enjoy! ___ Stas Bekman mailto:[EMAIL PROTECTED]www.singlesheaven.com/stas Perl,CGI,Apache,Linux,Web,Java,PC at www.singlesheaven.com/stas/TULARC www.apache.org www.perl.com == www.modperl.com || perl.apache.org single o- + single o-+ = singlesheavenhttp://www.singlesheaven.com
Re: Problems with RedHat
I actually commented out the "exit" line below that and let it continue as if there were no error. Then, when I ran "make", I discovered the actual error, which in my case involved not having gdbm properly installed. Good luck, Rob if ./helpers/TestCompile sanity; then change it to: if ./helpers/TestCompile -v sanity; then and try again. Now you should get a useful error message. -Rasmus
Re: Perl not allowed here? (Perl sections)
Problem solved.
Jay J pointed out to me in private email that this had probably been
fixed in the latest development snapshot, and indeed it has.
See http://www.davin.ottawa.on.ca/archive/modperl/1999-07/msg01080.phtml
[EMAIL PROTECTED] (Ken Williams) wrote:
Hi,
I'm getting the error "Perl not allowed here" when I try to use Perl
sections in an .htaccess file under mod_perl 1.21. The same setup
works fine under mod_perl 1.18 (my frontend server).
The .htaccess is simple, it's just got a Perl section that's about 10
lines long, not nested inside anything else.
I'm positive that the PerlSections hook is enabled, because
Apache::Status says so, and because if I misspell the directive I get a
different error ("Invalid command 'Peerl', perhaps mis-spelled or
defined by a module not included in the server configuration").
------
Ken Williams Last Bastion of Euclidity
[EMAIL PROTECTED]The Math Forum
Stop stat() of script
Any pointers on how to stop apache from stat()'ing and reloading a script (running under mod_perl) that has changed on disk? -- Geoff Crawshaw TimeBills.com Inc. [EMAIL PROTECTED] http://www.timebills.com
Re: directoryindex is not retrieved
Well, since nobody replied I started digging myself. Here's what I
found.
The problem below is caused by push_handlers method in Authorization
handler.
You can reproduce it if you use the following set up.
--- module
package Apache::MasterAuth;
use Apache::Constants qw(:common);
use strict;
sub authz1_handler{
my $r = shift;
$r-warn('Session handling' . $r-is_initial_req);
return OK;# unless $r-is_initial_req;
}
sub authen_handler{
my $r = shift;
my $log = $r-log;
$log-warn("AUTN: Checking " . $r-filename() . 'Initial ' . $r-is_initial_req());
return OK;# unless $r-is_initial_req;
}
sub authz_handler{
my $r = shift;
my $log = $r-log;
$log-warn("AUTZ: Checking " . $r-filename() . ' Initial '. $r-is_initial_req());
return OK unless $r-is_initial_req;
$r-push_handlers('PerlAuthzHandler' , \authz1_handler);
return OK;
}
1;
--- configuration ---
Directory /docroot/mydirectory
DirectoryIndex index.html
AuthType Basic
AuthName "test"
PerlAuthenHandler Apache::MasterAuth::authen_handler
PerlAuthzHandler Apache::MasterAuth::authz_handler
Options FollowSymLinks
AllowOverride None
require valid-user
/Directory
--
As soon as you comment out the line with push_handlers from perl
module everything starts working fine.
The set up which I have Linux box, Apache1.3.9, mod_perl 1.21 with
patch for fixing corrupted PATH aplied, perl 5.004_4
It is important because I couldn't reproduce this problem on the
system with perl 5.005_3 and without patch for PATH corruption.
In both cases Apache is statically linked.
While testing this stuff I hit one unclear situation. push_handlers is
supposed to install new handler for duration of one request only. But
when subrequests (or internal redirects) happen does it mean that new
handlers I've installed during initial request are still going to be
called in subrequests?
I'm asking because in the error log I can clearly see that after
internal redirect the handler that I've installed using push_handlers
is not called.
Some specualtions of mine :)
As the side note I should mention that this has also helped problem
with "Attempts to free unreferenced scalar..." error. It almost
completely is gone. I still use push_handlers in other handlers but
that doesn't happen very often and probably this explains why there's
just few of those errors.
Andrei
PS. If this is problem due to older version of perl then it's
great. I'll just upgrade perl. If on the other hand this is problem
with patch for PATH then this needs fix. Just in case here's the patch
I've used.
--- mod_perl.h 1999/08/03 22:56:09 1.84
+++ mod_perl.h 1999/08/04 02:53:38
@@ -286,9 +286,10 @@
#define mp_setenv(key, val) \
{ \
int klen = strlen(key); \
-hv_store(GvHV(envgv), key, klen, newSVpv(val,0), FALSE); \
+SV *sv = newSVpv(val,0); \
+hv_store(GvHV(envgv), key, klen, sv, FALSE); \
HV_SvTAINTED_on(GvHV(envgv), key, klen); \
-my_setenv(key, val); \
+my_setenv(key, SvPVX(sv)); \
}
#define mp_SetEnv(key, val) \
Directory /doc/root
PerlAuthenHandlerApache::MyAuth::authen_handler
.
/Directory
Everything works fine except for retrieving index files for
directories. Requests for http://my.site.com/any/dir/
end up with message "you don't have permission to access
/any/dir/ on this server" and line in error log
"Directory index forbidden by rule: /proj/Web/94dec/any/dir/"
I'm running Apache 1.3.9, mod_perl 1.21 staticaly linked on Linux box.
And unfortunately I can't rewrite my configuration to use Files ...
And there is DirectoryIndex directive in my configuration files.
And my authentication/authorization handler doesn't care about the URL being
requested, only the require field values.
Anyone has looked into that really?
Andrei
--
--
Re: directoryindex is not retrieved
On Thu, Nov 25, 1999 at 08:18:04PM +0100, Eric Cholet wrote: Pushing a handler for the current phase ? Is this legal ? I wonder. I don't remember it for sure and don't have the book around to check but I think this is used for content handling and even given as an example of chained handlers. In reality the only reason why I used it was to ensure that second handler is executed AFTER the first one. Since it didn't work I had to rely on good behaviour of system administrator that he will not swap the lines in Apache configuration. :) Andrei --
Re: Stop stat() of script
Any pointers on how to stop apache from stat()'ing and reloading a script (running under mod_perl) that has changed on disk? You are talking about Apache::Registry, right? Take a look at Apache::RegistryNG. Search the archive for more info about it since there is no docs inside the module. see also: Apache::RegistryBB -- Geoff Crawshaw TimeBills.com Inc. [EMAIL PROTECTED] http://www.timebills.com ___ Stas Bekman mailto:[EMAIL PROTECTED]www.singlesheaven.com/stas Perl,CGI,Apache,Linux,Web,Java,PC at www.singlesheaven.com/stas/TULARC www.apache.org www.perl.com == www.modperl.com || perl.apache.org single o- + single o-+ = singlesheavenhttp://www.singlesheaven.com
Re: Apache::RegistryLoader and full paths
Nicolas MONNET [EMAIL PROTECTED] sez:
Apparently, the Apache::RegistryLoader man page states that you have to
point a script by it's URI, or IOW, relative to the ServerRoot.
But what happens when you have several virtual hosts? Isn't there a way to
preload scripts based on their full path on the disk? Would it be possible
to hack Apache::RegistryLoader so that it allows it? Or am I doomed?
The first argument given to Apache::RegistryLoader has to include the
virtual host. But RegistryLoader won't be able to figure out where to find
the appropriate script on the filesystem. So you can use the two-argument
form of handler() to help it find the actual file. For example:
$rl-handler('foo.bar.com/index.pl', '/usr/foo/public_html/index.pl');
After preloading a few dozen Registry scripts, you'll grow weary of the
two-argument form and start looking for shortcuts. The shortcut is to
define your own function to turn a URI into a filename. One you've done
this, you can use the one-argument form of handler(). Here's an example I
lifted from my own startup.pl:
# preload Apache::Registry scripts
use Apache::RegistryLoader ();
my $rl = Apache::RegistryLoader-new(trans = sub {
my $uri = shift;
$uri =~ s/^foo.bar.com//; # remove vhost from start
return "/usr/foo/public_html$uri"; # return full path to script
});
$rl-handler('foo.bar.com/index.pl');
$rl-handler('foo.bar.com/article/index.pl');
$rl-handler('foo.bar.com/admin/delete.pl');
# etc...
Hope that helps. Dig around and you may even find better ways to accomlpish
this.
Matt
apache + mod_perl - build error unrecognized formatspecifier for A fix?
I'm using apache 1.3.9 , mod_fastcgi 2.2.2 and mod_perl 1.21 Originally my build of these three together worked, however when i went to rebuild a few months later i recieved a lot of "unrecognized format specifier" errors. A search of the internet showed that i wasn't the only one but i couldn't find a solution mentioned. Puzzled i tried to track down the problem. Using clean source i could build apache/mod_perl/mod_fastcgi on my RedHat 5.2 workstation but never on my RedHat 5.2 server. The only tinkering i'd done with the server was to use SFIO to rebuild perl and get mod_fastcgi working the first time i used fastcgi. By removing the SFIO .h files, the apache/mod_perl compile would get further and the 'unrecognized format specifier' errors disappeared, but naturally other pieces of code refused to compile complaining about the missing sfio files. A quick check of the mod_fast site noted that it no longer needed SFIO, so i removed it and replaced my rebuilt sfio-perl binaries with clean ones (from a redhat RPM) and was able to rebuild apache with mod_perl + mod_fastcgi ( + php) All of my mod_perl stuff works and so too does my fastcgi. Hope that helps some one. I wasn't able to find any answers to the problem while searching the net. regards,
