Re: advice/techniques: script control over page transitions
"Jeffrey W. Baker" wrote: On Tue, 4 Apr 2000, BT wrote: I've generally created a cgi script per page. Is that a mistake? (I embed the perl in my html so I can edit pages with an html editor) I need a better technique for invoking traversals to other pages. Right now all I can do is a redirect (internal or external). How do you organize things so that from within a script you can either display the associated page or invoke any other page/script instead? - just do redirects? - put all page generation in subroutines in one big .pm? - something else (I hope)? Example: My main "home" page has links to "login" and "register" scripts/pages, both of which eventually lead to a "user" page. With no parameters the login script displays an empty login form. Called with get/post parameters it processes the form data; on failure it redisplays the login form with a warning, on success it should take you to the "user" page (my problem). How would YOU organize this? The way I accomplish this is to divorce the HTML display code from the application logic as much as possible. On the web, once you've started your output, you must complete it. In order to be able to jump to some other functionality, you must not start your output until the last moment. Thus it is not good to have markup and code mixed together. I agree with this statement completely. Suppose you have an application that has a login page, one page with a form, and one page that is used to report general errors. Your handler might call an authentication method. Based on the return value, the handler will call either the login method or the method that spits out the form. Either of those methods might return an error, so the handler checks the return value and invokes the error handler if necessary. In any case, the various methods do not actually send anything over the wire, they simply stash the output away in the request record's notes table. The handler is responsible for setting up the response when everything has run. You can see that this design is pretty obvious. The handler is orchestrating a basic flow of events, and the methods that it invokes are free to invoke any other method if they wish. This allows you to essentially do an internal redirect without the redirect part :) That's how I do it, for better or worse. -jwb That is reasonable. In fact, you are not the only one who thinks this way. For those of you out there who are cross-language developers, Java servlets provides a similar mechanism. Servlets can dispatch to other servlets within the same web server-- basically allowing java data structures to be shared amongst servlets (ie handlers) that can sandwich each other. Furthermore, the end result can easily dispatch to JSPs. Thus, you can have a servlet that controls the logical flow through the program and dispatches to the JSP handler for a particular JSP page. Thus, your web designers can still use their DreamWeaver's and FrontPage's whilst you can focus on creating the logic in the core language. I am not saying this to promote Java, but rather to provide evidence that there are others that think the way you do even in the other language communities. Later, Gunther
Re: NT/IIS/PerlEx vs (MS)-ASP : stupid benckmark
From: Gunther Birznieks [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: Nicolas MONNET [EMAIL PROTECTED] CC: Valter Mazzola [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: NT/IIS/PerlEx vs ASP : stupid benckmark Date: Thu, 06 Apr 2000 22:03:12 -0400 It may be a "stupid" benchmark. But no one seems to have commented on the CPU rates. Why was PerlEx 100% and PerlScript 45% on the same machine, NB.it's M$-ASP not PerlScript valter same ActiveState Perl (presumable), same CPU config. And yet took the same amount of time to complete. I find that interesting. I suspect that it is a trick with how the OS views CPU time (eg user time vs system calls vs IO wait) in the two architectures, but it would be interesting to know why this is. Especially if mod_perl ends up adopting a similar round robining of Perl interpreters among apache threads later on down the line (becoming more similar to PerlEx architecture). Later, Gunther Nicolas MONNET wrote: On Thu, 6 Apr 2000, Valter Mazzola wrote: |i've made a stupid unscientific benckmark: | |the program loops 100 and print a series of "a ", PerlEx takes the same |time as ASP (same NT machine) , BUT processor goes 100% with PerlEx, 45% |with ASP. | |Can someone benchmark mod_perl under Win32, using the same stupid program ? I don't mean to be rude, but this is one stupid benchmark! Basically useless for that matter. You're not going to demonstrate anything with this. Now a good question is: what would be a good benchmark? What about doing some real life stuff, like get big results from a database, and calculate something over them, and print the (big?) result back? (Now this is not flamebait, I'm really wondering: why run mod_perl apps on WinNT? ) __ Get Your Private, Free Email at http://www.hotmail.com
PerlTransHandler and Files ~ .. sort of mapping
hi, I was wondering how to map PerlTransHandler only for certain type of files. ( I'm doing URI rewriting not URI-filename translation ?!!) Something like : Location Files ~ "xml$" PerlTransHandler Apache::MyHandler /Files /Location Yes I know this is wrong...can this be done in some other way ? Thanx = iVAN [EMAIL PROTECTED] =
Re: THREE STRIKES...
On Fri, 7 Apr 2000, Mark Imbriaco wrote: |That opens up a nasty Denial of Service attack though. All I have to do |is try to log into the "gunther" account three times in rapid succession |with a bogus password, and WHAM, the real Gunther is locked out. Granted, |it's possible to work around this, but the best way is probably going to |be cookie based like Vivek suggested. Obviously, you want to count attempts PER IP addresses.
Re: THREE STRIKES...
[EMAIL PROTECTED] (Mark Imbriaco) wrote: On Thu, 6 Apr 2000, Gunther Birznieks wrote: Vivek, Is it possible that a special auth handler could be written that stores the number of bad authorizations for a userid and the last time of the hit in a DBM file for quick lookup? Then, configure an environment or server variable if the auth screwed up more than 3 times within the last hour (or some other prespecified time)? Although HTTP is stateless, the username would at least tend to remain constant in most cases of hacking or user problems I would think. That opens up a nasty Denial of Service attack though. All I have to do is try to log into the "gunther" account three times in rapid succession with a bogus password, and WHAM, the real Gunther is locked out. Granted, it's possible to work around this, but the best way is probably going to be cookie based like Vivek suggested. I should point out that if someone feels the need to use a 3-strikes system, then cookies are inherently a bad decision unless you get really fancy. 3-strikes means you don't trust the user and you're trying to prevent attacks where lots of passwords are tried. And if the user isn't trusted, then you shouldn't trust the user to send a nice little cookie back every time he/she tries to log in. It's quite easy to write a LWP script or whatever that tries to log in using lots of passwords without sending cookies, or that sends bogus cookies. One could circumvent this by requiring a cookie (even for the first attempt), and never sending the same cookie out of your server more than once. Which means you'd need some kind of counter or something, which means you're using a database, which means you might as well just use the simple database scheme as originally suggested. It's also difficult to implement a lockout time with cookies, because the user could just quit the browser relaunch to clear cookies. ------ Ken Williams Last Bastion of Euclidity [EMAIL PROTECTED]The Math Forum
Re: THREE STRIKES...
[EMAIL PROTECTED] (Ken Williams) wrote: I should point out that if someone feels the need to use a 3-strikes system, then cookies are inherently a bad decision unless you get really fancy. And I should amend my statement to say that cookies can be a good idea in this case (and lots of others), but are only secure when combined with server-side data.
RE: PerlTransHandler and Files ~ .. sort of mapping
hi, I was wondering how to map PerlTransHandler only for certain type of files. ( I'm doing URI rewriting not URI-filename translation ?!!) Something like : Location Files ~ "xml$" PerlTransHandler Apache::MyHandler /Files /Location Yes I know this is wrong...can this be done in some other way ? Yes, it's wrong because the job of the translation phase is precisely to translate from url to file, therefore it cannot operate on files! PerlTransHandler Apache::MyHandler ... sub handler { my $r = shift; return DECLINED unless $r-uri =~ /\.xml$/; ... } -- Eric
Re: THREE STRIKES...
On Fri, 7 Apr 2000, Gunther Birznieks wrote: Yeah, but this is the same with any X strikes solution on any other platform. It's a tradeoff. One would assume that if a DoS were being played, that other information would be gathered about the person doing a DoS. According to that theory, one would also assume securID cards are not safe from DoS because they lock out after a certain number of tried attempts. While it is true that it may be a DoS, there are situations where there are quite a few people using securID cards with this config because they feel they would rather be locked out and know that someone was doing something funny than to let a hacker do whatever they want. And they're not safe from DoS, so the theory is correct! :-) I'm not saying that it's not a tradeoff that one might want to meke, I just thought it would be worthwile to mention that there are some drawbacks to this approach. In addition, a lock out isn't the only logic you could implement in an X strikes scenario. You could also consider simply notifying a sysadmin with a pager so they can logon and start tracking if someone is hacking the system. A sort of Intrusion Detection System if you will. Exactly right. It would even be possible to put in some more advanced logic there to setup thresholds for notifying the sysadmin, and perhaps sending the user instructions for reactivating their account without sysadmin intervention. The door is wide open -- again, I just wanted to make sure that the person asking the question understood that there are drawbacks to the approach. I guess it depends on what this guy wants to do. The primary point of my message was to ask if it is possible to do what I stated as a workaround to the stateless HTTP problem that Vivek wrote (rather than being a discourse on whether it is truly the most secure solution for the requirements). In that case, sure it's possible. And fairly trivial to implement at that. I am not trying to start an argument of any kind, and I'm pretty sure that my first messages wasn't inflammatory, though it appears that you may have taken it that way. -Mark
Re: THREE STRIKES...
Ahem, now if we have to take AOL users into account ... j/k. Actually, I don't see how cookies could be implemented; if the attacker rejects cookies, how are you going to do it? ... On Fri, 7 Apr 2000, Mark Imbriaco wrote: |What about folks who are behind proxies? (ie: AOL) It is not all that far |fetched to consider that an attacker and a legitimate user could both be |coming from AOL -- neiter is it farfetched to consider that they may be |assigned the same proxy server on the AOL network. | |There ARE workarounds to the issue, my point was simply that Vivek's |cookie idea is probably the best of the (admittedly numerous) bunch.
Re: THREE STRIKES...
Also, some legitimate people turn off cookies. In addition, weird browsers (especially PDAs with limited memory) tend not to implement cookies. So those are considerations for locking out users that may be legitimate. However, I would rather think that the cookies would be an advisory security mechanism used in conjunction with the 3 strikes. Not something that a user has to use in this case, but something that helps make sure some yahoo with a browser doesn't do the DoS attack along with the 3 strikes. Cookies are, of course, spoofable so that then becomes something that you would have to watch out for from a serious hacker. I guess at that point it's just a matter of tradeoffs again... Nicolas MONNET wrote: Ahem, now if we have to take AOL users into account ... j/k. Actually, I don't see how cookies could be implemented; if the attacker rejects cookies, how are you going to do it? ... On Fri, 7 Apr 2000, Mark Imbriaco wrote: |What about folks who are behind proxies? (ie: AOL) It is not all that far |fetched to consider that an attacker and a legitimate user could both be |coming from AOL -- neiter is it farfetched to consider that they may be |assigned the same proxy server on the AOL network. | |There ARE workarounds to the issue, my point was simply that Vivek's |cookie idea is probably the best of the (admittedly numerous) bunch.
Re: Another Error in Apache::ASP and Perl 5.6.0
Hi, I also changed Perl to 5.005_03, and this problem still exists, so I think it is the problem between Apache 1.3.12, mod_perl 1.22, and DBI or DBD::mysql. More likely, I think it is with DBI, because if I put "PerlModule Apache::DBI" in my httpd.conf, this error will also occur if I visit an ASP file(this was found with Perl 5.6, not tested with Perl 5.005_03). I am running the programs on Linux 2.2.12-20(Redhat 6.1), The C compiler for Perl Modules and all these systems is the default one in Redhat 6.1, I think egcs 2.91-66. Di, Yu 4.7 On Fri, 7 Apr 2000, Joshua Chamas wrote: Sounds like an odd conflict between 5.6, mod_perl and DBI or DBD::mysql. Anyone know how to work through these issues? This is likely platform dependent, so will need relevant advice, what O/S are you running again? --Joshua Yu Di wrote: Hi, I have isolated the problem, but it just made me more puzzled. The problem is not in that file itself, but in "homepage.htm" which is also an ASP file, in which I tried to open a MySQL connection. When I call DBI-connect("DBI:mysql:database=...;host=...","myusername","mypasswd"), it will generate the segmentation fault. But the same statement will execute just well if put into a standalone Perl program, so I am really puzzled by what's going on here. Di, Yu 4.6 On Tue, 4 Apr 2000, Joshua Chamas wrote: Yu Di wrote: This program has been tested under Perl5.005_03, Apache 1.3.11, mod_perl 1.21 on another machine. my.conf is a configuration file for this program. Lynx will report "Alert!: Unexpected network read error; connection aborted." while I try to connect to it, and the server error log will show a "[Tue Apr 4 16:36:22 2000] [notice] child pid 964 exit signal Segmentation fault (11)". I have changed ASP.pm as I wrote last time, for if I did not do so, I will get other error messages. So is it that Apache::ASP is currently not compatible with Perl 5.6? Nothing in your program seemed particularly odd, and I have not tested Apache::ASP under 5.6, nor may I for a while. Because Apache::ASP uses so many modules to do its job, it may be tough to track this down, but I suspect an interaction with MLDBM SDBM_File is at work here because you have so much $Application-{Config} writing going on. Can you print out in different parts of your program and isolate the line that causes the segfault? --Joshua _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051
Re: [slightly OT] Problem with cookies
"Rusty" == Rusty Foster [EMAIL PROTECTED] writes: Rusty NameVirtualHost 216.181.35.174 # IP of www.kuro5hin.org Rusty # Redirect all hostless requests to www VHost Rusty VirtualHost 216.181.35.174 Rusty ServerName kuro5hin.org Rusty Redirect permanent / http://www.kuro5hin.org/ Rusty /VirtualHost Rusty # Proper URI for www.kuro5hin.org Rusty VirtualHost 216.181.35.174 Rusty ServerName www.kuro5hin.org Rusty ...etc... Rusty /VirtualHost Rusty This way, people who come in to http://kuro5hin.org/ get redirected Rusty right off the bat, and so far this seems to have solved the problem. Except that this requires HTTP/1.1. Anyone that doesn't send the "host:" header goes into a permanent redirect loop. So the "problems" you're not seeing are probably from the people out there that can't get to your site to report the problems. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 [EMAIL PROTECTED] URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: [slightly OT] Problem with cookies
"Drew" == Drew Taylor [EMAIL PROTECTED] writes: Drew The dual VirtualHost configuration is exactly the solution I will take! It Drew will also apply it to the main domain as well - thinkstock.com, .org, and Drew .net. That will solve my problem, as well as any future ones, and I can Drew just be done with this stupid cookie problem! You just made my night better Drew (and my morning too)! But please see my followup before you implement it. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 [EMAIL PROTECTED] URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: [OT][General Programming] Key Generator sub
"Christopher" == Christopher Taranto [EMAIL PROTECTED] writes: Christopher Well, this is my personal hack to generate an id based on Christopher some code by Randal Schwartz. Uh, what part of it was based on my code? I didn't recognize *anything* there, especially not the "map in a void context". :) Or maybe there's some other "Randal Schwartz" you copied from. "Wasn't me!" -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 [EMAIL PROTECTED] URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: THREE STRIKES...
"NM" == Nicolas MONNET [EMAIL PROTECTED] writes: NM |it's possible to work around this, but the best way is probably going to NM |be cookie based like Vivek suggested. NM Obviously, you want to count attempts PER IP addresses. You don't deal much with AOL or MSN proxies do ya? Millions of users, a handful of IPs, and they can change from one request to the next.
Re: ANNOUNCE: IPO::Shareable [Re: may be an off topic question..]
use IPO::Shareable qw(:NYSE); my $ipo = IPO::Shareable-new($company); $ipo-is_internet(); hype $ipo; # dangerous indirect syntax! my $shares = $ipo-invest($LITTLE); $ipo-inflate($HUGE); # Note that HUGE is not really a constant $ipo-sell($shares); # may need to use Time::HiRes to be fast enough while ($on_way_to_bank) { laugh(); } if you're really looking to make this code work well, you'll need to add another call: $ipo-uses_or_sells_linux_products(); right after you instantiate the ipo. darren
Re: [slightly OT] Problem with cookies
Randal, Thanks for the tip. So my question is: what is the best solution? I want to redirect http://cloudstock.com/ to http://www.cloudstock.com/. Should I take out the permanent in the Redirect directive? Should the www entry come first? Do I need to get another IP address? Or do you know what bit of cookie magic I need to get the cookies to stick to cloudstock.com? I have implemented it for now anyway. Once I figure something else out or start getting complaints I'll change it. "Randal L. Schwartz" wrote: "Rusty" == Rusty Foster [EMAIL PROTECTED] writes: Rusty NameVirtualHost 216.181.35.174 # IP of www.kuro5hin.org Rusty # Redirect all hostless requests to www VHost Rusty VirtualHost 216.181.35.174 Rusty ServerName kuro5hin.org Rusty Redirect permanent / http://www.kuro5hin.org/ Rusty /VirtualHost Rusty # Proper URI for www.kuro5hin.org Rusty VirtualHost 216.181.35.174 Rusty ServerName www.kuro5hin.org Rusty ...etc... Rusty /VirtualHost Rusty This way, people who come in to http://kuro5hin.org/ get redirected Rusty right off the bat, and so far this seems to have solved the problem. Except that this requires HTTP/1.1. Anyone that doesn't send the "host:" header goes into a permanent redirect loop. So the "problems" you're not seeing are probably from the people out there that can't get to your site to report the problems. :) -- Drew Taylor Vialogix Communications, Inc. 501 N. College Street Charlotte, NC 28202 704.370.0550 http://www.vialogix.com
Re: [slightly OT] Problem with cookies
On Fri, 7 Apr 2000, Drew Taylor wrote: Randal, Thanks for the tip. So my question is: what is the best solution? I want to redirect http://cloudstock.com/ to http://www.cloudstock.com/. Should I take out the permanent in the Redirect directive? Should the www entry come first? Do I need to get another IP address? i'm just learning about the beautiful magic of the RewriteEngine. could this be a good solution for you? in order to make sure cookies always work properly on http://mp3.boston.com which is aliased as http://music.boston.com, we use the following RewriteRule: RewriteEngine on RewriteCond %{HTTP_HOST} !^mp3\.boston\.com [NC] RewriteRule ^/(.*) http://mp3.boston.com/$1 [L,R] this ensures that every request gets fixed as "mp3.boston.com" no matter how it comes to us. i think this is what you want. see here for more documentation: http://www.apache.org/docs-1.2/mod/mod_rewrite.html ky
best way to call traceroute
I want to call traceroute to the remote_host from within a mod_perl script, being a C/C++ programmer I don't the best way to do that. Is there a traceroute object I could use? If so, how? Otherwise how do I run traceroute from within a perl script? Sam
Re: [OT][General Programming] Key Generator sub
I think I'll follow this path. You mean turn the string into a number using the chr value? Marshall Dudley wrote: The easiest way to do a crypt with plain vanilla 4 funtion math is to turn the string into a number, then divide the number by a large prime number. Then take the decimal part of the answer, and truncate to the desired length. Marshall -- -- To understand recursion, one must first understand recursion. -- -- - Martin Langhoff @ S C I M Multimedia Technology - - http://www.scim.net | God is real until - - mailto:[EMAIL PROTECTED] | declared integer -
Re: best way to call traceroute
On Fri, 7 Apr 2000, Sam Carleton wrote: I want to call traceroute to the remote_host from within a mod_perl script, being a C/C++ programmer I don't the best way to do that. Is there a traceroute object I could use? If so, how? Otherwise how do I run traceroute from within a perl script? I'm getting ready to port an old and somewhat clunky traceroute CGI script to mod_perl, mostly to avoid the horrid 'nph-' construction. If you'd like I can make the source available. Steve -- tired of being an underappreciated functionary in a soulless machine? hesketh.com is hiring: http://hesketh.com/careers/
Re: best way to call traceroute
Steven Champeon wrote: On Fri, 7 Apr 2000, Sam Carleton wrote: I want to call traceroute to the remote_host from within a mod_perl script, being a C/C++ programmer I don't the best way to do that. Is there a traceroute object I could use? If so, how? Otherwise how do I run traceroute from within a perl script? I'm getting ready to port an old and somewhat clunky traceroute CGI script to mod_perl, mostly to avoid the horrid 'nph-' construction. If you'd like I can make the source available. That would be great! Any idea when it will be ready? Sam
Re: THREE STRIKES...
Why not track IP instead of user name in failed attempts? e.g. Lock out IP www.xxx.yyy.zzz for an hour if it makes 6 successive bad attempts? I realize the attacker could change his IP, but that takes time. I realize that two people can share an IP (e.g. proxy users), it opens for the possibility of locking out a legitmiate user by an attacker (DoS) if they are on the same proxy, but that might be acceptable. I also set the count a bit higher ('6' instead of '3') to compensate for multiple users trying to login from the same proxy. Of course, adding a "sleep(5)" before returning a message saying the attack failed would help too. ELB -- Eric L. Brine | Chicken: The egg's way of making more eggs. [EMAIL PROTECTED] | Do you always hit the nail on the thumb? ICQ# 4629314 | An optimist thinks thorn bushes have roses.
Re: [slightly OT] Problem with cookies
On Apr 07, Randal L. Schwartz wrote: I think this also suffers from placing the burden on the client. The [R] there with an external rewrite means that the client will get redirected if it doesn't tell you the right "Host:" header. But HTTP/1.0 and older browsers (and some spiders) will NOT tell you that header, so you get in an infinite loop. The solution is that you must allow for an unspoken "Host:" header to fall through to a generic v-host. An important point is that although "Host:" wasn't required until HTTP/1.1, all of the common browsers have sent it with 1.0 requests for some time. This includes Netscape since version 2.0 and Internet Explorer since 3.0. Most browsers released since 1996 have sent it. I strongly suspect that all of the reputable search engine spiders send it as well. (That doesn't mean you shouldn't be careful and structure it so that you don't send Host-less requests into a redirect loop, I just want to make sure people know the situation isn't quite as dire as Randal may have made it sound. There are a large number of people relying on browsers sending the Host header to great effect.) Jim
Re: [slightly OT] Problem with cookies
Jim Winstead wrote: An important point is that although "Host:" wasn't required until HTTP/1.1, all of the common browsers have sent it with 1.0 requests for some time. Yes, but I've had problems with corporate proxy servers that don't send it. - Perrin
Re: Another Error in Apache::ASP and Perl 5.6.0
I would recompile all of your perl from scratch, as well as modperl apache. The RedHat guys are notorious for building perls and modperl that don't work sometimes. --Joshua Yu Di wrote: Hi, I also changed Perl to 5.005_03, and this problem still exists, so I think it is the problem between Apache 1.3.12, mod_perl 1.22, and DBI or DBD::mysql. More likely, I think it is with DBI, because if I put "PerlModule Apache::DBI" in my httpd.conf, this error will also occur if I visit an ASP file(this was found with Perl 5.6, not tested with Perl 5.005_03). I am running the programs on Linux 2.2.12-20(Redhat 6.1), The C compiler for Perl Modules and all these systems is the default one in Redhat 6.1, I think egcs 2.91-66. Di, Yu 4.7 On Fri, 7 Apr 2000, Joshua Chamas wrote: Sounds like an odd conflict between 5.6, mod_perl and DBI or DBD::mysql. Anyone know how to work through these issues? This is likely platform dependent, so will need relevant advice, what O/S are you running again? --Joshua Yu Di wrote: Hi, I have isolated the problem, but it just made me more puzzled. The problem is not in that file itself, but in "homepage.htm" which is also an ASP file, in which I tried to open a MySQL connection. When I call DBI-connect("DBI:mysql:database=...;host=...","myusername","mypasswd"), it will generate the segmentation fault. But the same statement will execute just well if put into a standalone Perl program, so I am really puzzled by what's going on here. Di, Yu 4.6 On Tue, 4 Apr 2000, Joshua Chamas wrote: Yu Di wrote: This program has been tested under Perl5.005_03, Apache 1.3.11, mod_perl 1.21 on another machine. my.conf is a configuration file for this program. Lynx will report "Alert!: Unexpected network read error; connection aborted." while I try to connect to it, and the server error log will show a "[Tue Apr 4 16:36:22 2000] [notice] child pid 964 exit signal Segmentation fault (11)". I have changed ASP.pm as I wrote last time, for if I did not do so, I will get other error messages. So is it that Apache::ASP is currently not compatible with Perl 5.6? Nothing in your program seemed particularly odd, and I have not tested Apache::ASP under 5.6, nor may I for a while. Because Apache::ASP uses so many modules to do its job, it may be tough to track this down, but I suspect an interaction with MLDBM SDBM_File is at work here because you have so much $Application-{Config} writing going on. Can you print out in different parts of your program and isolate the line that causes the segfault? --Joshua _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051 -- _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051
Re: [slightly OT] Problem with cookies
Oops. Meant to send this to the list. :-) Bill Moseley wrote: At 07:29 PM 04/06/00 -0400, Rusty Foster wrote: What I ended up doing was targeting cookies at a host (i.e. domain=www.kuro5hin.org), and setting up VirtualHost sections as follows: NameVirtualHost 216.181.35.174 # IP of www.kuro5hin.org # Redirect all hostless requests to www VHost VirtualHost 216.181.35.174 ServerName kuro5hin.org Redirect permanent / http://www.kuro5hin.org/ /VirtualHost # Proper URI for www.kuro5hin.org VirtualHost 216.181.35.174 ServerName www.kuro5hin.org ...etc... /VirtualHost Why not reverse the order of these virtual host sections so people without a Host: host go to the www.huro5hin.org virtual host? Their URL will read wrong, but not much you can do about that. That's how it was originally, and they went to the right VHost, *BUT* you recall that the original problem was cookies. I had to target my cookies to 'www.kuro5hin.org', because there are other virtual hosts in the same domain that get a different cookie with the same name. They need to be distinguished by hostname, and the browser won't send a cookie targeted at 'www.kuro5hin.org' to 'kuro5hin.org'. Hence, the URL has to read right, for everything to work. --R Bill Moseley mailto:[EMAIL PROTECTED] -- === | Rusty Foster | "You can never entirely stop being what | | [EMAIL PROTECTED]| you once were. That's why it's important | |[EMAIL PROTECTED] | to be the right person today, and not put | | http://www.kuro5hin.org | it off till tomorrow."-Larry Wall | ===
Re: mod_perl, Apache and zones?
According to John Darrow: I need to be able to run the same sets of pages in several different environments (basically just different environment variables). The problem is that once a process is initiated in a certain environment it can't be changed for the life of the process. The first stroke to solve this would say that I need to run several Apache servers each with a slightly different config file. Then each environment would run on its own port. What determines the correct values per hit? You can use SetEnv in virtualhost context, SetEnvIf on the fly based on several considerations, or do some real black magic with the E= flag in a RewriteRule. The problem with that solution is that maintaining the servers becomes a headache. You have to bounce many different Apache servers everytime something changes. This turns out to be a mixed blessing when you really only want to change one of the environments but it is probably too much trouble except for drastically different servers like with/without mod_perl or a secure proxy. With java servlets there is a feature that allows you to specify different zones within a single Apache server. Each zone has a unique config file and so it can deal with the environments that way. I'm wondering if there's anything similar for mod_perl? The above, plus the ability of mod_rewrite or ProxyPass on a front end server to proxy different requests to different backends. The only other thing I can think of is to just have several copies of the same scripts, and then depending on the URI they will be smart enough to know to set their own environment variables upon initialization. Apache would then keep processes separate depending on where the scripts are using the URI. But that's sort'f ugly. It is a good idea to make sure the reason for the different behaviour based on these values is clear within the script, especially if there is any chance that different people will make changes separately to the apache config and the scripts. If letting the script parse the URI itself makes it more obvious then it isn't as ugly as the magic to hide it. Les Mikesell [EMAIL PROTECTED]
Re: [slightly OT] Problem with cookies
I got this from the URL I mentioned in a previous post. I have modified it a bit to what looks like a solution. I guessing that the condition are met w/ no Host: header or a Host: cloudstock.com header. It looks like it would solve the no Host: header problem as well as do my primary task of sending everyone to www.cloudstock.com. Can someone w/ mod_rewrite experience tell me if it suffices? Boy, this thread has gotten REALLY off topic. I apologize to the list for that, but I do appreciate all the posts. :-) RewriteCond %{HTTP_HOST} !^domain\.name [NC] RewriteCond %{HTTP_HOST} !^$ RewriteRule ^/(.*) http://www.domain.name/$1 [L,R] Jim Winstead wrote: On Apr 07, Randal L. Schwartz wrote: I think this also suffers from placing the burden on the client. The [R] there with an external rewrite means that the client will get redirected if it doesn't tell you the right "Host:" header. But HTTP/1.0 and older browsers (and some spiders) will NOT tell you that header, so you get in an infinite loop. The solution is that you must allow for an unspoken "Host:" header to fall through to a generic v-host. An important point is that although "Host:" wasn't required until HTTP/1.1, all of the common browsers have sent it with 1.0 requests for some time. This includes Netscape since version 2.0 and Internet Explorer since 3.0. Most browsers released since 1996 have sent it. I strongly suspect that all of the reputable search engine spiders send it as well. (That doesn't mean you shouldn't be careful and structure it so that you don't send Host-less requests into a redirect loop, I just want to make sure people know the situation isn't quite as dire as Randal may have made it sound. There are a large number of people relying on browsers sending the Host header to great effect.) -- Drew Taylor Vialogix Communications, Inc. 501 N. College Street Charlotte, NC 28202 704.370.0550 http://www.vialogix.com
Apache::Session -- Go Out of Scope!!!
I'm using Apache::Session within a large Web application (consisting of many scripts). We also have multiple developers on this project, some of whom are junior developers with only a bit of mod_perl experience. In any case, I've written a custom session package that wraps to Apache::Session. It uses Apache::Session for persistence, but it adds nice functionality to it (cookies, session time-out, etc.). Normally, this works great. No problem at all. This object goes out of scope at the end of the script (it's scoped lexically with "my"). It also goes out of scope when "die" is explicitly called. If I add "die 'Blah blah blah'" to an app, things are fun. BUT... sometimes when there's a syntax error in the code, this object just stays in scope. This causes a real problem, because then the developer will just re-load. The process will sit there forever, waiting for the session lock to go away. But it never does... This is a problem. Under certain strange circumstances, the object does not go out of scope. Even under PerlRun (which I *thought* would clear the application's namespace at the end of execution), the object stays in scope (I print to STDERR in DESTROY to see this). The mod_perl server starts going crazy spawning off new threads for each request, because current threads are busy. I placed some limits on this in httpd.conf, but this is not really a solution. The only solution is to restart the server... But there's gotta be a better way! This has been plaguing us for a while, and I can't figure it out. I was considering writing a $SIG{__DIE__} handler that would take this object out of scope, but I ran into other issues there. Has anyone else run into this problem? Any suggestions? Thanks, Russ Russell Weiss Founder and Technical Manager InfoRelay Online Systems, Inc. http://www.InfoRelay.net/
Re: Apache::Session -- Go Out of Scope!!!
On Fri, 7 Apr 2000, Russell D. Weiss wrote: I'm using Apache::Session within a large Web application (consisting of many scripts). We also have multiple developers on this project, some of whom are junior developers with only a bit of mod_perl experience. In any case, I've written a custom session package that wraps to Apache::Session. It uses Apache::Session for persistence, but it adds nice functionality to it (cookies, session time-out, etc.). Normally, this works great. No problem at all. This object goes out of scope at the end of the script (it's scoped lexically with "my"). It also goes out of scope when "die" is explicitly called. If I add "die 'Blah blah blah'" to an app, things are fun. BUT... sometimes when there's a syntax error in the code, this object just stays in scope. This causes a real problem, because then the developer will just re-load. The process will sit there forever, waiting for the session lock to go away. But it never does... My advice would be to eliminate the syntax errors in your code. Apache::Session wasn't designed with the goal of working around other people's erroneous code! This is a problem. Under certain strange circumstances, the object does not go out of scope. Even under PerlRun (which I *thought* would clear the application's namespace at the end of execution), the object stays in scope (I print to STDERR in DESTROY to see this). There are some bugs in Perl 5.005_03 which sometimes cause adverse interactions between eval and die. One symptom seems to be that lexical objects become immortal. This is pretty rare, though. Can you try Perl 5.6? The mod_perl server starts going crazy spawning off new threads for each request, because current threads are busy. I placed some limits on this in httpd.conf, but this is not really a solution. The only solution is to restart the server... But there's gotta be a better way! This has been plaguing us for a while, and I can't figure it out. I was considering writing a $SIG{__DIE__} handler that would take this object out of scope, but I ran into other issues there. Has anyone else run into this problem? -jwb
RE: best way to call traceroute
One of the reasons that I always like the nph- construction is that is showed the traceroute 'live' like it would from a console. Last I checked perl doesn't show the traceroute result until the sessions complete which could be a long time if there is trouble in the trace. Did you find a way to get past that? -Original Message- From: Sam Carleton [mailto:[EMAIL PROTECTED]] Sent: Friday, April 07, 2000 7:18 AM To: mod_perl Mailing List Subject: Re: best way to call traceroute Steven Champeon wrote: On Fri, 7 Apr 2000, Sam Carleton wrote: I want to call traceroute to the remote_host from within a mod_perl script, being a C/C++ programmer I don't the best way to do that. Is there a traceroute object I could use? If so, how? Otherwise how do I run traceroute from within a perl script? I'm getting ready to port an old and somewhat clunky traceroute CGI script to mod_perl, mostly to avoid the horrid 'nph-' construction. If you'd like I can make the source available. That would be great! Any idea when it will be ready? Sam
$r-args troubles...
Dear Mod_Perl'lers I hate to bug the list with this simple problem, but I am at my wits end. I have The Good Book (Aka: Apache Modules with Perl and C. Aka: The Eagle Book) but have some questions that are just killing me. I would like to do something like the program on page 104 - 110 and also page 130 - 135 of The Eagle book. For those of you not blessed with this book, I am trying to recover the parameter from a GET request. Below is my code I correctly using, but my problem is the Apache::Request and Apache::Constant are not being found or used or whatever is the error (Error posted below). Some notes, I have tried adding "use Apache::Constants qw(:common)" but it also returns the same error. I have also replaced the last line with "my ($FirstInfo, $SecondInfo) = split /=/, $r-args;" with no success either. I have those modules installed, and I forced reinstalled them to make sure along with Bundle::Apache. If anyone could point me to a really good example of the r-args and GET requests I would really appreciate it. ---My Error--- Can't locate object method "new" via package "Apache::Request" at ./find_player.pl line 10. ---MY CODE--- use strict; use Apache::Request (); use CGI qw(:standard); use DBI; my $r = new Apache::Request; ---Where the error appears my $dbh ||= DBI-connect('dbi:mysql:Action', 'login', 'password') || die "Could not open Database: "; my ($person_id, $name, $totalkills, $totalkilled); my %arguments = $r-args; -- Jason Murphy System Administrator Lawinfo.com 1-800-397-3743 ex: 133
Re: [slightly OT] Problem with cookies
At 1:01 PM -0400 4/7/00, Rusty Foster wrote: Oops. Meant to send this to the list. :-) you recall that the original problem was cookies. I had to target my cookies to 'www.kuro5hin.org', because there are other virtual hosts in the same domain that get a different cookie with the same name. They need to be distinguished by hostname, and the browser won't send a cookie targeted at 'www.kuro5hin.org' to 'kuro5hin.org'. Hence, the URL has to read right, for everything to work. Well, the good news is that if they don't support Host:, they certainly aren't going to support cookies! -- Kee Hinckley - Somewhere Consulting Group - Cyberspace Architects(rm) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: missing modules/perl/libperl.a
It would appear, from the lack of response to this message, that I've either asked: 1) a really dumb question that's been beaten to death and I just haven't noticed the previous thread. or 2) a really hard question that no one has the answer to. (Given the sheer mass of the gray matter on this list, I find that hard to believe.) Could someone clue me in as to which one it is? thanks, Todd At 12:46 AM 4/6/00 , you wrote: I'm attempting to recompile Stronghold with mod_perl, and I've run into a problem that no set of instructions (that I've seen) seem to help with. Any assistance/advice/RTFMs would be appreciated. mod_perl 1.21 Stronghold 2.42 glibc2.1 build 2412 Perl 5.005_03 This system has an existing mod_perl enabled httpd that I compiled with no problems. It is also 1.21, with apache 1.3.9. I'd rather not poon that instance while creating this one. First, I tried this: perl Makefile.PL APACHE_PREFIX=/usr/local/apache-strong/ APACHE_SRC=/usr/local/apache-strong/ DO_HTTPD=1 USE_APACI=1 EVERYTHING=1 PREP_HTTPD=1 then a make, and a make install. All appears to go well, but no libperl.a is created in modules/perl under the apache tree. So I tried this (per INSTALL.simple.stronghold): Makefile.PL APACHE_SRC=/usr/local/apache-strong/src/ make test make install which ran along swimmingly until it got here: === modules/sxnet === modules/perl cc -O2 -Dbool=char -DHAS_BOOL -I/usr/lib/perl5/5.00503/i686-linux/CORE -DMOD_PERL_VERSION=\"1.21\" -DMOD_PERL_STRING_VERSION=\"mod_perl/1.21\" -I../.. -I/usr/lib/perl5/5.00503/i686-linux/CORE -I../ ../os/unix -I../../include -I../ssl/include -I../../ssl/include -I../../../ssl/include -I/usr/i386-g libc20-linux/include -Wall -DLINUX=2 -DTARGET=\"httpsd\" -DMOD_PERL -DUSE_PERL_SSI -Dbool=char -DHAS _BOOL -DSHBUILDCODE=\"C2NetEU/2412\" -DSHVERSION=\"2.4.2\" -DSTRONGHOLD -DUSE_HSREGEX -DSTRONGHOLD - DMOD_PERL -c mod_perl.c In file included from mod_perl.h:41, from mod_perl.c:60: /usr/lib/perl5/5.00503/i686-linux/CORE/perl.h:2546: redefinition of `union semun' /usr/lib/perl5/5.00503/i686-linux/CORE/patchlevel.h:41: warning: `local_patches' defined but not use d make[3]: *** [mod_perl.o] Error 1 make[2]: *** [all] Error 1 make[1]: *** [subdirs] Error 1 make[1]: Leaving directory `/usr/local/apache-strong/src' make: *** [apache_httpd] Error 2 I then tried the instructions listed at C2net, here http://www.c2net.com/external/?link=sh242/index.html Switch to the ServerRoot/src directory: # cd ServerRoot/src This is the directory created during installation, and it may vary from the default. Edit the Configuration file to reflect which modules or patches you want. AddModule modules/perl/libperl.a Save the modified Configuration file. Run Configure: # ./Configure Rebuild HTTPSD: # make This goes along for awhile with no apparent problems until it gets here: === modules/sxnet === modules/perl cc -O2 -Dbool=char -DHAS_BOOL -I/usr/lib/perl5/5.00503/i686-linux/CORE -DMOD_PERL_VERSION=\"1.21\" -DMOD_PERL_STRING_VERSION=\"mod_perl/1.21\" -I../.. -I/usr/lib/perl5/5.00503/i686-linux/CORE -I../ ../os/unix -I../../include -I../ssl/include -I../../ssl/include -I../../../ssl/include -I/usr/i386-g libc20-linux/include -Wall -DLINUX=2 -DTARGET=\"httpsd\" -DMOD_PERL -DUSE_PERL_SSI -Dbool=char -DHAS _BOOL -DSHBUILDCODE=\"C2NetEU/2412\" -DSHVERSION=\"2.4.2\" -DSTRONGHOLD -DUSE_HSREGEX -c mod_perl.c In file included from mod_perl.h:41, from mod_perl.c:60: /usr/lib/perl5/5.00503/i686-linux/CORE/perl.h:2546: redefinition of `union semun' /usr/lib/perl5/5.00503/i686-linux/CORE/patchlevel.h:41: warning: `local_patches' defined but not use d make[2]: *** [mod_perl.o] Error 1 make[1]: *** [all] Error 1 make: *** [subdirs] Error 1 Same as before, I believe. Additional questions I have are: - Is there a danger of breaking my other Apache/mod_perl installation by configuring mod_perl against a different source tree and doing a make install? - Where is libperl.a? Any assistance would be greatly appreciated. thanks, Todd -- Todd R. FinneyAlpha Geek [EMAIL PROTECTED] (508) 879 5792 Boy Genius Internet Development http://www.boygenius.com --
Re: Apache::Session -- Go Out of Scope!!!
On Fri, 7 Apr 2000, Russell D. Weiss wrote: Normally, this works great. No problem at all. This object goes out of scope at the end of the script (it's scoped lexically with "my"). It also goes out of scope when "die" is explicitly called. If I add "die 'Blah blah blah'" to an app, things are fun. BUT... sometimes when there's a syntax error in the code, this object just stays in scope. This causes a real problem, because then the developer will just re-load. The process will sit there forever, waiting for the session lock to go away. But it never does... You could try using a PerlCleanupHandler to kill any open locks. $r-register_cleanup( \clear_locks ); - Perrin
RE: $r-args troubles...
you are calling Apache::Request-new incorrectly - see the docs :) -Original Message- From: Jason Murphy [mailto:[EMAIL PROTECTED]] Sent: Friday, April 07, 2000 2:07 PM To: [EMAIL PROTECTED] Subject: $r-args troubles... Dear Mod_Perl'lers I hate to bug the list with this simple problem, but I am at my wits end. I have The Good Book (Aka: Apache Modules with Perl and C. Aka: The Eagle Book) but have some questions that are just killing me. I would like to do something like the program on page 104 - 110 and also page 130 - 135 of The Eagle book. For those of you not blessed with this book, I am trying to recover the parameter from a GET request. Below is my code I correctly using, but my problem is the Apache::Request and Apache::Constant are not being found or used or whatever is the error (Error posted below). Some notes, I have tried adding "use Apache::Constants qw(:common)" but it also returns the same error. I have also replaced the last line with "my ($FirstInfo, $SecondInfo) = split /=/, $r-args;" with no success either. I have those modules installed, and I forced reinstalled them to make sure along with Bundle::Apache. If anyone could point me to a really good example of the r-args and GET requests I would really appreciate it. ---My Error--- Can't locate object method "new" via package "Apache::Request" at ../find_player.pl line 10. ---MY CODE--- use strict; use Apache::Request (); use CGI qw(:standard); use DBI; my $r = new Apache::Request; ---Where the error appears my $dbh ||= DBI-connect('dbi:mysql:Action', 'login', 'password') || die "Could not open Database: "; my ($person_id, $name, $totalkills, $totalkilled); my %arguments = $r-args; -- Jason Murphy System Administrator Lawinfo.com 1-800-397-3743 ex: 133
Re: $r-args troubles...
It goes like this: my $r = Apache-request; my $apr = Apache::Request-new($r); -- Doug Kyle - Information Systems Grand Rapids Public Library "We're superheros man, we don't have time to be charming . . . we're public servants, not glamour boys" - The Tick. Jason Murphy wrote: Dear Mod_Perl'lers I hate to bug the list with this simple problem, but I am at my wits end. I have The Good Book (Aka: Apache Modules with Perl and C. Aka: The Eagle Book) but have some questions that are just killing me. I would like to do something like the program on page 104 - 110 and also page 130 - 135 of The Eagle book. For those of you not blessed with this book, I am trying to recover the parameter from a GET request. Below is my code I correctly using, but my problem is the Apache::Request and Apache::Constant are not being found or used or whatever is the error (Error posted below). Some notes, I have tried adding "use Apache::Constants qw(:common)" but it also returns the same error. I have also replaced the last line with "my ($FirstInfo, $SecondInfo) = split /=/, $r-args;" with no success either. I have those modules installed, and I forced reinstalled them to make sure along with Bundle::Apache. If anyone could point me to a really good example of the r-args and GET requests I would really appreciate it. ---My Error--- Can't locate object method "new" via package "Apache::Request" at ./find_player.pl line 10. ---MY CODE--- use strict; use Apache::Request (); use CGI qw(:standard); use DBI; my $r = new Apache::Request; ---Where the error appears my $dbh ||= DBI-connect('dbi:mysql:Action', 'login', 'password') || die "Could not open Database: "; my ($person_id, $name, $totalkills, $totalkilled); my %arguments = $r-args; -- Jason Murphy System Administrator Lawinfo.com 1-800-397-3743 ex: 133
Re: What phase am I in
At 12:51 PM 4/7/00 -0400, Paul G. Weiss wrote: Is there any way to determine from the Apache::Request object what phase of handling we'er in? I have some code that is used during more than one phase and I'd like it to behave differently for each phase. the current_callback() method (Eagle book, p465). Funny, I had to find this out yesterday.. - Simon -Paul - Simon Rosenthal ([EMAIL PROTECTED]) Web Systems Architect Northern Light Technology 222 Third Street, Cambridge MA 02142 Phone: (617)577-2796 : URL: http://www.northernlight.com "Northern Light - Just what you've been searching for"
Re: mod_perl suddenly demanding DSO.
So shoot me for not hunting through the achives first Upgrading to apache1.3.12 and mod_perl1.2.22 today, I suddenly get the following: apxs:Error: Sorry, no DSO support for Apache available apxs:Error: under your platform. Make sure the Apache apxs:Error: module mod_so is compiled into your server apxs:Error: binary `/tools/web/bin/apache'. Writing Makefile for Apache for every module included the distribution. The error is correct, mod_dso isn't linked into my apache config (never has, never will be). My question is: why is mod_perl suddenly tring to use DSO ? This is not a fatal error. It was fixed in the current CVS version. Get it from http://perl.apache.org/from-cvs/modperl FWIW, the mod_perl build invocation I used is: perl5.00503 Makefile.PL \ APACHE_PREFIX=/tools/web \ APACHE_SRC=../apache_1.3.12 \ DO_HTTPD=1 \ USE_DSO=0 \ USE_APACI=1 \ EVERYTHING=1 \ APACI_ARGS='--target=modperl \ --libexecdir=/tools/web/lib/apache \ --enable-module=info \ --disable-module=asis \ --disable-module=auth \ --disable-module=autoindex \ --disable-module=imap \ --disable-module=userdir' Did I miss something? -- Stephen "A duck!" __ Stas Bekman | JAm_pH--Just Another mod_perl Hacker http://stason.org/ | mod_perl Guide http://perl.apache.org/guide/ mailto:[EMAIL PROTECTED] | http://perl.orghttp://stason.org/TULARC/ http://singlesheaven.com| http://perlmonth.com http://sourcegarden.org --
Re: Another Error in Apache::ASP and Perl 5.6.0
Hi, my modperl apache are compiled by myself, Perl 5.005_03 was included in Redhat, Perl 5.6.0 was compiled by myself. I will try modperl 1.21 and apache 1.3.11, and see which one's new version is causing troubles. Di, Yu 4.7 On Fri, 7 Apr 2000, Joshua Chamas wrote: I would recompile all of your perl from scratch, as well as modperl apache. The RedHat guys are notorious for building perls and modperl that don't work sometimes. --Joshua Yu Di wrote: Hi, I also changed Perl to 5.005_03, and this problem still exists, so I think it is the problem between Apache 1.3.12, mod_perl 1.22, and DBI or DBD::mysql. More likely, I think it is with DBI, because if I put "PerlModule Apache::DBI" in my httpd.conf, this error will also occur if I visit an ASP file(this was found with Perl 5.6, not tested with Perl 5.005_03). I am running the programs on Linux 2.2.12-20(Redhat 6.1), The C compiler for Perl Modules and all these systems is the default one in Redhat 6.1, I think egcs 2.91-66. Di, Yu 4.7 On Fri, 7 Apr 2000, Joshua Chamas wrote: Sounds like an odd conflict between 5.6, mod_perl and DBI or DBD::mysql. Anyone know how to work through these issues? This is likely platform dependent, so will need relevant advice, what O/S are you running again? --Joshua Yu Di wrote: Hi, I have isolated the problem, but it just made me more puzzled. The problem is not in that file itself, but in "homepage.htm" which is also an ASP file, in which I tried to open a MySQL connection. When I call DBI-connect("DBI:mysql:database=...;host=...","myusername","mypasswd"), it will generate the segmentation fault. But the same statement will execute just well if put into a standalone Perl program, so I am really puzzled by what's going on here. Di, Yu 4.6 On Tue, 4 Apr 2000, Joshua Chamas wrote: Yu Di wrote: This program has been tested under Perl5.005_03, Apache 1.3.11, mod_perl 1.21 on another machine. my.conf is a configuration file for this program. Lynx will report "Alert!: Unexpected network read error; connection aborted." while I try to connect to it, and the server error log will show a "[Tue Apr 4 16:36:22 2000] [notice] child pid 964 exit signal Segmentation fault (11)". I have changed ASP.pm as I wrote last time, for if I did not do so, I will get other error messages. So is it that Apache::ASP is currently not compatible with Perl 5.6? Nothing in your program seemed particularly odd, and I have not tested Apache::ASP under 5.6, nor may I for a while. Because Apache::ASP uses so many modules to do its job, it may be tough to track this down, but I suspect an interaction with MLDBM SDBM_File is at work here because you have so much $Application-{Config} writing going on. Can you print out in different parts of your program and isolate the line that causes the segfault? --Joshua _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051 -- _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051
Re: mod_perl suddenly demanding DSO.
"Stas" == Stas Bekman [EMAIL PROTECTED] writes: Stas This is not a fatal error. It was fixed in the current CVS Stas version. Get it from http://perl.apache.org/from-cvs/modperl Thanks, Stas. Bleeding edge here I come :) -- Stephen "So if she weighs the same as a duck, she's made of wood."... "And therefore?"... "A witch!"
[JOB] OPENINGS:perl mod_perl developers at well-funded pre IPOBoston B2B .coms
Web developers needed for terrific Boston startups pre IPO in growth stages after second round of VC funding. Need senior and junior web developers (many) to script in Perl to develop applications. NOT shell script. In short, must know how to write apps in perl on UNIX to Interface Apache webserver. Especially interested in mod_perl to allow Apache to executive obst. dbi perl code and db layer. C++ a plus. Java not required. Some Java script a plus. Linux Gurus welcome! Please let me know whether you or someone you know is interested by return email. Thanks! Inga Inga L. Parsons President, HTH, Inc.-BOSTON tel: 781-581-2272 fax: 781-581-2252 [EMAIL PROTECTED]
Silly Question
Hello, We recently bought a new Raq3 server. We have developed a script to add users directly from the web interface. IT is bombing out as the script should be run as 'root'. I want to know if the script can be set with setuid as root for execution. Thanks for any help. VIjay
RE: What phase am I in
of note, 1.21_01 introduced $r-notes('PERL_CUR_HOOK'), but why that was introduced when there is current_callback() I don't know (it's not in Changes as far as I can see) --Geoff -Original Message- From: Simon Rosenthal [mailto:[EMAIL PROTECTED]] Sent: Friday, April 07, 2000 2:03 PM To: Paul G. Weiss; '[EMAIL PROTECTED]' Subject: Re: What phase am I in At 12:51 PM 4/7/00 -0400, Paul G. Weiss wrote: Is there any way to determine from the Apache::Request object what phase of handling we'er in? I have some code that is used during more than one phase and I'd like it to behave differently for each phase. the current_callback() method (Eagle book, p465). Funny, I had to find this out yesterday.. - Simon -Paul - Simon Rosenthal ([EMAIL PROTECTED]) Web Systems Architect Northern Light Technology 222 Third Street, Cambridge MA 02142 Phone: (617)577-2796 : URL: http://www.northernlight.com "Northern Light - Just what you've been searching for"
Re: Silly Question
I want to know if the script can be set with setuid as root for execution. Since you asked this on this list, I will assume the script is a mod_perl script. Unless the whole web server runs as root, I don't think the script can run as root. Here's what you can do instead. Have the mod_perl script add the info needed to a to-do list. Setup a root cron job to periodically check if there is anything in the to-do list. If there is, process the entry. Of course, that means the changes don't take effect immidiately. Another alternative is to run the script as a .cgi instead of as a mod_perl script. CGI scripts can run as root without running the server as root. ELB -- Eric L. Brine | Chicken: The egg's way of making more eggs. [EMAIL PROTECTED] | Do you always hit the nail on the thumb? ICQ# 4629314 | An optimist thinks thorn bushes have roses.
Re: [slightly OT] Problem with cookies
On 7 Apr 2000, Randal L. Schwartz wrote: Rusty NameVirtualHost 216.181.35.174 # IP of www.kuro5hin.org Rusty # Redirect all hostless requests to www VHost Rusty VirtualHost 216.181.35.174 Rusty ServerName kuro5hin.org Rusty Redirect permanent / http://www.kuro5hin.org/ Rusty /VirtualHost Rusty # Proper URI for www.kuro5hin.org Rusty VirtualHost 216.181.35.174 Rusty ServerName www.kuro5hin.org Rusty ...etc... Rusty /VirtualHost Rusty This way, people who come in to http://kuro5hin.org/ get redirected Rusty right off the bat, and so far this seems to have solved the problem. Except that this requires HTTP/1.1. Anyone that doesn't send the "host:" header goes into a permanent redirect loop. [...] Not if you do it right[tm] and have the "real" host be the default. - ask -- ask bjoern hansen - http://www.netcetera.dk/~ask/ more than 70M impressions per day, http://valueclick.com
Apache::Session and IPC::Semaphore
I get an intermittent error using Apache::Session while trying to tie a session. It occurs sometimes and the only way to fix it I've found is to reboot. The weird thing is that I change nothing and rebooting fixes it. Looks like a semaphore problem. Why would the call: new IPC::Semaphore give a Permission denied error? Has anyone else ran into this problem? Any help greatly appreciated... My system: RedHat 6.1 (also occurs on RedHat 6.2) RH Secure Server 2.0 (Apache 1.3.3) mod_perl 1.21 Apache::Session 1.03 apache error_log [Fri Apr 7 20:13:46 2000] [error] Permission denied at /usr/lib/perl5/site_perl/5.005/Apache/Session/SysVSemaphoreLocker.pm line 63. (in cleanup) Permission denied at /usr/lib/perl5/site_perl/5.005/Apache/Session/SysVSemaphoreLocker.pm line 63. Database handle destroyed without explicit disconnect at /usr/lib/perl5/site_perl/5.005/Apache/AuthCookie.pm line 48.
Re: THREE STRIKES...
On Fri, 7 Apr 2000, Mark Imbriaco wrote: |That opens up a nasty Denial of Service attack though. All I have to do |is try to log into the "gunther" account three times in rapid succession |with a bogus password, and WHAM, the real Gunther is locked out. Granted, |it's possible to work around this, but the best way is probably going to |be cookie based like Vivek suggested. Obviously, you want to count attempts PER IP addresses. What about folks who are behind proxies? (ie: AOL) It is not all that far fetched to consider that an attacker and a legitimate user could both be coming from AOL -- neiter is it farfetched to consider that they may be assigned the same proxy server on the AOL network. And the other way around, there is three gazillion open proxies you can abuse to make requests from different ip addresses. Or a determined attacker might have a lot of different local ip addresses at his disposal he can make requests from. There ARE workarounds to the issue, my point was simply that Vivek's cookie idea is probably the best of the (admittedly numerous) bunch. - ask -- ask bjoern hansen - http://www.netcetera.dk/~ask/ more than 70M impressions per day, http://valueclick.com
Re: Apache::Session and IPC::Semaphore
On Fri, 7 Apr 2000, Adi wrote: I get an intermittent error using Apache::Session while trying to tie a session. It occurs sometimes and the only way to fix it I've found is to reboot. The weird thing is that I change nothing and rebooting fixes it. Looks like a semaphore problem. Why would the call: new IPC::Semaphore give a Permission denied error? Has anyone else ran into this problem? Any help greatly appreciated... My system: RedHat 6.1 (also occurs on RedHat 6.2) RH Secure Server 2.0 (Apache 1.3.3) mod_perl 1.21 Apache::Session 1.03 The problem is most likely that you are alternating running Apache as root, normal users, and nobody. The problem is that once root create a semaphore block, nobody else can use it. If a user creates a semaphore block, nobody cannot use it. Rebooting removes all semaphore blocks and their permissions. When you get these errors, use ipcs and ipcrm (as root) to examine and fix your semaphores. -jwb
Re: THREE STRIKES...
On Fri, 7 Apr 2000, Ask Bjoern Hansen wrote: |And the other way around, there is three gazillion open proxies you can |abuse to make requests from different ip addresses. | |Or a determined attacker might have a lot of different local ip addresses |at his disposal he can make requests from. Let's be realistic on this one: if the idea is to prevent brute force attacks, the fact that the attacker might use a few dozens or for that matter a few hundreds IPs won't matter much.
Re: THREE STRIKES...
On Sat, 8 Apr 2000, Nicolas MONNET wrote: On Fri, 7 Apr 2000, Ask Bjoern Hansen wrote: |And the other way around, there is three gazillion open proxies you can |abuse to make requests from different ip addresses. | |Or a determined attacker might have a lot of different local ip addresses |at his disposal he can make requests from. Let's be realistic on this one: if the idea is to prevent brute force attacks, the fact that the attacker might use a few dozens or for that matter a few hundreds IPs won't matter much. Yes, let's be realistic. IP tracking is totally ruled out by the AOLs and Mindsprings of the world. All of their millions of customers come through the same proxy farms with the same handful of IP addresses. That means that you can't throttle requests on an requests-from-ip/second basis. Use cookies or URL munging. -jwb
Re: best way to call traceroute
On Fri, Apr 07, 2000 at 11:01:59AM -0700, Karyn Ulriksen wrote: One of the reasons that I always like the nph- construction is that is showed the traceroute 'live' like it would from a console. Last I checked perl doesn't show the traceroute result until the sessions complete which could be a long time if there is trouble in the trace. Did you find a way to get past that? This works for me, showing the results as they come, under Apache::Registry. my $r = shift; $r-content_type('text/html'); $r-send_http_header; ... $|=1; if (open (FILE, "/usr/sbin/traceroute $host 21 |")) { print while FILE; close FILE; } I think there's a Net::Traceroute on CPAN, might want to check that out to avoid the fork. -- Eric -Original Message- From: Sam Carleton [mailto:[EMAIL PROTECTED]] Sent: Friday, April 07, 2000 7:18 AM To: mod_perl Mailing List Subject: Re: best way to call traceroute Steven Champeon wrote: On Fri, 7 Apr 2000, Sam Carleton wrote: I want to call traceroute to the remote_host from within a mod_perl script, being a C/C++ programmer I don't the best way to do that. Is there a traceroute object I could use? If so, how? Otherwise how do I run traceroute from within a perl script? I'm getting ready to port an old and somewhat clunky traceroute CGI script to mod_perl, mostly to avoid the horrid 'nph-' construction. If you'd like I can make the source available. That would be great! Any idea when it will be ready? Sam -- Eric Cholet
Re: prepare_cached and Apache::DBI.
When attempting to use prepare_cached along with Apache::DBI, it returns this error once it has ran through each of the apache children. [Wed Apr 5 ...] [error] prepare_cached(...) statement handle DBI::st=HASH(0x8296788) is still active at /home/... line ... You should only be getting that error if there is more data on that statement handle that you haven't read. You can take care of that by calling $sth-finish, or by reading the rest of the data. - Perrin I was getting similar errors when using the RaiseError flag under DBI as suggested by the perldoc. Posted to dbi-users, and turns out that this is a known issue that will be fixed in an upcoming DBI release. As a workarround code something like this should help (if you are using RaiseError = 1): eval { bunch of sqlstatments } if($@) { foreach $handle (keys $dbh-{CachedKids}) { $handle-finish(); } } Hope this is useful. -Sean -- Sean Dague [EMAIL PROTECTED] There is no silver bullet. Plus, werewolves make better neighbors than zombies, and they tend to keep the vampire population down.
Re: [slightly OT] Problem with cookies
"Kee" == Kee Hinckley [EMAIL PROTECTED] writes: Kee Well, the good news is that if they don't support Host:, they Kee certainly aren't going to support cookies! Why? Those are orthogonal features. HTTP/1.0 did not require "host:". And certainly, browsers that handled HTTP/1.0 had cookies. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 [EMAIL PROTECTED] URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
RE: Apache::Session -- Go Out of Scope!!!
You could try using a PerlCleanupHandler to kill any open locks. $r-register_cleanup( \clear_locks ); - Perrin Perrin, Thanks a lot. This worked great :-). Actually, as I say, I'm wrapping to Apache::Session with another object that handles cookies, expiration, etc. I just registered a cleanup sub within the constructor for that object. Looks like: Apache-request-register_cleanup(sub {$self-DESTROY; print STDERR "Destroyed the Object\n";}); Since we're inside the constructor and $self is already a reference to the object hash, the cleanup handler knows how to destroy this object. I couldn't achieve the same thing with a $SIG{__DIE__} = sub {...} because $main would then include a reference to the object. So in cases where the script did not die, the object would never go out of scope (because there's still an outstanding reference to it). Thanks again, Russ Russell Weiss Founder and Technical Manager InfoRelay Online Systems, Inc. http://www.InfoRelay.net/
Re: mod_perl shared perl instances?
Soulhuntre wrote: Hiya :) OK... mod_perl embeds an instance of Perl inside the Apache system, and with Apache::ASP allows us to mix perl/html. Good :) The problem is that these processes are 'heavy'. Is there any way to simulate the actions of "Velocigen" in that we could have a few (configurable number) of perl's running that round robin to work with Apache::ASP to render pages? This should also seperate out the systems a bit for stability. Nothing really to be done, but you should note that if you make ample use of PerlModule and Apache::ASP-Loader to precompile modules and scripts, your processes will be much lighter. Then, you have many options for decreasing the number of mod_perl httpds. My favorite is throwing a proxy in front... http://perl.apache.org/guide/strategy.html#Adding_a_Proxy_Server_in_http_Ac ... though lots of people prefer it the way Gunther suggested. --Joshua _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051