mod_perl-1.24: ...called too early to check prototype...
Hello, I have a non-trivial CGI script that ran fine with an older Perl and mod_perl, even with -w ans use strict. Recently I upgraded to Perl-5.6 and mod_perl-1.24, and I get this new warning in Apache: [Tue Feb 27 15:52:15 2001] bugCGI.pl: main::validate_token() called too early to check prototype at /usr/local/httpd/cgi-bin/bugCGI.pl line 1454. The routine in question is not called before declaration. The spot in question is a recursive call however. Sketch of the code: # validate current token @@@line 1339 sub validate_token($) { my $q = shift; ... } else {# invalid token $q-delete($tokenname); validate_token($q); # get a new token @@@trouble line } } Am I right that this is not a programming error on my side? Regards, Ulrich
mod_perl-1.24 (perl 5.6): Undefined subroutine CGI::thead
Hello, this is an old problem that is still current: Occasionally my CGI script fails because of Undefined subroutine CGI::thead If I reload the page it works again, but maybe it's because a different Apache process is used. Environment: Apache/1.3.14 (Unix) (SuSE/Linux) mod_ssl/2.7.1 OpenSSL/0.9.6 mod_perl/1.24 Linux 2.2.18 (SuSE) Perl-5.6 CGI.pm is /usr/lib/perl5/5.6.0/CGI.pm (1.19/2.56) I use this: use CGI qw/thead tbody/;# auto-generate unknown elements from HTML 4.0 and print $q-thead($q-Tr($q-th(...))); and $row .= $q-thead($q-Tr($q-th([...]))) . "\n";
mod_perl/CGI.pm: use CGI::Carp qw(fatalsToBrowser);
Hello, it seems use CGI::Carp qw(fatalsToBrowser); does no longer work as intended with Apache 1.3.14 and perl-5.6 (mod_perl 1.24). Where previously the error message appeared in the browser, I now get this: here is good HTML output HTTP/1.1 200 OK Date: Wed, 28 Feb 2001 10:01:12 GMT Server: Apache/1.3.14 (Unix) (SuSE/Linux) mod_ssl/2.7.1 OpenSSL/0.9.6 mod_perl/1.24 Expires: Wed, 28 Feb 2001 10:01:42 GMT Connection: close Content-Type: text/html; charset=iso-8859-1 OK The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [EMAIL PROTECTED] regensburg.de and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Apache/1.3.14 Server at kgate.dvm.klinik.uni-regensburg.de Port 443
Re: mod_perl-1.24: ...called too early to check prototype...
On Wed, Feb 28, 2001 at 10:53:01AM +0100, Ulrich Windl wrote: Hello, I have a non-trivial CGI script that ran fine with an older Perl and mod_perl, even with -w ans use strict. Recently I upgraded to Perl-5.6 and mod_perl-1.24, and I get this new warning in Apache: [Tue Feb 27 15:52:15 2001] bugCGI.pl: main::validate_token() called too early to check prototype at /usr/local/httpd/cgi-bin/bugCGI.pl line 1454. sub validate_token($); # validate current token @@@line 1339 sub validate_token($) { my $q = shift; ... } else {# invalid token $q-delete($tokenname); validate_token($q); # get a new token @@@trouble line } } Am I right that this is not a programming error on my side? Probably. Either provide a forward declaration of the sub, or don't use a prototype. -- Paul Johnson - [EMAIL PROTECTED] http://www.pjcj.net
RE: [OT] Re: Search Engine Theory
You can also try http://perlfect.com/freescripts/search/; uses perl and DB_File. -Original Message- From: T.J. Mather [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, February 27, 2001 10:41 PM To: Modperl Subject: [OT] Re: Search Engine Theory You might want to look at DBIx::FullTextSearch, a perl module for indexing documents using MySQL as a backend. It supports different frontends and backends, and has a nice modular design (IMHO). http://cpan2.org/Asset/display?dist=DBIx-FullTextSearch On Tue, 27 Feb 2001, Jamie Krasnoo wrote: Can anyone point me to any documents on search engine theory and programming search engines with perl? Jamie Krasnoo www.MyEBoard.com [EMAIL PROTECTED] _ T.J. Mather http://tjmather.com http://cpan2.org/ New CPAN Search Engine http://www.anidea.com/Digital Asset Management http://www.theinnkeeper.com/ Bed and Breakfast Directory
Duplicate entries in @INC
Hi All, I am using a linux box,with apache server,mod-perl. I have put my own modules in a directory and added the directory into @INC in my "startup.pl" file of the Apache Server.(I used "qw" to do that). All my programs works fine. But when I print all the values of @INC in mod-perl through browser ,I see duplicate entries for my directory.But under CGI, I don't see any What might be the reason? -Thanks Arun -Thanks Arun __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
Re: Duplicate entries in @INC
On Wed, 28 Feb 2001, Arun Theeban wrote: Hi All, I am using a linux box,with apache server,mod-perl. I have put my own modules in a directory and added the directory into @INC in my "startup.pl" file of the Apache Server.(I used "qw" to do that). All my programs works fine. But when I print all the values of @INC in mod-perl through browser ,I see duplicate entries for my directory.But under CGI, I don't see any What might be the reason? -Thanks Arun -Thanks Arun That's because you sig is duplicated :) startup.pl has no influence for mod_cgi (what you call CGI). Check whether you have PERL5LIB env var set in the shell... _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: mod_perl shared memory with MM
Sean Chittenden wrote: Is there a way you can do that without using Storable? Right after I sent the message, I was thinking to myself that same question... If I extended IPC::MM, how could I get it to be any faster than Storable already is? You can also read in the data you want in a startup.pl file and put the info in a hash in a global memory space (MyApp::datastruct{}) that gets shared through forking (copy on write, not read, right?). If the data is read only, and only a certain size, this option has worked _very_ well for me in the past. -sc Yeah, I do use that method for all my read-only data, but by definition the persistent session cache is *not* read-only... it gets changed on pretty much every request. -Adi
Re: mod_perl shared memory with MM
Adi Fairbank wrote: I am trying to squeeze more performance out of my persistent session cache. In my application, the Storable image size of my sessions can grow upwards of 100-200K. It can take on the order of 200ms for Storable to deserialize and serialize this on my (lousy) hardware. Its a different approach, but I use simple MLDBM + SDBM_File when possible, as its really fast for small records, but it has that 1024 byte limit per record! I am releasing a wrapper to CPAN ( on its way now ) called MLDBM::Sync that handles concurrent locking i/o flushing for you. One advantage of this approach is that your session state will persist through a server reboot if its written to disk. I also wrote a wrapper for SDBM_File called MLDBM::Sync::SDBM_File that overcomes the 1024 byte limit per record. The below numbers were for a benchmark on my dual PIII 450, linux 2.2.14, SCSI raid-1 ext2 fs mounted async. The benchmark can be found in the MLDBM::Sync package in the bench directory once it makes it to CPAN. With MLDBM ( perldoc MLDBM ) you can use Storable or XS Data::Dumper method for serialization as well as various DBMs. --Josh === INSERT OF 50 BYTE RECORDS === Time for 100 write/read's for SDBM_File 0.12 seconds 12288 bytes Time for 100 write/read's for MLDBM::Sync::SDBM_File 0.14 seconds 12288 bytes Time for 100 write/read's for GDBM_File 2.07 seconds 18066 bytes Time for 100 write/read's for DB_File 2.48 seconds 20480 bytes === INSERT OF 500 BYTE RECORDS === Time for 100 write/read's for SDBM_File 0.21 seconds 658432 bytes Time for 100 write/read's for MLDBM::Sync::SDBM_File 0.51 seconds 135168 bytes Time for 100 write/read's for GDBM_File 2.29 seconds 63472 bytes Time for 100 write/read's for DB_File 2.44 seconds 114688 bytes === INSERT OF 5000 BYTE RECORDS === (skipping test for SDBM_File 1024 byte limit) Time for 100 write/read's for MLDBM::Sync::SDBM_File 1.30 seconds 2101248 bytes Time for 100 write/read's for GDBM_File 2.55 seconds 832400 bytes Time for 100 write/read's for DB_File 3.27 seconds 839680 bytes === INSERT OF 2 BYTE RECORDS === (skipping test for SDBM_File 1024 byte limit) Time for 100 write/read's for MLDBM::Sync::SDBM_File 4.54 seconds 13162496 bytes Time for 100 write/read's for GDBM_File 5.39 seconds 2063912 bytes Time for 100 write/read's for DB_File 4.79 seconds 2068480 bytes
Re: lingerd mod_perl mod_ssl
Vivek Khera wrote: mod_ssl alters the Apache API, so if you're doing the same then that's why they clash. Either that or you're patching something near what mod_ssl patches. Good guess. mod_ssl adds some initialization code add the end of common_init(), and so does lingerd which is why lingerd's patch wasn't applying cleanly. I had to make a different patch, for use with mod_ssl. The file is ftp://iagora.com/pub/software/lingerd/tmp/aplinger-ssl.diff (I'll put it in a proper lingerd release once I've checked a bit more closely how it all works) With this patch, I got Apache to build with lingerd, mod_perl and mod_ssl, and it seems to work fine. Netscape can access it, the ssl_engine_log doesn't show any errors, and keep-alive works. Btw, SSL really wants keep-alives on (key setup is slow), while mod_perl kind of wants them off (images should be served separately anyway, and lingerd is much more effective when keep-alives are off), so putting mod_ssl and mod_perl in the same Apache is a bit of a compromise. I'd still do it for secure dynamic pages, since you really need both, but I'd never serve non-secure (http) pages from the Apache that has mod_ssl in and keep-alives on. Anyway, here's the sequence of commands that I used to get Apache/mod_perl/mod_ssl/lingerd to build: get and untar: apache_1.3.17.tar.gz mod_ssl-2.8.0-1.3.17.tar.gz mod_perl-1.25.tar.gz lingerd-0.93.tar.gz aplinger-ssl.diff cd mod_ssl-2.8.0-1.3.17 ./configure --with-apache=../apache_1.3.17/ cd ../mod_perl-1.25 perl Makefile.PL APACHE_SRC=../apache_1.3.17/src DO_HTTPD=1 \ USE_APACI=1 PREP_HTTPD=1 EVERYTHING=1 make make install cd ../lingerd-0.93 vi config.h apache-1.3/ap_lingerd.h make make install mkdir /var/run/lingerd chown httpd.httpd /var/run/lingerd chmod 755 /var/run/lingerd cd ../apache_1.3.17 cp ../lingerd-0.93/apache-1.3/ap_lingerd.* src/main patch -p0 -d src/ ../aplinger-ssl.diff SSL_BASE=SYSTEM ./configure --prefix=/usr/local/ssl-apache \ --enable-module=ssl --activate-module=src/modules/perl/libperl.a \ --enable-module=perl make make certificate make install Let me know if something like that works for you... I want to officially support mod_ssl in the next release of lingerd, but I need more test data! Roger -- Roger Espel Llima, [EMAIL PROTECTED] http://www.iagora.com/~espel/index.html
Re: lingerd mod_perl mod_ssl -- how about Ben-apache_ssl
Good guess. mod_ssl adds some initialization code add the end of common_init(), and so does lingerd which is why lingerd's patch wasn't applying cleanly. I had to make a different patch, for use with mod_ssl. The file is ftp://iagora.com/pub/software/lingerd/tmp/aplinger-ssl.diff (I'll put it in a proper lingerd release once I've checked a bit more closely how it all works) With this patch, I got Apache to build with lingerd, mod_perl and mod_ssl, and it seems to work fine. Netscape can access it, the ssl_engine_log doesn't show any errors, and keep-alive works. I'm running Ben's apache_ssl + mod_perl and am considering adding lingerd to the mix. I already have lingerd + apache running on the lite-weight end, and wonder if apache_ssl has similar problems BEFORE I mess up my production server. Michael [EMAIL PROTECTED]
Re: Duplicate entries in @INC
But when I print all the values of @INC in mod-perl through browser ,I see duplicate entries for my directory.But under CGI, I don't see any What might be the reason? I can think of two possibilities. First, you might be adding /usr/local/apache/lib/perl (or where ever your Apache lives + /lib/perl) to @INC, which mod_perl does automatically. Second, your startup.pl may be running twice because Apache runs the config file twice on startup. Stas posted a message a few days ago about seeing files pulled in from PerlModule/PerlRequire commands running twice on startup, even though they probably shouldn't. See http://forum.swarthmore.edu/epigone/modperl/crachoupro/Pine.LNX.4.30.0102231 [EMAIL PROTECTED] for more info and a workaround. - Perrin
Unusual proxying, CONNECT munging.
We have a rather unusual proxying scheme. In normal operation, our server has all of the slave applications' DNS pointing to itself. Browsers are not configured to proxy. After authentication and access control, it converts the "local" reference to a proxy to the real server (like the wAMPC example in the section on: "Invoking mod_proxy for Nonproxy requests"). We have this working rather well. In one particular instance, we need to have this server acting as a real proxy (browsers are configured to have it as a proxy), and fall through the rest of the code to the back end applications. I have this working for HTTP easily enough (just don't proxyify the requests), but SSL seems to be a severe problem, because browsers use the "CONNECT hostname:port" for https (and then blindly copy packets bidirectionally), rather than "GET http://host.../file". I believe I can get this to work if, after detecting a "CONNECT" method connection, I change the effective "hostname:port" to be localhost:443, and force the Apache proxy to redirect to itself. Then I can handle it through the stuff we already use. Does anybody know how to alter the CONNECT's parameters in mod_perl so that mod_proxy will do the right thing with it? I can "see" the CONNECT parameter by examining $r-uri, but setting it ala $r-uri("localhost:443") appears to be ignored. I can't even seem to find official documentation for CONNECT. The links (netscape and elsewhere) appear dead. I've been playing around with some simple stand-alone proxies to test out whether the back-end stuff will work out, but, I don't seem to be able to get them to interoperate with CONNECT requests quite yet. Thanks muchly.
Apache thrashing my swap...
I am running Apache/1.3.14 (Unix) mod_perl/1.24_01 PHP/4.0.3pl1 mod_ssl/2.7.1 OpenSSL/0.9.6 And run several database and MEMORY hogging mod_perl scripts... My problem is that recently I have had some users that are getting impatient and hitting the reload/refresh button OFTEN. In some instances this causes one single person to have over 40 httpd children service JUST them. This causes my server to start thrashing swap... Does anybody on this list know of a way to limit the number of connections apache will allow per IP address (before any reverse lookups would be nice)? I would like to set this to like 10-15 or so if it is possible? I know that this could cause some people with proxy servers to be limited, but I figure 10-15 httpd children should be able to handle most proxy systems just fine... I know this isn't really a mod_perl problem... but I also know that this list is probably the most likely to have other people who have exactly this issue on their machines Thanks in advance -Jason
Apache::ASP, Response-Flush problems ...
Hello all, due to some issues with long-running scripts and impatient users we decided to display some sort of message (either in the window or in a popup - better!) that would say "Chill out, don't refresh or double-click" etc, etc. I was trying to take advantage of $Response-{Buffer} and $Response-Flush() but apparently it does not work. Clearing and Flushing may work in the "end product" which is what you see on your browser but the timing is not correct. That is, when I say "$Response-Flush()" I actually want the user to see the output thus far. My ASPs unfortunately will not display the source until the last statement has been executed and then the source will be received in its entirety. What I meant by "end product" by the way is: if I do something similar to Josh's sample response.html file and say: print a bunch of stuff Response-Flush print something here if I should clear this { Response-Clear } do other things then the above statements will take the proper effect and either show the "print something here" or not depending on the conditional. The problem is I won't see the "print a bunch of stuff" until the end of script (so if there was a noticeable delay in "do other things" I'd have to wait for them to finish until I could see "print a bunch of stuff"). Any help would be greatly appreciated. DCC P.S. I tested the timing of the output returned by telnet'ing to port 80 and using sleep(x) right after Flush(). The start of the output has to wait for the completion of the script in all instances.
RE: Search Engine Theory
Title: RE: Search Engine Theory Check out the book Managing Gigabytes Text indexing theory and algorithms. Source code too. -Original Message- From: Jamie Krasnoo [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 27, 2001 3:03 PM To: Modperl Subject: Search Engine Theory Can anyone point me to any documents on search engine theory and programming search engines with perl? Jamie Krasnoo www.MyEBoard.com [EMAIL PROTECTED]
Re: Apache thrashing my swap...
"Jason Terry" [EMAIL PROTECTED] writes: I know this isn't really a mod_perl problem... but I also know that this list is probably the most likely to have other people who have exactly this issue on their machines I wonder if putting a thin apache on the front of a very limited fat apache would at least get you somewhere near where you want to be. If someone hits stop before something gets passed to the fat apache, will it get tossed completely? Having a maxclients limit on the fat apache will keep memory and CPU usage sane. -- Dave Hodgkinson, http://www.hodgkinson.org Editor-in-chief, The Highway Star http://www.deep-purple.com Apache, mod_perl, MySQL, Sybase hired gun for, well, hire -
Mod_perl and Apache 2.0
Has anyone tried compiling mod_perl under apache 2.0? Also, what is the word on mod_perl 2.0? -- Jeff Stuart [EMAIL PROTECTED]
Re: Mod_perl and Apache 2.0
Well, from the looks of the cvs commits, doug seems to be compiling mod_perl under apache 2.0 quite regularly :) With the complete rewrite there's been plenty of work to do. The word on it is here: http://perl.apache.org/~dougm/modperl_2.0.html its still in heavy development by doug - i would say the best thing to do is watch the commits if you want to keep up with it. sterling On Wed, 28 Feb 2001, Jeffrey A. Stuart wrote: Has anyone tried compiling mod_perl under apache 2.0? Also, what is the word on mod_perl 2.0? -- Jeff Stuart [EMAIL PROTECTED]
Re: Apache thrashing my swap...
On Wed, 28 Feb 2001, Jason Terry wrote: My problem is that recently I have had some users that are getting impatient and hitting the reload/refresh button OFTEN. In some instances this causes one single person to have over 40 httpd children service JUST them. This causes my server to start thrashing swap... First, put something in place so that your server will never go into swap. I prefer a combination of MaxClients and Apache::SizeLimit. Also, if you haven't moved your images to another server and/or put a proxy server in place, do that. Does anybody on this list know of a way to limit the number of connections apache will allow per IP address (before any reverse lookups would be nice)? If you set a unique cookie, you could limit based on that and fall back to IP address if you don't find a cookie. That will help with the proxy issue. You could adapt one of the existing modules for this purpose, or maybe grab Randal's Stonehenge::Throttle code from the list archives. Be careful. Blocking users is always a dangerous thing to do and may be more trouble than it's worth. You could check the list archives for discussions of how to handle long-running tasks for ideas on interface changes that might solve your problem. - Perrin
Apache::GD examples?
Does anyone have any real world examples of Apache::GD or Apache::GD/Graph I could look at? And/or stories of using Apache::GD/Graph in a production enviroment..
Re: mod_perl shared memory with MM
Is there a way you can do that without using Storable? Right after I sent the message, I was thinking to myself that same question... If I extended IPC::MM, how could I get it to be any faster than Storable already is? You can also read in the data you want in a startup.pl file and put the info in a hash in a global memory space (MyApp::datastruct{}) that gets shared through forking (copy on write, not read, right?). If the data is read only, and only a certain size, this option has worked _very_ well for me in the past. -sc -- Sean Chittenden[EMAIL PROTECTED] C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD PGP signature
Re: Not even beginning - INSTALL HELP
Finally I reinstalled Perl 5.6 and mod_perl installed without problems. I am really new to mod_perl and I don't know if mod_perl is running well. How can I know? I would like to test if my script is running under mod_perl so I wrote the following from the faqs but nothing happens (nothing is written): #!/usr/bin/perl if (exists $ENV{"MOD_PERL"}){ #if running under mod_perl print "first test\n"; } if($ENV{"GATEWAY_INTERFACE"} eq "CGI-Perl/1.1"){ print "second test\n"; } Will this work as a test to know if mod_perl is running? Thanks Alejandro - Original Message - From: "Kurt Hansen" [EMAIL PROTECTED] To: "A. Santillan Iturres" [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, February 27, 2001 6:43 PM Subject: Re: Not even beginning - INSTALL HELP Alejandro wrote: Another question: If I plan to use the DBD modules in the future, should they be installed before mod_perl, or is it the same? The DBD modules are independent of the mod_perl, so you should be able to install them whenever. I mentioned them for completeness sake since it was something I did. Also, DBI, DBD, et al. are a critical part of our solution. If you don't use them now, no need to install them now. Take care, Kurt
security
Hi folks! I have a FreeBSD server configured as a http server, running apache. This installation includes mod_perl+EmbPerl, mod_php4 mod_cgi and mod_fastcgi. Some of my users will be using mysql for database. The problem is that this scenario requires sensitive information inside file. This means no problem when these users write their dymanic pages inside a compiled program. I can chmod a-rw and nobody will be able to take away user/password from a compiled program. The problem happens when write their php or embperl pages! the key user\password are kept inside this file, so anyone can uses an editor to retrieve the user mysql account. I resolve this problem running php on secure mode and chgrping the php file the same user as the http process and removing other flags file access (g-rwx). So nobody besides the owner of the file (or the http process) will be able to read it. since php have some security facilities, like: if the file owner id != the file the script is trying to open = fails. My problem is with perl: how to solve such a problem in a perl environment? Does mod perl allows any kind of security, to prevent ones writing script to read others files? PS: All cgi runs through suexec, so even cgi are not able to run the script, ok?
How to unsubscribe.
How to unsubscribe. please Thanks John Michael
Re: Apache::GD examples?
We started using it a few months ago for a web poll, and are now using it for most of our reporting. It's simple and quick. http://www.sitemason.com/poll/iIDEre/results The current version works well out of the box, even though we use the old GD that supports gifs (have to skip the make test though) Scott On Wed, 28 Feb 2001, JR Mayberry wrote: Does anyone have any real world examples of Apache::GD or Apache::GD/Graph I could look at? And/or stories of using Apache::GD/Graph in a production enviroment.. -- Scott Holdren [EMAIL PROTECTED] http://www.sitemason.com - Build a better site
Re: Apache thrashing my swap...
On Wed, 28 Feb 2001, Jason Terry wrote: My problem is that recently I have had some users that are getting impatient and hitting the reload/refresh button OFTEN. In some instances this causes one single person to have over 40 httpd children service JUST them. This causes my server to start thrashing swap... See http://perl.apache.org/guide/debug.html#Handling_the_User_pressed_Stop_ Does anybody on this list know of a way to limit the number of connections apache will allow per IP address (before any reverse lookups would be nice)? You don't want to do that. Think of AOL users who all come through the same proxy (well a few). This is not a situation where throttling helps, as with stopping rude robots. Your purpose it to stop the script on abort, not to limit users. Also you may want to revise your code to minimize the possibility of users try to restart the request all the time. See the performance chapter in the guide. _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: How to unsubscribe.
How to unsubscribe. please The information is right before your yes: look at any of the posts' headers: ... Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk list-help: mailto:[EMAIL PROTECTED] list-unsubscribe: mailto:[EMAIL PROTECTED] list-post: mailto:[EMAIL PROTECTED] Delivered-To: mailing list [EMAIL PROTECTED] ... _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: Not even beginning - INSTALL HELP
On Wed, 28 Feb 2001, A. Santillan Iturres wrote: Finally I reinstalled Perl 5.6 and mod_perl installed without problems. I am really new to mod_perl and I don't know if mod_perl is running well. How can I know? http://perl.apache.org/guide/install.html#How_can_I_tell_whether_mod_perl_ _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: security
On Wed, 28 Feb 2001, Gustavo Vieira Goncalves Coelho Rios wrote: Hi folks! I have a FreeBSD server configured as a http server, running apache. This installation includes mod_perl+EmbPerl, mod_php4 mod_cgi and mod_fastcgi. Some of my users will be using mysql for database. The problem is that this scenario requires sensitive information inside file. This means no problem when these users write their dymanic pages inside a compiled program. I can chmod a-rw and nobody will be able to take away user/password from a compiled program. The problem happens when write their php or embperl pages! the key user\password are kept inside this file, so anyone can uses an editor to retrieve the user mysql account. I resolve this problem running php on secure mode and chgrping the php file the same user as the http process and removing other flags file access (g-rwx). So nobody besides the owner of the file (or the http process) will be able to read it. since php have some security facilities, like: if the file owner id != the file the script is trying to open = fails. My problem is with perl: how to solve such a problem in a perl environment? Does mod perl allows any kind of security, to prevent ones writing script to read others files? PS: All cgi runs through suexec, so even cgi are not able to run the script, ok? At this moment anybody who has an access to mod_perl server can read any data which is accessible by the same server. suexec is not an option because of process persistance. I understand that you want to store the SQL engine authentication info, and users not to know each other's access credentials. The only solution at this point is to either trust your users not to abuse each other, or run a separate server for each one :( _ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:[EMAIL PROTECTED] http://apachetoday.com http://logilune.com/ http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: Apache::ASP, Response-Flush problems ...
"Demetrios C. Christopher" wrote: Hello all, due to some issues with long-running scripts and impatient users we decided to display some sort of message (either in the window or in a popup - better!) that would say "Chill out, don't refresh or double-click" etc, etc. I was trying to take advantage of $Response-{Buffer} and $Response-Flush() but apparently it does not work. Clearing and Flushing may work in the "end product" which is what you see on your browser but the timing is not correct. That is, when I say "$Response-Flush()" I actually want the user It should work, the code that's relevant in Apache::ASP::Response::Flush(), but its seems not to be working for me either. My real problem here is that I've fixed this before, so I obvi need to create a decent make test case for this routine. My humble apologies. I'll get back to you when I have this fix. --Josh _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051
Re: mod_perl shared memory with MM
The night of Fat Tuesday no less... that didn't help any either. ::sigh:: Here's one possibility that I've done in the past becuase I needed mod_perl sessions to be able to talk with non-mod_perl programs. I setup a named bi-directional pipe that let you write a query to it for session information, and it wrote back with whatever you were looking for. Given that this needed to support perl, java, and c, it worked _very_ well and was extremely fast. Something you may also want to consider because it keeps your session information outside of apache (incase of restart of apache, or desire to synchronize session information across multiple hosts). -sc On Wed, Feb 28, 2001 at 09:25:45PM -0500, Adi Fairbank wrote: Delivered-To: [EMAIL PROTECTED] Date: Wed, 28 Feb 2001 21:25:45 -0500 From: Adi Fairbank [EMAIL PROTECTED] X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.14-5.0 i586) X-Accept-Language: en To: Sean Chittenden [EMAIL PROTECTED] Subject: Re: mod_perl shared memory with MM It's ok, I do that a lot, too. Usually right after I click "Send" is when I realize I forgot something or didn't think it through all the way. :) Sean Chittenden wrote: Hmm... yeah, whoops. I suppose that's what I get for sending email that late. :~) -sc -- Sean Chittenden[EMAIL PROTECTED] C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD PGP signature
Re: Apache::ASP, Response-Flush problems ...
"Demetrios C. Christopher" wrote: Hello all, due to some issues with long-running scripts and impatient users we decided to display some sort of message (either in the window or in a popup - better!) that would say "Chill out, don't refresh or double-click" etc, etc. I was trying to take advantage of $Response-{Buffer} and $Response-Flush() but apparently it does not work. Clearing and Flushing may work in the "end product" The old $Response-Flush() functionality will be back in 2.11. If you'd like my latest copy, I can send it to you, or you can patch up ASP.pm yourself: *** ASP.pm~ Mon Feb 26 19:40:09 2001 --- ASP.pm Wed Feb 28 18:43:43 2001 *** *** 3392,3397 --- 3392,3398 #unless($self-{r}-connection-aborted) { # OK to print random ouput for 200's 300's if(! defined $self-{Status} or ($self-{Status} = 200 and $self-{Status} 400)) { + local $| = 1; $self-{r}-print($out); } # } This change in mod_perl behavior really killed me. Funny little thing, but at least its more perlish. :) --Josh _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051
Re: mod_perl shared memory with MM
Sean, Yeah, I was thinking about something like that at first, but I've never played with named pipes, and it didn't sound too safe after reading the perlipc man page. What do you use, Perl open() calls, IPC::Open2/3, IPC::ChildSafe, or something else? How stable has it been for you? I just didn't like all those warnings in the IPC::Open2 and perlipc man pages. -Adi Sean Chittenden wrote: The night of Fat Tuesday no less... that didn't help any either. ::sigh:: Here's one possibility that I've done in the past becuase I needed mod_perl sessions to be able to talk with non-mod_perl programs. I setup a named bi-directional pipe that let you write a query to it for session information, and it wrote back with whatever you were looking for. Given that this needed to support perl, java, and c, it worked _very_ well and was extremely fast. Something you may also want to consider because it keeps your session information outside of apache (incase of restart of apache, or desire to synchronize session information across multiple hosts). -sc
apache question...
I am set up on apache_1.3.14/mod_perl currently, however, have an older non-mod_perl apache_1.3.6. The old apache's index.html needs to redirect to the index.html on the new apache/mod_perl. The old and new apache servers are on different unix boxes. Anyone think of an elegant block directive solution, because I can't. Thanks, Joe Crotty
Re: apache question...
i would use mod_rewrite, but, since this is a mod_perl forum, i have to suggest that u write a mod_perl transhandler that does a redirect. -- ___cliff [EMAIL PROTECTED]http://www.genwax.com/ Joseph Crotty wrote: I am set up on apache_1.3.14/mod_perl currently, however, have an older non-mod_perl apache_1.3.6. The old apache's index.html needs to redirect to the index.html on the new apache/mod_perl. The old and new apache servers are on different unix boxes. Anyone think of an elegant block directive solution, because I can't. Thanks, Joe Crotty
[ANNOUNCE] MLDBM::Sync
Hey there, MLDBM::Sync is finally available in CPAN, also at: http://www.perl.com/CPAN-local/modules/by-module/MLDBM/ Below is a bit of the README... Its a locking wrapper around MLDBM I developed for the purpose of creating safe fast DBM storage for multi-process environments. DBM's like DB_File SDBM_File can become corrupt if not properly locked and have their i/o flushed, though DB_File is much more sensitive to this. Further, there's a special wrapper around SDBM_File which gets around its 1024 byte limit, called MLDBM::Sync::SDBM_File, see benchmarks below. --Josh _ Joshua Chamas Chamas Enterprises Inc. NodeWorks free web link monitoring Huntington Beach, CA USA http://www.nodeworks.com1-714-625-4051 NAME MLDBM::Sync (BETA) - safe concurrent access to MLDBM databases SYNOPSIS use MLDBM::Sync; # this gets the default, SDBM_File use MLDBM qw(DB_File Storable);# use Storable for serializing use MLDBM qw(MLDBM::Sync::SDBM_File); # use extended SDBM_File, handles values 1024 bytes # NORMAL PROTECTED read/write with implicit locks per i/o request tie %cache, 'MLDBM::Sync' [..other DBM args..] or die $!; $cache{""} = ""; my $value = $cache{""}; # SERIALIZED PROTECTED read/write with explicity lock for both i/o requests my $sync_dbm_obj = tie %cache, 'MLDBM::Sync', '/tmp/syncdbm', O_CREAT|O_RDWR, 0640; $sync_dbm_obj-Lock; $cache{""} = ""; my $value = $cache{""}; $sync_dbm_obj-UnLock; DESCRIPTION This module wraps around the MLDBM interface, by handling concurrent access to MLDBM databases with file locking, and flushes i/o explicity per lock/unlock. The new Lock()/UnLock() API can be used to serialize requests logically and improve performance for bundled reads writes. my $sync_dbm_obj = tie %cache, 'MLDBM::Sync', '/tmp/syncdbm', O_CREAT|O_RDWR, 0640; $sync_dbm_obj-Lock; ... all accesses to DBM LOCK_EX protected, and go to same file handles ... $sync_dbm_obj-UnLock; MLDBM continues to serve as the underlying OO layer that serializes complex data structures to be stored in the databases. See the MLDBM the BUGS manpage section for important limitations. BENCHMARKS In the distribution ./bench directory is a bench_sync.pl script that can benchmark using the various DBMs with MLDBM::Sync. The MLDBM::Sync::SDBM_File DBM is special because is uses SDBM_File for fast small inserts, but slows down linearly with the size of the data being inserted and read, with the speed matching that of GDBM_File DB_File somewhere around 20,000 bytes. So for DBM key/value pairs up to 1 bytes, you are likely better off with MLDBM::Sync::SDBM_File if you can afford the extra space it uses. At 20,000 bytes, time is a wash, and disk space is greater, so you might as well use DB_File or GDBM_File. Note that MLDBM::Sync::SDBM_File is ALPHA as of 2/27/2001. The results for a dual 450 linux 2.2.14, with a ext2 file system blocksize 4096 mounted async on a SCSI disk were as follows: === INSERT OF 50 BYTE RECORDS === Time for 100 write/read's for SDBM_File 0.12 seconds 12288 bytes Time for 100 write/read's for MLDBM::Sync::SDBM_File 0.14 seconds 12288 bytes Time for 100 write/read's for GDBM_File 2.07 seconds 18066 bytes Time for 100 write/read's for DB_File 2.48 seconds 20480 bytes === INSERT OF 500 BYTE RECORDS === Time for 100 write/read's for SDBM_File 0.21 seconds 658432 bytes Time for 100 write/read's for MLDBM::Sync::SDBM_File 0.51 seconds 135168 bytes Time for 100 write/read's for GDBM_File 2.29 seconds 63472 bytes Time for 100 write/read's for DB_File 2.44 seconds 114688 bytes === INSERT OF 5000 BYTE RECORDS === (skipping test for SDBM_File 1024 byte limit) Time for 100 write/read's for MLDBM::Sync::SDBM_File 1.30 seconds 2101248 bytes Time for 100 write/read's for GDBM_File 2.55 seconds 832400 bytes Time for 100 write/read's for DB_File 3.27 seconds 839680 bytes === INSERT OF 2 BYTE RECORDS === (skipping test for SDBM_File 1024 byte limit) Time for 100 write/read's for MLDBM::Sync::SDBM_File 4.54 seconds 13162496 bytes Time for 100 write/read's for GDBM_File 5.39 seconds 2063912 bytes Time for 100 write/read's for DB_File 4.79 seconds 2068480 bytes === INSERT OF 5 BYTE RECORDS === (skipping test for SDBM_File 1024 byte limit)