Re: Errors trying to port (old) mod_perl software
Harold Martin wrote: Hello, I'm trying to get some old mod_perl software (namely ProMP3 http://promp3.sourceforge.net/) to work under mod_perl2. It uses Apache::Constants, but it couldn't find that module (duh), so I too a stab in the dark and changed it to Apache::Const. When I try to run that I get the error: Can't locate # in @INC What? I can't think of ever seeing any modules by that name :} What should I do next to try and get this program working? http://perl.apache.org/docs/2.0/user/porting/compat.html __ Stas BekmanJAm_pH --> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
PATCH porting.pod "First Mystery"
In private mail Stas Bekman <[EMAIL PROTECTED]> writes:
> oops, that should be the modperl list... at modperl-docs we discuss
> mostly site/docs techical issues and there are very few people on this
> list to get enough exposure for this kind of feedback request.
Patch for "The First Mystery" section of the mod_perl porting guide as
per my conversation with Stas at YAPC::Europe::2003.
Takes out the suggestion of creating a Perl4-style library in the same
directory as a means to port CGI scripts.
Replaces it with something simpler and more reliable.
I've also changed "If you put your code into a library or module..."
to "If you put all your code into modules..." because if you put your
code into a Perl4-style library and then require it in more than one
registry script terrible things happen. I don't think this is the
place to explain this so I think the guide should just say "modules"
and leave it at that.
Probably the library problem should be explained elsewhere in the
guide.
Once this one is sorted out, a patch for perl_reference.pod will follow.
--- porting.pod.origThu Aug 14 18:02:27 2003
+++ porting.pod Fri Aug 15 13:37:33 2003
@@ -228,44 +228,42 @@
It's important to understand that the I effect
happens only with code that C wraps with a
-declaration of the C subroutine. If you put your code into a
-library or module, which the main script require()'s or use()'s, this
-effect doesn't occur.
+declaration of the C subroutine. If you put all your code
+into modules, which the main script use()s, this effect doesn't occur.
-For example if we move the code from the script into the subroutine
-I, place the subroutines into the I file, save it in
-the same directory as the script itself and require() it, there will
-be no problem at all. (Don't forget the C<1;> at the end of the
-library or the require() might fail.)
+Do not use simple Perl4-style libraries located in the same directory
+as the script. This technique was recommended by a previous version
+of this guide but is seriously flawed. Subroutines in such libraries
+will only be available to the first script in any given interpreter
+thread to require() a library of any given name. This can lead to
+strange sporadic failures. It also won't work at all under mod_perl2
+because the current working directory is not the directory containing
+the script.
+
+The easiest and the fastest way to solve the nested subroutines
+problem is to change C to C C for all variables for
+which you get the warning. The C subroutines are never
+called re-entrantly and each resides in a package to itself. Most of
+the usual disadvantates of package scoped variables are, therefore,
+not a concern.
- mylib.pl:
- -
- my $counter;
- sub run{
-print "Content-type: text/plain\r\n\r\n";
-$counter = 0;
-for (1..5) {
- increment_counter();
-}
+ counter.pl:
+ --
+ #!/usr/bin/perl -w
+ use strict;
+
+ print "Content-type: text/plain\r\n\r\n";
+
+ local our $counter = 0;
+
+ for (1..5) {
+increment_counter();
}
+
sub increment_counter{
$counter++;
print "Counter is equal to $counter !\r\n";
}
- 1;
-
- counter.pl:
- --
- use strict;
- require "./mylib.pl";
- run();
-
-This solution provides the easiest and the fastest way to solve the
-nested subroutines problem, since all you have to do is to move the
-code into a separate file, by first wrapping the initial code into
-some function that you later will call from the script and keeping the
-lexically scoped variables that could cause the problem out of this
-function.
But as a general rule of thumb, unless the script is very short, I
tend to write all the code in external libraries, and to have only a
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
ANNOUNCE: Loggerithim 6.4.0
Loggerithim is a package for monitoring, visualizing, and managing your systems using remote agents and a web interface. Changes in this version: - Autoconf & make installer - New agent (Solaris and Linux) utilizing SSL for communication - Group based permissions - Improvements to graphing code (filled graphs, multiple Y-axes, multiple keys) - Graph annotations - 'Advanced' menu for custom graphs - Performance improvements (both backend and rendering) It has been quite a while since the last release, as the new agent and metric receiving code required quite a bit of development. There are likely some rough edges, but they will be quickly smoothed. For more information, visit: http://www.loggerithim.org Cory 'G' Watson http://www.loggerithim.org -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
Errors trying to port (old) mod_perl software
Hello, I'm trying to get some old mod_perl software (namely ProMP3 http://promp3.sourceforge.net/) to work under mod_perl2. It uses Apache::Constants, but it couldn't find that module (duh), so I too a stab in the dark and changed it to Apache::Const. When I try to run that I get the error: Can't locate # in @INC What? I can't think of ever seeing any modules by that name :} What should I do next to try and get this program working? Thanks, Harold Martin signature.asc Description: This is a digitally signed message part
Re: temporary installation directory for mp1's make install
Am Fri, 22 Aug 2003 17:34:40 + schrieb Stas Bekman:
> Udo Rader wrote:
>> hi all,
>>
>> for one of our webprojects I have to setup the typical
>> apache1-mod_perl-mod_ssl httpd, which is not too difficult. Our sysadmin
>> rules however require me to set this up as _one_ nice RPM package, which
>> should not be too difficult either, but of course there has to be some
>> problem.
>>
>> The entire apache1, mod_perl etc. stuff has to be generally prefixed by
>> /usr/somedir.
>>
>> Prefixing is no problem, but I run into troubles when requiring to
>> _temporarily_ install mod_perl to the RPM_BUILD_ROOT for later packaging
>> (%install section inside the SPEC-file):
>>
>
> why not downloading one of the existing src.rpms and look how they have done
> it? e.g search for mod_perl at http://rpm.pbone.net/ or http://rpmfind.net/
I already tried this, checked out David Harris' SRPMS on
http://perl.apache.org/rpm/distrib/, but I don't do it other than him.
But anyway, I now tracked the problem down and found the bad boy
in this game:
For various reasons we have built our own perl 5.8.0. On the system side
however, we keep up with the most current version of perl which currently
is 5.8.1-RC4. Now the problem is not our own perl but the
ExtUtils::MakeMaker version that ships with the stock (and our) perl
5.8.0.
For our (and any other "stock") perl 5.8.0 the steps below don't deliver
expected results:
% tar xzf mod_perl-1.28.tar.gz
% tar xzf apache-1.3.28.tar.gz
% cd mod_perl-1.28
% /usr/bestsolution/bin/perl Makefile.PL \
APACHE_SRC=../apache_1.3.28/src \
PREFIX=/usr/somewhere \
APACHE_PREFIX=/usr/somewhere \
DO_HTTPD=1 \
PREP_HTTPD=1 \
USE_APACI=1 \
EVERYTHING=1
% make
% make pure_install PREFIX=/var/tmp/usr/somewhere
After that the files are installed in /usr/somewhere/... instead of
/var/tmp/usr/somewhere, which is completely wrong.
Doing the same with perl 5.8.1-RC4 gives the expected results, all the
files are getting correctly installed in /var/tmp/usr/somewhere.
I then compared the Makefile produced by "our" version of perl and the one
produced by 5.8.1-RC4 and there were (of course) big differences. One of
the most apparent differences is the used ExtUtils::MakeMaker version.
Stock perl 5.8.0 ships with ExtUtils::MakeMaker 6.03 rev. 1.63 while 5.8.1
comes with ExtUtils::MakeMaker 6.13 rev. 1.127. And after upgrading to the
most recent version (6.16) everything is working as it should.
So it probably would be a good idea to introduce a dependency for at least
MakeMaker 6.13 into mod_perl's Makefile.PL, maybe like this trivial patch:
---CUT
--- mod_perl-1.28/Makefile.PL 2003-08-23 00:14:41.0 +0200
+++ mod_perl_1.28/Makefile.PL.good2003-08-23 00:14:34.0 +0200
@@ -12,11 +12,11 @@
}
}
sub MMN_130 () { 19980527 }
-use ExtUtils::MakeMaker;
+use ExtUtils::MakeMaker 6.13;
use Config ();
use FileHandle ();
use DirHandle ();
use File::Compare ();
use File::Basename qw(dirname basename);
---CUT
happy hacking
udo
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
Re: Apache 2.0, mod_perl filter question
Hello,
I am trying to use as a proxy Apache 2.0 which
includes mod_proxy and mod_ssl.
I am trying to use mod_perl for parsing/changing
decrypted plain text HTML data passed over SSL.
maybe there are other ways to do this, let me know.
The script shows that it is theoretically possibly to
parse/modify HTML passed over SSL in case of GET
(working on POST at this time) with a given setup:
SSL-unaware browser <-> mod_proxy+mod_ssl+mod_perl <->
SSL server
this question should probably be like 'How to setup
Apache + mod_ssl + mod_proxy + mod_perl to make
filtering of plain HTML passed over SSL possible?'
minimal setup:
PerlModule MyApache::FilterSnoop
PerlOutputFilterHandler
MyApache::FilterSnoop::connection
SSLEngine on
SSLProxyEngine on
SetHandler modperl
PerlOutputFilterHandler
MyApache::FilterSnoop::connection
AllowCONNECT 80 443 563 1200 1300
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile
/usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile
/usr/local/apache2/conf/ssl.key/server.key
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
\"%r\" %b"
--- Stas Bekman <[EMAIL PROTECTED]> wrote:
> Ilia Rassadzin wrote:
> > Hello,
> >
> >
> > I am trying to filter DECRYPTED, PLAIN TEXT data.
> I
> > attached my two configuration files. If more
> > information needed i can send my logs.
> > Ideally I want to make a setup where
> > encryption/decryption being done twice in order to
> > filter DECRYPTED, PLAIN TEXT data(correct me if I
> am
> > wrong)
> > Like SSL-enabled browser <-> Proxy (SSL, Apache)
> <->
> > Proxy (non SSL, Apache, here goes filtering) <->
> > another Proxy ( SSL, Apache) <-> Server (SSL)
>
> So you try to use mod_perl 2.0 as a proxy, which
> decrypts the stream, does
> something to it, encrypts it back and sends it
> further? I'm not sure whether
> this should work, aren't you suppose to somehow
> reconstruct the keys in order
> for this to work?
>
> What would be the minimal setup to setup a test
> environment?
>
> > At this time i made some little perl script
> > and it works for GET, having some troubles with
> POST,
> > so if you are aware about this problem SSL + proxy
> +
> > POST, please let me know (sorry for offtopic)
> >
> > #!/usr/bin/perl -w
> >
> > use URI::URL;
> > use LWP::UserAgent;
> > use HTTP::Request;
> > use HTTP::Request::Common;
> > use HTTP::Request::Form;
> > use HTML::TreeBuilder 3.0;
> > use HTTP::Cookies;
> >
> > my $ua = LWP::UserAgent->new;
> > $ua->proxy('https','https://localhost');
> > my $url = url 'https://some.server.com:1200/';
> > my $cookie_jar = HTTP::Cookies->new();
> > my $res = $ua->request(GET $url);
> > my $tree = HTML::TreeBuilder->new;
> > $tree->parse($res->content);
> > $tree->eof();
> >
> > my @forms = $tree->find_by_tag_name('FORM');
> > my $f = HTTP::Request::Form->new($forms[0], $url);
> > $f->field("nm", "user");
> > $f->field("pwd", "password");
> > my $response = $ua->request($f->press("submit"));
> > $cookie_jar->extract_cookies($response);
> > $cookie_jar->save();
> > print $response->content if $response->is_success;
> >
> > ie, non-SSL browser <-> proxy + mod_ssl + mod_perl
> > filter <-> server works for me for GET
> >
> > If I do the same with IE, ie Tools->Internet
> > Options->Connections->Lan Settings->use a proxy
> server
> >
> > and put here address of my apache server, I am
> getting
> > 403 Forbidden.
> > I cannot explain this.
> > Any help, ideas, etc are highly appreciated.
>
> I'm not sure how this script helps to understand
> your problem with filtering.
> Neither a huge config file, most of it irrelevant to
> the problem.
>
> What we need is a set of short script/handlers and a
> minimal config file with
> which we can reproduce the problem.
>
> Ideally, if you can submit patches to our test suite
> to accomplish this setup
> that would be the simplest. All we will have to do
> is to make it working.
>
>
__
> Stas BekmanJAm_pH --> Just Another
> mod_perl Hacker
> http://stason.org/ mod_perl Guide --->
> http://perl.apache.org
> mailto:[EMAIL PROTECTED] http://use.perl.org
> http://apacheweek.com
> http://modperlbook.org http://apache.org
> http://ticketmaster.com
>
>
>
> --
> Reporting bugs: http://perl.apache.org/bugs/
> Mail list info:
> http://perl.apache.org/maillist/modperl.html
>
__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
Use of uninitialized valued in concatenation....
Title: Use of uninitialized valued in concatenation
Hello
I have a file (output_tab.pm) that I use to generate tables dynamically. Even though it serves its purpose, it goes on generating this error:
“Script_name.pl: Use of uninitialized value in concatenation (.) or string at output_tab.pm line 42”.
I went through this section of mod_perl docs und thought I’ve understood it, but I can’t feature out the error.
Below it my module and a script that triggers such error.
#
output_tab.pm
#-
# Modulname: output_tab.pm
#-
use strict;
package output_tab;
use vars qw(@ISA @EXPORT);
require Exporter;
@ISA = qw(Exporter);
@EXPORT = qw(output_tab);
use db_Verbindungen;
sub output_tab{
my ($dbh,$abfrage,$columnspan, $sth,@table_head,@table_data);
($abfrage, @table_head) = @_;
$columnspan = @table_head;
print qq();
print qq();
foreach (@table_head){
print qq($_);
}
print qq();
# Erbnisse Anzeigen
$dbh = db_Verbindungen;
$sth = $dbh->prepare($abfrage);
$sth->execute();
print qq();
while(@table_data = $sth->fetchrow_array){
#my $table_data;
foreach (@table_data)
{
print qq($_);
}
print qq();
}
print qq( );
print qq();
$sth->finish();
$dbh->disconnect();
}
1;
###
#!/usr/bin/perl -w
#
#Script: pakete_auflisten.pl
#=
use strict;
use db_Verbindungen;
use gui;
use output_tab;
my ($dbh,$abfrage,@table_head);
$abfrage = ('SELECT Gruppe, Paketname, Auftragsdatum, Status, Statusmeldung FROM Gruppen_Software ORDER BY Auftragsdatum DESC');
@table_head = qw(Gruppe Paketname Auftragsdatum Status Statusmeldung);
# Aufruf der Methode top() des gui.pm Moduls.
top('Paketliste');
# At this stage i call the method output_tab with two arguements.
output_tab($abfrage,@table_head);
# Aufruf der Methode footer() des gui.pm Moduls.
footer();
#== ENDE==
I’ll appreciate any help.
Babs
Re: Apache::Session
All the information that comes from the user-agent can be faked. So the session id is as insecure as any other identifier you get from the Browser. The only thing that could be used is the IP address, and as somebody said earlier, some ISPs and big company LANs may use different proxies for different requests (or use random routes for multiple output interfaces with some NAT gateway). Also the MAC address is not an option, any routing above layer 2? will loose the MAC address (if I'm not wrong). But there is somehow a way to get it more secure. Basically a key/IP combination would be very secure, it's just not useable for all users. Therefore you need to allow multiple IPs for the same session key. After you see that a user from another IP request a session id, you prompt a login again, and after successfull login you allow both IPs to access this session ID. Every user then basically has to login for each IP he uses; but it could be done more tricky, so the whole subnet that those two IPs are in is allowed. The security risk would be, that any other user going though the same gateway can steal the session just by knowing the correct session id. If the user is coming through proxies (as it IMHO normally is if you have several IPs for a session), you could even do more fancy stuff. Proxies should send an x-forwarded-for header, where they will add every IP that sent the request (can be multiple hosts). This way you could allow all those proxies for the session, but just for the same end IP (which should be the last IP from the x-forwarded-for field before any internal IP). Now we just have the security hole left, if someone is in control of those proxies, then he could steal the session from the original user. IMHO this is really everything you can get out of it; you even get it a lot securer for proxied users. The only problem are LANs that use random NAT-Gateways, which IMHO aren't widely spread ??. If you see anything more to make it secure, or if I'm totally wrong, I'm glad to hear !? greets, Marcel Greter -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
Re: Apache 2.0, mod_perl filter question
To the best of my knowledge, the 'proxy' that is used in LWP still cannot
support CONNECT style SSL proxies, meaning its very hit or miss if it
works - roughly 50/50 for the few hundred proxies ive checked recently.
try replacing *all* your $UA->proxy lines with
$ENV{HTTPS_PROXY} = "http://localhost:80";;
this will work assuming you have Crypt::SSLeay installed (libwwwperl works
with either IO SOCKET SSL or crypt ssleay... but crypt ssleay is the one
that gives you low level proxy stuff.)
check out the docs on crypt::ssleay for more info on using proxies with
LWP, it was an eye opener.
as a side note, you may want to undef $ENV{HTTPS_PROXY} before creating
your agent. I dont use UserAgent much but i use WWW::Mechanize a ton
(sunbclass) and it has code to automagically set $ua->proxy if it detects
the ENV is set. which immediately breaks the ENV proxy since they are not
compatible... boo Mechanize =). I think that code is in Mechanize and not
UserAgent however so you should be safe - but im not positive.
The only downsides to this approach:
- UserAgent will report itself as not being proxied even though it is,
since its done at a lower level than its aware. for my code, i couldnt
care less.
- you have to https everything, since I havent found a way to use the
env-set style https proxy for ssl, but something different for http. you
cant mix and match the LWP style and the Crypt::SSL style proxies - the
lwp one will clobber whatever goodness is in crypt::ssleay's with stuff
that doesnt work.
I have no clue why you are getting 403 errors in a browser...
--
gedanken
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
Re: Apache 2.0, mod_perl filter question
Ilia Rassadzin wrote:
Hello,
I am trying to filter DECRYPTED, PLAIN TEXT data. I
attached my two configuration files. If more
information needed i can send my logs.
Ideally I want to make a setup where
encryption/decryption being done twice in order to
filter DECRYPTED, PLAIN TEXT data(correct me if I am
wrong)
Like SSL-enabled browser <-> Proxy (SSL, Apache) <->
Proxy (non SSL, Apache, here goes filtering) <->
another Proxy ( SSL, Apache) <-> Server (SSL)
So you try to use mod_perl 2.0 as a proxy, which decrypts the stream, does
something to it, encrypts it back and sends it further? I'm not sure whether
this should work, aren't you suppose to somehow reconstruct the keys in order
for this to work?
What would be the minimal setup to setup a test environment?
At this time i made some little perl script
and it works for GET, having some troubles with POST,
so if you are aware about this problem SSL + proxy +
POST, please let me know (sorry for offtopic)
#!/usr/bin/perl -w
use URI::URL;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common;
use HTTP::Request::Form;
use HTML::TreeBuilder 3.0;
use HTTP::Cookies;
my $ua = LWP::UserAgent->new;
$ua->proxy('https','https://localhost');
my $url = url 'https://some.server.com:1200/';
my $cookie_jar = HTTP::Cookies->new();
my $res = $ua->request(GET $url);
my $tree = HTML::TreeBuilder->new;
$tree->parse($res->content);
$tree->eof();
my @forms = $tree->find_by_tag_name('FORM');
my $f = HTTP::Request::Form->new($forms[0], $url);
$f->field("nm", "user");
$f->field("pwd", "password");
my $response = $ua->request($f->press("submit"));
$cookie_jar->extract_cookies($response);
$cookie_jar->save();
print $response->content if $response->is_success;
ie, non-SSL browser <-> proxy + mod_ssl + mod_perl
filter <-> server works for me for GET
If I do the same with IE, ie Tools->Internet
Options->Connections->Lan Settings->use a proxy server
and put here address of my apache server, I am getting
403 Forbidden.
I cannot explain this.
Any help, ideas, etc are highly appreciated.
I'm not sure how this script helps to understand your problem with filtering.
Neither a huge config file, most of it irrelevant to the problem.
What we need is a set of short script/handlers and a minimal config file with
which we can reproduce the problem.
Ideally, if you can submit patches to our test suite to accomplish this setup
that would be the simplest. All we will have to do is to make it working.
__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
problem with mod_perl 2.0 + apache 2.0 and proxyreq
Thanks in advance. I've
tried all the archives and google'd but I have not found anything that would
help.
I'm running RH 8.0,
httpd-2.0.40-11.5 and mod_perl-1.99_05-3 from the RedHat distribution. I'm
trying to create a small proxy module that will check a non-proxy request and
depending on "stuff" dynamically transform it into a proxy request
using mod_proxy.
I'm following the example in
Chapter 7 (page 370) of the "Writing Apache Modules with Perl and C".
I know that the book is based on the older apache 1.3 server and associated mod_perl.
However, I have not found anything in my readings to indicate that this would
not work any more.
My version of the proxy
module from the book is :
package ProxyTest;
use strict;
use warnings;
use Apache::RequestRec (); #
for $r->content_type
use Apache::Const -compile
=3D> 'OK';
use Apache::Const -compile
=3D> 'DECLINED';
#use Apache::RequestUtil ();
sub handler
{
my $r =3D shift;
return Apache::DECLINED
if $r->proxyreq;
# set proxy to true
$r->proxyreq(1);
my $uri =3D $r->uri;
# reset URI for mod_proxy
my $newUri =3D 'http://test/goodbye.html';
$r->uri($newUri);
$r->filename("proxy:$newUri");
# change handler to mod_proxy
$r->handler('proxy-server');
return Apache::OK;
}
1;
When I hit the
"test" server, I fail with:
Proxy Error
The proxy server received an
invalid response from an upstream server. The proxy server could not handle the
request GET http://test/goodbye.html.=20
Reason: Max-Forwards has
reached zero - proxy loop?
Additionally, a 502 Bad
Gateway error was encountered while trying to use an ErrorDocument to handle
the request.
The apache error log
indicates (with some debugging) that it is looping on the "GET" of
goodbye.html. Additional debuging indicates that $r->proxyreq is always 0,
so it's looping. My questions are:
1. Did sometime change in
apache 2 or mod_perl 2 so that you cannot
set proxyreq anymore: ie.
$r->proxyreq(1).
2. How do you set proxyreq
if $r->proxyreq(1) is not the correct
method?
3. Is the logic wrong in
this proxy example?
Thanks again. Any help is
appreciated.
John
�
Re: Apache 2.0, mod_perl filter question
Hello,
I am trying to filter DECRYPTED, PLAIN TEXT data. I
attached my two configuration files. If more
information needed i can send my logs.
Ideally I want to make a setup where
encryption/decryption being done twice in order to
filter DECRYPTED, PLAIN TEXT data(correct me if I am
wrong)
Like SSL-enabled browser <-> Proxy (SSL, Apache) <->
Proxy (non SSL, Apache, here goes filtering) <->
another Proxy ( SSL, Apache) <-> Server (SSL)
At this time i made some little perl script
and it works for GET, having some troubles with POST,
so if you are aware about this problem SSL + proxy +
POST, please let me know (sorry for offtopic)
#!/usr/bin/perl -w
use URI::URL;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common;
use HTTP::Request::Form;
use HTML::TreeBuilder 3.0;
use HTTP::Cookies;
my $ua = LWP::UserAgent->new;
$ua->proxy('https','https://localhost');
my $url = url 'https://some.server.com:1200/';
my $cookie_jar = HTTP::Cookies->new();
my $res = $ua->request(GET $url);
my $tree = HTML::TreeBuilder->new;
$tree->parse($res->content);
$tree->eof();
my @forms = $tree->find_by_tag_name('FORM');
my $f = HTTP::Request::Form->new($forms[0], $url);
$f->field("nm", "user");
$f->field("pwd", "password");
my $response = $ua->request($f->press("submit"));
$cookie_jar->extract_cookies($response);
$cookie_jar->save();
print $response->content if $response->is_success;
ie, non-SSL browser <-> proxy + mod_ssl + mod_perl
filter <-> server works for me for GET
If I do the same with IE, ie Tools->Internet
Options->Connections->Lan Settings->use a proxy server
and put here address of my apache server, I am getting
403 Forbidden.
I cannot explain this.
Any help, ideas, etc are highly appreciated.
Thanks,
Ilia
--- Stas Bekman <[EMAIL PROTECTED]> wrote:
> Ilia Rassadzin wrote:
> > Hello mod_perl,
> >
> > I have some problems with filtering HTTPS traffic.
> > I modified for my needs FilterSnoop module from
> Stas
> > Bekman filter tutorial. It perfectly sees HTTP
> data,
> > but not HTTPS.
> > Does anyone have any suggestions(ideas) about how
> to
> > implement a filter which will see HTTPS?
> >
> > Thanks in advance
>
> I need more input from you. Are you trying to filter
> an encrypted data stream?
>
> mod_perl connection filters, happen after the
> incoming data has been decrypted
> and the outgoing data hasn't been yet encrypted.
>
>
__
> Stas BekmanJAm_pH --> Just Another
> mod_perl Hacker
> http://stason.org/ mod_perl Guide --->
> http://perl.apache.org
> mailto:[EMAIL PROTECTED] http://use.perl.org
> http://apacheweek.com
> http://modperlbook.org http://apache.org
> http://ticketmaster.com
>
>
>
> --
> Reporting bugs: http://perl.apache.org/bugs/
> Mail list info:
> http://perl.apache.org/maillist/modperl.html
>
__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs-2.0/> for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/foo.log".
#
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read
Re: temporary installation directory for mp1's make install
Udo Rader wrote: hi all, for one of our webprojects I have to setup the typical apache1-mod_perl-mod_ssl httpd, which is not too difficult. Our sysadmin rules however require me to set this up as _one_ nice RPM package, which should not be too difficult either, but of course there has to be some problem. The entire apache1, mod_perl etc. stuff has to be generally prefixed by /usr/somedir. Prefixing is no problem, but I run into troubles when requiring to _temporarily_ install mod_perl to the RPM_BUILD_ROOT for later packaging (%install section inside the SPEC-file): why not downloading one of the existing src.rpms and look how they have done it? e.g search for mod_perl at http://rpm.pbone.net/ or http://rpmfind.net/ __ Stas BekmanJAm_pH --> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
Re: temporary installation directory for mp1's make install
I digged a bit further into the issue and found that there is a "pure_install" target in the Makefile for mod_perl-1.28 that probably fits better than the plain install target. However this still installs file in outside the temporary build root, so even a % make pure_install PREFIX=/var/tmp/mod_perl-1.28/usr/something still installs for example: -CUT-- Installing /usr/something/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/Apache/include/ap_config_auto.h Files found in blib/arch: installing files in blib/lib into architecture dependent library tree Installing /usr/something/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/Apache/MyConfig.pm Writing /usr/something/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi/auto/mod_perl/.packlist -CUT-- Correct would be to install it into the PREFIX defined above. So is that the expected behaviour or is this a bug (in Makefile.PL)? udo Am Fri, 22 Aug 2003 11:50:44 + schrieb Udo Rader: > hi all, > > for one of our webprojects I have to setup the typical > apache1-mod_perl-mod_ssl httpd, which is not too difficult. Our sysadmin > rules however require me to set this up as _one_ nice RPM package, which > should not be too difficult either, but of course there has to be some > problem. > > The entire apache1, mod_perl etc. stuff has to be generally prefixed by > /usr/somedir. > > Prefixing is no problem, but I run into troubles when requiring to > _temporarily_ install mod_perl to the RPM_BUILD_ROOT for later packaging > (%install section inside the SPEC-file): > > I tried to do > > % PREFIX=$RPM_BUILD_ROOT/usr/somedir make install > > and > > % make PREFIX=$RPM_BUILD_ROOT/usr/somedir install > > ... but it completely ignores the (temporary) PREFIX for the > installation. > > So are there any (make) switches to temporarily override the > installation directory for mod_perl 1.2.x?? > > Thanks > > Udo Rader -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
temporary installation directory for mp1's make install
hi all, for one of our webprojects I have to setup the typical apache1-mod_perl-mod_ssl httpd, which is not too difficult. Our sysadmin rules however require me to set this up as _one_ nice RPM package, which should not be too difficult either, but of course there has to be some problem. The entire apache1, mod_perl etc. stuff has to be generally prefixed by /usr/somedir. Prefixing is no problem, but I run into troubles when requiring to _temporarily_ install mod_perl to the RPM_BUILD_ROOT for later packaging (%install section inside the SPEC-file): I tried to do % PREFIX=$RPM_BUILD_ROOT/usr/somedir make install and % make PREFIX=$RPM_BUILD_ROOT/usr/somedir install ... but it completely ignores the (temporary) PREFIX for the installation. So are there any (make) switches to temporarily override the installation directory for mod_perl 1.2.x?? Thanks Udo Rader -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
