Re: why you should reply to the list
On Tue, 26 Aug 2003, Stas Bekman wrote: Please advise on another way to tell people to respond to the list and not in private. I used to receive much less off-list replies earlier. [snip] Purhaps adding a list signature: Always post followups back to the list! will help, but who reads that. Unfortunately I think we've all seen enough unsubscribe me emails to know that people don't read the info that is *already* being added to the outgoing mail... Stas, you probably get it worst just because of the volume of mail you send to the list (which we're all grateful for!). Maybe when you do your mod_perl list reading you should just configure your outgoing email with: Reply-to: [EMAIL PROTECTED] Kind of a pain for you though... Larry Leszczynski [EMAIL PROTECTED] -- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html
Debugging Tips (Was Re: Cookies, CGI::App, and mod_perl)
Do some debugging. Look at the traffic going back and forth. Test it with GET or lynx. See if the cookie header is being sent. To elaborate a little on this thread: I find ethereal http://www.ethereal.com/ useful for debugging situations like this. Certain browsers (that I won't name) behave in quirky ways that GET or lynx won't emulate, so it's often worth running ethereal in the background whilst using your site with various browsers, then analysing TCP streams in ethereal to see exactly what's happening. PlugProxy is also very good for this type of debugging: http://www.bbzzdd.com/plugproxy/ For just examining the HTTP request/response I find it easier and more straighforward to use than Ethereal. (The screen shot on their home page shows an HTTP exchange with hex mode turned on, it's actually much easier to read with hex mode turned off.) A tip for cookie testing when using PlugProxy (or similar proxying tools, I suppose): Generally you need to make sure you're making requests against the correct domain name for your browser to handle the cookies correctly. For example, if you set up PlugProxy on your desktop like so: Host:www.example.org Remote Port: 80 Local Port: then you should be able to use you browser to hit the home page with this: http://localhost:/ *but* the browser won't send the cookies that would normally be sent to example.org. The fix is to make it look like localhost is part of example.org, and then make the request like this instead: http://localhost.example.org:/ You can put something like this: 127.0.0.1 localhost.example.org localhost in /etc/hosts (or WindowsDir\System32\drivers\etc\hosts). Larry Leszczynski [EMAIL PROTECTED]
Re: Transparent front-end proxying for many VirtualHosts
Hi Andrew - I want to simplify my configuration in two ways. I'd prefer not to maintain two sets of VirtualHost configuration data, and I'd like it if the block that proxies .pl files to the backend proxy not be replicated per VirtualHost. Have you looked at mod_macro? Depending on how similar your virtual hosts are to each other, it might be useful. For example, suppose you set up config files like so: FrontEndMacros.cfg: Macro MyVirtualHost $host $dir VirtualHost * ServerName $host DocumentRoot $dir LocationMatch \.pl$ RewriteRule ...rule to proxy to backend... /LocationMatch ...other frontend config stuff... /VirtualHost /Macro BackEndMacros.cfg: Macro MyVirtualHost $host $dir VirtualHost * ServerName $host DocumentRoot $dir ...other backend config stuff... /VirtualHost /Macro MyVirtualHosts.cfg: Use MyVirtualHost www.siteA.com /path/to/siteA/htdocs Use MyVirtualHost www.siteB.com /path/to/siteB/htdocs Use MyVirtualHost www.siteC.com /path/to/siteC/htdocs httpd.conf for frontend: Listen 1.2.3.4:80 NameVirtualHost * Include FrontEndMacros.cfg Include MyVirtualHosts.cfg httpd.conf for backend: Listen 127.0.0.1:8080 NameVirtualHost * Include BackEndMacros.cfg Include MyVirtualHosts.cfg This could let you maintain just one included file that defined the list of virtual hosts, and even though the proxying block would be replicated for each frontend host, at least you wouldn't have to do that manually. You could probaly even combine the macro definitions in FrontEndMacros.cfg and BackEndMacros.cfg with some appropriately placed IfDefine blocks. More mod_macro info is at: http://www.coelho.net/mod_macro/ (It says it's an Apache 2 module but version 1.1.2 works with Apache 1.3.X) HTH, Larry Leszczynski [EMAIL PROTECTED]
Re: Trouble with sysread in modperl
Hello -
There appears to be a bug with the read and sysread functions when being
used in a loop to read STDIN. We're using a loop to read from STDIN in 4k
blocks, and the read or sysread appears to work great until the very last
read to pick up the final partial block.
[snip]
Not sure about that error, but by any chance are you trying to read POSTed
data from the request? If so, all you need to do is:
my $content;
$r-read($content, $r-header_in('Content-length'));
(mod_perl cookbook recipe 3.6)
Larry Leszczynski
[EMAIL PROTECTED]
RE: Trouble with sysread in modperl
Hi Hui Liu -
Not sure about that error, but by any chance are you trying to read
POSTed data from the request? If so, all you need to do is:
my $content;
$r-read($content, $r-header_in('Content-length'));
(mod_perl cookbook recipe 3.6)
Thanks for the suggestion. Does this mean if we have a 20MB file,
this read will load the entire file into the memory?
Yes, at least up to the size limit defined by POST_MAX. But if you're
trying to read uploaded files, don't do it like that. Instead do it like
recipe 3.8 which shows how to get a filehandle to the uploaded file, e.g.
something like:
use Apache::Request;
sub handler {
my $r = Apache::Request-new(shift,
POST_MAX = 20 * 1024 * 1024,
DISABLE_UPLOADS = 0);
foreach my $upload ($r-upload) {
my $fh = $upload-fh;
...
}
}
Larry Leszczynski
[EMAIL PROTECTED]
mod_perl books (Was: RE: Trouble with sysread in modperl)
Hi Hui Liu - Larry, Thank you. I wonder which Mod_perl cook book you are referring to and where can we get them? I am very interested in details of recipe 3.8. This is our first time to port our perl scripts to Apache (we are using Apache:PerRun mode), and we are still learning. The best overall online resource is the mod_perl web site at: http://perl.apache.org/ Books related to mod_perl, including the mod_perl Developer's Cookbook, are listed at: http://perl.apache.org/docs/offsite/books.html Larry Leszczynski [EMAIL PROTECTED]
Re: Trouble using dir_config for PerlSetVar inside Perl section
Hi Geoff -
and this does not work either:
Perl
push @{$Location{/}-{PerlSetVar}}, [CFG, /path/to/file];
$PerlRequire = startup.pl;
/Perl
[snip]
what may be happening is that your dynamic configuration may be putting your
PerlSetVar into a per-directory scope instead of a per-server scope, since
your config is now in a Perl section. meaning, Apache-server-dir_config
is (rightfully) empty because now your configuration is in
Apache-request-dir_config. of course, you can't get at $r-dir_config at
startup, so you're pretty much SOL.
try looking at $r-dir_config('CFG') in a request and see if your value is
there. if it is, then I guess my theory is right, and there is little that
can be done about it.
Thanks, you're right about what is happening. Since I need to set the
config file path dynamically in httpd.conf and I need to access it in
startup.pl, I ended up using an environment variable instead:
PerlPassEnv CFG
Perl
$ENV{CFG} ||= /path/to/file;
$PerlRequire = startup.pl;
/Perl
I had to use PerlPassEnv outside the Perl section - using something like:
push @PerlSetEnv, [CFG, /path/to/file];
inside the Perl section seems to have the same issues with per-directory
scope as PerlSetVar.
Thanks,
Larry
Trouble using dir_config for PerlSetVar inside Perl section
Hi all -
I'm having trouble using server-dir_config in my startup.pl to read
variables set by PerlSetVar inside a Perl section. I'm using Perl 5.6.1,
Apache 1.3.27, and mod_perl 1.27.
In startup.pl I have:
my $file = Apache-server-dir_config(CFG) || ;
warn Missing path to config file in httpd.conf unless $file;
In httpd.conf, this works just fine:
PerlSetVar CFG /path/to/file
PerlRequire startup.pl
and this works fine too:
PerlSetVar CFG /path/to/file
Perl
$PerlRequire = startup.pl;
/Perl
But this does not work (CFG is not set in startup.pl):
Perl
push @{$Location{/}-{PerlSetVar}}, [CFG, /path/to/file];
/Perl
PerlRequire startup.pl
and this does not work either:
Perl
push @{$Location{/}-{PerlSetVar}}, [CFG, /path/to/file];
$PerlRequire = startup.pl;
/Perl
It seems like this should work, right? I'm pretty sure the syntax of the
push is OK because if I modify the syntax I get a message:
(2)No such file or directory: Perl: PerlSetVar takes two arguments,
Perl config var and value
Thanks,
Larry Leszczynski
[EMAIL PROTECTED]
Re: Load balancers
The Load Balancing section of this doc might help: http://httpd.apache.org/docs/misc/rewriteguide.html Just straight apache + mod_rewrite could be the simple solution you seek. The Proxy Throughput Round-Robin example shows how to add a script to do mapping as well - could work for your availability detection requirement. We've also used mod_rewrite in a lightweight reverse proxy as a stopgap when load balancing hardware was not available. One option for detecting live backend servers is to use the prg rewrite map like Paolo says, where a script does some sort of availability check. Another option which we have used is the rnd map where a server is selected randomly from a flat file, where that file can be kept updated by an external (non-Apache) process like a cron job that checks backend server availability (mod_rewrite notices on-the-fly when that file has changed). Larry Leszczynski [EMAIL PROTECTED]
Re: OSCON ideas
On Wed, 8 Jan 2003, Perrin Harkins wrote: 2) The Perl Pet Store This would be a discussion of porting the J2EE Pet Store reference application to Perl. It would cover Perl equivalents for various J2EE features, and talk about what was easier or harder to do in Perl. I think this could make for an excellent talk. Along similar lines, I'd be interested in hearing about Perl application frameworks such as OpenInteract, progress of P5EE, etc. - any ammunition I could use that would help displace the misconception that if an app server/framework is required then it must be Java-based.
Re: OSCON ideas
Hi Perrin - If people are more concerned with seeing something that would dispel myths about Perl performance, rather than a talk on feature portability from J2EE to Perl, I agree benchmarks would be a valuable marketing tool, but personally I prefer the feature portability angle - I don't have much trouble demonstrating that I can put together high-performance Perl solutions for the web. What I *do* have trouble with is people assuming you have to go with Java to get a good J2EE-style app framework. Larry Leszczynski [EMAIL PROTECTED]
[OT] Re: OSCON ideas
but where do you get a corporate experienced, clean-cut (75%, at least) person willing to put on the tie 5 days a week and do mod_perl? Josh: I was with you right up to the part about wearing a tie :-) I suspect that there are actually quite a few people on this list that would _love_ to do mod_perl full time. after talking to a few employers over the past year, it's getting them all in one place that's the problem - you probably want them onsite and, unlike the slurry of java programmers in your immediate area, what mod_perl experts there are are spread over the globe and may be unwilling to relocate. open up to telecommuting and I suspect you would soon find yourself fully staffed. Geoff: I agree, most of the interesting mod_perl gigs I've seen would involve relocating, which isn't a good option for me right now. And I know a fair number of people who would rather be doing mod_perl than what they're doing now, or who do some mod_perl but would like to do it full time, or who do it but are being gradually phased out in favor of Java. But what do we do to change the perception (reality?) that mod_perlers are hard to find? In terms of web services, I think the slurry of available Java programmers compared to mod_perl programmers is a result (maybe in a roundabout way) of assumptions that Java is the only way to go for application frameworks. To a large extent, there are lots of Java programmers out there because there are lots of Java jobs out there (gotta go where the work is). We're hiring Java programmers to augment in-house Java expertise, because we're building products on top of J2EE technologies. Why are we using J2EE instead of a Perl-based application framework? I don't know for sure, nobody asked me, although it's very likely that no non-Java options were presented as viable alternatives. But even if Perrin's OSCON talk (hint hint) gave me some valuable ammunition to show that I could just as easily design on top of a Perl-based application framework as on J2EE, we still come back around to the perception that it's easier to find Java programmers.
Re: Anyone ever have Apache::Session::File files getting corrupted?
I think most people don't use Apache::Session::File in production. It's
more of a testing thing. In your situation, you would probably get
great performance from MLDBM::Sync with SDBM_File. I'd suggest trying
that if you can't determine the cause of the Apache::Session::File issues.
Not to say that the other options won't work, but we're using
Apache::Session::File in production with no issues, handling in excess of
30 hits per second. It works fine, and it's easy to keep old session
files cleaned up with a simple cron job that finds and deletes session
files older than some limit.
During development we also noticed race conditions with near-simultaneous
pageloads into framesets. Try the 'Transaction' option when you tie to
the session - here is how that part of our mod_perl handler looks:
# NOTE:
# At this point, $session_id is either set to some
# value from a cookie (for an existing session)
# or it is undef
my %session = ();
my $opts = {
Directory = $SESSIONFILEROOT/$site,
LockDirectory = $SESSIONLOCKROOT/$site,
Transaction = 1,
};
eval {
tie %session, 'Apache::Session::File', $session_id, $opts;
};
if ( $@ ) {
# Session tie failed for some reason. If it was because
# an existing session is invalid, create a new session:
if ( $@ =~ /^Object does not exist in the data store/ ) {
$session_id = undef;
eval {
tie %session, 'Apache::Session::File', $session_id, $opts;
};
}
if ( $@ ) {
# Totally failed to create the session - bail out:
$r-log_error( Tie failed: $@);
return SERVER_ERROR;
}
}
HTH,
Larry Leszczynski
[EMAIL PROTECTED]
Re: 2 proxying and mod_perl questions
Hi George - I want to do a reverse proxy of an external site using Apache: VirtualHost prague ProxyRequests on You will want to set ProxyRequests off for a reverse proxy, otherwise someone could use you as a forward proxy to get to someplace else. ProxyPass / http://www.externalsite.com ProxyPassReverse / http://www.externalsite.com Not sure if it matters, but might need a trailing slash on those, i.e.: ProxyPass/ http://www.externalsite.com/ ProxyPassReverse / http://www.externalsite.com/ ServerName prague /VirtualHost This works fine AFICT except if there is a page on the remote site that has a form or other link that uses POST. Have you looked at the URL specified in the form ACTION to see if it is an absolute URL? For example, suppose I point my browser at http://www.george.com/showform.html. Your proxy then sends me the content of http://www.externalsite.com/showform.html. If the form on that page POSTs to http://www.externalsite.com/cgi-bin/form.cgi; (instead of /cgi-bin/form.cgi), then when I submit I will go directly to www.externalsite.com and bypass your proxy. The same would be true of any URL in the site that is specified absolute rather then relative. The maybe off-topic question is: Is this documented anywhere? I haven't been able to find a good explanation why this is. Is there a workaround? You would need to rewrite any URLs in the page before you send it to the browser, to either turn them into relative URLs, or to point them to www.george.com instead of www.externalsite.com. I'm pretty sure you can't do that with mod_proxy or mod_rewrite alone (although I have seen people do some crazy stuff with mod_rerwite). I should note that I am using mod_proxy rather than mod_rewrite because it is my (possibly incorrect) understanding that requests proxied via mod_rewrite will not end up in my local logs. I have not found that to be the case. Larry Leszczynski [EMAIL PROTECTED]
Re: throttling
Hi Paulo - I had a look at mod_throttle, but it doesn't seem to be able to do what I want. I would like to limit accesses by remote IP address, _per-URL_ (mod_throttle seems to only be able to do this in the server scope, not per-location/per-directory/per-virtualhost). I will take the liberty of answering with the standard throttle question response :-) : You should take a look at Randal's Stonehenge::Throttle, I am sure you could tweak it to work the way you'd like. Here are some references: http://www.stonehenge.com/merlyn/LinuxMag/col17.html http://www.mail-archive.com/modperl@apache.org/msg01422.html Larry Leszczynski [EMAIL PROTECTED]
Apache lifecycle: can I choose which VirtualHost?
Hi everyone - Suppose a request comes in which would normally get sent to the default VirtualHost (because it's missing a Host header, or the name in the Host header isn't recognized, or whatever). Is there any mod_perlish way to explicitly handle that request with a different (non-default) VirtualHost, by modifying the request headers or request URI? From experimenting it seems like PerlPostReadRequest is already too late, and the VirtualHost has already been chosen. Failing that kind of manipulation, is there a way to swap in the configuration from the desired VirtualHost just for the handling of that request? Thanks! Larry Leszczynski [EMAIL PROTECTED]
Re: DBD::Oracle/Windows2000 OK from prompt, not mod_perl?
I'm having a problem on Windows 2000 where DBD::Oracle works fine from perl on the command prompt but not from inside mod_perl. I think it is a problem loading DLLs but I can't figure out what's different running under mod_perl. I started making progress after taking Randy's suggestion and copying the DLLs into my Apache directory just to see what happened. The Oracle client was originally installed on a mapped network drive, once I moved it to my local drive and pointed ORACLE_HOME to that location it worked fine. Not sure why Apache would have trouble finding DLLs on a network drive but not on a local drive, but it works now so I'm happy. Thanks for the help guys! Larry
DBD::Oracle/Windows2000 OK from prompt, not mod_perl?
Hi -
I'm having a problem on Windows 2000 where DBD::Oracle works fine from
perl on the command prompt but not from inside mod_perl. I think it is a
problem loading DLLs but I can't figure out what's different running under
mod_perl. The machine is running:
ActiveState perl 5.6.1 build 633
Apache 1.3.26 (prebuilt)
mod_perl 1.27_01-dev (Randy Kobe's build)
DBD-Oracle8 (ActiveState ppm)
From perl -de 0 on the command line (abbreviated output):
DB1 use DBI;
DB2 $dbh = DBI-connect(dbi:Oracle:db,user,passwd);
DB3 @rows = $dbh-selectrow_array(select * from dual);
DB4 x @rows
0 'X'
DB5 x $ENV{PATH}
0 'C:\\Perl\\bin\\;C:\\WINNT\\system32;C:\\WINNT;
C:\\WINNT\\System32\\Wbem;
C:\\Program Files\\Common Files\\Adaptec Shared\\System;
C:\\apps\\orant\\bin'
When I do the same thing in my handler (nothing in startup.pl), the first
request generates this error log message:
[Wed Oct 30 17:15:00 2002] [error] install_driver(Oracle) failed: Can't
load 'C:/Perl/site/lib/auto/DBD/Oracle/Oracle.dll' for module DBD::Oracle:
load_file:The specified module could not be found at
C:/Perl/lib/DynaLoader.pm line 206. Compilation failed in require at (eval
14) line 3.
Perhaps a required shared library or dll isn't installed where expected
and all subsequent requests generate these error log messages:
Use of inherited AUTOLOAD for non-method DBD::Oracle::ORA_OCI() is
deprecated at C:/Perl/site/lib/DBD/Oracle.pm line 48.
[Wed Oct 30 17:16:21 2002] [error] DBD::Oracle initialisation failed:
Can't locate auto/DBD/Oracle/ORA_OCI.al in @INC (@INC contains:
C:/Perl/lib C:/Perl/site/lib c:/apache/ c:/apache/lib/perl) at
C:/Perl/site/lib/DBD/Oracle.pm line 48
I've verified that the PATH in my handler matches what I see at the
prompt, and I know Oracle.dll exists. Occasionally (but not consistently)
Apache.exe will pop up an error dialog saying it couldn't find OCI.dll or
OCIW32.dll in my PATH, but the PATH it shows me in that dialog includes
C:\apps\orant\bin and those DLLs are in there.
Any help appreciated!
Thanks!
Larry Leszczynski
[EMAIL PROTECTED]
Re: DBD::Oracle/Windows2000 OK from prompt, not mod_perl?
Hi Perrin - I'm having a problem on Windows 2000 where DBD::Oracle works fine from perl on the command prompt but not from inside mod_perl. I think it is a problem loading DLLs but I can't figure out what's different running under mod_perl. The machine is running: ActiveState perl 5.6.1 build 633 Apache 1.3.26 (prebuilt) mod_perl 1.27_01-dev (Randy Kobe's build) DBD-Oracle8 (ActiveState ppm) You can't just mix and match like that. Modules that you want to use under mod_perl have to be built against the same perl that mod_perl was built with. If there is a DBD::Oracle with Randy's distro, use it. Otherwise, you need to build DBD::Oracle with the same perl he used, or build mod_perl with ActiveState 633. Hmmm, I was hoping that was not the case - all my other mod_perl stuff works fine, including libapreq stuff and SOAP::Lite, but maybe just by coincidence... Hey Randy, do you happen to have a DBD-Oracle build? (Btw, Randy deserves major kudos for maintaining his stuff at theory5x.winnipeg.ca!) Thanks, Larry Leszczynski [EMAIL PROTECTED]
Re: How do I handle an XML document sent as a POST [newbie]
Hi Chris -
On Tue, 22 Oct 2002, Chris Pizzo wrote:
I'm trying to figure out how to get the XML document sent to me in a
An HTTP transmission. The example I'm given is:
You can read the POST content directly in your mod_perl handler, e.g.:
sub handler
{
my $r = shift;
my $content;
$r-read($content, $r-header_in(Content-length));
# do stuff with $content...
}
See the mod_perl Cookbook recipe 3.6
Larry Leszczynski
[EMAIL PROTECTED]
Re: ANNOUNCE: the new perl.apache.org is alive now!
Hi Stas - We were thinking to try removing font-family completely. Does anybody know of any problems with this approach? I don't think the problem is the font-family but instead specifying font-size in pixels. I'm not a stylesheet expert but we had lots of trouble getting good cross-browser results using pixels for font size, and ended up using em instead (which also still lets users use their browser options to make the font bigger and smaller if they want to. For simple example see: http://hotwired.lycos.com/webmonkey/98/15/index1a_page3.html?tw=authoring Larry Leszczynski [EMAIL PROTECTED]
[slightly OT] Re: Be carefull with apache 1.3.24
On Mon, 1 Apr 2002, Eric Cholet wrote: The Set-Cookie issue has been fixed in apache CVS, but the chunked response issue hasn't yet. Forward any ideas/patches to the [EMAIL PROTECTED] or to mod_proxy's maintainer, minfrin at sharp dot fm. I have not yet been able to get 1.3.23 successfully patched to fix the Set-Cookie issue, and I can't use 1.3.24 because of the chunking problem. (Plus, the 1.3.23 problem of the proxy hanging on to back-end connections until it's done talking with the client pretty much defeats the purpose of using it in accelerator mode.) Does anyone know the most recent Apache version where the Set-Cookie and chunked problems were *not* an issue for mod_proxy? I have an old 1.3.14 instance that seems to work, but I'd rather not go back that far... Thanks! Larry Leszczynski [EMAIL PROTECTED]
Re: Be carefull with apache 1.3.24
On 3/23/02 8:01 PM, Pedro Melo Cunha wrote: The problem is that 1.3.24 final also has that bug: only the last set-cookie will reach your browser. Another problem that bit me is that 1.3.24 mod_proxy is returning HTTP/1.1 chunked encoding responses to HTTP/1.0 clients: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7513 (For those who might not know it if they saw it, chunked encoding adds a length (specified in hex) at the very beginning of a response, and a zero at the end.) Larry Leszczynski [EMAIL PROTECTED]
Re: Apache::Session and frames
Hi Michael -
I'm using Apache::Session and cookies to perform session management. In
watching the debug messages in my error_log, I can see that the cookie
is created, the session is created, and all subsequent calls correctly
loads the session. However, part of the design for my web application
requires the use of frames, with several frames containing mod_perl
generated data. Each one of those frames relies on using the session. I
wouldn't think this would be a problem, except that some of the frames
cannot tie to the datastore, and as a result create new sessions.
We had similar problems with a frameset scheme - the browser requests the
page containing the frameset definition and then almost simultaneously
requests each of the pages that must be loaded into each frame, and
confusion ensues. What worked for us (I don't know for sure if this will
help you) was to turn on the Transaction flag during the session tie,
e.g.:
tie %s, 'Apache::Session::File', $id {
Directory = '/tmp/sessions',
LockDirectory = '/var/lock/sessions',
Transaction = 1
};
which should (depending on the underlying session mechanism) provide
transactional consistency. In our case it helped prevent data loss that
was occurring while each of the frameset pages was simultaneously
monkeying with the session.
Larry Leszczynski
[EMAIL PROTECTED]
Re: [OT] New Micro$oft vulnerability?
Hi Nat - Whoops! Returning OK terminates the PostReadRequest phase, apparently. Changing that to return DECLINED made PerlSetEnv work again. Sorry, Nat Before reading your post I had implemented a similar handler, although I put it in as a TransHandler, so I guess I should move it to PostReadRequest to pick things up a little earlier. I'm returning DONE in mine when I spot a bad request, which also seems to prevent any logging from happening without defining a LogHandler. Hitting it with a browser gets me a document contained no data message. I'm just curious about the relative merits of returning DONE vs returning BAD_REQUEST in both PostReadRequestHandler and LogHandler. Larry Leszczynski [EMAIL PROTECTED]
Apache::Session::File and free memory weirdness
Hi All - I'm running Apache, mod_perl and HTML::Mason on Solaris 2.6, and using Apache::Session::File for session management. I've been monitoring free memory as reported by top, and I'm seeing some behavior that is totally baffling me. (If you're interested, there's a graph at: http://www.furph.com/graph.png) Here's the scenario: Around 6 AM, when things are relatively quiet, the graph shows about 1.3GB free memory (out of 4GB total). As traffic picks up during the course of the day, free memory drops to about 300MB by 3 or 4 PM. So far so good, no big surprise - there's a lot more httpd processes running so you'd expect more memory in use. Odd thing #1: As it gets into evening time, load on the machine drops off and there are fewer httpd children running, but I am not seeing free memory return to that 1.3GB level. At most it comes back up to 400MB or so. I don't think the httpd children are hanging on to memory, because they cycle through pretty quickly - MaxRequestsPerChild is set to 512 and none of the processes are ever more than a couple minutes old when I look in. Is there any reason to think the parent httpd process would hang on to anything? Odd thing #2: (This part seems most bizarre to me.) At 5:15 AM, we run a Perl script that finds and deletes Apache::Session::File session and lock files that are older than 28 days. Usually there are about 50,000 old files that get deleted out of about 2,300,000 total. Almost immediately, free memory on the machine jumps back up to 1.3GB. What's up with that? If I run the script during the middle of the day, when things are busier, I still see the free memory jump up although not all the way to 1.3GB - maybe to 800MB or so. Because of the rate the httpd children cycle, I don't think it's possible any of them could be holding open filehandles to session files that haven't changed for 28 days. Is there something weird about the way top reports free memory? The numbers I get seem consistent with the free column from vmstat. Why would deleting a bunch of files free up 1GB of memory? Any ideas or explanations would be much appreciated! Thanks! Larry Leszczynski [EMAIL PROTECTED]
[OT] Lightweight CGI.pm - Why?
Hi all - Just curious because it seems to come up a lot - for what applications have people run into a serious need for HTML generators ala CGI.pm? (I'm not talking about templating systems, there's obvious need and practical use for those.) It seems like people like to use the HTML generating features of CGI.pm. I've generated a lot of HTML, and I haven't run into any situations where I would do something like this: print table( -align = center, tr( td( foo ), td( bar ), ), ) ; instead of just doing this: print EOF; table align=center tr tdfoo/td tdbar/td /tr /table EOF Seems like the same amount of typing, it's easier (for me anyway) to read and understand, and faster. What am I missing? Thanks, Larry Leszczynski [EMAIL PROTECTED]
Re: modify Server header via a handler
Hi Matt - Actually I lied! It is possible, though only from XS. I just added a module_init section to AxKit's config directives, and now I get: # HEAD http://axkit.org/ | grep Server Server: Apache/1.3.17 (Unix) AxKit (1.3_96) mod_perl/1.25 Now you just need the Netcraft folks to start scanning for AxKit :-) Could you share the code you used to do this? Thanks! Larry Leszczynski [EMAIL PROTECTED]
Re: mac_check in eagle book
Hi Eric - I was wondering if someone could explain to me why in the eagle book it is necessary to perform an md5 twice before sending a mac_check to a user of a number of fields. I read in the mod_perl book that this is done 'to prevent technically savy users from appending data to the @fields'. my $mac_check = md5_hex($secret, md5_hex(join '', $secret, @fields)); disclaimer I am not a crypto expert /disclaimer There is a good explanation starting on page 5 of this: ftp://ftp.rsasecurity.com/pub/cryptobytes/crypto1n1.pdf Basically because the algorithm is iterative and pads the length of input data to multiples of 512 bits, you can start with a MAC that came from MD5(secret + data), and use it to create a new MAC that corresponds to MD5(secret + data + pad + appended_data), without ever knowing what the original secret was. As an alternative to MD5(secret + data), the authors recommendations include: MD5(secret + MD5(secret + data) ) or possibly better: MD5(secret1 + MD5(secret2 + data) ) Hope this helps! Larry Leszczynski [EMAIL PROTECTED]
Re: Does mod_perl have anything to do with KeepAlive?
Hi All - I'm hoping for some enlightenment about how KeepAlive is implemented in Apache and whether KeepAlive even comes into play when front-end and back-end mod_perl servers communicate with each other via HTTP. I suppose I shouldn't have started off my previous post with such a general-sounding comment. Thanks for all the pointers to the KeepAlive section in the mod_perl guide, which I have read before and which doesn't answer the questions I was asking below. I'll try rephrasing, I'm still hoping for info regarding the questions that follow: mod_backhand takes advantage of KeepAlive to speed up communications between a front-end server and a set a back-end servers that feed data to the front-end. I'm trying to figure out how that works and if I can take advantage of KeepAlive the same way using mod_perl front-end and back-end servers but without running mod_backhand. Suppose front-end server A is handling user requests. In the process of handling a front-end request, suppose I use LWP or equivalent to make a HTTP request from A to a back-end server B to get some data that is needed. Assuming all the right headers are set for KeepAlive to work (content length, etc.), can the connection between A and B even take advantage of KeepAlive for the next time A makes the same request to B? One problem is that I'm not sure what processes would actually be "keeping" the ends of the "kept alive" connections. At each end, would it be the parent httpd process, or the individual httpd child process that made/answered the request? I'm thinking that if A had to fork a CGI that in turn talked to B, the kept-alive connection would be lost as soon as the CGI process on A died (socket timeouts notwithstanding). But what if the request from A to B is made from within a mod_perl module, or within an Apache::Registry script? Along the same line of thought (assuming this has made any sense so far), what happens when you throw ProxyPass/ProxyPassReverse into the mix? What (if anything) can be done to take advantage of KeepAlive then? Thanks, Larry Leszczynski [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Does mod_perl have anything to do with KeepAlive?
Hi All - I'm hoping for some enlightenment about how KeepAlive is implemented in Apache and whether KeepAlive even comes into play when front-end and back-end mod_perl servers communicate with each other via HTTP. Suppose front-end server A is handling user requests. In the process of handling a front-end request, suppose I use LWP or equivalent to make a HTTP request from A to a back-end server B to get some data that is needed. Assuming all the right headers are set for KeepAlive to work (content length, etc.), can the connection between A and B even take advantage of KeepAlive for the next time A makes the same request to B? One problem is that I'm not sure what processes would actually be "keeping" the ends of the "kept alive" connections. At each end, would it be the parent httpd process, or the individual httpd child process that made/answered the request? I'm thinking that if A had to fork a CGI that in turn talked to B, the kept-alive connection would be lost as soon as the CGI process on A died (socket timeouts notwithstanding). But what if the request from A to B is made from within a mod_perl module, or within an Apache::Registry script? Along the same line of thought (assuming this has made any sense so far), what happens when you throw ProxyPass/ProxyPassReverse into the mix? What (if anything) can be done to take advantage of KeepAlive then? Larry Leszczynski [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with single quote ' character
Hi Omri -
my $authors = $query{'authors'};
[...]
$q_authors = $dbh-quote($authors);
[...]
$sth = $dbh-prepare( "UPDATE tbl_sarah SET authors = '$authors',
It fails because you're not using the quoted version of the variables
(e.g. "$q_authors") in your prepare statement.
Using bind variables like Mike described below is still a better way to
go. Not only easier, but from what I understand (at least with Oracle) it
allows the database to cache a single update statement (the one with the
placeholders) instead of caching a new statement for each update (with
explicit column values).
The solution is simple, put the bind variables in the '$sth-execute'
and it will automagically be quoted like so:
$sth = $dbh-prepapre("UPDATE tbl_sarah SET authors = ?, title = ? WHERE
id = ?");
$sth-execute($authors, $title, $id);
use one variable per placeholder '?'. no need to use single quotes in the
SQL statement. for more info read the DBI documentation.
you wouldn't need all those '$q_var = $dbh-quote($var)' lines in the top
too.
Larry Leszczynski
[EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
