Re: Apache::Authensmb with Windows Advanced Server 2003

2003-08-24 Thread speeves 
Hamish Moffatt wrote:

Hello Shannon,

Are you aware of any problems with Apache::Authensmb talking to
a Windows Advanced Server 2003 server?
Thanks,
Hamish
 

I'm afraid that I don't have a machine that is running Windows Advanced 
Server 2003...

My guess is that this URL might contain the answer to the problem:

http://lists.samba.org/pipermail/samba/2003-May/095207.html

Here is an excerpt:

!---

/ So, W2K doesnt need SMB-packets signatures and we have no problems, but we 
// want it to work with Windows 2003. Whats the difference between Windows 2000 
// and Windows 2003 when it comes to security signatures of SMB-packets? 
/
By default, a Windows Server 2003 requires signature of SMB packets (at
least, a Windows Server 2003 DC).

/ Can we disable signatures in Windows 2003 Server or do we have to make
// some changes in Red Hat/Samba? Is ther another way to get around this
// problem?
/
Yes, you can look for the following security option
Microsoft network server: Digitally sign commnunications (always) :

and set it to Disabled, instead of Enabled.

This security option modifies the following registry value:

Key: HKLM\SYSTEM\CCS\Service\lanmanserver\parameters\
Value: RequireSecuritySignature
Content: 0 to disable, 1 to enable
If you don't want to reboot after that change, you can stop the srv.sys
driver and services that depend on it using the following command:
C:\net stop srv

Then, you can restart it, as well as the services that depend on it
(in particular, netlogon)
C:\net start srv 

---

Let me know if that's it,
speeves
cws




--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

modperl2 Apache::HTTP_FORBIDDEN and Apache::HTTP_INTERNAL_SERVER_ERRORimplemented?

2003-07-15 Thread speeves 
Hi!

Just wondering if Apache::HTTP_FORBIDDEN and 
Apache::HTTP_INTERNAL_SERVER_ERROR have been implemented?  I have been 
trying to port Apache::AuthenNTLM, and keep getting:

[Tue Jul 15 16:46:08 2003] [error] failed to resolve handler 
`Apache::AuthenNTLM'
[Tue Jul 15 16:46:08 2003] [error] [client 192.168.1.2] Bareword 
Apache::HTTP_FORBIDDEN not allowed while strict subs in u
se at /usr/local/lib/perl/5.6.1/Apache/AuthenNTLM.pm line 593.
Bareword Apache::HTTP_INTERNAL_SERVER_ERROR not allowed while strict 
subs in use at /usr/local/lib/perl/5.6.1/Apache/Authe
nNTLM.pm line 597.
Bareword Apache::HTTP_INTERNAL_SERVER_ERROR not allowed while strict 
subs in use at /usr/local/lib/perl/5.6.1/Apache/Authe
nNTLM.pm line 632.
BEGIN not safe after errors--compilation aborted at 
/usr/local/lib/perl/5.6.1/Apache/AuthenNTLM.pm line 671.
Compilation failed in require at (eval 10) line 3.

in the error_log.  I have other constants that are imported from 
Apache::Const, so do not think that it is a problem with scope...  Here 
is the code:

line 593 --  return $self-{ntlmauthoritative} ? (defined($nonce) ? (MP2 
? Apache::HTTP_FORBIDDEN : Apache::Constants::HTTP_
FORBIDDEN) : (MP2 ? Apache::HTTP_INTERNAL_SERVER_ERROR : 
Apache::Constants::HTTP_INTERNAL_SERVER_ERROR)) : (MP2 ? Apache::DE
CLINED : Apache::Constants::DECLINED) ;

and

line 632 --- # return MP2 ? Apache::HTTP_INTERNAL_SERVER_ERROR : 
Apache::Constants::HTTP_INTERNAL_SERVER_ERROR ;

If you need more, let me know.

thanks,
speeves
cws

Re: modules that work with both modperl1 and 2

2003-06-09 Thread speeves 
Stas Bekman wrote:

Shannon Eric Peevey wrote:

Perrin Harkins wrote:

On Mon, 2003-06-09 at 13:57, Shannon Eric Peevey wrote:

To answer your original question, Apache::Peek on CPAN now works with 
both mod_perl versions. And while it uses separate implementations for 
each version, the test suite uses the same code to test both.

Yeah, I've been messing with that, but it seems to me that I need 
something similar to a preprocessor directive, where I can load the 
appropriate use MODULE lines into the module bases upon which 
version of modperl they have installed.  Is it possible to use the 
BEGIN {} subroutine as this?
  


You don't need a preprocessor.  You can call require inside an if/else
conditional, unlike use() statements which run at compile time and skip
the conditional logic.
For example:

if ($mod_perl::VERSION = 1.99) {
 require Apache2::Module;
 import Apache2::Module;
} else {
 require Apache1::Module;
 import Apache1::Module;
}
You can put that whole construct in a BEGIN block if you want to.  That
will make it run before the rest of the code in the current package.
- Perrin

Ok, I'm back... :(  Here is the code, modified to use require:

use mod_perl;

# setting the constants to help identify which version of mod_perl
# is installed
use constant MP2 = ($mod_perl::VERSION = 1.99);
# test for the version of mod_perl, and use the appropriate libraries
# if (!MP2) { use Apache::Constants qw(:common); }
if (MP2) {
   require Apache::Const;
   import Apache::Access;
   require Apache::Access;
   import Apache::Access;
   require Apache::Connection;
   import Apache::Connection;
   require Apache::Log;
   import Apache::Log;
   require Apache::RequestRec;
   import Apache::RequestRec;
   require Apache::RequestUtil;
   import Apache::RequestUtil;
}


You don't need to import anything, since none of these modules import 
anything. Just require will do.

Here is the code that is coughing up the error:

 102   #Look for user based on UIDAttr
   103
   104my $attrs = ['dn'];
   105   $mesg = $ldap-search(
   106   base = $basedn,
   107   scope = 'sub',
   108   filter = ($uidattr=$user),
   109   attrs = $attrs
   110  );
   111
   112 if (my $error = $mesg-code())
   113{
   114 $r-note_basic_auth_failure;
   115 MP2 ? $r-log_error(user $user: LDAP Connection 
Failed: $error,$r-uri) : $r-log_reason(us
er $user: LDAP Connection Failed: $error,$r-uri);
   116 MP2 ? return Apache::Log-HTTP_UNAUTHORIZED : return 
Apache::Constants-HTTP_UNAUTHORIZED;


this should be:

return MP2 ? Apache::HTTP_UNAUTHORIZED : 
Apache::Constants::HTTP_UNAUTHORIZED;

and before the handler (at the top of your module) you need to add:

BEGIN {
if (MP2) {
require Apache::Const;
Apache::Const-import(-compile = 'HTTP_UNAUTHORIZED');
}
else {
require Apache::Constants;
Apache::Constants-import('HTTP_UNAUTHORIZED');
}
}
See:
http://search.cpan.org/src/STAS/Apache-Peek-1.01/t/response/TestApachePeek/basic.pm 


   117}
   118
   119unless ($mesg-count())
   120{
   121 $r-note_basic_auth_failure;
   122 MP2 ? $r-log_error(user $user: user entry not found 
for filter: $uidattr=$user,$r-uri) : $
r-log_reason(user $user: user entry not found for filter: 
$uidattr=$user,$r-uri);
   123 MP2 ? return Apache::Log-HTTP_UNAUTHORIZED : return 
Apache::Constants-HTTP_UNAUTHORIZED;
   124}

And, here is the error that I am getting in the Apache2 logs, (using 
mod_perl 1.99_09)

[Mon Jun 09 13:45:30 2003] [error] user asdf: user entry not found 
for filter: uid=asdf/
[Mon Jun 09 13:45:30 2003] [error] [client 127.0.0.1] Can't locate 
object method HTTP_UNAUTHORIZED via package Apache::Log (perhaps 
you forgot to load Apache::Log?) at 
/usr/local/share/perl/5.6.1/Apache/AuthNetLDAP.pm line 123.

As you can see, it is running everything up to the HTTP_UNAUTHORIZED 
constant...

If you have any ideas, I would greatly appreciate it. :)

Thanks,
speeves
cws
PS.  As a matter of fact, I get the same error when using use 
instead...  (Possibly a screwed perl or mod_perl installation?  I'm 
running debian woody, apache 2.0.46, perl 5.6.1, mod_perl 1.99_09.)




Hi!

That did it!!!  Thank you so much for your patience and help with all 
that I am working on here.  After I test these changes on modperl 1 
tomorrow, I should be able to upload it to CPAN, and it will be ready 
for prime-time...  (fingers crossed ;) )

Most humbly yours,
speeves
cws