Re: lost directory indexes

2014-09-14 Thread Ruben Safir 
On 09/15/2014 12:22 AM, Ruben Safir wrote:
> 
> I added a perl handler to my apache setup and I can't understand why I'm
> losing the directory listings in my image and doc directories.  I need
> to both squelch  rougue web querries
> 
> The apache conf looks like this:
> 
> 
> ServerAdmin ru...@mrbrklyn.com
> DocumentRoot "/usr/local/apache/htdocs/brooklyn"
> ServerName brooklyn-living.com
> DirectoryIndex index.html
> PerlModule Embperl
> Embperl_UseEnvon
> ErrorLog logs/brooklyn_error_log
> CustomLog logs/brooklyn_access_log common
> 
>Options Indexes ExecCGI
>DirectoryIndex index.html
>
>SetHandler  perl-script
>PerlResponseHandler URL_BLOCK
>PerlHandler Embperl
>
>AllowOverride None
>Order allow,deny
>Allow from all
> 
>  
> Options Indexes FollowSymLinks
> SetHandler  perl-script
> PerlResponseHandler URL_BLOCK
> 
> 
> 
> 
> and the URL_BLOCK script looks like this:
> package URL_BLOCK;
> 
> use strict;
> use Apache2::RequestRec ();
> use Apache2::RequestIO ();
> use Apache2::Const -compile => qw(:common);
> 
> sub handler{
> my $r = shift;
> my $gate = $r->unparsed_uri;
> print STDERR "YO $gate\n";
> return Apache2::Const::DECLINED unless defined $gate;
> if ($gate =~ m{///}){
> print STDERR "I have a match\n";
> $r->log_reason("Access Forbidden", $r->filename);
> return Apache2::Const::FORBIDDEN;
> }
> return Apache2::Const::DECLINED;
> 
> }
> 
> 1;
> 
> 

Oh yeah --

Server version: Apache/2.2.23 (Unix)
Server built:   Dec  9 2012 17:26:38

lost directory indexes

2014-09-14 Thread Ruben Safir 

I added a perl handler to my apache setup and I can't understand why I'm
losing the directory listings in my image and doc directories.  I need
to both squelch  rougue web querries

The apache conf looks like this:


ServerAdmin ru...@mrbrklyn.com
DocumentRoot "/usr/local/apache/htdocs/brooklyn"
ServerName brooklyn-living.com
DirectoryIndex index.html
PerlModule Embperl
Embperl_UseEnvon
ErrorLog logs/brooklyn_error_log
CustomLog logs/brooklyn_access_log common

   Options Indexes ExecCGI
   DirectoryIndex index.html
   
   SetHandler  perl-script
   PerlResponseHandler URL_BLOCK
   PerlHandler Embperl
   
   AllowOverride None
   Order allow,deny
   Allow from all

 
Options Indexes FollowSymLinks
SetHandler  perl-script
PerlResponseHandler URL_BLOCK




and the URL_BLOCK script looks like this:
package URL_BLOCK;

use strict;
use Apache2::RequestRec ();
use Apache2::RequestIO ();
use Apache2::Const -compile => qw(:common);

sub handler{
my $r = shift;
my $gate = $r->unparsed_uri;
print STDERR "YO $gate\n";
return Apache2::Const::DECLINED unless defined $gate;
if ($gate =~ m{///}){
print STDERR "I have a match\n";
$r->log_reason("Access Forbidden", $r->filename);
return Apache2::Const::FORBIDDEN;
}
return Apache2::Const::DECLINED;

}

1;

Re: mod_perl and utf8 and CGI->param

2014-09-14 Thread Joe Schaefer 
apreq validates anything it presents as utf8, otherwise it marks it as ISO88591 
or some windows encoding I don't remember the name of if that fails.



On Monday, September 8, 2014 3:17 PM, André Warnier  wrote:
 


Michael Schout wrote:

> On 9/2/14, 4:19 PM, Randal L. Schwartz wrote:
> 
>>   ## ensure utf8 CGI params:
>>   $CGI::PARAM_UTF8 = 1;
> 
> Sorry to chime in late on this, but part of the problem with CGI.pm and
> UTF-8 is that PARAM_UTF8 gets clobbered by a cleanup handler that CGI.pm
> itself registers if its running under mod_perl.
> 
> This caused major headaches for me at one time until I figured this out.
> 
> You have to make sure to set $CGI::PARAM_UTF8 early, and FOR EVERY
> REQUEST, because if you just set it globally (e.g.: in a startup perl
> script), then it only works for the first request.
> 

Hi.
Just an addendum to the discussion :

There are really two distinct approaches to this issue, and they work at 
different levels :

1) is to "fix" CGI.pm so that it delivers the parameters in the way which you 
expect.
As shown by the previous valuable and technical contributions, this generally 
works, but 
it requires a certain level of expertise; and it does not necessarily work 
backwards with 
all versions of mod_perl and CGI.pm.

2) is to take whatever CGI.pm does deliver to the calling script or module, and 
use a 
couple of tricks and some additional code in ditto script or module, to ensure 
that 
whatever CGI.pm delivers under whatever mod_perl version, the receiving script 
or module 
always knows in the end what it is dealing with.
That is the method which I presented early in the discussion.
As stated in that contribution, it is not necessarily the most elegant or 
efficient way to 
deal with the issue, but it has the advantage of working always, no matter 
which version 
of CGI.pm and/or mod_perl are in use.

The real crux of the matter is this, in my view : as things stand today in 
terms of 
protocol and RFCs, there is no real way for CGI.pm (or any comparable 
framework) to be 
*sure* of the encoding of the data sent by a browser or another HTTP client 
agent.  Even 
the RFCs do not really provide a way by which this can be enforced. (*)

So if you are sure of what the client is sending, and the matter consists of 
*forcing* 
CGI.pm to always communicate POST (or GET) data as UTF-8 encoded and 
utf8-marked (or the 
opposite) to the calling script/module, then method 1 will work, and it is more 
elegant 
and probably more efficient than method 2.

But if the matter consists of ensuring that the receiving code in the 
script/module which 
  handles the data submitted by the HTTP client, is resilient and "does the 
right thing" 
whatever the submitted data really was, then in my opinion method 2 is better.
(But that's only my opinion of the moment, and I stand ready to be corrected).

(*) and if you believe this not to be true, please send me some references 
about it, 
because I am really interested. It might save me some code in all my web-facing 
applications.

Undefined symbol "modperl_io_perlio_restore_stdout"

2014-09-14 Thread Bernard T. Higonnet 

-8<-- Start Bug Report 8<--
1. Problem Description:

Can't even start tests...

waiting 120 seconds for server to start: .httpd: Syntax error on line 13 
of /tmp/mod_perl-2.0.8/t/conf/httpd.conf: Cannot load 
/tmp/mod_perl-2.0.8/src/modules/perl/mod_perl.so into server: 
/tmp/mod_perl-2.0.8/src/modules/perl/mod_perl.so: Undefined symbol 
"modperl_io_perlio_restore_stdout"



2. Used Components and their Configuration:

*** mod_perl version 2.08

*** using /tmp/mod_perl-2.0.8/lib/Apache2/BuildConfig.pm

*** Makefile.PL options:
  MP_APR_LIB => aprext
  MP_APXS=> /usr/local/apache2/bin/apxs
  MP_COMPAT_1X   => 1
  MP_GENERATE_XS => 1
  MP_LIBNAME => mod_perl
  MP_USE_DSO => 1


*** /usr/local/apache2/bin/httpd -V
Server version: Apache/2.2.29 (Unix)
Server built:   Sep 14 2014 12:19:19
Server's Module Magic Number: 20051115:36
Server loaded:  APR 1.5.1, APR-Util 1.5.3
Compiled using: APR 1.5.1, APR-Util 1.5.3
Architecture:   32-bit
Server MPM: Prefork
  threaded: no
forked: yes (variable process count)
Server compiled with
 -D APACHE_MPM_DIR="server/mpm/prefork"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_FLOCK_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/usr/local/apache2"
 -D SUEXEC_BIN="/usr/local/apache2/bin/suexec"
 -D DEFAULT_PIDLOG="logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_LOCKFILE="logs/accept.lock"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

*** /usr/bin/ldd /usr/local/apache2/bin/httpd
/usr/local/apache2/bin/httpd:
libldap-2.4.so.2 => /usr/local/lib/libldap-2.4.so.2 (0x28144000)
liblber-2.4.so.2 => /usr/local/lib/liblber-2.4.so.2 (0x28183000)
libm.so.5 => /lib/libm.so.5 (0x2819)
libexpat.so.6 => /usr/local/lib/libexpat.so.6 (0x281b2000)
libcrypt.so.5 => /lib/libcrypt.so.5 (0x281d5000)
libthr.so.3 => /lib/libthr.so.3 (0x281f8000)
libc.so.7 => /lib/libc.so.7 (0x2821a000)
libssl.so.7 => /usr/lib/libssl.so.7 (0x28384000)
libcrypto.so.7 => /lib/libcrypto.so.7 (0x283de000)


*** (apr|apu)-config linking info

 -L/usr/local/apache2/lib -laprutil-1 -lldap -llber-lexpat 
-L/usr/local/lib

 -L/usr/local/apache2/lib -lapr-1 -lcrypt  -lpthread



*** /usr/local/bin/perl -V
Summary of my perl5 (revision 5 version 16 subversion 3) configuration:

  Platform:
osname=freebsd, osvers=10.0-release-p7, 
archname=i386-freebsd-thread-multi-64int
uname='freebsd 10i386-default-job-04 10.0-release-p7 freebsd 
10.0-release-p7 i386 '
config_args='-sde -Dprefix=/usr/local 
-Darchlib=/usr/local/lib/perl5/5.16/mach 
-Dprivlib=/usr/local/lib/perl5/5.16 -Dman3dir=/usr/lo
config_args='-sde -Dprefix=/usr/local 
-Darchlib=/usr/local/lib/perl5/5.16/mach 
-Dprivlib=/usr/local/lib/perl5/5.16 
-Dman3dir=/usr/local/lib/perl5/5.16/perl/man/man3 
-Dman1dir=/usr/local/man/man1 
-Dsitearch=/usr/local/lib/perl5/site_perl/5.16/mach 
-Dsitelib=/usr/local/lib/perl5/site_perl/5.16 -Dscriptdir=/usr/local/bin 
-Dsiteman3dir=/usr/local/lib/perl5/5.16/man/man3 
-Dsiteman1dir=/usr/local/man/man1 -Ui_malloc -Ui_iconv 
-Uinstallusrbinperl -Dcc=cc -Duseshrplib -Dinc_version_list=none 
-Dccflags=-DAPPLLIB_EXP="/usr/local/lib/perl5/5.16/BSDPAN" 
-Doptimize=-O2 -pipe -fno-strict-aliasing -Ui_gdbm -Dusethreads=y 
-Dusemymalloc=n -Duse64bitint'

hint=recommended, useposix=true, d_sigaction=define
useithreads=define, usemultiplicity=define
useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
use64bitint=define, use64bitall=undef, uselongdouble=undef
usemymalloc=n, bincompat5005=undef
  Compiler:
cc='cc', ccflags ='-DAPPLLIB_EXP="/usr/local/lib/perl5/5.16/BSDPAN" 
-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe 
-fstack-protector -I/usr/local/include',

optimize='-O2 -pipe -fno-strict-aliasing',
cppflags='-DAPPLLIB_EXP="/usr/local/lib/perl5/5.16/BSDPAN" 
-DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe 
-fstack-protector -I/usr/local/include'
ccversion='', gccversion='4.2.1 Compatible FreeBSD Clang 3.3 
(tags/RELEASE_33/final 183502)', gccosandvers=''

intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=12345678
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
ivtype='long long', ivsize=8, nvtype='double', nvsize=8, 
Off_t='off_t', lseeksize=8

alignbytes=4, prototype=define
  Linker and Libraries:
ld='cc', ldflags ='-pthread -Wl,-E  -fstack-protector -L/usr/local/lib'
libpth=/usr/lib /usr/local/lib
libs=-lm -lcrypt -lutil
perllibs=-lm -lcrypt -lutil
libc=, so=so, useshrplib=true, libperl=libperl.so
gnulibc_version=''
  Dynamic Link

Re: Perl Authorization handler called before authentication handler

2014-09-14 Thread Lathan Bidwell 
>On Fri, Sep 12, 2014 at 02:25:49PM -0400, Lathan Bidwell wrote:

> >> The documentation for the AuthType field does not seem to give examples
> for
> >> custom auth handlers.
> >>
> >> The AuthType I put in is the package name that has the auth subroutines
> in
> >> it.
> >>
> >> This is pulled from other examples, including Apache2::AuthCookie
> where they set it to their module name.
> >>
> >> None of the options listed there seem applicable to me:
> >>listed where?  in Apache2::AuthCookie?  I'm not following but never mind.
> >>
> >> I'm not using basic auth, I'm not using mod_auth_digest, or
> mod_auth_form,
> >> and I don't have no auth... so it doesn't seem right to use AuthType
> None.
> >>
> >I'm not suggesting you do and the config snippet I pasted from the
> originally referenced URL didn't either.
> > (That AuthType setting was working fine in Apache 2.2)
> >... but it's all changed in 2.4 ?

Yes, The config posted is what we've tried to upgrade our previous config
to

> >

>But I'm going to butt out of this converstaion because
>>
>> >
>
> >
>
> >(a) I'm just coming to grips with it all myself
>
I still welcome your viewpoint

> >(b) I can't cope with top-posting and the conversation getting all mixed
> up.
>
My apologies for the top-posting, my mail client makes it a little
difficult to respond inline

>
> >Kind regards
> >
> >Lesley
> >
>
Thank you for your help,
Lathan