Re: Odd behavior with IO::Socket::SSL and mod_perl 2.0.8

Mon, 24 Nov 2014 20:53:50 -0800

So, it turns out that IO::Socket::SSL v2.005 -- in particular, the PublicSuffix.pm -- wasn't thread-safe, which was causing it to fail in the mod_perl environment. They released v2.006 over the weekend, which addresses this issue (as well as others). I did verify today that the new version works well. 

Thanks for listening!
Michael

Michael A. Capone wrote:

Hello,

I'll try not to make this too convoluted... :)
The latest version of IO::Socket::SSL on CPAN is v2.005 and includes a module IO::Socket::SSL::PublicSuffix. When attempting to use this version of IO::Socket::SSL in modperl, we got a strange 500 Internal Server error. Some debugging led to PublicSuffix.pm. Lines 291-301 of that file basically read in data from the __DATA__ section at the end of the file, until they hit a particular marker. The way the code is written to do it works fine on the command line, but fails in mod_perl. 

I distilled the whole thing down to a trivial registry cgi:

##################################################################
print "Content-type: text/plain\n\n";

my $test = _default_data();

print "length of test is " . length($test) . "\n";
# this block here is directly copied from lines 291-301 of PublicSuffix.pm 
{
   my $data;
   sub _default_data {
   if ( ! defined $data ) {
       $data = do { local $/; <DATA> };
       $data =~s{^// ===END ICANN DOMAINS.*}{}ms
       or die "cannot find END ICANN DOMAINS";
   }
   return $data;
   }
}

__DATA__

// ===BEGIN ICANN DOMAINS===

edu.ac

// zone : 2013-11-14 Outer Falls, LLC
zone

// ===END ICANN DOMAINS===
// ===BEGIN PRIVATE DOMAINS===

za.org

// ===END PRIVATE DOMAINS===
##################################################################
If you run that cgi on the command line, it correctly prints "length of test is 83"; in a mod_perl environment, it yields:
[Fri Nov 21 11:23:28 2014] [error] cannot find END ICANN DOMAINS at /usr/local/mysite/www/cgi-bin/test.cgi line 12.\n
My gut-level feeling is that the writers of that code are committing some mod-perl sin somewhere. The line: 
  $data = do { local $/; <DATA> };
... yields an empty $data in mod_perl.
The problem is, IO::Socket::SSL is used by LWP::UserAgent, which is probably used by a ton of mod-perl scripts out there. 
My questions, then, are:

1) can you fine folk reproduce this?
2) what would be the best way to address it?

Thanks!
Michael

Reply via email to