RE: Easy Newbie mod_perl installation question

[John Walker]

layouts seem to be defined in:

../apache_1.3.x/config.layout

John

 -Original Message-
 From: Andy Emmerich [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, March 08, 2001 2:48 AM
 To: [EMAIL PROTECTED]
 Subject: Easy Newbie mod_perl installation question
 
 
 When mod_perl's Makefile builds the new httpd in the /src directory, 
 where does it get the apache layout from?  Currently, my build with 
 modperl is looking for httpd.conf in /usr/local/apache, which 
 is not my 
 apache source directory.  I've put the actual directory in 
 every place I 
 can, from the apache source dir's layout file to the Makefile.PL's 
 APACHE_SRC value.  What am I missing?
 
 Thanks, and my apologies if this is already in the archive 
 somewhere and 
 I missed it!
 
 Andy Emmerich
 CS/Engineering Undergrad
 University of Illinois
 

RE: Make test hangs on httpdconf

[John Walker]

 -Original Message-
 From: Stas Bekman [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, March 06, 2001 10:08 AM
 To: John Walker
 Cc: '[EMAIL PROTECTED]'
 Subject: RE: Make test hangs on httpdconf
 
 
  Actually, it seems I've screwed things up worse than that. 
[...]

 try to run the test under strace
   % strace perl t/TEST ...
[...]
 Alternatively, you can attach to the hanging process

fails on the same test still and I've reaquired the source, and done the
simplest of build from you guide. (And there aren't any errors in the
build.)

I've attached a txt file containing the output of strace -p. It doesn't mean
much to me, but perhaps you will see something meaningful. One line did
strike me as odd, but I got it again even after downloading a new tarball.
(No the file is not there...why do we test for it?)

open("/usr/src/mod_perl-1.25/t/.htaccess", O_RDONLY) = -1 ENOENT (No such
file or directory)

In the mean time, I have done a few other things to try to resolve the
problem. I am using Debian linux for the first time, and since I am familiar
with CPAN module shell, I uninstalled all the .deb perl files (except the
required base package) and then reinstalled everything through CPAN. CPAN
tells me (cpan r) that I should upgrade Test::Harness, but when I try this
also fails. I don't know if this is related, but the name coincidence
strikes me as odd.

What could underly both of these and cause my problems? (I think my gcc
envirnment is pretty good... I was able to build a new 2.4 kernel with it
anyway...)

Thanks for the help,
John



From: root [[EMAIL PROTECTED]]
Sent: Thursday, March 08, 2001 2:42 PM
To: John Walker

accept(16, {sin_family=AF_INET, sin_port=htons(32845), 
sin_addr=inet_addr("127.0.0.1")}}, [16]) = 3
rt_sigaction(SIGUSR1, {SIG_IGN}, {0x809f294, [], SA_INTERRUPT|0x400}, 8) = 0
getsockname(3, {sin_family=AF_INET, sin_port=htons(8529), 
sin_addr=inet_addr("127.0.0.1")}}, [16]) = 0
setsockopt(3, IPPROTO_TCP1, [1], 4) = 0
alarm(300)  = 0
read(3, "GET /test.html HTTP/1.0\r\nHost: l"..., 4096) = 79
rt_sigaction(SIGUSR1, {SIG_IGN}, {SIG_IGN}, 8) = 0
time(NULL)  = 984080384
alarm(300)  = 300
alarm(0)= 300
rt_sigaction(SIGALRM, NULL, {0x809def4, [], SA_RESTART|0x400}, 8) = 0
dup2(15, 2) = 2
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
stat("/usr/src/mod_perl-1.25/t/docs/test.html", {st_mode=S_IFREG|0644, st_size=566, 
...}) = 0
open("/usr/src/mod_perl-1.25/t/.htaccess", O_RDONLY) = -1 ENOENT (No such file or 
directory)
open("/usr/src/mod_perl-1.25/t/docs/.htaccess", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0666, st_size=1, ...}) = 0
fstat(4, {st_mode=S_IFREG|0666, st_size=1, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x40015000
read(4, " ", 4096)  = 1
read(4, "", 4096)   = 0
read(4, "", 4096)   = 0
close(4)= 0
munmap(0x40015000, 4096)= 0
open("/usr/src/mod_perl-1.25/t/docs/test.html", O_RDONLY) = 4
old_mmap(NULL, 566, PROT_READ, MAP_PRIVATE, 4, 0) = 0x40015000
alarm(300)  = 0
alarm(0)= 300
alarm(300)  = 0
alarm(300)  = 300
alarm(0)= 300
close(4)= 0
select(4, [3], NULL, NULL, {0, 0})  = 0 (Timeout)
write(3, "HTTP/1.1 200 OK\r\nDate: Thu, 08 M"..., 839) = 839
alarm(30)   = 0
shutdown(3, 1 /* send */)   = 0
select(4, [3], NULL, NULL, {2, 0})  = 1 (in [3], left {2, 0})
read(3, "", 512)= 0
close(3)= 0
alarm(0)= 30
rt_sigaction(SIGUSR1, {0x809f294, [], SA_INTERRUPT|0x400}, {SIG_IGN}, 8) = 0
alarm(0)= 0
munmap(0x40015000, 566) = 0
rt_sigaction(SIGALRM, {0x809def4, [], SA_RESTART|0x400}, {0x809def4, [], 
SA_RESTART|0x400}, 8) = 0
accept(16, {sin_family=AF_INET, sin_port=htons(32846), 
sin_addr=inet_addr("127.0.0.1")}}, [16]) = 3
rt_sigaction(SIGUSR1, {SIG_IGN}, {0x809f294, [], SA_INTERRUPT|0x400}, 8) = 0
getsockname(3, {sin_family=AF_INET, sin_port=htons(8529), 
sin_addr=inet_addr("127.0.0.1")}}, [16]) = 0
setsockopt(3, IPPROTO_TCP1, [1], 4) = 0
alarm(300)  = 0
read(3, "GET /test.html HTTP/1.0\r\nHost: l"..., 4096) = 79
rt_sigaction(SIGUSR1, {SIG_IGN}, {SIG_IGN}, 8) = 0
time(NULL)  = 984080384
alarm(300)  = 300
alarm(0)= 300
rt_sigaction(SIG

RE: Make test hangs on httpdconf

[John Walker]

 -Original Message-
 From: Stas Bekman [mailto:[EMAIL PROTECTED]]
 Sent: Monday, March 05, 2001 11:28 PM
 To: John Walker
 Cc: '[EMAIL PROTECTED]'
 Subject: Re: Make test hangs on httpdconf
 
 
 On Mon, 5 Mar 2001, John Walker wrote:
 
  Apache 1.3.19 / Mod_perl-1.25 on Linux 2.2 (debian)
 
[...]
  tests stall at httpdconf. I'm baffeled by the errors logs. 
[...]
 
 As explained at:
 http://perl.apache.org/guide/install.html#Built_Server_Testing
_make_test_

You should do:
  % cd mod_perl-1.25
  % make start_httpd
  % perl t/TEST -v modules/httpdconf
  % make kill_httpd

then you will see more verbose output.


Stas,
Actually, it seems I've screwed things up worse than that. I hadn't tried
this previously, but the test still hangs at this point. I have left it
going for 20 minutes before killing, just to be on the safe side. The above
suggestion produces the same results. I have included some listings on
ap_mmn.h and I also noted the output of netstat -aen seemed a bit odd to me.
Why is the server listening on 0.0.0.0 ? Is this normal? I also get some odd
results in ps... but that could be cause I never looked while testing
before... Please note that the test does not fail, it simply goes to the
httpdconf test and stalls or hangs. Sorry for the imprecise language. I must
cancel the command (with ^C) to get back to a shell prompt.

thanks a million (as usual g),
John

netstat output:
tcp0  0 0.0.0.0:85290.0.0.0:*   LISTEN 

ps output:
john  7050  0.0  2.6  7876 6716 pts/0S07:29   0:00
../apache_1.3.19/src/httpd -f /usr/src/mod_perl-1.25/t/conf/htt
root  7059  0.0  1.5  5032 4036 pts/0S07:31   0:00 perl t/TEST
-v modules/httpdconf
root  7060  0.0  1.2  4260 3228 pts/0S07:31   0:00 perl -w
modules/httpdconf.t

ls -al `find / -name ap_mmn.h` 
(sorta)
-r--r--r--1 root root13296 Jan 15 12:04
/usr/src/mod_perl-1.25/blib/arch/auto/Apache/include/include/ap_mmn.h
-rw-r--r--1 1086 108613296 Jan 15 12:04
/usr/src/apache_1.3.19/src/include/ap_mmn.h

tail t/logs/error_log
Subroutine handler redefined at /usr/src/mod_perl-1.25/t//docs/stacked.pl
line 6.
Subroutine one redefined at /usr/src/mod_perl-1.25/t//docs/stacked.pl line
14.
Subroutine two redefined at /usr/src/mod_perl-1.25/t//docs/stacked.pl line
25.
Subroutine three redefined at /usr/src/mod_perl-1.25/t//docs/stacked.pl line
31.
Subroutine four redefined at /usr/src/mod_perl-1.25/t//docs/stacked.pl line
37.
[Tue Mar  6 07:29:59 2001] [warn] pid file
/usr/src/mod_perl-1.25/t/logs/httpd.pid overwritten -- Unclean shutdown of
previous Apache run?
Constant subroutine XHTML_DTD redefined at /usr/lib/perl5/5.005/constant.pm
line 175.
[notice] Destruction-DESTROY called for $global_object
[Tue Mar  6 07:30:00 2001] [warn] [notice] child_init for process 7050,
report any problems to [no address given]

Make test hangs on httpdconf

[John Walker]

Apache 1.3.19 / Mod_perl-1.25 on Linux 2.2 (debian)

I have been following the guide, and I wasn't too successful with the CPAN
method, so I tried the "A Summary of a Basic mod_perl Installation" method.
I didn't notice any error during the configuration or the make step. The
tests stall at httpdconf. I'm baffeled by the errors logs. I have included
the last few lines of the tests and the tail on the error log. What might
cause this?

Thanks in advance,
John

cp t/conf/mod_perl_srm.conf t/conf/srm.conf
../apache_1.3.19/src/httpd -f `pwd`/t/conf/httpd.conf -X -d `pwd`/t 
httpd listening on port 8529
will write error_log to: t/logs/error_log
letting apache warm up...\c
done
/usr/bin/perl t/TEST 0
modules/actions.ok
modules/cgi.ok
modules/constants...ok
modules/cookie..skipping test on this platform
modules/fileok
modules/httpdconf...

(^C after a few minutes)

# tail t/logs/error_log
Constant subroutine XHTML_DTD redefined at /usr/lib/perl5/5.005/constant.pm
line 175.
[notice] Destruction-DESTROY called for $global_object
[Mon Mar  5 21:56:54 2001] [warn] [notice] child_init for process 6284,
report any problems to [no address given]

[notice] child process 6284 terminating
[notice] push'd PerlChildExitHandler called, pid=6284
[notice] push'd PerlChildExitHandler called, pid=6284
[notice] push'd PerlChildExitHandler called, pid=6284
[notice] END block called for startup.pl
[notice] Destruction-DESTROY called for $global_object

UN-Authenticating users?

[John Walker]

I'm writing some stuff with CGI under mod perl. The users have to
authenticate prior to even getting to the script... However, some of my
users have more than one login with separate privlidges... (provided by
the script). I want them to be able to log out and then log back in as
someone else, but I can't quite figure out how to "UN-Authenticate".
(DE-Authenticate?)

I'm using CGI.pm under Apache::Registry, so I don't have a nice $r
object to see if I could do something like $c-user = ""; which I'm
guessing would barf anyway.

I know they can just close their browsers, but I doubt "they" know this,
and its not too elegant anyway. (To say nothing of the dreaded M$
"remember password dialog.) 

I would welcome any ideas on the topic.

John

I give up... I'm just going to follow the instructions....

[John Walker]

After fighting with RedHat SWS and never being sure if what went wrong
was my scripts' fault or some wierdness in my
Apache/mod_perl/RedHat-SSL, I'm going to follow the instructions in the
guide to make my own. (Would have saved a lot of time if I just listened
to Stas and others 2 weeks ago.) Needless to say, if I really understood
what the heck I was doing with compiling C, I probably would have taken
this step before. I'm calling on the good nature of the folks on the
list to answer three more hidiously simple questions before proceding.

1) Am I correct in thinking that the current recommended versions of the
source code for the instuctions under "mod_perl and mod_ssl (+openssl)"
in the guide would be:

Apache 1.3.9 (I know they've released 1.3.11 but haven't some people had
problems visa vi mod_perl with this version?)

mod_perl 1.21
mod_ssl 2.4.10 
OpenSSL 0.9.4

2) I am fairly familiar with RedHat's directory layout for installation
of Apache. Does " --with-layout=RedHat \" work for other ./configure
scripts or only mod_perl?

3) A question for Redhatters... Do I need to (should I) remake my own
perl too? I think RPM is going to whine hideously when I rpm -e perl.
Are there optimizations I can perform to make a better/faster binary
using the compiling tools in 6.1?

Thanks AGAIN for all the help and patience, 

John Walker

httpsd with my content handler immediately dumps core- likely causes?

[John Walker]

Hi,

I've written an Apache perl module. The module is supposed to look at
the request, and do some DBI selects in an MySQL table, then display
them with HTML::Template. There were initially some issues with scoping,
I hacked through these and eventually get the module to compile without
all the errors that cause the server not to start. 

I've got PerlModule Apache::DBI in my httpd.conf (dev.conf) and I open a
handle to my database before the sub handler {...}.

Now I get only:

[root@melanie /root]# httpsd -X -f /etc/httpd/conf/dev.conf
[Wed Jan 26 10:28:38 2000] [warn] Loaded DSO modules/libperl.so uses
plain Apache 1.3 API, this module might crash under EAPI! (plea
e it with -DEAPI)
Segmentation fault (core dumped)
[root@melanie /root]#

For the record, RedHat's response to the above warning seems to be "Well
it only matters if you're using SSL calls, and you're not, so go to
hell." ... This from a RedHat systems engineer:

It is a warning, not an error.  You may ignore it.
It simply means the modules were compiled for a non-SSL-enabled version
of Apache.  If the modules do not use any SSL functionality, there will
be no problem.

Whatever, I guess I have take their word for it (or roll my own with
Open SSL which I really can't spare the time to fight with.) Anyway,
some simpler early test versions of the module (before adding the DBI
and HTML::Template stuff) worked, so I THINK mod_perl is OK. There are
some registry scripts running against the same httpsd and mod_perl to
support this assertion.

Nothing is really showing up in the logs (the warning does, nothing
else), I'm wondering if this rings a bell with anyone. 

Perhaps someone could point me to a clearer explanation of Apache::DBI
persistent connections etc... 

I'm still a bit mystified as to the difference for scoping and name
spaces between scripts (modules) that are handlers and scripts that run
under Apache::Registry. I have read Stas's section on this AND man
APache::DBI AND perldoc DBI AND Jeff Baker's thing. Unfortunately they
didn't clear up my confuson. For various reasons (aparently including
masocisim G) I am trying to write my own handler.

Thanks,
John Walker

Bad server, Bad server, down boy! (was RE: Hey, that ain't tainted, is it?)

[John Walker]

Stas,

Thanks for all your help. I think there is something different about my
server too. I have no idea what it might be, but it really does look
like there's something going on.

Here's where I am at regarding testing and trying to track down the
problem. (Aside from pulling my hair and thinking about a total
reinstall.G)

I run the script fine under "regular" cgi; no errors. (Thanks for that
tip, hadn't thought of it.)
With PerlTaintCheck disabled in httpsd.conf it runs and produces no
errors.
With "PerlTaintCheck On" in httpsd.conf it runs and produces the
following errors:

[Tue Jan 11 09:38:12 2000] [error] Uncaught exception from user code:
  Can't upgrade that kind of scalar at
/usr/lib/perl5/site_perl/5.005/i386-linux/Apache/Registry.pm line
32.
  Apache::Registry::handler('Apache=SCALAR(0x81a78c8)') called at
/dev/null line  0
eval {...} called at /dev/null line 0

(lines wrapped badly)

I can even run it from the command prompt (Thanks to the wonders of
CGI.pm?)

[root@melanie /root]# /home/httpd/perl/hello.pl
(offline mode: enter name=value pairs on standard input)
realname=john
Content-Type: text/html

!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"
HTMLHEADTITLEHello/TITLE
/HEADBODY BGCOLOR="white"H1Hello john/H1PTo change your name,
enter it into the text field below and press EMchange name
FORM METHOD="POST"  ENCTYPE="application/x-www-form-urlencoded"
Name: INPUT TYPE="text" NAME="realname" VALUE="john"INPUT
TYPE="submit" NAME=".submit" VALUE="Change
name"/FORMHR/BODY/HTML

For the record, my Registry.pm is V 2.01 and line 32 says:
  my $filename = $r-filename;
I also noticed that "use strict;" was commented out for purposes of
"#eval'd scripts will inherit hints". Don't know what this means really,
I just mention it in case it has bearing.

Here is the script. (I know "die" produces a server error too.) Please
feel free to tell me I am an idiot and missing the obvious, just tell me
what the obvious is. I really can't begin to make sense of the error
message. What is "upgrading" a scalar?

#!/usr/bin/perl -wT
use CGI qw( :standard);
use diagnostics;
use strict;
use vars qw($realname);
$realname = param('realname') || 'Anonymous';
if ($realname =~ /^([-\@\w.]+)$/) { #untaint per perlsec
$realname = $1;
  } else {
  die "Bad data in $realname";
  }
print   header(),
start_html( -title = 'Hello', -bgcolor = 'white' ),
h1("Hello $realname"),
p(
"To change your name, enter it into the text field below and
press",
em( "change name." )
),
start_form(),
"Name: ", 
textfield( -name = 'realname' , -value = 'Anonymous'
),
submit( -value = 'Change name' ),
end_form(),
hr(),
end_html();

I tried it without "use diagnostics;" in case that was doing some
tainting. A similar but less detailed error is written to the logs:

[Tue Jan 11 09:53:17 2000] [error] Can't upgrade that kind of scalar at
/usr/lib/perl5/site_perl/5.005/i386-linux/Apache/Registry.pm

I can't test this with httpsd -x (For the predicatably stupid reason
that I'm doing development on a "production" box.) The script seems to
be running once with no input, once with input and the second time it
runs with input I get the error. (I am guessing this based on the info I
see in "top" between each attempt.) I have tried really hard to
understand (and I think I get the basics) of the scoping that you talk
about in the guide. I don't see the problem there. There's only one
variable I create and I "use var qw($realname);" so that should be OK,
right?

One other thought, I run this under regular cgi with "#!/usr/bin/perl
-wT" (also under mod_perl). Shouldn't that warn of taint problems? (Even
if PerlTaintCheck is off?) And if so, then this isn't really a tainting
problem, so why does PerlTaintCheck effect operation of the script?

Any suggestions you have will be gladly examined. 

Thanks again,
John
  
 -Original Message-
 From: Stas Bekman [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 11, 2000 2:33 AM
 To: John Walker
 Cc: '[EMAIL PROTECTED]'
 Subject: RE: Hey, that ain't tainted, is it?
 
 
  That would be ALL of it wouldn't it? G
  
  Anyway, I'm still not sure how the hello world script 
 violates the use
  of tainted data... it just goes to STDOUT (browser).
 
 may be because you load some other module which is not 
 taint-clean. Look
 at this in this way -- lots of people run more complicated code than a
 "hello world" and doesn't have a taint problem. So there is something
 different about your server. Try to remove any preload and 
 other code that
 you don't need and start afres

RE: Bad server, Bad server, down boy! (was RE: Hey, that ain't taint ed, is it?)

[John Walker]

 -Original Message-
 From: Stas Bekman [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 11, 2000 11:28 AM
 To: John Walker
 Cc: '[EMAIL PROTECTED]'
 Subject: Re: Bad server, Bad server, down boy! (was RE: Hey, 
 that ain't
 taint ed, is it?)
[...]
 I think it's your perl, try to rebuild it. Use another version... what
is
 the version that you use?


Stas,
HMM- this is a mess. I'll look into it. Thanks a million!
John

[root@melanie /root]# rpm -qa |grep perl
mod_perl-1.19-2
perl-Devel-Symdump-2.00-3
perl-HTML-Parser-2.22-3
perl-libnet-1.0606-3
perl-libwww-5.43-3
perl-MIME-Base64-2.11-3
perl-MLDBM-2.00-3
perl-URI-1.02-3
perl-CPAN-Site-0.013-1
perl-5.00503-6
[root@melanie /root]# perl -V
Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration:
  Platform:
osname=linux, osvers=2.2.5-22smp, archname=i386-linux
uname='linux porky.devel.redhat.com 2.2.5-22smp #1 smp wed jun 2
09:11:51 edt 1999 i686 unknown '
hint=recommended, useposix=true, d_sigaction=define
usethreads=undef useperlio=undef d_sfio=undef
  Compiler:
cc='cc', optimize='-O2', gccversion=egcs-2.91.66 19990314/Linux
(egcs-1.1.2 release)
cppflags='-Dbool=char -DHAS_BOOL -I/usr/local/include'
ccflags ='-Dbool=char -DHAS_BOOL -I/usr/local/include'
stdchar='char', d_stdstdio=undef, usevfork=false
intsize=4, longsize=4, ptrsize=4, doublesize=8
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
alignbytes=4, usemymalloc=n, prototype=define
  Linker and Libraries:
ld='cc', ldflags =' -L/usr/local/lib'
libpth=/usr/local/lib /lib /usr/lib
libs=-lnsl -ldl -lm -lc -lposix -lcrypt
libc=, so=so, useshrplib=false, libperl=libperl.a
  Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
cccdlflags='-fpic', lddlflags='-shared -L/usr/local/lib'


Characteristics of this binary (from libperl): 
  Built under linux
  Compiled at Aug 30 1999 23:09:51
  @INC:
/usr/lib/perl5/5.00503/i386-linux
/usr/lib/perl5/5.00503
/usr/lib/perl5/site_perl/5.005/i386-linux
/usr/lib/perl5/site_perl/5.005
.

 -Original Message-
 From: Stas Bekman [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 11, 2000 11:28 AM
 To: John Walker
 Cc: '[EMAIL PROTECTED]'
 Subject: Re: Bad server, Bad server, down boy! (was RE: Hey, 
 that ain't
 taint ed, is it?)
[...]
I think it's your perl, try to rebuild it. Use another version... what
is
the version that you use?

Hey, that ain't tainted, is it?

[John Walker]

With regard to yesterday's "Cryptic errors -simple  Apache::Registry
script ??? (newbie)" post, I have discovered some more information. Not
that it clarifies my understanding of the error much.

By hacking (process of elimination) I have discovered that when I turn
off taint checking in my httpsd.conf the script (helloworld.pl) runs and
produces no errors. On 634 of the eagle book, it says that
PerlTaintCheck will activate taint checks on ... user provided data ...
dangerous functions such as exec(), eval(), and system().  This seems
like a wise precaution.

I don't see where the user name is getting execed, evaled, or supplied
to a system call. Can anyone explain this to my pea brain?

Also, What would I have to do with the parameter value to make mod_perl
think I had "untainted" the value?

John Walker
_
Special Projects Manager, JSW4.NET
[EMAIL PROTECTED]
http://www.jsw4.net/

RE: Hey, that ain't tainted, is it?

[John Walker]

That would be ALL of it wouldn't it? G

Anyway, I'm still not sure how the hello world script violates the use
of tainted data... it just goes to STDOUT (browser).

If I understand this correctly, I've got to run *all* my user input
through a regex and use the resultant $1, $2 parts as my data? What
about data from an SQL db via DBI, is that "pre-tainted"?

Thanks, John.
PS The updated guide is very nice. (Maybe my problem is I shouldn't be
reading the guide, the panther book, the ram book, and the eagle book,
all at the same time. G)

 -Original Message-
 From: Stas Bekman [mailto:[EMAIL PROTECTED]]
 Sent: Monday, January 10, 2000 4:34 PM
 To: John Walker
 Cc: '[EMAIL PROTECTED]'
 Subject: Re: Hey, that ain't tainted, is it?
 
 
 
 % perldoc perlsec
 -- is what you are looking for. it's all there...
[...]

Cryptic errors -simple Apache::Registry script ??? (newbie)

[John Walker]

I've got a script (hello.pl from the Eagle book).
It runs succesfully once and generates 500 errors. 

So I dig around and find this in the errors:

[Sun Jan  9 15:26:38 2000] [error] Can't upgrade that kind of scalar at
/usr/lib/perl5/site_perl/5.005/i386-linux/Apache/Registry.pm line 32.

HMM. Well, I am not skilled enough to want to hack Registry.pm nor am I
familiar with the concept of upgrading a scalar. I have read Stas' guide
and he talks about "use diagnostics;" Now when things go bad, I get a
longer explanation:

[Sun Jan  9 15:40:07 2000] [error] Uncaught exception from user code:
Can't upgrade that kind of scalar at
/usr/lib/perl5/site_perl/5.005/i386-linux/Apache/Registry.pm line 32.
Apache::Registry::handler('Apache=SCALAR(0x81a782c)') called at
/dev/null line 0
eval {...} called at /dev/null line 0

HMM. dev null? line zero? Am I loosing my mind?

I would appreciate it if someone could help me in the right direction.
I'm running RedHat/Apache HTTPSD with mod_perl, does anyone know if
thats a problem?

[root@melanie /root]# telnet melanie.jsw4.net 80
Trying 216.207.143.5...
Connected to melanie.jsw4.net.
Escape character is '^]'.
GET /index.html HTTP/1.1
Host: roc.jsw4.net

HTTP/1.1 200 OK
Date: Sun, 09 Jan 2000 20:57:18 GMT
Server: Red Hat Secure/3.0 (Unix) mod_perl/1.19
Last-Modified: Sun, 05 Dec 1999 16:28:37 GMT
ETag: "1803-797-384a92b5"
Accept-Ranges: bytes
Content-Length: 1943
Content-Type: text/html

HTML ...

The snips from httpsd.conf (This is in a virtual host section, could
that be a problem?)

IfModule mod_perl.c
  Alias /perl/ /home/roc/perl/
  PerlTaintCheck On
  Location /perl
SetHandler perl-script
PerlHandler Apache::Registry
PerlSendHeader On
Options +ExecCGI
  /Location
/IfModule

And finally the script: hello.pl (As I mentioned, this is copied fairly
faithfully from the eagle book.)

#!/usr/bin/perl -w
use CGI qw(:standard);
use diagnostics;
use strict;
# use vars qw($name);
my $realname = param('realname') || 'Anonymous';
print   header(),
start_html(-title='Hello',-bgcolor='blue'),
h1("Hello $realname"),
p(
"To change your name, enter it into the text field below and
press",
em("change name.")
),
start_form(),
"Name:
",textfield(-name='realname',-value='Anonymous'),
submit(-value='Change name'),
end_form(),
hr(),
end_html();

Any help would be appreciated. Thanks,
John