Re: [mp2][QUESTION]: Filter to modify request headers on a proxy server

[Stas Bekman]

Pringle, Chris (HP-PSG) wrote:
Thanks for this. I had put 'PerlInputFilterHandler
iPAQApache::ResetBrowser' inside the proxy block, and it should have
been outside like you said.
So it did work this time, right? Perhaps we should issue a warning if a 
connection filter is found insider  or alike.

PerlInputFilterHandler iPAQApache::ResetBrowser

Is this the correct directive?


The directive is correct, but you don't show your code and your config,
so I 
have no idea if the rest is correct or not. This directive is used to 
configure both, connection and request level filters. It's the attribute
of 
the handler subroutine is what makes the difference and the placement in

httpd.conf.

You need to declare it as:

package iPAQApache::ResetBrowser;
use base qw(Apache::Filter);
sub handler : FilterConnectionHandler { your code is here }
1;
and you need to put it outside of  or similar block in
httpd.conf 
just like shown at:
http://perl.apache.org/docs/2.0/user/handlers/filters.html#Connection_In
put_Filters

Also make sure that you run at least mod_perl 1.99_09, or even better
the 
current cvs. And in the future please follow the info at 
http://perl.apache.org/bugs/ so we know more about your setup.
__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

RE: [mp2][QUESTION]: Filter to modify request headers on a proxy server

[Pringle, Chris (HP-PSG)]

Thanks for this. I had put 'PerlInputFilterHandler
iPAQApache::ResetBrowser' inside the proxy block, and it should have
been outside like you said.


   _/***
* _/   **Chris Pringle**
 _/ *Industrial Trainee   **
*** _/_/_/ _/_/_/   *Personal Systems Group (PSG) **
***_/  _/ _/  _/*Hewlett Packard - Bristol**
***   _/  _/ _/_/_/ * **
_/ INVENT  **Tel   - +44 (0) 117 31 29664 **
** _/Email - [EMAIL PROTECTED] **
***   _/   * 



> PerlInputFilterHandler iPAQApache::ResetBrowser
> 
> Is this the correct directive?

The directive is correct, but you don't show your code and your config,
so I 
have no idea if the rest is correct or not. This directive is used to 
configure both, connection and request level filters. It's the attribute
of 
the handler subroutine is what makes the difference and the placement in

httpd.conf.

You need to declare it as:

package iPAQApache::ResetBrowser;
use base qw(Apache::Filter);
sub handler : FilterConnectionHandler { your code is here }
1;

and you need to put it outside of  or similar block in
httpd.conf 
just like shown at:
http://perl.apache.org/docs/2.0/user/handlers/filters.html#Connection_In
put_Filters

Also make sure that you run at least mod_perl 1.99_09, or even better
the 
current cvs. And in the future please follow the info at 
http://perl.apache.org/bugs/ so we know more about your setup.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: [mp2][QUESTION]: Filter to modify request headers on a proxy server

[Stas Bekman]

Pringle, Chris (HP-PSG) wrote:
Hi,

I've just tried that script again (see link below) using a POST request.
In the error log file, there is the content of the POST Request e.g.
user=cpringle&password=x but nothing else. There is no HTTP headers.
My Apache directive to enable the filter is
PerlInputFilterHandler iPAQApache::ResetBrowser

Is this the correct directive?
The directive is correct, but you don't show your code and your config, so I 
have no idea if the rest is correct or not. This directive is used to 
configure both, connection and request level filters. It's the attribute of 
the handler subroutine is what makes the difference and the placement in 
httpd.conf.

You need to declare it as:

package iPAQApache::ResetBrowser;
use base qw(Apache::Filter);
sub handler : FilterConnectionHandler { your code is here }
1;
and you need to put it outside of  or similar block in httpd.conf 
just like shown at:
http://perl.apache.org/docs/2.0/user/handlers/filters.html#Connection_Input_Filters

Also make sure that you run at least mod_perl 1.99_09, or even better the 
current cvs. And in the future please follow the info at 
http://perl.apache.org/bugs/ so we know more about your setup.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

RE: [mp2][QUESTION]: Filter to modify request headers on a proxy server

[Pringle, Chris (HP-PSG)]

Hi,

I've just tried that script again (see link below) using a POST request.
In the error log file, there is the content of the POST Request e.g.
user=cpringle&password=x but nothing else. There is no HTTP headers.
My Apache directive to enable the filter is

PerlInputFilterHandler iPAQApache::ResetBrowser

Is this the correct directive?


   _/***
* _/   **Chris Pringle**
 _/ *Industrial Trainee   **
*** _/_/_/ _/_/_/   *Personal Systems Group (PSG) **
***_/  _/ _/  _/*Hewlett Packard - Bristol**
***   _/  _/ _/_/_/ * **
_/ INVENT  **Tel   - +44 (0) 117 31 29664 **
** _/Email - [EMAIL PROTECTED] **
***   _/   * 



-Original Message-
From: Stas Bekman [mailto:[EMAIL PROTECTED] 
Sent: 18 September 2003 11:37
To: Pringle, Chris (HP-PSG)
Cc: [EMAIL PROTECTED]
Subject: Re: [mp2][QUESTION]: Filter to modify request headers on a
proxy server


Pringle, Chris (HP-PSG) wrote:
> Hi,
> 
> I am trying to write a filter that will sit on a proxy server and
> alter HTTP requests. Basically, what I want it to do is modify the 
> User-Agent header field so that when the request is proxied, the 
> remote web server gets a different User-Agent header field to the one 
> that was originally sent by the browser. There are also other header 
> fields I may need to modify, but I would imagine this is a simple task

> once I've worked out how to alter the User-Agent field.
> 
> Does anyone have any ideas how I might go about doing this? I've tried
> writing several PerlInputFilterHandlers, all with no success. Will 
> input filters work with a proxy? I've got output filters working with 
> no problem.
> 
> Any sample code to do what I want, along with the relavent Apache
> directives would be very  much appreciated!

The sample code that you need is here:
http://perl.apache.org/docs/2.0/user/handlers/filters.html#Connection_In
put_Filters

I haven't tried to mix filters with proxy, but I see no reason why
shouldn't 
it work. It might not work if proxy is implemented as a filter itself
and is 
running before the modperl filters, need to look at the actual
implementation.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: [mp2][QUESTION]: Filter to modify request headers on a proxy server

[Stas Bekman]

Pringle, Chris (HP-PSG) wrote:
Hi,

I am trying to write a filter that will sit on a proxy server and alter
HTTP requests. Basically, what I want it to do is modify the User-Agent
header field so that when the request is proxied, the remote web server
gets a different User-Agent header field to the one that was originally
sent by the browser. There are also other header fields I may need to
modify, but I would imagine this is a simple task once I've worked out
how to alter the User-Agent field.
Does anyone have any ideas how I might go about doing this? I've tried
writing several PerlInputFilterHandlers, all with no success. Will input
filters work with a proxy? I've got output filters working with no
problem. 

Any sample code to do what I want, along with the relavent Apache
directives would be very  much appreciated!
The sample code that you need is here:
http://perl.apache.org/docs/2.0/user/handlers/filters.html#Connection_Input_Filters
I haven't tried to mix filters with proxy, but I see no reason why shouldn't 
it work. It might not work if proxy is implemented as a filter itself and is 
running before the modperl filters, need to look at the actual implementation.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

[mp2][QUESTION]: Filter to modify request headers on a proxy server

[Pringle, Chris (HP-PSG)]

Hi,

I am trying to write a filter that will sit on a proxy server and alter
HTTP requests. Basically, what I want it to do is modify the User-Agent
header field so that when the request is proxied, the remote web server
gets a different User-Agent header field to the one that was originally
sent by the browser. There are also other header fields I may need to
modify, but I would imagine this is a simple task once I've worked out
how to alter the User-Agent field.

Does anyone have any ideas how I might go about doing this? I've tried
writing several PerlInputFilterHandlers, all with no success. Will input
filters work with a proxy? I've got output filters working with no
problem. 

Any sample code to do what I want, along with the relavent Apache
directives would be very  much appreciated!



   _/***
* _/   **Chris Pringle**
 _/ * **
*** _/_/_/ _/_/_/   *Personal Systems Group (PSG) **
***_/  _/ _/  _/*Hewlett Packard - Bristol**
***   _/  _/ _/_/_/ * **
_/ INVENT  **Tel   - +44 (0) 117 31 29664 **
** _/Email - [EMAIL PROTECTED] **
***   _/   * 

Re: Portability Question

[Randy Kobes]

On Mon, 8 Sep 2003, Philip M. Gollucci wrote:

> Say I want the same code to work under:
>   Win2k/ISS5.0&CGI
>   Win2k/IIS5.0&PerlEX
>   Win2k/Apache1&mod_perl1
>   Win2k/Apache2&mod_perl2
>
>FreeBSD/Linux/Sun/Apache1&mod_perl1
>FreeBSD/Linux/Sun/Apache2&mod_perl2
>FreeBSD/Linux/Sun/Apache1,2&CGI
>
>   Assume perl 5.6.1 ActiveState on Win2k and perl 5.8.0 on Unix
> environments.
>   Assume CGI.pm >= 2.98
>
> I haven't really had a hard time with this except:
[ ... ]
> GD.pm (ActiveState only has GD1.x for 5.6.1 and compile errors for GD2.x
> on 5.8.0)
> XML::Simple (Active State5.6.1 is only at 1.06 missing some critical
> features from the current ~2.05)
[ ... ]
> Text::Aspell ... egad... One of my co-workers has compiled this for
> 5.6.1 ActiveState on Win2k/WinXP Pro using MSCV++ 6.0
> if anyone is interested since ActiveState has nothing.

We have the above three packages in our 5.8 repository at
http://theoryx5.uwinnipeg.ca/ppms/.

-- 
best regards,
randy kobes

Re: Portability Question

[Perrin Harkins]

On Mon, 2003-09-08 at 23:29, Philip M. Gollucci wrote:
> I haven't really had a hard time with this except:
> CGI.pm  ($query = CGI->new())

What about it?  Is it not working?

> Spreadsheet::WriteExcel (0.26 or less for Win2k/ISS5.0&PerlEx current is 
> .40 most likely not thread safe)
> GD.pm (ActiveState only has GD1.x for 5.6.1 and compile errors for GD2.x 
> on 5.8.0)
> XML::Simple (Active State5.6.1 is only at 1.06 missing some critical 
> features from the current ~2.05)
> DateTime modules (datetime.perl.org ActiveState 5.6.1 has nothing... I 
> think 5.8.0 might have some)

Building your own .ppm files seems like the only way to solve these.

> use lib qw(...) (ISS automagically adds "." to this. Under unix, 
> this is not the case
>First thought, use FindBin, but its not thread safe, so mod_perl2.x 
> fails.
>Only anwser I've come up with is to have an "installation" script 
> edit a place holder in the "main" file

You could use a config file or an environment variable, but what is the
problem with FindBin exactly?  I haven't heard about it not being thread
safe before.

> However, "caching" is much more beneficially in IIS5.0/PerlEx then 
> apache1.x/mod_perl1.x (rarely if ever get server by the same child in 
> Apache)

In apache 1.x on Win32, you always get the same child since there is
only one.  With 1.x on FreeBSD, the allocation will basically
round-robin through all of your live apache children.

- Perrin

Portability Question

[Philip M. Gollucci]

Say I want the same code to work under:
 Win2k/ISS5.0&CGI
 Win2k/IIS5.0&PerlEX
 Win2k/Apache1&mod_perl1
 Win2k/Apache2&mod_perl2
  FreeBSD/Linux/Sun/Apache1&mod_perl1
  FreeBSD/Linux/Sun/Apache2&mod_perl2
  FreeBSD/Linux/Sun/Apache1,2&CGI
 Assume perl 5.6.1 ActiveState on Win2k and perl 5.8.0 on Unix 
environments.
 Assume CGI.pm >= 2.98

I haven't really had a hard time with this except:
CGI.pm  ($query = CGI->new())
Spreadsheet::WriteExcel (0.26 or less for Win2k/ISS5.0&PerlEx current is 
.40 most likely not thread safe)
GD.pm (ActiveState only has GD1.x for 5.6.1 and compile errors for GD2.x 
on 5.8.0)
XML::Simple (Active State5.6.1 is only at 1.06 missing some critical 
features from the current ~2.05)
DateTime modules (datetime.perl.org ActiveState 5.6.1 has nothing... I 
think 5.8.0 might have some)
use lib qw(...) (ISS automagically adds "." to this. Under unix, 
this is not the case
  First thought, use FindBin, but its not thread safe, so mod_perl2.x 
fails.
  Only anwser I've come up with is to have an "installation" script 
edit a place holder in the "main" file

Text::Aspell ... egad... One of my co-workers has compiled this for 
5.6.1 ActiveState on Win2k/WinXP Pro using MSCV++ 6.0
if anyone is interested since ActiveState has nothing.

Does anyone have any comments/suggestions/ideas on this ?

Despite all the ranting, I must say that all of you have done 
exceptional jobs to make Apache/mod_perl the finest of them all.
I haven't done any hard benchmarking, but it looks link 
Apache2/mod_perl2 on Win2k is substantially(2-3x) faster then IIS5.0/PerlEx.
However, "caching" is much more beneficially in IIS5.0/PerlEx then 
apache1.x/mod_perl1.x (rarely if ever get server by the same child in 
Apache)

Thanks All!

Re: SubRequest in Filter MP2 [QUESTION]

[Geoffrey Young]

Craig Shelley wrote:
Hello again.. 


On Thu, 2003-09-04 at 14:21, Geoffrey Young wrote:

see Apache::SSI for mp1 - it does exactly what you are trying to do
and

is 
subclassable, so you can add your own tags/functionality if you want.

That is exactly what I am already doing. 
When using #exec directive I noticed I could not set the headers
properly.
typically, a subrequest gets its headers from the current request.

if you want to alter them, use $r->headers_in->set, but this is generally 
only used to test what-if scenarios:  what if the current request had a 
cookie, could it access this document?

anyway, if you need that, then you could probably create your own subclass 
and override ssi_exec to simply set the incoming headers and then 
SUPER::ssi_exec.

or something like that (off the top of my head, anyway ;)



see recipe 5.7 in the mod_perl developer's cookbook for that, or look
at

the 
Apache::SSI source, which does it a different way.


That is something i have yet to get my hands on!
the book has a simpler example as well, but you should be able to figure out 
the important LWP bits from the online code example

http://www.modperlcookbook.org/code/ch05/Cookbook/SubRequestContent.pm

--Geoff



--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Craig Shelley]

Hello again.. 

> 
> On Thu, 2003-09-04 at 14:21, Geoffrey Young wrote:
> 
> see Apache::SSI for mp1 - it does exactly what you are trying to do
and
> is 
> subclassable, so you can add your own tags/functionality if you want.
> 
That is exactly what I am already doing. 
When using #exec directive I noticed I could not set the headers
properly.

> see recipe 5.7 in the mod_perl developer's cookbook for that, or look
at
> the 
> Apache::SSI source, which does it a different way.

That is something i have yet to get my hands on!


-- 
Craig Shelley <[EMAIL PROTECTED]>

Homepage: 



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Craig Shelley]

Hello..

Just Forwarding this to the list

> Having no idea as to how the internals of modperl and apache actually
> work, this may seem like a bit of a dumb suggestion.
> 
> When doing a subrequest from within a filter, the most ideal situation
> would be to have access to the output from within the same filter.
> I don't know how this would be best done, but one example i can think
of
> would be maybe to be given access to file handle which can be read
from.
> The data from the subrequest can then be processed and incorporated as
> required.
> 
> The reason I have ended up fiddling around with subrequests in filters
> is because i was originally writing a few extensions for SSI in MP1.
> My original plan was to create a small library of includable objects
> such as hit counters, fortune generators and photo albums etc
> The idea then was that other people with local access to my server can
> create simple html files that contain SSI directives to include the
> various objects.
> 
> It was all going extremely well, until I tried to set a cookie from
> within a subrequest.
> After that, i ran into a whole load of trouble trying to capture the
> output from a subrequest, and ended up turning to mp2
> 
> I was wondering if there are any other avenues I should explore in
order
> to set up such a system.
> 
> Thank you for spending time on this problem I appreciate it greatly
> 


-

On Thu, 2003-09-04 at 14:21, Geoffrey Young wrote:

see Apache::SSI for mp1 - it does exactly what you are trying to do and
is 
subclassable, so you can add your own tags/functionality if you want.


>> After that, i ran into a whole load of trouble trying to capture the
>> output from a subrequest

see recipe 5.7 in the mod_perl developer's cookbook for that, or look at
the 
Apache::SSI source, which does it a different way.


-- 
Craig Shelley <[EMAIL PROTECTED]>

Homepage: 



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Craig Shelley]

Hi All,

On Wed, 2003-08-27 at 02:33, Geoffrey Young wrote:

> hi craig.
> 
>before we continue, please try the latest cvs (without the patch I sent) 
> and see if your stuff segfaults there.  if not, at least we know we've 
> isolated the segfault and just have bad logic to fix :)

Well:

It seg faulted again :(

Here is what the log got:

[Fri Aug 29 17:45:00 2003] [notice] child pid 14541 exit signal Segmentation fault (11)


Here is a Backtrace:


Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 14541)]
0x4052295c in modperl_wbucket_flush (wb=0x0, add_flush_bucket=0) at 
modperl_filter.c:180
180 if (wb->outcnt) {
(gdb) backtrace
#0  0x4052295c in modperl_wbucket_flush (wb=0x0, add_flush_bucket=0) at 
modperl_filter.c:180
#1  0x406801f2 in ?? ()

When i run gdb on the core file...

#0  0x4052295c in modperl_wbucket_flush (wb=0x0, add_flush_bucket=0) at 
modperl_filter.c:180
180 if (wb->outcnt) {
(gdb) backtrace
#0  0x4052295c in modperl_wbucket_flush (wb=0x0, add_flush_bucket=0) at 
modperl_filter.c:180
#1  0x406801f2 in mpxs_ap_run_sub_req (my_perl=0x8148580, r=0x81a9418) at 
Apache__SubRequest.h:10
#2  0x406808da in XS_Apache__SubRequest_run (my_perl=0x8148580, cv=0x81965fc) at 
SubRequest.xs:83
#3  0x405bc7ef in Perl_pp_entersub () from /usr/lib/libperl.so.5.8
#4  0x405b620a in Perl_runops_standard () from /usr/lib/libperl.so.5.8
#5  0x4055ea32 in Perl_call_sv () from /usr/lib/libperl.so.5.8
#6  0x4055e837 in Perl_call_sv () from /usr/lib/libperl.so.5.8
#7  0x4051d6d5 in modperl_callback (my_perl=0x8148580, handler=0x80db808, p=0x815c920, 
r=0x815c958, s=0x80db858, args=0x8145598)
at modperl_callback.c:53
#8  0x405231cd in modperl_run_filter (filter=0x8162938) at modperl_filter.c:400
#9  0x40523f51 in modperl_output_filter_handler (f=0x815e440,
bb=0x815e5a8) at modperl_filter.c:761
#10 0x0807e66b in ap_pass_brigade ()
#11 0x08084c15 in ap_core_translate ()
#12 0x08073b0a in ap_run_handler ()
#13 0x0807401e in ap_invoke_handler ()
#14 0x0806767f in ap_process_request ()
#15 0x080638ed in _start ()
#16 0x0815c958 in ?? ()
#17 0x0004 in ?? ()
#18 0x0815c958 in ?? ()

If you would like some more info please let me know, because I am eager
to help solve this problem.

PS -- I am running the same test scripts as I mentioned in previous
posts.


-- 
Craig Shelley <[EMAIL PROTECTED]>



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Geoffrey Young]

Craig Shelley wrote:

  MP_AP_PREFIX   => /home/craig/temp/mod_perl-1.99_09/
hi craig.

  before we continue, please try the latest cvs (without the patch I sent) 
and see if your stuff segfaults there.  if not, at least we know we've 
isolated the segfault and just have bad logic to fix :)

  if you need help with cvs, see

http://perl.apache.org/docs/2.0/user/install/install.html#Downloading_the_mod_perl_Source

--Geoff



--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Stas Bekman]

Geoffrey Young wrote:
[...]
as I said, nowhere in any of the module shipped with core do I find 
logic like this - mod_include and mod_cgi both seem to call 
ap_run_sub_req without  flushing the main data stream (though 
mod_include does split the stream and send the data _prior to the tag_ 
off).  I don't see why mod_perl needs to behave differently in this 
respect, but if flushing is required for other reasons I can't see, 
making it a tacit part of $sub->run seems the wrong solution since it 
goes against the intent of output filters.
but that's how it works in mp1, no? Are you required to flush any data before 
issuing a subrequest? If I remember correctly you aren't.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Stas Bekman]

Geoffrey Young wrote:

the problem is with the r->main logic in mpxs_ap_run_sub_req.

with that logic, what ends up happening is that the data currently 
being operated on is explicity flushed.  this is bad within a 
(streaming) filter where you are expected to call $f->print yourself, 
as the data is sent without your permission (you may be operating on 
it or not want to send it at all).  it also seemed to cause infinite 
loop in my tests because the filter was seeing the same data over and 
over again.
That's is the problem with streaming filters. Nothing indicates to mod_perl 
whether the currently executed filter is a streaming filter or not, in fact I 
think you can mix and match both "methods" in the same filter. So $f->print is 
not expected, really.

What you are right about is that mpxs_ap_run_sub_req should flush only if run 
from the non-filter handler, and do nothing if run from the filter handler.

I have somewhere a prototype for the new API which tells what phase we are in, 
but it's possible that there is a more efficient way to tell the difference.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Geoffrey Young]

however, removing that logic causes api/lookup_uri2.t to fail, but I 
suspect this is an issue with puts() rather than the subrequest 
mechanism - changing puts() to print() makes everything work just 
fine. does puts() write directly to the wire, bypassing filters?


Sorry, but that's cheating ;)

rputs() never flushes data,
print() flushes if $| == 1;
ah, ok, that's the difference.

So there is no problem with the r->main logic in mpxs_ap_run_sub_req, 
it's there for exactly this reason.
no, there is definitely something wrong.  someplace :)

if I'm in a filter and call sub->run (which is what mod_include essentially 
does), mod_perl is silently passing along the data I'm in the middle of 
filtering.  so, if the filter sees

  datadata

and wants to substitute something for  via a subrequest, it won't work 
- mpxs_ap_run_sub_req is flushing  along before the filter gets the 
chance to decide about the data.

as I said, nowhere in any of the module shipped with core do I find logic 
like this - mod_include and mod_cgi both seem to call ap_run_sub_req without 
 flushing the main data stream (though mod_include does split the stream 
and send the data _prior to the tag_ off).  I don't see why mod_perl needs 
to behave differently in this respect, but if flushing is required for other 
reasons I can't see, making it a tacit part of $sub->run seems the wrong 
solution since it goes against the intent of output filters.

and you forgot to add to the patch a new file
#t/htdocs/filter/subrequest.txt
core subrequest
yes, sorry.

> or even better:
out_str_subreq_default
out_str_subreq_modperl
since these correspond to the SetHandler settings.
will do.

--Geoff



--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Stas Bekman]

Geoffrey Young wrote:


Stas Bekman wrote:

Craig Shelley wrote:

I'll take a look at it. But you didn't supply a complete bug report 
as explained http://perl.apache.org/bugs/. Please do so.


I think I've got this figured out.

the problem is with the r->main logic in mpxs_ap_run_sub_req.

with that logic, what ends up happening is that the data currently being 
operated on is explicity flushed.  this is bad within a (streaming) 
filter where you are expected to call $f->print yourself, as the data is 
sent without your permission (you may be operating on it or not want to 
send it at all).  it also seemed to cause infinite loop in my tests 
because the filter was seeing the same data over and over again.

I can't really understand the reason behind the code anyway, since I 
can't see anywhere in core where such logic is applied before 
ap_run_sub_request - everyone seems to call without regard to where in 
the data stream they happen to be, so I don't get why mod_perl should be 
any different.  indeed commenting it out fixes the problem for me.

however, removing that logic causes api/lookup_uri2.t to fail, but I 
suspect this is an issue with puts() rather than the subrequest 
mechanism - changing puts() to print() makes everything work just fine. 
does puts() write directly to the wire, bypassing filters?
Sorry, but that's cheating ;)

rputs() never flushes data,
print() flushes if $| == 1;
Please don't remove rputs, it's there for a reason.

If you fix lookup_uri2's handler to be:

sub handler {
my $r = shift;
subrequest($r, 'myplan');

local $| = 0;
$r->print("ok 2\n");
subrequest($r, 'ok3');

Apache::OK;
}
You get:

ok 1
ok 3
ok 2
Confused test output: test 3 answered after test 3
ok
which is wrong.

So there is no problem with the r->main logic in mpxs_ap_run_sub_req, it's 
there for exactly this reason.

I wonder why $| is on? must have forgotten to localize $| setting somewhere.

anyway, attached is a patch against current cvs - fixes and a few 
filtering subrequest tests.  note that the patch does not mention the 
removal of xs/Apache/SubRequest/Apache__SubRequest.h, which is no longer 
needed, so I guess you should remove that file by hand before compiling.

craig - note that this patch affects the autogenerated code, so in order 
to get it to work you'll need to apply it, then run make realclean, perl 
Makefile.PL, etc.
and you forgot to add to the patch a new file
#t/htdocs/filter/subrequest.txt
core subrequest
regarding new tests, do you mind calling them:

out_str_subreq_core
out_str_subreq_perl
since 'sub' is too confusing, or even better:

out_str_subreq_default
out_str_subreq_modperl
since these correspond to the SetHandler settings.

Thanks.
__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Stas Bekman]

Craig Shelley wrote:
On Tue, 2003-08-26 at 19:03, Stas Bekman wrote: 

Thanks, but you have missed the core dump's backtrace.
I am sorry but I have never used core files before, so forgive me if I
have done this all wrong.
No worries, this task is not trivial. Your trace is almost perfect. The only 
missing things are the arguments to the functions in the trace. In order to 
get the arguments you need to rebuild mp with MP_DEBUG=1 as explained here:
http://perl.apache.org/docs/2.0/user/help/help.html#Resolving_Segmentation_Faults

(gdb) backtrace
#0  0x4051cf58 in modperl_wbucket_flush () from
/usr/lib/apache2/modules/mod_perl.so
#1  0x4066f5de in XS_Apache__SubRequest_run () from
/usr/local/lib/perl/5.8.0/auto/Apache/SubRequest/SubRequest.so
Normally you should rebuild perl and apache with appropriate options as 
explained at the URL above to get the arguments for the perl and apache 
functions, but in this case the bug is most likely in mod_perl, so only 
rebuilding mod_perl with MP_DEBUG=1, getting a new segfault and a new trace 
will do.

#2  0x405ad7ef in Perl_pp_entersub () from /usr/lib/libperl.so.5.8
#3  0x405a720a in Perl_runops_standard () from /usr/lib/libperl.so.5.8
#4  0x4054fa32 in Perl_call_sv () from /usr/lib/libperl.so.5.8
#5  0x4054f837 in Perl_call_sv () from /usr/lib/libperl.so.5.8
#6  0x405195da in modperl_callback () from
/usr/lib/apache2/modules/mod_perl.so
#7  0x4051c7ae in modperl_run_filter () from
/usr/lib/apache2/modules/mod_perl.so
#8  0x4051cba7 in modperl_output_filter_handler () from
/usr/lib/apache2/modules/mod_perl.so
#9  0x0807e66b in ap_pass_brigade ()
#10 0x08084c15 in ap_core_translate ()
#11 0x08073b0a in ap_run_handler ()
#12 0x0807401e in ap_invoke_handler ()
#13 0x0806767f in ap_process_request ()
#14 0x080638ed in _start ()
#15 0x0815e3f8 in ?? ()
#16 0x0004 in ?? ()
#17 0x0815e3f8 in ?? ()
I have not included the core file here because it was ~ 3Mb
If you need it please let me know
That was a wise decision. A core file is not very useful for our purposes if 
taken away from the setup it was originated from. Not talking about the fact 
that posting large emails is not appreciated. If such a need rises, one needs 
to upload the file somewhere on the web and post the URL to that file instead.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Geoffrey Young]

Stas Bekman wrote:
Craig Shelley wrote:

I'll take a look at it. But you didn't supply a complete bug report 
as explained http://perl.apache.org/bugs/. Please do so.
I think I've got this figured out.

the problem is with the r->main logic in mpxs_ap_run_sub_req.

with that logic, what ends up happening is that the data currently being 
operated on is explicity flushed.  this is bad within a (streaming) filter 
where you are expected to call $f->print yourself, as the data is sent 
without your permission (you may be operating on it or not want to send it 
at all).  it also seemed to cause infinite loop in my tests because the 
filter was seeing the same data over and over again.

I can't really understand the reason behind the code anyway, since I can't 
see anywhere in core where such logic is applied before ap_run_sub_request - 
everyone seems to call without regard to where in the data stream they 
happen to be, so I don't get why mod_perl should be any different.  indeed 
commenting it out fixes the problem for me.

however, removing that logic causes api/lookup_uri2.t to fail, but I suspect 
this is an issue with puts() rather than the subrequest mechanism - changing 
puts() to print() makes everything work just fine. does puts() write 
directly to the wire, bypassing filters?

anyway, attached is a patch against current cvs - fixes and a few filtering 
subrequest tests.  note that the patch does not mention the removal of 
xs/Apache/SubRequest/Apache__SubRequest.h, which is no longer needed, so I 
guess you should remove that file by hand before compiling.

craig - note that this patch affects the autogenerated code, so in order to 
get it to work you'll need to apply it, then run make realclean, perl 
Makefile.PL, etc.

--Geoff
Index: t/response/TestAPI/lookup_uri2.pm
===
RCS file: /home/cvspublic/modperl-2.0/t/response/TestAPI/lookup_uri2.pm,v
retrieving revision 1.3
diff -u -r1.3 lookup_uri2.pm
--- t/response/TestAPI/lookup_uri2.pm   27 Apr 2003 04:19:18 -  1.3
+++ t/response/TestAPI/lookup_uri2.pm   26 Aug 2003 19:55:50 -
@@ -11,7 +11,7 @@
 sub myplan {
 my $r = shift;
 
-$r->puts("1..3\nok 1\n");
+$r->print("1..3\nok 1\n");
 
 Apache::OK;
 }
@@ -19,7 +19,7 @@
 sub ok3 {
 my $r = shift;
 
-$r->puts("ok 3\n");
+$r->print("ok 3\n");
 
 Apache::OK;
 }
@@ -35,7 +35,7 @@
 
 subrequest($r, 'myplan');
 
-$r->puts("ok 2\n");
+$r->print("ok 2\n");
 
 subrequest($r, 'ok3');
 
Index: xs/maps/apache_functions.map
===
RCS file: /home/cvspublic/modperl-2.0/xs/maps/apache_functions.map,v
retrieving revision 1.64
diff -u -r1.64 apache_functions.map
--- xs/maps/apache_functions.map12 Jun 2003 23:27:03 -  1.64
+++ xs/maps/apache_functions.map26 Aug 2003 19:55:51 -
@@ -95,7 +95,7 @@
 
 PACKAGE=Apache::SubRequest   ISA=Apache::RequestRec
  ap_destroy_sub_req  | | r | DESTROY
- ap_run_sub_req  | mpxs_ | | run
+ ap_run_sub_req  | | r | run
 
 MODULE=Apache::RequestIO   PACKAGE=Apache::RequestRec
  ap_discard_request_body
Index: xs/tables/current/ModPerl/FunctionTable.pm
===
RCS file: /home/cvspublic/modperl-2.0/xs/tables/current/ModPerl/FunctionTable.pm,v
retrieving revision 1.119
diff -u -r1.119 FunctionTable.pm
--- xs/tables/current/ModPerl/FunctionTable.pm  20 Aug 2003 23:20:14 -  1.119
+++ xs/tables/current/ModPerl/FunctionTable.pm  26 Aug 2003 19:55:56 -
@@ -6170,24 +6170,6 @@
 ]
   },
   {
-'return_type' => 'int',
-'name' => 'mpxs_ap_run_sub_req',
-'attr' => [
-  'static',
-  '__inline__'
-],
-'args' => [
-  {
-'type' => 'PerlInterpreter *',
-'name' => 'my_perl'
-  },
-  {
-'type' => 'request_rec *',
-'name' => 'r'
-  }
-]
-  },
-  {
 'return_type' => 'apr_size_t',
 'name' => 'mpxs_ap_rvputs',
 'attr' => [

--- /dev/null   2003-01-30 05:24:37.0 -0500
+++ t/filter/TestFilter/out_str_sub_core.pm 2003-08-26 15:51:40.0 -0400
@@ -0,0 +1,78 @@
+package TestFilter::out_str_sub_core;
+
+use strict;
+use warnings FATAL => 'all';
+
+use Apache::Test;
+use Apache::TestUtil;
+
+use Apache::RequestRec ();
+use Apache::RequestIO ();
+use Apache::SubRequest ();
+
+use Apache::Filter ();
+
+use Apache::Const -compile => qw(OK);
+
+# include the contents of a subrequest
+# in the filter, a la mod_include's 
+# 
+
+sub include {
+
+my $filter = shift;
+
+unless ($filter->ctx) {
+# don't forget to remove the C-L header
+$filter->r->headers_out->unset('Content-Length');
+
+$filter->ctx(1);
+}
+
+while ($filter->read(my $buffer, 1024)){
+
+if ($buffer eq "\n") {
+my $sub = $filter->r->lookup_uri('/core_subrequest/subrequest.txt');
+my $rc = $sub->run

Re: SubRequest in Filter MP2 [QUESTION]

[Craig Shelley]

On Tue, 2003-08-26 at 19:03, Stas Bekman wrote:

> Thanks, but you have missed the core dump's backtrace.


I am sorry but I have never used core files before, so forgive me if I
have done this all wrong.

I configured apache to only have one server process.
Then using gdb, I connected to the server process and told it to
continue execution.
I then made a request to the server, causing it to crash.
Heres what I got:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 22572)]
0x4051cf58 in modperl_wbucket_flush () from
/usr/lib/apache2/modules/mod_perl.so

(gdb) backtrace
#0  0x4051cf58 in modperl_wbucket_flush () from
/usr/lib/apache2/modules/mod_perl.so
#1  0x4066f5de in ?? ()

(gdb) generate-core-file
Saved corefile core.22572
(gdb) quit

# gdb /usr/sbin/apache2 core.22572

#0  0x4051cf58 in modperl_wbucket_flush () from
/usr/lib/apache2/modules/mod_perl.so


(gdb) backtrace
#0  0x4051cf58 in modperl_wbucket_flush () from
/usr/lib/apache2/modules/mod_perl.so
#1  0x4066f5de in XS_Apache__SubRequest_run () from
/usr/local/lib/perl/5.8.0/auto/Apache/SubRequest/SubRequest.so
#2  0x405ad7ef in Perl_pp_entersub () from /usr/lib/libperl.so.5.8
#3  0x405a720a in Perl_runops_standard () from /usr/lib/libperl.so.5.8
#4  0x4054fa32 in Perl_call_sv () from /usr/lib/libperl.so.5.8
#5  0x4054f837 in Perl_call_sv () from /usr/lib/libperl.so.5.8
#6  0x405195da in modperl_callback () from
/usr/lib/apache2/modules/mod_perl.so
#7  0x4051c7ae in modperl_run_filter () from
/usr/lib/apache2/modules/mod_perl.so
#8  0x4051cba7 in modperl_output_filter_handler () from
/usr/lib/apache2/modules/mod_perl.so
#9  0x0807e66b in ap_pass_brigade ()
#10 0x08084c15 in ap_core_translate ()
#11 0x08073b0a in ap_run_handler ()
#12 0x0807401e in ap_invoke_handler ()
#13 0x0806767f in ap_process_request ()
#14 0x080638ed in _start ()
#15 0x0815e3f8 in ?? ()
#16 0x0004 in ?? ()
#17 0x0815e3f8 in ?? ()

I have not included the core file here because it was ~ 3Mb
If you need it please let me know

-- 
Craig Shelley <[EMAIL PROTECTED]>



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Stas Bekman]

Craig Shelley wrote:
I'll take a look at it. But you didn't supply a complete bug report as 
explained http://perl.apache.org/bugs/. Please do so.

Here is that bug report related to the earlier postings. 

-8<-- Start Bug Report 8<--
1. Problem Description:
[...]
3. This is the core dump trace: (if you get a core dump):
 
  [CORE TRACE COMES HERE]
Thanks, but you have missed the core dump's backtrace.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Craig Shelley]

> I'll take a look at it. But you didn't supply a complete bug report as 
> explained http://perl.apache.org/bugs/. Please do so.

Hi, 

Here is that bug report related to the earlier postings. 


-8<-- Start Bug Report 8<--
1. Problem Description:

  [DESCRIBE THE PROBLEM HERE]

2. Used Components and their Configuration:

*** using lib/Apache/BuildConfig.pm
*** Makefile.PL options:
  MP_AP_PREFIX   => /home/craig/temp/mod_perl-1.99_09/
  MP_COMPAT_1X   => 1
  MP_GENERATE_XS => 1
  MP_LIBNAME => mod_perl
  MP_USE_DSO => 1
  MP_USE_STATIC  => 1
 
 
*** /usr/local/bin/httpd -V
Server version: Apache/2.0.47
Server built:   Jul 15 2003 14:07:14
Server's Module Magic Number: 20020903:4
Architecture:   32-bit
Server compiled with
 -D APACHE_MPM_DIR="server/mpm/prefork"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D HTTPD_ROOT=""
 -D SUEXEC_BIN="/usr/lib/apache2/suexec2"
 -D DEFAULT_PIDLOG="/var/run/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_LOCKFILE="/var/run/accept.lock"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
 -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf"
 
 
*** /usr/bin/perl -V
Summary of my perl5 (revision 5.0 version 8 subversion 0) configuration:
  Platform:
osname=linux, osvers=2.4.21-xfs+ti1211,
archname=i386-linux-thread-multi
uname='linux kosh 2.4.21-xfs+ti1211 #1 sat jul 12 10:35:04 est 2003
i686 gnulinux '
config_args='-Dusethreads -Duselargefiles -Dccflags=-DDEBIAN
-Dcccdlflags=-fPIC -Darchname=i386-linux -Dprefix=/usr
-Dprivlib=/usr/share/perl/5.8.0 -Darchlib=/usr/lib/perl/5.8.0
-Dvendorprefix=/usr -Dvendorlib=/usr/share/perl5
-Dvendorarch=/usr/lib/perl5 -Dsiteprefix=/usr/local
-Dsitelib=/usr/local/share/perl/5.8.0
-Dsitearch=/usr/local/lib/perl/5.8.0 -Dman1dir=/usr/share/man/man1
-Dman3dir=/usr/share/man/man3 -Dman1ext=1 -Dman3ext=3perl
-Dpager=/usr/bin/sensible-pager -Uafs -Ud_csh -Uusesfio -Uusenm
-Duseshrplib -Dlibperl=libperl.so.5.8.0 -Dd_dosuid -des'
hint=recommended, useposix=true, d_sigaction=define
usethreads=define use5005threads=undef useithreads=define
usemultiplicity=define
useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
usemymalloc=n, bincompat5005=undef
  Compiler:
cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -DDEBIAN
-fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
optimize='-O3',
cppflags='-D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing'
ccversion='', gccversion='3.3.1 20030722 (Debian prerelease)',
gccosandvers=''
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=1234
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t',
lseeksize=8
alignbytes=4, prototype=define
  Linker and Libraries:
ld='cc', ldflags =' -L/usr/local/lib'
libpth=/usr/local/lib /lib /usr/lib
libs=-lgdbm -ldb -ldl -lm -lpthread -lc -lcrypt
perllibs=-ldl -lm -lpthread -lc -lcrypt
libc=/lib/libc-2.3.1.so, so=so, useshrplib=true,
libperl=libperl.so.5.8.0
gnulibc_version='2.3.1'
  Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-rdynamic'
cccdlflags='-fPIC', lddlflags='-shared -L/usr/local/lib'
 
 
Characteristics of this binary (from libperl):
  Compile-time options: MULTIPLICITY USE_ITHREADS USE_LARGE_FILES
PERL_IMPLICIT_CONTEXT
  Built under linux
  Compiled at Jul 30 2003 10:52:58
  %ENV:
PERL_LWP_USE_HTTP_10="1"
  @INC:
/etc/perl
/usr/local/lib/perl/5.8.0
/usr/local/share/perl/5.8.0
/usr/lib/perl5
/usr/share/perl5
/usr/lib/perl/5.8.0
/usr/share/perl/5.8.0
/usr/local/lib/site_perl
.
 
 
3. This is the core dump trace: (if you get a core dump):
 
  [CORE TRACE COMES HERE]
 
This report was generated by t/REPORT on Tue Aug 26 17:17:34 2003 GMT.
 
-8<-- End Bug Report --8<--


__
> Stas BekmanJAm_pH --> Just Another mod_perl Hacker
> http://stason.org/ mod_perl Guide ---> http://perl.apache.org
> mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
> http://modperlbook.org http://apache.org   http://ticketmaster.com
-- 
Craig Shelley <[EMAIL PROTECTED]>



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Stas Bekman]

Craig Shelley wrote:
does anything change if you use

  $rr = $f->$r->lookup_uri("subrequest.txt", $f->next);


No it doesn't seem any different, the server still seg faults.
When it does this, it produces no output at all.
telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
GET / HTTP/1.0
 
Connection closed by foreign host.
I'll take a look at it. But you didn't supply a complete bug report as 
explained http://perl.apache.org/bugs/. Please do so.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Craig Shelley]

> does anything change if you use
> 
>$rr = $f->$r->lookup_uri("subrequest.txt", $f->next);

No it doesn't seem any different, the server still seg faults.
When it does this, it produces no output at all.

telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
GET / HTTP/1.0
 
Connection closed by foreign host.


Thank you for looking into this.

-- 
Craig Shelley <[EMAIL PROTECTED]>



Just don't create a file called -rf.  :-)
 -- Larry Wall in <[EMAIL PROTECTED]>



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: SubRequest in Filter MP2 [QUESTION]

[Geoffrey Young]

 my $rr = $f->r->lookup_uri("subrequest.txt");
 #$rr->run;

For some reason, the server segfaults when the above code is run (with
the $rr->run line present)
does anything change if you use

  $rr = $f->$r->lookup_uri("subrequest.txt", $f->next);

?

--Geoff



--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

SubRequest in Filter MP2 [QUESTION]

[Craig Shelley]

Hello,
I am a newbie to this list, so please forgive me if this is not the
place where I should asking this question.

I am writing a filter module for MP2 that will parse its input for
certain embedded commands.

One of these commands should cause the filter to issue a SubRequest to
get the output of another file or cgi script on the server.

The output of the SubRequest will also be processed, and I will need to
have access to the headers it returned, I can then set cookies etc.

In MP1 I had big problems when it came to processing the output of a
SubRequest because there was no way of capturing the output.

In MP2 Progress has been somewhat slower since I am unfamiliar with the
documentation.

Before porting all my code from MP1 to MP2 I decided to write some test
scripts to check that I was able to use the functionality that I
require.

Here is my test setup


PerlOutputFilterHandler Apache::testfilter

 

> package Apache::testfilter;
>  
>  
>   use strict;
>   use warnings;
>  
>  
>   use Apache::Filter ();
>   use Apache::SubRequest ();
>   use Apache::RequestRec ();
>   use APR::Table ();
>  
>  
>   use Apache::Const -compile => qw(OK);
>  
>  
>   use constant BUFF_LEN => 1024;
>  
>  
>   sub handler {
>   my $f = shift;
>  
>  
>  
>  
>   unless ($f->ctx) {
>   $f->r->headers_out->unset('Content-Length');
>   $f->ctx(1);
>  
>  
>  
>  
>  
>  
>   my $rr = $f->r->lookup_uri("subrequest.txt");
>   #$rr->run;
>  
>  
>   }
>  
>  
>   #From the filter example on perl.apache.org */
>   while ($f->read(my $buffer, BUFF_LEN)) {
>   $buffer =~ s/[\r\n]//g;
>   $f->print($buffer);
>   }
>  
>  
>   $f->print("\nEnd of Filter\n");
>   return Apache::OK;
>   }
>   1;


For some reason, the server segfaults when the above code is run (with
the $rr->run line present)

 [Mon Aug 25 16:16:12 2003] [notice] Graceful restart requested, doing  restart
 apache2: Could not determine the server's fully qualified domain name, using 
127.0.0.1 for ServerName
 [Mon Aug 25 16:16:12 2003] [notice] Apache/2.0.47 (Debian GNU/Linux) mod_perl/1.99_09 
Perl/v5.8.0 configured -- resuming normal operations

Then when I make a request...

 [Mon Aug 25 16:16:16 2003] [notice] child pid 13250 exit signal Segmentation fault 
(11)

I know I am doing something wrong because I have still not figured out a
way to obtain the output from the subrequest.
After a few hours of trying different things, I found that a subrequest
will work if it is in one of the handler modules eg PerlResponseHandler

I would like to thank anyone (in advance) for helping me solve this
problem.

-- 
Craig Shelley <[EMAIL PROTECTED]>






A "goto" in Perl falls into the category of hard things that should be
possible, not easy things that should be easy.
 -- Larry Wall in <[EMAIL PROTECTED]>




-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: Apache 2.0, mod_perl filter question

[Ilia Rassadzin]

Hello,

I am trying to use as a proxy Apache 2.0 which
includes mod_proxy and mod_ssl.
I am trying to use mod_perl for parsing/changing
decrypted plain text HTML data passed over SSL.
maybe there are other ways to do this, let me know.

The script shows that it is theoretically possibly to
parse/modify HTML passed over SSL in case of GET
(working on POST at this time) with a given setup:
SSL-unaware browser <-> mod_proxy+mod_ssl+mod_perl <->
SSL server

this question should probably be like 'How to setup
Apache + mod_ssl + mod_proxy + mod_perl to make
filtering of plain HTML passed over SSL possible?'

minimal setup:


PerlModule MyApache::FilterSnoop


PerlOutputFilterHandler
MyApache::FilterSnoop::connection





SSLEngine on
SSLProxyEngine on
SetHandler modperl


PerlOutputFilterHandler
MyApache::FilterSnoop::connection
AllowCONNECT 80 443 563 1200 1300
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile
/usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile
/usr/local/apache2/conf/ssl.key/server.key


CustomLog logs/ssl_request_log \
  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
\"%r\" %b"




--- Stas Bekman <[EMAIL PROTECTED]> wrote:
> Ilia Rassadzin wrote:
> > Hello,
> > 
> > 
> > I am trying to filter DECRYPTED, PLAIN TEXT data.
> I
> > attached my two configuration files. If more
> > information needed i can send my logs.
> > Ideally I want to make a setup where
> > encryption/decryption being done twice in order to
> > filter DECRYPTED, PLAIN TEXT data(correct me if I
> am
> > wrong)
> > Like SSL-enabled browser <-> Proxy (SSL, Apache)
> <->
> > Proxy (non SSL, Apache, here goes filtering) <->
> > another Proxy ( SSL, Apache) <-> Server (SSL)
> 
> So you try to use mod_perl 2.0 as a proxy, which
> decrypts the stream, does 
> something to it, encrypts it back and sends it
> further? I'm not sure whether 
> this should work, aren't you suppose to somehow
> reconstruct the keys in order 
> for this to work?
> 
> What would be the minimal setup to setup a test
> environment?
> 
> > At this time i made some little perl script
> > and it works for GET, having some troubles with
> POST,
> > so if you are aware about this problem SSL + proxy
> +
> > POST, please let me know (sorry for offtopic)
> >  
> > #!/usr/bin/perl -w
> >  
> > use URI::URL;
> > use LWP::UserAgent;
> > use HTTP::Request;
> > use HTTP::Request::Common;
> > use HTTP::Request::Form;
> > use HTML::TreeBuilder 3.0;
> > use HTTP::Cookies;
> > 
> > my $ua = LWP::UserAgent->new;
> > $ua->proxy('https','https://localhost');
> > my $url = url 'https://some.server.com:1200/';
> > my $cookie_jar = HTTP::Cookies->new();
> > my $res = $ua->request(GET $url);
> > my $tree = HTML::TreeBuilder->new;
> > $tree->parse($res->content);
> > $tree->eof();
> >  
> > my @forms = $tree->find_by_tag_name('FORM');
> > my $f = HTTP::Request::Form->new($forms[0], $url);
> > $f->field("nm", "user");
> > $f->field("pwd", "password");
> > my $response = $ua->request($f->press("submit"));
> > $cookie_jar->extract_cookies($response);
> > $cookie_jar->save();
> > print $response->content if $response->is_success;
> >  
> > ie, non-SSL browser <-> proxy + mod_ssl + mod_perl
> > filter <-> server works for me for GET
> > 
> > If I do the same with IE, ie Tools->Internet
> > Options->Connections->Lan Settings->use a proxy
> server
> >  
> > and put here address of my apache server, I am
> getting
> > 403 Forbidden.
> > I cannot explain this.
> > Any help, ideas, etc are highly appreciated.
> 
> I'm not sure how this script helps to understand
> your problem with filtering. 
> Neither a huge config file, most of it irrelevant to
> the problem.
> 
> What we need is a set of short script/handlers and a
> minimal config file with 
> which we can reproduce the problem.
> 
> Ideally, if you can submit patches to our test suite
> to accomplish this setup 
> that would be the simplest. All we will have to do
> is to make it working.
> 
>
__
> Stas BekmanJAm_pH --> Just Another
> mod_perl Hacker
> http://stason.org/ mod_perl Guide --->
> http://perl.apache.org
> mailto:[EMAIL PROTECTED] http://use.perl.org
> http://apacheweek.com
> http://modperlbook.org http://apache.org  
> http://ticketmaster.com
> 
> 
> 
> -- 
> Reporting bugs: http://perl.apache.org/bugs/
> Mail list info:
> http://perl.apache.org/maillist/modperl.html
> 


__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com


-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: Apache 2.0, mod_perl filter question

[Gedanken]

To the best of my knowledge, the 'proxy' that is used in LWP still cannot 
support CONNECT style SSL proxies, meaning its very hit or miss if it 
works - roughly 50/50 for the few hundred proxies ive checked recently.

try replacing *all* your $UA->proxy lines with

$ENV{HTTPS_PROXY} = "http://localhost:80";;

this will work assuming you have Crypt::SSLeay installed (libwwwperl works 
with either IO SOCKET SSL or crypt ssleay... but crypt ssleay is the one 
that gives you low level proxy stuff.)

check out the docs on crypt::ssleay for more info on using proxies with 
LWP, it was an eye opener.  

as a side note, you may want to undef $ENV{HTTPS_PROXY} before creating 
your agent.  I dont use UserAgent much but i use WWW::Mechanize a ton 
(sunbclass) and it has code to automagically set $ua->proxy if it detects 
the ENV is set.  which immediately breaks the ENV proxy since they are not 
compatible... boo Mechanize =).  I think that code is in Mechanize and not 
UserAgent however so you should be safe - but im not positive.

The only downsides to this approach:

 - UserAgent will report itself as not being proxied even though it is, 
since its done at a lower level than its aware.  for my code, i couldnt 
care less.
 - you have to https everything, since I havent found a way to use the 
env-set style https proxy for ssl, but something different for http.  you 
cant mix and match the LWP style and the Crypt::SSL style proxies - the 
lwp one will clobber whatever goodness is in crypt::ssleay's with stuff 
that doesnt work.

I have no clue why you are getting 403 errors in a browser...

-- 
gedanken



-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: Apache 2.0, mod_perl filter question

[Stas Bekman]

Ilia Rassadzin wrote:
Hello,

I am trying to filter DECRYPTED, PLAIN TEXT data. I
attached my two configuration files. If more
information needed i can send my logs.
Ideally I want to make a setup where
encryption/decryption being done twice in order to
filter DECRYPTED, PLAIN TEXT data(correct me if I am
wrong)
Like SSL-enabled browser <-> Proxy (SSL, Apache) <->
Proxy (non SSL, Apache, here goes filtering) <->
another Proxy ( SSL, Apache) <-> Server (SSL)
So you try to use mod_perl 2.0 as a proxy, which decrypts the stream, does 
something to it, encrypts it back and sends it further? I'm not sure whether 
this should work, aren't you suppose to somehow reconstruct the keys in order 
for this to work?

What would be the minimal setup to setup a test environment?

At this time i made some little perl script
and it works for GET, having some troubles with POST,
so if you are aware about this problem SSL + proxy +
POST, please let me know (sorry for offtopic)
 
#!/usr/bin/perl -w
 
use URI::URL;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common;
use HTTP::Request::Form;
use HTML::TreeBuilder 3.0;
use HTTP::Cookies;

my $ua = LWP::UserAgent->new;
$ua->proxy('https','https://localhost');
my $url = url 'https://some.server.com:1200/';
my $cookie_jar = HTTP::Cookies->new();
my $res = $ua->request(GET $url);
my $tree = HTML::TreeBuilder->new;
$tree->parse($res->content);
$tree->eof();
 
my @forms = $tree->find_by_tag_name('FORM');
my $f = HTTP::Request::Form->new($forms[0], $url);
$f->field("nm", "user");
$f->field("pwd", "password");
my $response = $ua->request($f->press("submit"));
$cookie_jar->extract_cookies($response);
$cookie_jar->save();
print $response->content if $response->is_success;
 
ie, non-SSL browser <-> proxy + mod_ssl + mod_perl
filter <-> server works for me for GET

If I do the same with IE, ie Tools->Internet
Options->Connections->Lan Settings->use a proxy server
 
and put here address of my apache server, I am getting
403 Forbidden.
I cannot explain this.
Any help, ideas, etc are highly appreciated.
I'm not sure how this script helps to understand your problem with filtering. 
Neither a huge config file, most of it irrelevant to the problem.

What we need is a set of short script/handlers and a minimal config file with 
which we can reproduce the problem.

Ideally, if you can submit patches to our test suite to accomplish this setup 
that would be the simplest. All we will have to do is to make it working.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: Apache 2.0, mod_perl filter question

[Ilia Rassadzin]

Hello,


I am trying to filter DECRYPTED, PLAIN TEXT data. I
attached my two configuration files. If more
information needed i can send my logs.
Ideally I want to make a setup where
encryption/decryption being done twice in order to
filter DECRYPTED, PLAIN TEXT data(correct me if I am
wrong)
Like SSL-enabled browser <-> Proxy (SSL, Apache) <->
Proxy (non SSL, Apache, here goes filtering) <->
another Proxy ( SSL, Apache) <-> Server (SSL)
 
At this time i made some little perl script
and it works for GET, having some troubles with POST,
so if you are aware about this problem SSL + proxy +
POST, please let me know (sorry for offtopic)
 
#!/usr/bin/perl -w
 
use URI::URL;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common;
use HTTP::Request::Form;
use HTML::TreeBuilder 3.0;
use HTTP::Cookies;

my $ua = LWP::UserAgent->new;
$ua->proxy('https','https://localhost');
my $url = url 'https://some.server.com:1200/';
my $cookie_jar = HTTP::Cookies->new();
my $res = $ua->request(GET $url);
my $tree = HTML::TreeBuilder->new;
$tree->parse($res->content);
$tree->eof();
 
my @forms = $tree->find_by_tag_name('FORM');
my $f = HTTP::Request::Form->new($forms[0], $url);
$f->field("nm", "user");
$f->field("pwd", "password");
my $response = $ua->request($f->press("submit"));
$cookie_jar->extract_cookies($response);
$cookie_jar->save();
print $response->content if $response->is_success;
 
ie, non-SSL browser <-> proxy + mod_ssl + mod_perl
filter <-> server works for me for GET

If I do the same with IE, ie Tools->Internet
Options->Connections->Lan Settings->use a proxy server
 
and put here address of my apache server, I am getting
403 Forbidden.
I cannot explain this.
Any help, ideas, etc are highly appreciated.
 
Thanks,
Ilia


--- Stas Bekman <[EMAIL PROTECTED]> wrote:
> Ilia Rassadzin wrote:
> > Hello mod_perl,
> > 
> > I have some problems with filtering HTTPS traffic.
> > I modified for my needs FilterSnoop module from
> Stas
> > Bekman filter tutorial. It perfectly sees HTTP
> data,
> > but not HTTPS.
> > Does anyone have any suggestions(ideas) about how
> to
> > implement a filter which will see HTTPS?
> > 
> > Thanks in advance
> 
> I need more input from you. Are you trying to filter
> an encrypted data stream?
> 
> mod_perl connection filters, happen after the
> incoming data has been decrypted 
> and the outgoing data hasn't been yet encrypted.
> 
>
__
> Stas BekmanJAm_pH --> Just Another
> mod_perl Hacker
> http://stason.org/ mod_perl Guide --->
> http://perl.apache.org
> mailto:[EMAIL PROTECTED] http://use.perl.org
> http://apacheweek.com
> http://modperlbook.org http://apache.org  
> http://ticketmaster.com
> 
> 
> 
> -- 
> Reporting bugs: http://perl.apache.org/bugs/
> Mail list info:
> http://perl.apache.org/maillist/modperl.html
> 


__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs-2.0/> for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.  
#
# The configuration directives are grouped into three basic sections:
#  1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
#  2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
#  3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE!  If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read 

Re: Apache 2.0, mod_perl filter question

[Stas Bekman]

Ilia Rassadzin wrote:
Hello mod_perl,

I have some problems with filtering HTTPS traffic.
I modified for my needs FilterSnoop module from Stas
Bekman filter tutorial. It perfectly sees HTTP data,
but not HTTPS.
Does anyone have any suggestions(ideas) about how to
implement a filter which will see HTTPS?
Thanks in advance
I need more input from you. Are you trying to filter an encrypted data stream?

mod_perl connection filters, happen after the incoming data has been decrypted 
and the outgoing data hasn't been yet encrypted.

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: Coding Style Question - Using exit

[Chris Faust]

Thanks for the reply Thomas,

> Why not let determine_proper_action() return undef (or OK, or whatever) if
> you do not want to redirect? And in your handler do:
>
>   my $rv=determine_proper_action();
>   if ($rv) {  # or ($rv == Apache::Constants::OK)
>  # redirect
>   } else
> # done
>   }
>
> One problem I can see is if you're exiting somewhere deep in a nested sub
> and you cannot propagate the return value back to the handler (easily).
>
>

That seems to be working well, I've changed that part of the handler to:

**
 ($request_type,$back_url) = determine_proper_action();

 # Properly Exit the Handler from all subs within Determine Proper Action
 if ($request_type eq 'Apache::REDIRECT') {
  $r->headers_out->set(Location => $back_url);
return Apache::REDIRECT;
 } else {
  return Apache::OK;
 }
*
Then in every sub within determine_proper_action I'm returning either
"Apache::OK" or "Apache::REDIRECT".

Still got a lot of testing to do, but so far I've been able to get rid of
all "exit"s from my script!

Thanks
-Chris




-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Re: Coding Style Question - Using exit

[Thomas Klausner]

Hi!

On Mon, Aug 18, 2003 at 08:07:30 -0400, Chris Faust wrote:

> Example To Help Explain:
> 
> sub handler {
>  $r = shift;
> 
> init_global_vals();
> 
> $back_url = determine_proper_action();
> 
> my $back_url = "";
> $r->headers_out->set(Location => $back_url);
>
> return Apache::REDIRECT;
> }

Why not let determine_proper_action() return undef (or OK, or whatever) if
you do not want to redirect? And in your handler do:

  my $rv=determine_proper_action();
  if ($rv) {  # or ($rv == Apache::Constants::OK)
 # redirect
  } else 
# done
  }

One problem I can see is if you're exiting somewhere deep in a nested sub
and you cannot propagate the return value back to the handler (easily).


-- 
#!/usr/bin/perl   http://domm.zsi.at
for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/}


-- 
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html

Coding Style Question - Using exit

[Chris Faust]

Folks,
 
In the continuing effort to make my code better, 
I'm trying to get rid "exit" in my scripts and clean up some things that 
just don't sit well (but they work).
 
Almost 95% of my pages are served up via a template 
system (H::T) and the rest are a redirects.
Currently I use a subroutine that all my other subs 
pass content to, to display my templates - at the end of this sub I call 
"exit" so I do not go any further.
In the case where I want to redirect to a URL, I 
then "return" to the handler with the URL.
 
Although it works, it doesn't seem right to 
me..
 
Example To Help Explain:
 
sub handler { $r = shift;
init_global_vals();
 
$back_url = determine_proper_action();
 
my $back_url = 
"";$r->headers_out->set(Location => 
$back_url);   return Apache::REDIRECT;
}
 
"Determine proper action" is a dispatch list of all 
the subroutines that make up the script, including the sub where I display the 
templates and exit.
So for almost 95% of my requests, I'm "exiting" 
within determine_proper_action().
 
Does that make sense? Is it a bad 
thing?
 
Thanks
-Chris
 

Question about mod_perl startup script

[Wes Plate]

I am getting up and running a server that wants mod_perl.  The instructions
talks about a startup script.  I'm very new, so I don't know how I'm
supposed to get this step completed.

Do I copy the provided script to a location?  Do I edit an existing script?
Do I edit some configuration file?

Thank you.


The instructions I'm following is quoted below, it is from
http://doc.otrs.org/1.1/html/install-cli.html#INSTALL-CLI-WEBSERVER


> You may want to use a mod_perl startup script. Compiled modules on startup
> (speed!)! Use the mod_perl startup script which comes with otrs
> (scripts/apache-perl-startup.pl).
> 
> - Change the default startup script location of your httpd to
>   $OTRS_HOME/scripts/apache-perl-startup.pl in httpd.conf
>   [...]
>   # load all otrs modules
>   Perlrequire /opt/otrs/scripts/apache-perl-startup.pl
>   [...]
> 
> Edit the scripts/apache-perl-startup.pl script:
> 
>  - Establish datababase connections on process startup (httpd).
> 
>[...]
>use Apache ();
>use Apache::DBI ();
>Apache::DBI->connect_on_init('DBI:mysql:otrs', 'otrs', 'some-pass');
># Apache::DBI->connect_on_init($data_source, $username, $auth, \%attr)
>[...]
> 
>  - Change the otrs lib dir (if needed)!
> 
>[...]
># --
># set otrs lib path!
># --
>use lib "/path/to/otrs/";
>use lib "/path/to/otrs/Kernel/cpan-lib";
>[...]
> 
> Nice! You will love mod_perl! ,-)


-- 
Wes Plate
 Automatic Duck, Inc.
  http://www.wesplate.com
   http://www.automaticduck.com

Re: Question about mod_perl startup script

[Thomas Klausner]

Hi!

On Wed, Aug 13, 2003 at 09:28:37AM -0700, Wes Plate wrote:
> I am getting up and running a server that wants mod_perl.  The instructions
> talks about a startup script.  I'm very new, so I don't know how I'm
> supposed to get this step completed.

See here for some infos on startup.pl;
  http://perl.apache.org/docs/1.0/guide/config.html#The_Startup_File

Additionally, you might want to search perl.apache.org for 'startup.pl'

> The instructions I'm following is quoted below, it is from
> http://doc.otrs.org/1.1/html/install-cli.html#INSTALL-CLI-WEBSERVER

You're probably better off using perl.apache.org as a reference.

Or read one (or more) of the books mentioned here:
  http://perl.apache.org/docs/offsite/books.html


-- 
#!/usr/bin/perl   http://domm.zsi.at
for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/}

Apache 2.0, mod_perl filter question

[Ilia Rassadzin]

Hello mod_perl,

I have some problems with filtering HTTPS traffic.
I modified for my needs FilterSnoop module from Stas
Bekman filter tutorial. It perfectly sees HTTP data,
but not HTTPS.
Does anyone have any suggestions(ideas) about how to
implement a filter which will see HTTPS?

Thanks in advance
Ilia


__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

Re: [QUESTION] Can't read out verified username (auth)

[Martin Wickman]

On Wed, Jul 23, 2003 at 02:37:30PM +0200, Fatih Gey wrote:
> From: "Martin Wickman" <[EMAIL PROTECTED]>

[...]

> > Nope. When the browser gets a 401 response from the server, it
> > will (most likely) pop up a dialog asking the user for name and
> > password. These credentials gets mangled into an Authorization
> > header which gets sent with the next request once the user klicks
> > OK in the dialog. Now, you can perform your authen-code as you
> > like.  Cookies and forms' got nothing to do with it, really.  Read
> > more here: http://www.faqs.org/rfcs/rfc2617.html
> > 
> 
> Oh OK.., now i get it: In Basic Auth-Scheme, the Useragent -after
> getting the required user and pass info from Client- resends his
> Authorization-String in every Requestheader submitted to the
> Server. 

Correct.

> So the webserver have not to recognize an already authorized user,
> as long as he's possible to authorize the user on every request.

Correct. But you still have to do the authorization for each
request. The nice thing is that one can delegate the authorization to
the webserver, så that the application just have to check if
REMOTE_USER is set or not.

> So there's no way, to use an http-form instead of browser's ugly
> authorization-box and perfrom the Basic Authorization (without
> Cookies or taking an sessionkey with the url)?

Correct, there is no official way.

Except... there is one possibility. Most browser understands the url
'http://userid:[EMAIL PROTECTED]/protected/', and will parse
that url and submit the credentials as if they were collected in the
standard popup as usual. So, in fact, you _can_ do your authorization
using a normal html form and then, upon valid credentials, create a
such an url for the user to click/redirect. Messy, but it works.

My personal opinion is that the "ugly" popup may indeed be plain and
boring, but it is the only standard and resonably secure way of doing
authentication. Btw, always use https or you will leak passwords all
over the network.

Re: [QUESTION] Can't read out verified username (auth)

[Fatih Gey]

- Original Message - 
From: "Martin Wickman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 21, 2003 4:41 PM
Subject: Re: [QUESTION] Can't read out verified username (auth)


> On Mon, Jul 21, 2003 at 12:36:55PM +0200, Fatih Gey wrote:
> > > On Mon, Jul 21, 2003 at 01:05:58AM +0200, Fatih Gey wrote:
> > > > 
> > > > i was writing my own AuthHandler with modperl v2 (v1.99_09).
> > > 
> > > [...]
> > > 
> > > > After having entered user/pass via html-form, this authentification
> > > > does his job well, but on the following request (on same browser)
> > > > $obj->user doesnt seem to return any value.. so this handler tries
> > > > to compare http post data ( which arent present this time) with
> > > > userdata in mysql-table.. resulting in an Auth_Required error.
> > > 
> > > Well, how do you suppose that the browser should know how and what
> > > credentials to send? 
> > > 
> > > Unless you (a) create a session-cookie, (b) encode a session-kei into
> > > each url or (c) use the simple but proper Basic Authentication scheme,
> > > there is no way to accomplish this. And from what I gather you are not
> > > doing any of that?
> > > 
> >
> > I supposed the browser to resend always an unique "bowser session
> > id", which is used by apache to save certain values, like
> > $ENV{'REMOTE_USER'} (similiar to a session-cookie with uid and
> > serverbased $vars) ..  Isn't this the way Basic Authentication
> > scheme works ? ..
> 
> Nope. When the browser gets a 401 response from the server, it will
> (most likely) pop up a dialog asking the user for name and
> password. These credentials gets mangled into an Authorization header
> which gets sent with the next request once the user klicks OK in the
> dialog. Now, you can perform your authen-code as you like.
> 
> Cookies and forms' got nothing to do with it, really.
> 
> Read more here: http://www.faqs.org/rfcs/rfc2617.html
> 
> 
> 

Oh OK.., now i get it: In Basic Auth-Scheme, the Useragent -after getting the 
required user and pass info from Client- resends his Authorization-String in every 
Requestheader
submitted to the Server. So the webserver have not to recognize an already authorized 
user,
as long as he's possible to authorize the user on every request.

So there's no way, to use an http-form instead of browser's ugly authorization-box and 
perfrom the 
Basic Authorization (without Cookies or taking an sessionkey with the url)? 

Re: Question to mod_perl gurus. Take 1 minute. Just choose rightanswer from list!

[Perrin Harkins]

On Mon, 2003-07-21 at 07:31, Влад Сафронов wrote:
> so the question:
> which sub "main_deck" will be executed?
> 
> 1. Hi, it's SCRIPT_1!
> 2. Bye, it was SCRIPT_2!

I think #2, because it was the last one eval'ed, and you can only have
one sub with a given name in one package namespace.  Apache::ePerl does
not really support the use of in-line subs.  You have to put them in a
separate module.

- Perrin

Re: [QUESTION] Can't read out verified username (auth)

[Martin Wickman]

On Mon, Jul 21, 2003 at 12:36:55PM +0200, Fatih Gey wrote:
> > On Mon, Jul 21, 2003 at 01:05:58AM +0200, Fatih Gey wrote:
> > > 
> > > i was writing my own AuthHandler with modperl v2 (v1.99_09).
> > 
> > [...]
> > 
> > > After having entered user/pass via html-form, this authentification
> > > does his job well, but on the following request (on same browser)
> > > $obj->user doesnt seem to return any value.. so this handler tries
> > > to compare http post data ( which arent present this time) with
> > > userdata in mysql-table.. resulting in an Auth_Required error.
> > 
> > Well, how do you suppose that the browser should know how and what
> > credentials to send? 
> > 
> > Unless you (a) create a session-cookie, (b) encode a session-kei into
> > each url or (c) use the simple but proper Basic Authentication scheme,
> > there is no way to accomplish this. And from what I gather you are not
> > doing any of that?
> > 
>
> I supposed the browser to resend always an unique "bowser session
> id", which is used by apache to save certain values, like
> $ENV{'REMOTE_USER'} (similiar to a session-cookie with uid and
> serverbased $vars) ..  Isn't this the way Basic Authentication
> scheme works ? ..

Nope. When the browser gets a 401 response from the server, it will
(most likely) pop up a dialog asking the user for name and
password. These credentials gets mangled into an Authorization header
which gets sent with the next request once the user klicks OK in the
dialog. Now, you can perform your authen-code as you like.

Cookies and forms' got nothing to do with it, really.

Read more here: http://www.faqs.org/rfcs/rfc2617.html

Re: [QUESTION] Can't read out verified username (auth)

[Thomas Klausner]

Hi!

On Mon, Jul 21, 2003 at 12:36:55 +0200, Fatih Gey wrote:
> I supposed the browser to resend always an unique "bowser session id", which
> is used by apache to save certain values, like $ENV{'REMOTE_USER'}
> (similiar to a session-cookie with uid and serverbased $vars) .. 
> Isn't this the way Basic Authentication scheme works ? .. 

I do not know how much Auth stuff changed in Apache 2.0/mod_perl 2, but you
seem to mix up checking user credentials in the response phase (as done in
CGI or PHP) with writing you own Auth Handlers that replace the standard
Apache ones.

If you get the user credentials via a web form, you are usually NOT using
BASIC Auth but your own scheme (or something like Apache::AuthCookie). Thus,
$r->connection->user is not set.

Take a look at:
* Chapter 6 of the Eagel book, available online at:
  http://modperl.com:9000/book/chapters/ch6.html
  
* Chapter 13.7 of the mod_perl Cookbook

* Apache::AuthCookie

At least that's how it works with mod_perl 1.x ...

-- 
#!/usr/bin/perl   http://domm.zsi.at
for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/}

Question to mod_perl gurus. Take 1 minute. Just choose right answer from list!

[Влад Сафронов]

Hi, 

recently I got in trouble with old Apache::ePerl module 
(I know there a lot of better html toolkits, but this one is suits for
my WAP-related tasks)

so the question:
we have package, handler for *.perl-embed files

package Apache::ePerl;
use vars qw ($Cache);

$Cache = {};

sub handler {
my ($r) = @_;
my ($filename, $func);

send some content type header

if (CALL_SCRIPT_1) {
# if not precompiled yet
  if (!$Cache{SCRIPT_1}) {
eval { $func = sub { package Apache::ePerlCache;
 }; }
$Cache{SCRIPT_1} = $func;
} else {
$func = $Cache{SCRIPT_1};
}
eval &{$func};
} elsif (EVAL_SCRIPT_2) {
# if not precompiled
  if (!$Cache{SCRIPT_2}) {
eval { $func = sub { package Apache::ePerlCache;
 }; }
$Cache{SCRIPT_2} = $func;
} else {
$func = $Cache{SCRIPT_2};
}
eval &{$func};  
}
return OK;
}

=== SCRIPT_1

print "some header"
# the main code
main_deck();

sub main_deck {
print "Hi, it's SCRIPT_1!";
}

=end

=== SCRIPT_2

print "some header"
# the main code
main_deck();

# the same name!
sub main_deck {
print "Bye, it was SCRIPT_2!";
}

=end


now we call:

CALL_SCRIPT_1
CALL_SCRIPT_2

got all scripts in Cache:
and now call

CALL_SCRIPT_1 again

so the question:
which sub "main_deck" will be executed?

1. Hi, it's SCRIPT_1!
2. Bye, it was SCRIPT_2!

-vlad

Re: [QUESTION] Can't read out verified username (auth)

[Fatih Gey]

> On Mon, Jul 21, 2003 at 01:05:58AM +0200, Fatih Gey wrote:
> > 
> > i was writing my own AuthHandler with modperl v2 (v1.99_09).
> 
> [...]
> 
> > After having entered user/pass via html-form, this authentification
> > does his job well, but on the following request (on same browser)
> > $obj->user doesnt seem to return any value.. so this handler tries
> > to compare http post data ( which arent present this time) with
> > userdata in mysql-table.. resulting in an Auth_Required error.
> 
> Well, how do you suppose that the browser should know how and what
> credentials to send? 
> 
> Unless you (a) create a session-cookie, (b) encode a session-kei into
> each url or (c) use the simple but proper Basic Authentication scheme,
> there is no way to accomplish this. And from what I gather you are not
> doing any of that?
> 
I supposed the browser to resend always an unique "bowser session id", which
is used by apache to save certain values, like $ENV{'REMOTE_USER'}
(similiar to a session-cookie with uid and serverbased $vars) .. 
Isn't this the way Basic Authentication scheme works ? .. 

Re: [QUESTION] Can't read out verified username (auth)

[Martin Wickman]

On Mon, Jul 21, 2003 at 01:05:58AM +0200, Fatih Gey wrote:
> 
> i was writing my own AuthHandler with modperl v2 (v1.99_09).

[...]

> After having entered user/pass via html-form, this authentification
> does his job well, but on the following request (on same browser)
> $obj->user doesnt seem to return any value.. so this handler tries
> to compare http post data ( which arent present this time) with
> userdata in mysql-table.. resulting in an Auth_Required error.

Well, how do you suppose that the browser should know how and what
credentials to send? 

Unless you (a) create a session-cookie, (b) encode a session-kei into
each url or (c) use the simple but proper Basic Authentication scheme,
there is no way to accomplish this. And from what I gather you are not
doing any of that?

[QUESTION] Can't read out verified username (auth)

[Fatih Gey]

Hi,

i was writing my own AuthHandler with modperl v2 (v1.99_09).
Getting the Username/Password-Pair from an html-form (submit via post) and finally
checking it against an mysql-table works fine so far.

When the authentification have taken place.. the username should be reminded
in any way, so the user haven't to enter their password-info on every request... and 
this is 
what doesn't work in my code: 

--- /usr/lib/perl5/site_perl/5.8.0/MyIntranet/AuthHandler
package Myintranet::AuthHandler;

use Apache::Const qw(OK FORBIDDEN AUTH_REQUIRED SERVER_ERROR);
use Apache::RequestRec;
use Apache::Connection;
use Apache::compat;
use Mysql;
use strict;

sub handler {
   my $obj = shift;

   return OK if ($obj->user);

   my %params = $obj->content();
   [..]
   $obj->user($params{'user'});
   return OK;
}

--- EOF
After having entered user/pass via html-form, this authentification does his job well, 
but on the following request
(on same browser) $obj->user doesnt seem to return any value.. so this handler tries 
to compare http post data (
which arent present this time) with userdata in mysql-table.. resulting in an 
Auth_Required error.

Any logical misstake doing this way of "reauthorizing" .. or anything missing ? 
Available documentation - modperl cookbook included - does it that way ...
Thanks for help/any hints!

F. Gey

Re: Another newbie question: SetPerlVar

[Walter H. van Holst]

On Thu, 2003-07-17 at 18:56, Frank Wiles wrote:

> > What is the obvious thing I am overlooking?
> 
>   It's PerlSetVar not SetPerlVar. 

* Blush *

Thanks.

Regards,

 Walter
-- 
All things that are, are with more spirit chased than enjoyed.
 -- Shakespeare, "Merchant of Venice"

Re: Another newbie question: SetPerlVar

[Frank Wiles]

On 17 Jul 2003 18:47:06 +0200
"Walter H. van Holst" <[EMAIL PROTECTED]> wrote:

> Hello,
>  
>  If I use SetPerlVar in my apache-perl httpd.conf by just plainly
> stating.
> 
> SetPerlVar Foo Bar
> 
> Apache-perl won't start:
> 
> Syntax error on line xxx of /etc/apache-perl/httpd.conf:
> Invalid command 'SetPerlVar', perhaps mis-spelled or defined by a
> module not included in the server configuration
> /usr/sbin/apache-perl-ctl start: httpd could not be started
> 
> What is the obvious thing I am overlooking?

  It's PerlSetVar not SetPerlVar. 

 -
   Frank Wiles <[EMAIL PROTECTED]>
   http://frank.wiles.org
 -

Re: Another newbie question: SetPerlVar

[Haroon Rafique]

On Today at 6:47pm, WHvH=>Walter H. van Holst <[EMAIL PROTECTED]>...:

WHvH> Hello,
WHvH>  
WHvH>  If I use SetPerlVar in my apache-perl httpd.conf by just plainly
WHvH> stating.
WHvH> 
WHvH> SetPerlVar Foo Bar
WHvH> 

Try PerlSetVar instead.

For 1.0
http://perl.apache.org/docs/1.0/guide/config.html#PerlSetVar_and_PerlAddVar

For 2.0
http://perl.apache.org/docs/2.0/user/config/config.html#C_PerlSetVar_

--
Haroon Rafique
<[EMAIL PROTECTED]>

Another newbie question: SetPerlVar

[Walter H. van Holst]

Hello,
 
 If I use SetPerlVar in my apache-perl httpd.conf by just plainly
stating.

SetPerlVar Foo Bar

Apache-perl won't start:

Syntax error on line xxx of /etc/apache-perl/httpd.conf:
Invalid command 'SetPerlVar', perhaps mis-spelled or defined by a module
not included in the server configuration
/usr/sbin/apache-perl-ctl start: httpd could not be started

What is the obvious thing I am overlooking?

Regards,

 Walter
-- 
Like almost everyone, I receive a lot of spam every day, much of it
offering to help me get out of debt or get rich quick. It's ridiculous.
(Bill Gates)

Re: Question about Apache::Request and query strings

[Stas Bekman]

Tom Gazzini wrote:
I have a perl function which, amongst other things, needs to redirect
the request to another page.
It also needs to pass all the query parameters of the original request
(both GET and POST) to the redirected page, and also add one parameter
of it's own (an error message).
Sounds simple enough, but I'm having problems with the passing paramters
bit.
Here's what I have:

sub show_error {
my ($r, $error) = @_;
	# $r is an Apache:Request object passed by the caller

my $uri = URI->new($url);
foreach my $p (@params) {
$uri->query_form($p => $r->param($p));
}
$uri->query_form(error => $error);
$r->internal_redirect($uri->canonical);
}
But this doesn't work. The '?error=' query string gets passed, but the
orginal request query strings don't.
What am I doing wrong? And is there an easier way?
This example may help:
http://perl.apache.org/docs/1.0/guide/snippets.html#Reusing_Data_from_POST_request
__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: mp2: architectural question re authentication handlers

[Carl Brewer]

Cees Hek wrote:

	[chomp]

Thanks Cees, that's exactly what I needed :)  My stuff is all completely
generated by scripts where I need access control, but I certainly
see the use for controlling static entity access.
Carl

Re: mp2: architectural question re authentication handlers

[Cees Hek]

Quoting Carl Brewer <[EMAIL PROTECTED]>:

> Forgive me for asking yet another fundamentally basic question.
> 
> I'm cutting a web app over from PHP to mod_perl 2, and
> am wondering how 'best' (for which there are many flavours ...)
> to handle authentication.
> 
> At present I've knocked up a site that does auth via a
> form and state tracking with Session.pm.  The form checks
> usernames & passwords against a MySQL database, and the state is
> maintained by Session.  This seems quite logical to me, coming from
> essentially a CGI background, but the discussion of handlers
> around here makes me believe there's a better way?

I would highly recommend the Eagle book if you are looking to move beyond CGI
when using mod_perl.  I know that you are looking at mod_perl2, and the Eagle
book does not cover mod_perl2, but it will give you great insight into how
mod_perl and Apache works.

And lucky for you, since you are interested in Authentication and Authorization,
that chapter happens to be available online.

http://modperl.com:9000/book/chapters/ch6.html

Also checkout the great documentation available at http://perl.apache.org/

If you want a good example of how to implement Authentication and Authorization
in mod_perl, then look on CPAN for the man Apache::Auth* modules.  I have used
Apache::AuthCookie in many projects and it has relatively good documentation. 
You will also find tonnes of info on Authentication if you search the mailing
list archives.

> I see threads here discussing the use of handlers, which I
> don't really understand how they fit into the picture,
> they seem to my poor understanding to be a hardcoded
> chunk in httpd.conf, for handling authentation/state.  Is
> there anywhere a dumb beginers guide to how this
> works?

The easiest way to explain it is to just look at Apache's Basic Authentication
support at first.  The one where the browser pops up a window and you type in
your username and password, and Apache authenticates the user for you before it
will allow the CGI script to be executed or the html file to be downloaded.  You
configure that in httpd.conf or in .htaccess files, telling Apache who has
access to specific files and directories.  This is just your standard access
control stuff.

Now imagine that you can use that same core functionality in Apache, but write
the routines yourself in perl.  And instead of the ugly login popup you can
instead create an HTML login page.  

> Do they set environment variables or something
> that a script can then look for that the script can be sure
> is legit?

Yes, they set the HTTP_USER variable to the users login when a user is
authenticated.  But your script doesn't need to even worry about that, because
Apache won't execute the script unless the user is authorized.  So if the script
is executing, then the user is authenticated...

> for now I'm continuing with my form based authentication,
> but is there a 'better' way? And if so, what makes it better?

The biggest benefit I find is that you can separate your authentication code
from the rest of the code.  With an Authentication handler, your CGI script or
content handler will never even be executed unless the user has been authenticated.

Also, how would you use a CGI based authentication scheme to limit access to a
static HTML file, or an image?  It can't be done cleanly.  But with
Authentication handlers, you can hook them to a  or 
directive or even a  directive in the httpd.conf file.  So you can
protect an entire directory with ease.

Cheers,

Cees

mp2: architectural question re authentication handlers

[Carl Brewer]

Forgive me for asking yet another fundamentally basic question.

I'm cutting a web app over from PHP to mod_perl 2, and
am wondering how 'best' (for which there are many flavours ...)
to handle authentication.
At present I've knocked up a site that does auth via a
form and state tracking with Session.pm.  The form checks
usernames & passwords against a MySQL database, and the state is
maintained by Session.  This seems quite logical to me, coming from
essentially a CGI background, but the discussion of handlers
around here makes me believe there's a better way?
I see threads here discussing the use of handlers, which I
don't really understand how they fit into the picture,
they seem to my poor understanding to be a hardcoded
chunk in httpd.conf, for handling authentation/state.  Is
there anywhere a dumb beginers guide to how this
works?  Do they set environment variables or something
that a script can then look for that the script can be sure
is legit?  Or am I completely missing the point?  Do I
need to buy a book?  It seems really bad to go
hacking into httpd.conf, but maybe that's just my
old-school conservatism?
for now I'm continuing with my form based authentication,
but is there a 'better' way? And if so, what makes it better?
Carl

Re: Newbie question about mod_perl capabilities

[Ged Haywood]

Hi there,

On 8 Jul 2003, Walter H. van Holst wrote:

> On Tue, 2003-07-08 at 10:14, Matt Sergeant wrote:
> 
> > Sorry Ged, Walter is talking about CONNECT which is a proxy request.

Argh.  :)

> Well, thanks to a someone on IRC I have found a code snippet that might
> do exactly that. So it appears that mod_perl can do this. And yes, it is
> intended for exactly the kind of CONNECT requests you describe.

:)

73,
Ged.

Re: Newbie question about mod_perl capabilities

[Walter H. van Holst]

On Tue, 2003-07-08 at 10:14, Matt Sergeant wrote:

> Sorry Ged, Walter is talking about CONNECT which is a proxy request. It 
> goes in place of GET or POST in the request line:
> 
> CONNECT mail.openrelay.com:25 HTTP/1.1
> 
> I *think* mod_perl will be able to intercept this, but I've never tried 
> it. You might need to do it very early on in the request, and make sure 
> it gets passed through to mod_proxy later on or things just won't work.

Well, thanks to a someone on IRC I have found a code snippet that might
do exactly that. So it appears that mod_perl can do this. And yes, it is
intended for exactly the kind of CONNECT requests you describe.

Regards,

 Walter
-- 
Like almost everyone, I receive a lot of spam every day, much of it
offering to help me get out of debt or get rich quick. It's ridiculous.
(Bill Gates)

Re: Newbie question about mod_perl capabilities

[Matt Sergeant]

On Monday, Jul 7, 2003, at 20:50 Europe/London, Ged Haywood wrote:

On 7 Jul 2003, Walter H. van Holst wrote:

 I am new to mod_perl and am trying to figure out whether it suits my
needs or not. Can I use it to intercept any http CONNECT requests 
Apache
receives and answer those?
The concept of a connection is at the transport level, way below HTTP.
The HTTP protocol simply assumes a reliable transport (you don't even
need an Internet:) and deals with exchanges of messages.  See RFC1945.
Sorry Ged, Walter is talking about CONNECT which is a proxy request. It 
goes in place of GET or POST in the request line:

CONNECT mail.openrelay.com:25 HTTP/1.1

I *think* mod_perl will be able to intercept this, but I've never tried 
it. You might need to do it very early on in the request, and make sure 
it gets passed through to mod_proxy later on or things just won't work.

Matt.

Re: Newbie question about mod_perl capabilities

[Ged Haywood]

Hi there,

On 7 Jul 2003, Walter H. van Holst wrote:

>  I am new to mod_perl and am trying to figure out whether it suits my
> needs or not. Can I use it to intercept any http CONNECT requests Apache
> receives and answer those?

The concept of a connection is at the transport level, way below HTTP.
The HTTP protocol simply assumes a reliable transport (you don't even
need an Internet:) and deals with exchanges of messages.  See RFC1945.

Read the Eagle Book (*), for more information about where mod_perl
fits into the scheme of things.  Chapter 3 has a good explanation of
the Apache request cycle.

73,
Ged.

(*) "Writing Apache Modules with Perl and C", ISBN 1-56592-567-X

Newbie question about mod_perl capabilities

[Walter H. van Holst]

Hi,

 I am new to mod_perl and am trying to figure out whether it suits my
needs or not. Can I use it to intercept any http CONNECT requests Apache
receives and answer those?

Regards,

 Walter
-- 
Like almost everyone, I receive a lot of spam every day, much of it
offering to help me get out of debt or get rich quick. It's ridiculous.
(Bill Gates)

Re: Stupid question of the day...

[Shannon Eric Peevey]

Randy Kobes wrote:

On Wed, 25 Jun 2003 [EMAIL PROTECTED] wrote:

 

I've built and installed a new Apache (2.0.46) with mod_ssl and
mod_perl... My goal is authentication via NIS, so I have the
following in an .htaccess file:
AuthName TEST
AuthType Basic
PerlAuthenHandler Apache::AuthenNIS;
require valid-user
My efforts, however, have been thwarted by the following error message:

Wed Jun 25 15:44:54 2003] [error] failed to resolve handler
`Apache::AuthenNIS;' [Wed Jun 25 15:44:55 2003] [error] [client
xxx.xxx.xxx.xxx] Can't locate object method "boot" via package
"mod_perl::boot" at /opt/apache/lib/perl/Apache/Constants.pm
line 8. Compilation failed in require at
/opt/apache/lib/perl/Apache/AuthenNIS.pm line 4. BEGIN
failed--compilation aborted at
/opt/apache/lib/perl/Apache/AuthenNIS.pm line 4. Compilation
failed in require at (eval 6) line 1.
   

Apache::Constants is a mod_perl 1 package, whereas you're using
mod_perl 2 (for Apache 2). If use of Apache::compat isn't enough
to get this working, some porting of the module may be required -
see the discussion of porting Apache Perl modules from mod_perl 1
to 2 at http://perl.apache.org/.
 

Feel free to contact me, as well.  I have contacted the author about 
porting the module, and if I can use you as a test environment, I can 
this ported rather quickly :)  (I don't have a NIS environment for me to 
test on, but I can make the changes, and you can test the install for 
me, and then we can get this mod to work for both versions of modperl...)

Anyone have an installation of apache 1 that is using NIS for 
authentication?  (I will need to be able to test the ported mod for 
compatibility with modperl 1, as well.)

speeves
cws
PS  We should probably attack Apache::AuthzNIS at the same time...  It 
isn't much more work :)

Re: Question about Apache::Request and query strings

[Swen Schillig]

Tom

Where's @params coming from ?
Are you sure it's not empty ?


Swen



|-+>
| |   "Tom Gazzini"|
| |   <[EMAIL PROTECTED]|
| |   uk>  |
| ||
| |   06/26/2003 04:42 |
| |   PM   |
| ||
|-+>
  
>--|
  |
  |
  |   To:   <[EMAIL PROTECTED]>
|
  |   cc:  
      |
  |   Subject:  Question about Apache::Request and query strings   
  |
  |
  |
  |
  |
  
>--|



I have a perl function which, amongst other things, needs to redirect
the request to another page.

It also needs to pass all the query parameters of the original request
(both GET and POST) to the redirected page, and also add one parameter
of it's own (an error message).

Sounds simple enough, but I'm having problems with the passing paramters
bit.

Here's what I have:

sub show_error {
 my ($r, $error) = @_;

 # $r is an Apache:Request object passed by the caller

 my $uri = URI->new($url);
 foreach my $p (@params) {
 $uri->query_form($p => $r->param($p));
 }
 $uri->query_form(error => $error);
 $r->internal_redirect($uri->canonical);
}

But this doesn't work. The '?error=' query string gets passed, but the
orginal request query strings don't.

What am I doing wrong? And is there an easier way?

Thanks,
Tom

Question about Apache::Request and query strings

[Tom Gazzini]

I have a perl function which, amongst other things, needs to redirect
the request to another page.

It also needs to pass all the query parameters of the original request
(both GET and POST) to the redirected page, and also add one parameter
of it's own (an error message).

Sounds simple enough, but I'm having problems with the passing paramters
bit.

Here's what I have:

sub show_error {
my ($r, $error) = @_;

# $r is an Apache:Request object passed by the caller

my $uri = URI->new($url);
foreach my $p (@params) {
$uri->query_form($p => $r->param($p));
}
$uri->query_form(error => $error);
$r->internal_redirect($uri->canonical);
}

But this doesn't work. The '?error=' query string gets passed, but the
orginal request query strings don't.

What am I doing wrong? And is there an easier way?

Thanks,
Tom

$apr->param question

[Wes Cravens]

I am trying to roll my own parameter collection routines...

I am trying this:

#Parse / Collect the parameters.
my %params;
foreach ($apr->param)
{
if (ref($apr->param($_)) eq "ARRAY")


$params{$_} = [$apr->param($_)];
}
else
{
$params{$_} = $apr->param($_);
}
}

the ref always seems to come out UNDEF but if I take out that logic and
just use

$params($_) = [$apr->param($_)];

Then it is a ref and can be used in a

foreach (@{$params($key)}) { }

as expected.

Any ideas where my understanding is going wrong?

Confused,

Wes

Re: Stupid question of the day...

[Randy Kobes]

On Wed, 25 Jun 2003 [EMAIL PROTECTED] wrote:

> I've built and installed a new Apache (2.0.46) with mod_ssl and
> mod_perl... My goal is authentication via NIS, so I have the
> following in an .htaccess file:
>
> AuthName TEST
> AuthType Basic
> PerlAuthenHandler Apache::AuthenNIS;
> require valid-user
>
> My efforts, however, have been thwarted by the following error message:
>
> Wed Jun 25 15:44:54 2003] [error] failed to resolve handler
> `Apache::AuthenNIS;' [Wed Jun 25 15:44:55 2003] [error] [client
> xxx.xxx.xxx.xxx] Can't locate object method "boot" via package
> "mod_perl::boot" at /opt/apache/lib/perl/Apache/Constants.pm
> line 8. Compilation failed in require at
> /opt/apache/lib/perl/Apache/AuthenNIS.pm line 4. BEGIN
> failed--compilation aborted at
> /opt/apache/lib/perl/Apache/AuthenNIS.pm line 4. Compilation
> failed in require at (eval 6) line 1.

Apache::Constants is a mod_perl 1 package, whereas you're using
mod_perl 2 (for Apache 2). If use of Apache::compat isn't enough
to get this working, some porting of the module may be required -
see the discussion of porting Apache Perl modules from mod_perl 1
to 2 at http://perl.apache.org/.

-- 
best regards,
randy kobes

Stupid question of the day...

[cwh0803]

All-

I've built and installed a new Apache (2.0.46) with mod_ssl and mod_perl...

My goal is authentication via NIS, so I have the following in an .htaccess
file:

AuthName TEST
AuthType Basic
PerlAuthenHandler Apache::AuthenNIS;
require valid-user

My efforts, however, have been thwarted by the following error message:

Wed Jun 25 15:44:54 2003] [error] failed to resolve handler
`Apache::AuthenNIS;'
[Wed Jun 25 15:44:55 2003] [error] [client xxx.xxx.xxx.xxx] Can't locate
object method "boot" via package "mod_perl::boot" at
/opt/apache/lib/perl/Apache/Constants.pm line 8.
Compilation failed in require at /opt/apache/lib/perl/Apache/AuthenNIS.pm
line 4.
BEGIN failed--compilation aborted at
/opt/apache/lib/perl/Apache/AuthenNIS.pm line 4.
Compilation failed in require at (eval 6) line 1.

Any ideas or help would be greatly appreciated!

Thanks so much!

Carl

Re: install upgrade for mod_perl+apache 2.046 onto apache 2.044 question

[Beau E. Cox]

Hi -

  - Original Message - 
  From: 
  dan 
  martin 
  To: [EMAIL PROTECTED] 
  Sent: Sunday, June 08, 2003 11:08 
AM
  Subject: install upgrade for 
  mod_perl+apache 2.046 onto apache 2.044 question
  
  I have apache 2.044 installed on win2k. I want to install the 
  mod_perl which comes with apache included (version 2.046).What do I 
  need to do with the current 2.044 version before installing the new version? 
  Do I uninstall it, stop it, or nothing?

  Once I install the new version what are the steps to revert back to the 
  old version if I run into problems?This is an active site, so I do not 
  want to figure this out by experimentation, if possible.Thanks for any 
  guidance.dan
  It's been a while since I've installed on 
  Windows, but here goes:
   
  1. Wait 'till the wee hours.
  2. Stop your current server.
  3. Uninstall the service (apache -k uninstall 
  (?)).
  4. Back it up.
  5. If memory serves, Apache 2 is pretty well self 
  contained in one directory;
      C:\Apache2 (?). Rename this 
  directory to something like C:\Apache2.old
  6. Download/install your new 
Apache2.
  7. Copy your configuration file(s) from old to 
  new - you shouldn't have to make
     any changes between 44 and 46. Don't 
  worry about setting up mod_perl
     yet.
  8 Start your new server and test.
  9. If all is well, install the service (apache -k 
  install (?)) and reboot and
      test again.
   
  Now you can move on to mod_perl. To 
  revert:
   
  1. Stop new
  2. Uninstall service.
  3. rename C:\Apache2 to 
  C:\apache2.new
  4. rename C:\Apache2.old to 
  C:\Apache2.
  5. install service.
  6. start old.
   
  THIS IS NOT A GOOD WAY TO FLY.
   
  I strongly recommend getting a testing server 
  setup on a different
  box so that you can make changes such as this 
  without interrupting
  your active site. You SHOULD be able to 
  experiment with the new
  software without fear of disrupting your traffic! 
  If there is no way you
  can do that, please drop me an off-list email and 
  perhaps I can
  let you install/test remotely on one of my 
  windows boxes.
   
  Aloha => 
Beau;

install upgrade for mod_perl+apache 2.046 onto apache 2.044 question

[dan martin]

I have apache 2.044 installed on win2k. I want to install the mod_perl which comes with apache included (version 2.046).What do I need to do with the current 2.044 version before installing the new version? Do I uninstall it, stop it, or nothing?Once I install the new version what are the steps to revert back to the old version if I run into problems?This is an active site, so I do not want to figure this out by experimentation, if possible.Thanks for any guidance.dan
Do you Yahoo!?
Free online calendar with sync to Outlook(TM).

Re: [Question] Handler executing twice!?!

[Vince Veselosky]

AHA! That's the culprit! mod_dir implements this at the fix-up stage to 
allow the directive in .htaccess files, hence my confusion. Thank you 
Stas! It all makes sense now.

-Vince

Stas Bekman wrote:

Vince Veselosky wrote:
[...]
The thing that triggered it was the fact that the url was an 
"index.pl" file. When called as "example.com/index.pl", everything 
worked as expected, but when called as "example.com/", apache (or 
something) generated a subrequest for index.pl.

NOW my question is, why does apache generate the subrequest *after* 
the HeaderParser phase, causing it to execute twice? This seems like 
a pure URI translation issue, and I would expect it to happen in the 
URI translation phase, *before* the HeaderParser executes at all. I'm 
wondering if this happens in all requests, or if it is related to 
Apache::Registry in the content handler. I didn't take the time to 
track down exactly where the subrequest originates, so I'm not sure 
if it is a mod_perl issue or just an apache issue. I might one day 
build some test cases and figure it out, but not soon. Anyone have 
some insight to add?


Do you have mod_dir (DirectoryIndex) configured? It performs a 
rewrite/sub_request-redirect in the fixup stage.
http://httpd.apache.org/docs/mod/mod_dir.html
__
Stas Bekman JAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com

Re: [Question] Handler executing twice!?!

[Stas Bekman]

Vince Veselosky wrote:
[...]
The thing that triggered it was the fact that the url was an "index.pl" 
file. When called as "example.com/index.pl", everything worked as 
expected, but when called as "example.com/", apache (or something) 
generated a subrequest for index.pl.

NOW my question is, why does apache generate the subrequest *after* the 
HeaderParser phase, causing it to execute twice? This seems like a pure 
URI translation issue, and I would expect it to happen in the URI 
translation phase, *before* the HeaderParser executes at all. I'm 
wondering if this happens in all requests, or if it is related to 
Apache::Registry in the content handler. I didn't take the time to track 
down exactly where the subrequest originates, so I'm not sure if it is a 
mod_perl issue or just an apache issue. I might one day build some test 
cases and figure it out, but not soon. Anyone have some insight to add?
Do you have mod_dir (DirectoryIndex) configured? It performs a 
rewrite/sub_request-redirect in the fixup stage.
http://httpd.apache.org/docs/mod/mod_dir.html
__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: [Question] Handler executing twice!?!

[Vince Veselosky]

Whew, okay, I have an answer, but I also still have a question. The 
short explanation:

The "bug" in my code was the fact that I forgot that a request might 
also be a subrequest, so now I check if the request is_initial_req and 
short circuit if not. (And a tiny bug in my trace code caused my debug 
log to report is_initial_req as true all the time. Stupid operator 
precedence bugs!) That solves my immediate problem and gives me 
something to watch for in future.

The thing that triggered it was the fact that the url was an "index.pl" 
file. When called as "example.com/index.pl", everything worked as 
expected, but when called as "example.com/", apache (or something) 
generated a subrequest for index.pl.

NOW my question is, why does apache generate the subrequest *after* the 
HeaderParser phase, causing it to execute twice? This seems like a pure 
URI translation issue, and I would expect it to happen in the URI 
translation phase, *before* the HeaderParser executes at all. I'm 
wondering if this happens in all requests, or if it is related to 
Apache::Registry in the content handler. I didn't take the time to track 
down exactly where the subrequest originates, so I'm not sure if it is a 
mod_perl issue or just an apache issue. I might one day build some test 
cases and figure it out, but not soon. Anyone have some insight to add?

Thanks to everyone who sent help and suggestions!
-Vince Veselosky
http://ice.control-escape.com
Vince Veselosky wrote:

Now here is the thing. The PerlHeaderParserHandler executes TWICE for 
every request. The second time through is apparently a different 
Apache object from the first, as when I write to $r->notes, only the 
values from the second execution are visible to the content handler.

Now, if I comment out the PerlHeaderParserHandler line in the conf 
file, the handler never executes at all (which is expected), so it 
isn't getting pushed onto handlers from somewhere else.

Why is this thing running twice, and how can I make it stop??? I hope 
someone can hit me over the head with a clue-stick, because this thing 
is driving me completely bananas!

All help is greatly appreciated,
Vince Veselosky
http://ice.control-escape.com

Re: [Question] Handler executing twice!?!

[Stas Bekman]

Vince Veselosky wrote:

[...]

Now here is the thing. The PerlHeaderParserHandler executes TWICE for 
every request. The second time through is apparently a different Apache 
Could it be that something in your code pushes the handler on the stack again?

I'd suggest debugging with Apache::ShowRequest?
http://search.cpan.org/author/DOUGM/Apache-Module-0.11/lib/Apache/ShowRequest.pm
Do tracing:
http://perl.apache.org/docs/1.0/guide/debug.html#Debug_Tracing
Use the 'h' setting
PerlSetEnv MOD_PERL_TRACE h
Try to use $r->get_handlers() and see what you get.

Finally, if nothing helps, go with gdb.

Also what happens if you don't use Apache::Request?

__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

[Question] Handler executing twice!?!

[Vince Veselosky]

I'm hoping someone can explain this one to me. I have a virtual host set 
up like so:
<

# This declares Apache::Webquills::InitSession::handler
PerlRequire /var/www/html/webquills/offline/wq_startup.pl

ServerName www.example.com
ServerAlias example.com
ServerPath /test
DocumentRoot /var/www/html/test
PerlHeaderParserHandler Apache::Webquills::InitSession


AllowOverride All
Options Indexes FollowSymLinks MultiViews ExecCGI
Order allow,deny
Allow from all

SetHandler perl-script
PerlHandler Apache::Registry


VHOST
Now here is the thing. The PerlHeaderParserHandler executes TWICE for 
every request. The second time through is apparently a different Apache 
object from the first, as when I write to $r->notes, only the values 
from the second execution are visible to the content handler.

Now, if I comment out the PerlHeaderParserHandler line in the conf file, 
the handler never executes at all (which is expected), so it isn't 
getting pushed onto handlers from somewhere else.

The handler code looks something like this:
<
use vars qw( $stupid );
my $DEBUG =1;
sub handler
{
# Always call 'instance' so as not to clobber params.
my ($r) = Apache::Request->instance(shift);

# Insane bug I cannot track causes this handler to execute twice
# for each request. It's driving me nuts.
if ( $stupid++ ) {
$r->log_error($r->current_callback . " executed twice! Argh!");
$r->notes(HAND2 => "HAND2");
$r->pnotes(HAND2 => "HAND2");
} else {
$r->log_error($r->current_callback . " executed once.");
$r->notes(HAND1 => "HAND1");
$r->pnotes(HAND1 => "HAND1");
return DECLINED;
}#END if

## SNIP -- Some standard Apache::Session stuff happens here.
## This "Log Handler" actually unties and closes the session.
## It executes just fine.
$r->push_handlers('PerlLogHandler', \&closer);
if ( $DEBUG ) {
$r->log_error("$$: ". $r->current_callback);
$r->log_error("$$: ". $r->is_main ? "is main" : "not main");
$r->log_error("$$: ". $r->is_initial_req ? "is initial" : "not 
initial");
}#END if
return OK;
}
CODE

The log messages get me this:
<
[Fri Mar 28 17:27:06 2003] [error] PerlHeaderParserHandler executed once.
[Fri Mar 28 17:27:06 2003] [error] PerlHeaderParserHandler executed 
twice! Argh!
[Fri Mar 28 17:27:06 2003] [error] 19914: PerlHeaderParserHandler
[Fri Mar 28 17:27:06 2003] [error] is main
[Fri Mar 28 17:27:06 2003] [error] is initial

LOG

And the content handler sees values for HAND2 but not for HAND1.

Why is this thing running twice, and how can I make it stop??? I hope 
someone can hit me over the head with a clue-stick, because this thing 
is driving me completely bananas!

All help is greatly appreciated,
Vince Veselosky
http://ice.control-escape.com

Fw: Apache::GD::Thumbnail Question

[Issac Goldstand]

Forgive my use of the list if this is a tad OT - but I seem to not be able
to contact Steven directly all of the sudden (my ISP got but on a RBL, I
think, and it will take them another bit to get off - that's why it took so
long, Steven)

 Issac

> > On Tue, 2003-03-25 at 00:12, Issac Goldstand wrote:
> > > - Original Message -
> > ..
> > > >From the man page:
> > > "* ThumbnailBaseDir
> > > Sets the directory that contains the images to be thumbnailed.
Defaults
> to
> > > ".." if not specified"
> > >
> > > Since the virtual directory /home/me/pics/thumbs/../ is where the
> pictures
> > > are (eg, /home/me/pics), I can use the default.
> > >
> > ..
> > > Why don't you show me your exact configuration, and I'll see if I can
> help
> > > you out...
> > >
> > >   Issac
> > >
> >
> > ..
> >
> > Hey Issac,
> >
> > Ok, I've dumbed this down to the lowest common denominator ( in this
> > case, I qualify as this ). In my httpd.conf I have the following lines:
> >
> > Alias /pics/ "/data/httpd/htdocs/image1/pics/"
> > 
> > Order allow,deny
> > AllowOverride None
> > Order allow,deny
> > Allow from all
> > 
>
> > 
> > SetHandler perl-handler
> > PerlHandler Apache::GD::Thumbnail
> > PerlSetVar ThumbnailMaxSize 75
> > 

 Why are you using /image1/pics/ for the thumbnails and /pics/ for the
 pictures?
 I would use:  for the location block and then  in the HTML.  See if that helps matters...

> > In my script source I have the following line:
> >
> > $r->print (' > src="/image1/pics/thumbs/roses.jpg">
> >
> > I have tried this with the PerlSetVar ThumbnailBaseDir set to the
> > Location,

 No  - ThumbnailBaseDir, would you want to set it, should be set to
 "/data/httpd/htdocs/image1/pics/"

> > with PerlModule Apache::GD::Thumbnail

 you still need this (or "use Apache::GD::Thumbnail;" in mod_perl_start.pl)

> >, with the OBJECT tag
> > instead of the IMG tag

 no - you want IMG

> >and they all yield the same 404 Not Found error.
> >
> > At this point I think that I'm probably missing something really stupid,
> > considering I am following the man page to the letter. The only thing
> > missing from the man page is any example of HTML/script usage but that
> > looks to me as really basic - access the URL and the handler takes over.
> >
> > Any suggestions would be appreciated.
> >
> > Steve
> > --
> > Steven A. Adams <[EMAIL PROTECTED]>
> >
>

Re: Apache::GD::Thumbnail Question

[Steven A. Adams]

Any word on this Issac?  Are you as stumped as I am? I dug into it again
today and verified that the jpeg, png and freetype2 libraries were
installed and verified that they functioned. I also did a complete
rebuild of GD and a CPAN force install on Apache::GD::Thumbnail - all
went well with no errors or warnings ( all for not though, it still
refuses to work ).

On Tue, 2003-03-25 at 18:34, Steven A. Adams wrote:
> On Tue, 2003-03-25 at 00:12, Issac Goldstand wrote:
> > - Original Message -
> ..
> > >From the man page:
> > "* ThumbnailBaseDir
> > Sets the directory that contains the images to be thumbnailed. Defaults to
> > ".." if not specified"
> > 
> > Since the virtual directory /home/me/pics/thumbs/../ is where the pictures
> > are (eg, /home/me/pics), I can use the default.
> > 
> ..
> > Why don't you show me your exact configuration, and I'll see if I can help
> > you out...
> > 
> >   Issac
> > 
> 
> ..
> 
> Hey Issac,
> 
> Ok, I've dumbed this down to the lowest common denominator ( in this
> case, I qualify as this ). In my httpd.conf I have the following lines:
> 
> Alias /pics/ "/data/httpd/htdocs/image1/pics/"
> 
>   Order allow,deny
>   AllowOverride None
>   Order allow,deny
>   Allow from all
> 
> 
>   SetHandler perl-handler
>   PerlHandler Apache::GD::Thumbnail
>   PerlSetVar ThumbnailMaxSize 75
> 
> 
> In my script source I have the following line:
> 
> $r->print (' src="/image1/pics/thumbs/roses.jpg">
> 
> I have tried this with the PerlSetVar ThumbnailBaseDir set to the
> Location, with PerlModule Apache::GD::Thumbnail, with the OBJECT tag
> instead of the IMG tag and they all yield the same 404 Not Found error.
> 
> At this point I think that I'm probably missing something really stupid,
> considering I am following the man page to the letter. The only thing
> missing from the man page is any example of HTML/script usage but that
> looks to me as really basic - access the URL and the handler takes over.
> 
> Any suggestions would be appreciated.
> 
> Steve
-- 
Steven A. Adams <[EMAIL PROTECTED]>

Re: Another wicked mod_perl question :)

[Perrin Harkins]

Jean-Michel Hiver wrote:
I know that it's possible to chain Apache handlers in a way that the
next handler is executed if the previous handler returned DECLINED.
It sound like you're looking for this:
http://perl.apache.org/docs/1.0/guide/config.html#Stacked_Handlers
The next handler is also executed if you return OK.

- Perrin

Another wicked mod_perl question :)

[Jean-Michel Hiver]

Hi List,

I know that it's possible to chain Apache handlers in a way that the
next handler is executed if the previous handler returned DECLINED.

I would like to have the following execution chain:

Handler1
Handler2
...
HandlerN
CGI script (running either as pure CGI or under Apache::Registry).

Any ideas on how to do that?
Cheers,
-- 
Building a better web - http://www.mkdoc.com/
-
Jean-Michel Hiver
[EMAIL PROTECTED]  - +44 (0)114 255 8097
Homepage: http://www.webmatrix.net/

Re: Apache::GD::Thumbnail Question

[Steven A. Adams]

On Tue, 2003-03-25 at 18:34, Steven A. Adams wrote:
> On Tue, 2003-03-25 at 00:12, Issac Goldstand wrote:
> > - Original Message -
> ..
> > >From the man page:
> > "* ThumbnailBaseDir
> > Sets the directory that contains the images to be thumbnailed. Defaults to
> > ".." if not specified"
> > 
> > Since the virtual directory /home/me/pics/thumbs/../ is where the pictures
> > are (eg, /home/me/pics), I can use the default.
> > 
> ..
> > Why don't you show me your exact configuration, and I'll see if I can help
> > you out...
> > 
> >   Issac
> > 
> 
> ..
> 
> Hey Issac,
> 
> Ok, I've dumbed this down to the lowest common denominator ( in this
> case, I qualify as this ). In my httpd.conf I have the following lines:
> 
> Alias /pics/ "/data/httpd/htdocs/image1/pics/"
> 
>   Order allow,deny
>   AllowOverride None
>   Order allow,deny
>   Allow from all
> 
> 
>   SetHandler perl-handler
>   PerlHandler Apache::GD::Thumbnail
>   PerlSetVar ThumbnailMaxSize 75
> 
> 
> In my script source I have the following line:
> 
> $r->print (' src="/image1/pics/thumbs/roses.jpg">
> 
> I have tried this with the PerlSetVar ThumbnailBaseDir set to the
> Location, with PerlModule Apache::GD::Thumbnail, with the OBJECT tag
> instead of the IMG tag and they all yield the same 404 Not Found error.
> 
> At this point I think that I'm probably missing something really stupid,
> considering I am following the man page to the letter. The only thing
> missing from the man page is any example of HTML/script usage but that
> looks to me as really basic - access the URL and the handler takes over.
> 
> Any suggestions would be appreciated.
> 
> Steve

Oh yeah...  This is running under Apache 1.3.27 and mod_perl 1.27.
-- 
Steven A. Adams <[EMAIL PROTECTED]>

Re: Apache::GD::Thumbnail Question

[Steven A. Adams]

On Tue, 2003-03-25 at 00:12, Issac Goldstand wrote:
> - Original Message -
..
> >From the man page:
> "* ThumbnailBaseDir
> Sets the directory that contains the images to be thumbnailed. Defaults to
> ".." if not specified"
> 
> Since the virtual directory /home/me/pics/thumbs/../ is where the pictures
> are (eg, /home/me/pics), I can use the default.
> 
..
> Why don't you show me your exact configuration, and I'll see if I can help
> you out...
> 
>   Issac
> 

..

Hey Issac,

Ok, I've dumbed this down to the lowest common denominator ( in this
case, I qualify as this ). In my httpd.conf I have the following lines:

Alias /pics/ "/data/httpd/htdocs/image1/pics/"

Order allow,deny
AllowOverride None
Order allow,deny
Allow from all


SetHandler perl-handler
PerlHandler Apache::GD::Thumbnail
PerlSetVar ThumbnailMaxSize 75


In my script source I have the following line:

$r->print ('

I have tried this with the PerlSetVar ThumbnailBaseDir set to the
Location, with PerlModule Apache::GD::Thumbnail, with the OBJECT tag
instead of the IMG tag and they all yield the same 404 Not Found error.

At this point I think that I'm probably missing something really stupid,
considering I am following the man page to the letter. The only thing
missing from the man page is any example of HTML/script usage but that
looks to me as really basic - access the URL and the handler takes over.

Any suggestions would be appreciated.

Steve
-- 
Steven A. Adams <[EMAIL PROTECTED]>

Re: Apache::GD::Thumbnail Question

[Issac Goldstand]

It does work - I use it on http://pics.beamartyr.net/ Remember that it's a
tricky sorta configuration - you must configure it within a location block
which will be the "thumbnail directory", and specify the real source
directory:

Example: The below configuration maps /home/me/pictures to
http://foo.bar/pictures/ and generates on-the-fly thumbnails in
http://foo.bar/pictures/mythumbs/

Alias /pictures/ /home/me/pictures

Order allow,deny
Allow from all


SetHandler perl-handler
PerlHandler Apache::GD::Thumbnail


Remember that it only works on JPEGs.

  Issac

- Original Message -
From: "Steven A. Adams" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, March 24, 2003 3:06 AM
Subject: Apache::GD::Thumbnail Question


> Does anyone use this handler to make on-the-fly thumbs? I've used the
> standard example code in my apache (1.3.27 with MP1) and it seems to
> ignore the handler.
>
> Any suggestions?
>
>
> --
> Steven A. Adams <[EMAIL PROTECTED]>
>

Apache::GD::Thumbnail Question

[Steven A. Adams]

Does anyone use this handler to make on-the-fly thumbs? I've used the
standard example code in my apache (1.3.27 with MP1) and it seems to
ignore the handler.

Any suggestions?


-- 
Steven A. Adams <[EMAIL PROTECTED]>

Re: Job tracking and publishing question.

[Perrin Harkins]

Thomas Whitney wrote:
I was looking at Bricolage, however it appears to be more suited to text
content publishing.  I currently use Template::Toolkit to print out the bids
and I imagine I could do all the programming myself--naturally, it would be
helpful to find some package that suited at least some of my requirements..
If you want to keep using Template Toolkit with some extra support for 
common things like sessions, users, etc., take a look at OpenInteract.

- Perrin

Re: Job tracking and publishing question.

[Les Mikesell]

From: "Thomas Whitney" <[EMAIL PROTECTED]>

> I want to implement a job tracking and database publishing system and hoping
> for some assistance.
> 
> My company does short run 4 color digital printing.  Because it is short urn
> we handle multiple jobs every day.  I developed an online bidding system; it
> use Apache, mod_perl, and  mysql.  Now I would like to move to tracking jobs
> online; first, for internal purposes -- it would make the workflow much
> easier to follow -- and later for customers to view the status of their jobs
> on the web.  Each bid has about 38 data fields associated with it and each
> job will have a few more fields along with an image file in the form of a
> pdf.

You would have to customize it quite a bit but you might look at
'Request Tracker' as a starting point:  http://www.bestpractical.com/rt/
It uses mason with sql or postgresql as the framework.   A new version
is on the way so if you would probably want to get the latest beta from
http://www.fsck.com/pub/rt/devel/  (2.1.86 now) to start.

---
  Les Mikesell
 [EMAIL PROTECTED]

Job tracking and publishing question.

[Thomas Whitney]

Hi,

I want to implement a job tracking and database publishing system and hoping
for some assistance.

My company does short run 4 color digital printing.  Because it is short urn
we handle multiple jobs every day.  I developed an online bidding system; it
use Apache, mod_perl, and  mysql.  Now I would like to move to tracking jobs
online; first, for internal purposes -- it would make the workflow much
easier to follow -- and later for customers to view the status of their jobs
on the web.  Each bid has about 38 data fields associated with it and each
job will have a few more fields along with an image file in the form of a
pdf.

Each job needs to be tracked through production with operators at each stage
having being able to update its status or add notes.  After the job is
finished an invoice would be printed to go out with the job.  Web based
applications are good for this because we use Mac's and PC's, and both must
be able to have access to that job.

I was looking at Bricolage, however it appears to be more suited to text
content publishing.  I currently use Template::Toolkit to print out the bids
and I imagine I could do all the programming myself--naturally, it would be
helpful to find some package that suited at least some of my requirements..

I would really appreciate any thoughts or suggestions.

Thanks,
Thomas Whitney

Re: Authorization question

[Perrin Harkins]

Jean-Michel Hiver wrote:
It's pretty hard to truly separate these things.  Nobody wants to use
basic auth, which means there is a need for forms and handlers.


How do you mean, 'nobody'? Users certainly don't mind!
Sure they do.  They want a nice HTML login screen, and features like 
"remember this login on this computer" (using cookies) which is standard 
on most major sites now.

I admit that it's hard to get away without cookies and URI encoding
schemes, but not impossible. There's a lot of tricks that you can do
with path_info...
But path_info is URI encoding.  Also, most of the auth/access modules, 
including ones that stick to the auth and access phases, use cookies or 
URIs.  There really is no other option except basic auth.

If you build a generalized auth system, there may well be other people 
interested in it.  However, it would have to be very easy to change the 
mechanisms for maintaining state (cookies, URIs, basic auth) and 
checking credentials (any kind of database with any kind of schema). 
The latter probably means some custom development on every installation.

- Perrin

Re: Authorization question

[Nick Tonkin]

On Thu, 27 Feb 2003, Bill Moseley wrote:

> On Thu, 27 Feb 2003, Perrin Harkins wrote:
>
> > Jean-Michel Hiver wrote:
> > > Yes, but you're then making the authorization layer inseparable from
> > > your applicative layer, and hence you loose the interest of using
> > > separate handlers.
> >
> > It's pretty hard to truly separate these things.  Nobody wants to use
> > basic auth, which means there is a need for forms and handlers.  Then
> > you have to keep that information in either cookies or URLs, and there
> > is usually a need to talk to an external data database with a
> > site-specific schema.  The result is that plug and play auth schemes
> > only work (unmodified) for the simplest sites.
>
> Anyone using PubCookie?
>
> http://www.washington.edu/pubcookie/

All C, no?

- nick

-- 


Nick Tonkin   {|8^)>

Re: Authorization question

[Jean-Michel Hiver]

> It's pretty hard to truly separate these things.  Nobody wants to use
> basic auth, which means there is a need for forms and handlers.

How do you mean, 'nobody'? Users certainly don't mind!


> Then you have to keep that information in either cookies or URLs, and
> there is usually a need to talk to an external data database with a
> site-specific schema.

I admit that it's hard to get away without cookies and URI encoding
schemes, but not impossible. There's a lot of tricks that you can do
with path_info...

For example, http://www.example.com/some/address/hello.txt,do_something

This URL is easy to protect / authorize using LocationMatch directives.

Basically I think you can use these simple schemes in complex
applications if you're careful about your URIs. But it's true that it
can be a real mindf*ck :)

Basically each state of your application needs a different URI...

However I find it well worth it, the promess of a truly modular,
standard, pluggable authorization system is seducing, and also very
'marketable' I think.

Cheers,
-- 
Building a better web - http://www.mkdoc.com/
-
Jean-Michel Hiver
[EMAIL PROTECTED]  - +44 (0)114 255 8097
Homepage: http://www.webmatrix.net/

Re: Authorization question

[Bill Moseley]

On Thu, 27 Feb 2003, Perrin Harkins wrote:

> Jean-Michel Hiver wrote:
> > Yes, but you're then making the authorization layer inseparable from
> > your applicative layer, and hence you loose the interest of using
> > separate handlers.
> 
> It's pretty hard to truly separate these things.  Nobody wants to use 
> basic auth, which means there is a need for forms and handlers.  Then 
> you have to keep that information in either cookies or URLs, and there 
> is usually a need to talk to an external data database with a 
> site-specific schema.  The result is that plug and play auth schemes 
> only work (unmodified) for the simplest sites.

Anyone using PubCookie?

http://www.washington.edu/pubcookie/

-- 
Bill Moseley [EMAIL PROTECTED]

Re: Authorization question

[Perrin Harkins]

Jean-Michel Hiver wrote:
Yes, but you're then making the authorization layer inseparable from
your applicative layer, and hence you loose the interest of using
separate handlers.
It's pretty hard to truly separate these things.  Nobody wants to use 
basic auth, which means there is a need for forms and handlers.  Then 
you have to keep that information in either cookies or URLs, and there 
is usually a need to talk to an external data database with a 
site-specific schema.  The result is that plug and play auth schemes 
only work (unmodified) for the simplest sites.

- Perrin

Re: Authorization question

[Nick Tonkin]

On Thu, 27 Feb 2003, Jean-Michel Hiver wrote:

> > I think this may be solved by architecture. If you have an Authz layer
> > maybe it needs to be called sooner than right when you need it.
> >
> > I have a Session-based auth system. When the user successfully
> > authenticates the Auth handler does a lookup in a db where we store all
> > users' authz information. The db has an access level for each user for
> > each widget in the application. These are all loaded into a hashref and
> > stored in the serverside session. An encrypted cookie has the key to the
> > session.
>
> Yes, but you're then making the authorization layer inseparable from
> your applicative layer, and hence you loose the interest of using
> separate handlers.

True. For the type of application I deal with, where authorization levels
and security are paramount, this is not a bad thing. And really, in my
system, the UI modules only need to know the user's authz level (0-4) to
produce content ... they do not care how the authz level was generated.

- nick

-- 


Nick Tonkin   {|8^)>

Re: Authorization question

[Jean-Michel Hiver]

> I think this may be solved by architecture. If you have an Authz layer
> maybe it needs to be called sooner than right when you need it.
> 
> I have a Session-based auth system. When the user successfully
> authenticates the Auth handler does a lookup in a db where we store all
> users' authz information. The db has an access level for each user for
> each widget in the application. These are all loaded into a hashref and
> stored in the serverside session. An encrypted cookie has the key to the
> session.

Yes, but you're then making the authorization layer inseparable from
your applicative layer, and hence you loose the interest of using
separate handlers.

I think it would be much nicer to write webapps on which you can plug
any authorization / authentication handler chain and maintain those
things as separate as possible.

Then if your application uses the REST paradigm, all access control can
be done using URIs, which is very neat.

Cheers,
-- 
Building a better web - http://www.mkdoc.com/
-
Jean-Michel Hiver
[EMAIL PROTECTED]  - +44 (0)114 255 8097
Homepage: http://www.webmatrix.net/

Re: Authorization question

[Geoffrey Young]

but DECLINED is almost certainly a bad idea.


What was the idea behind
return DECLINED if $r->is_inital_req;
in auth handlers in the first place?
I think it stems from the Eagle book, thus from Doug, but I'm not sure - I 
can't remember exactly.  it was probably an attempt to reduce overhead for 
subrequests when authentication is expensive (say, a DB query) and you don't 
really care about whether lookups are authenticated or not.

I tried to word it carefully in the book, saying using it depends on what 
you want to do in your application.  clearly if you want to depend on proper 
authentication for lookups, then you don't want to use is_initial_req() 
logic at all.  it wasn't until after it was too late that I realized 
DECLINED is problematic.  my own particular problem with it was with the 
subrequests that mod_dir makes - IIRC, on a protected directory returning 
DECLINED on the subrequest really mucks things up.

HTH

--Geoff

Re: Authorization question

[Nick Tonkin]

On Thu, 27 Feb 2003, Geoffrey Young wrote:

> I've decided that the
>
>return DECLINED if $r->is_inital_req;
>
> bit is a bad idea.  after a few hours debugging an authorization
> application, I realized that this does nothing but cause problems - if you
> DECLINE a subrequest then it's picked up by mod_auth which, if you're not
> configured for flat file auth (in addition to your custom auth), mod_auth
> will return AUTH_REQUIRED (or worse).
>
> you may want to
>
>return OK if $r->is_inital_req;
>
> but DECLINED is almost certainly a bad idea.

What was the idea behind
return DECLINED if $r->is_inital_req;
in auth handlers in the first place?

- nick

-- 


Nick Tonkin   {|8^)>

Re: Authorization question

[Nick Tonkin]

On Thu, 27 Feb 2003, Jean-Michel Hiver wrote:

> Hi List,
>
> In theory Authentication / Authorization handlers are very cool, because
> the application underneath it doesn't need to know the logic of it, and
> as long as you design web applications with nice, RESTful, sensible URIs
> it would all work beautifully.
>
> BUT, I cannot figure out how to 'ask' apache wether a request would
> succeed or not. I'm wondering wether there would be a way to do:
>
>   my $ok = $r->would_be_authorized ($uri);
>
>   # or
>   my $ok = $r->would_be_authorized ($uri, 'GET');
>
>   # or
>   my $ok = $r->would_be_authorized ($uri, 'POST', $fh);
>
>
> This would be handy because for example in your web application you
> might want certain controls or links to be replaced by proper messages
> rather than directing the user to a location that he/she doesn't have
> access to.
>
> If I missed something obvious please point out a URI so that I can RTFM!
> All ideas appreciated!

Salut,

I think this may be solved by architecture. If you have an Authz layer
maybe it needs to be called sooner than right when you need it.

I have a Session-based auth system. When the user successfully
authenticates the Auth handler does a lookup in a db where we store all
users' authz information. The db has an access level for each user for
each widget in the application. These are all loaded into a hashref and
stored in the serverside session. An encrypted cookie has the key to the
session.

All of this is tied into the UI such that the user's authz level
determines the content they see. Data such as '$student->first_name' are
displayed by a UI handler according to perms; the UI's methods can write
out either:
"First Name: $val" or
"First Name: " or
whatever, depending on the user's perms.

HTH,

- nick

-- 


Nick Tonkin   {|8^)>

Re: Authorization question

[Geoffrey Young]

Jean-Michel Hiver wrote:
On Thu 27-Feb-2003 at 11:39:32AM -, Richard Clarke wrote:

I've never had any reason to do this so there might be a shortcut but I
think something along the lines of the following should work (As long as
your access/auth handler doesnt make use of $r->is_intial_req())
I've decided that the

  return DECLINED if $r->is_inital_req;

bit is a bad idea.  after a few hours debugging an authorization 
application, I realized that this does nothing but cause problems - if you 
DECLINE a subrequest then it's picked up by mod_auth which, if you're not 
configured for flat file auth (in addition to your custom auth), mod_auth 
will return AUTH_REQUIRED (or worse).

you may want to

  return OK if $r->is_inital_req;

but DECLINED is almost certainly a bad idea.

use Apache::Constants (:common);
my $subr   = $r->lookup_uri('/new/request/?foo=bar');
my $status = $subr->status;
my $ok = $status==AUTH_REQUIRED ? 0:1;
I'd change that to

  my $ok = $status == HTTP_OK ? 1 : 0;

since there are lots of other things that can be thrown other than 
AUTH_REQUIRED - for instance FORBIDDEN from an access handler.

we talk about this in Recipe 3.15 in the Cookbook (which came up yesterday, 
so see the archives for where you can find it for free).



Wow! Thanks for the tip :)

Is there a way to tell Apache::SubRequest that you're doing a HEAD / GET
/ POST / PUT / etc? Authorization handlers might behave differently
depending on the HTTP method being used.
unfortunately, no - GET is hardcoded in Apache:

API_EXPORT(request_rec *) ap_sub_req_lookup_uri(const char *new_file,
const request_rec *r)
{
return ap_sub_req_method_uri("GET", new_file, r);
}
and by the time you get the subrequest object back, it's too late to call 
$sub->method('POST').  of course, theoretically GET and HEAD should be 
equivalent :)  but I see your point.  I guess there's no way around that in 
this case.

--Geoff

Re: Authorization question

[Jean-Michel Hiver]

On Thu 27-Feb-2003 at 11:39:32AM -, Richard Clarke wrote:
> I've never had any reason to do this so there might be a shortcut but I
> think something along the lines of the following should work (As long as
> your access/auth handler doesnt make use of $r->is_intial_req())
> 
> use Apache::Constants (:common);
> my $subr   = $r->lookup_uri('/new/request/?foo=bar');
> my $status = $subr->status;
> my $ok = $status==AUTH_REQUIRED ? 0:1;

Wow! Thanks for the tip :)

Is there a way to tell Apache::SubRequest that you're doing a HEAD / GET
/ POST / PUT / etc? Authorization handlers might behave differently
depending on the HTTP method being used.

Cheers,
-- 
Building a better web - http://www.mkdoc.com/
-
Jean-Michel Hiver
[EMAIL PROTECTED]  - +44 (0)114 255 8097
Homepage: http://www.webmatrix.net/

Re: Authorization question

[Richard Clarke]

I've never had any reason to do this so there might be a shortcut but I
think something along the lines of the following should work (As long as
your access/auth handler doesnt make use of $r->is_intial_req())

use Apache::Constants (:common);
my $subr   = $r->lookup_uri('/new/request/?foo=bar');
my $status = $subr->status;
my $ok = $status==AUTH_REQUIRED ? 0:1;

Ric.

- Original Message -
From: "Jean-Michel Hiver" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, February 27, 2003 10:42 AM
Subject: Authorization question


> Hi List,
>
> In theory Authentication / Authorization handlers are very cool, because
> the application underneath it doesn't need to know the logic of it, and
> as long as you design web applications with nice, RESTful, sensible URIs
> it would all work beautifully.
>
> BUT, I cannot figure out how to 'ask' apache wether a request would
> succeed or not. I'm wondering wether there would be a way to do:
>
>   my $ok = $r->would_be_authorized ($uri);
>
>   # or
>   my $ok = $r->would_be_authorized ($uri, 'GET');
>
>   # or
>   my $ok = $r->would_be_authorized ($uri, 'POST', $fh);
>
>
> This would be handy because for example in your web application you
> might want certain controls or links to be replaced by proper messages
> rather than directing the user to a location that he/she doesn't have
> access to.
>
> If I missed something obvious please point out a URI so that I can RTFM!
> All ideas appreciated!
>
> Cheers,
> --
> Building a better web - http://www.mkdoc.com/
> -
> Jean-Michel Hiver
> [EMAIL PROTECTED]  - +44 (0)114 255 8097
> Homepage: http://www.webmatrix.net/
>
>
>

Authorization question

[Jean-Michel Hiver]

Hi List,

In theory Authentication / Authorization handlers are very cool, because
the application underneath it doesn't need to know the logic of it, and
as long as you design web applications with nice, RESTful, sensible URIs
it would all work beautifully.

BUT, I cannot figure out how to 'ask' apache wether a request would
succeed or not. I'm wondering wether there would be a way to do:

  my $ok = $r->would_be_authorized ($uri);

  # or
  my $ok = $r->would_be_authorized ($uri, 'GET');

  # or
  my $ok = $r->would_be_authorized ($uri, 'POST', $fh);


This would be handy because for example in your web application you
might want certain controls or links to be replaced by proper messages
rather than directing the user to a location that he/she doesn't have
access to. 

If I missed something obvious please point out a URI so that I can RTFM!
All ideas appreciated!

Cheers,
-- 
Building a better web - http://www.mkdoc.com/
-
Jean-Michel Hiver
[EMAIL PROTECTED]  - +44 (0)114 255 8097
Homepage: http://www.webmatrix.net/

Re: Upgrading to perl 5.8.0 (newbie question)

[wsheldah]

No, but you will need to recompile it plus lots of other modules, basically
any module that includes XS code. Consider using CPAN's autobundle feature.
:-)

Wes Sheldahl



"Gazi, Nasser (London)" <[EMAIL PROTECTED]> on 02/24/2003 06:24:32
AM

To:[EMAIL PROTECTED]
cc:
Subject:Upgrading to perl 5.8.0 (newbie question)


Hi,

I have a server which has the following pre-installed on it:
  Apache/1.3.27
  mod_perl/1.27
  Perl/5.6.1

If I upgrade to Perl/5.8.0 will I have to upgrade mod_perl to a newer
version as well?

Thanks,
NG

RE: Upgrading to perl 5.8.0 (newbie question)

[Gazi, Nasser (London)]

>> Hi,
>>
>> mod_perl 1.27 is the latest stable version of mod_perl 1. You're fine.
>>
>> Regards,
>> Sven.
>>
>> Am Mon, 2003-02-24 um 12.24 schrieb Gazi, Nasser (London):
>> > Hi,
>> >
>> > I have a server which has the following pre-installed on it:
>> >   Apache/1.3.27
>> >   mod_perl/1.27
>> >   Perl/5.6.1
>> >
>> > If I upgrade to Perl/5.8.0 will I have to upgrade mod_perl to a 
>> > newer version as well?
>
>
>You'll have to rebuild it after the new perl is installed though.
>
>http://perl.apache.org/docs/1.0/guide/install.html#Should_I_Rebuild_mod_per
l_if_I_have_Upgraded_Perl_
>
>dave

Thanks. I should go and read the docs! (typical newbie...)