cvs commit: modperl-2.0/t/response/TestModperl merge.pm
stas2004/09/25 11:47:10
Modified:t/response/TestModperl merge.pm
Log:
style cleanup
Revision ChangesPath
1.9 +66 -65modperl-2.0/t/response/TestModperl/merge.pm
Index: merge.pm
===
RCS file: /home/cvs/modperl-2.0/t/response/TestModperl/merge.pm,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -u -r1.8 -r1.9
--- merge.pm 20 Sep 2004 18:14:48 - 1.8
+++ merge.pm 25 Sep 2004 18:47:10 - 1.9
@@ -17,71 +17,74 @@
# t/modperl/merge2.t, and t/modperl/merge3.t. see any of those
# tests and/or the below configuration for more details
-
-# result tables for the below tests (trying to make the code more simple...)
-# the hash itself represents a request
-# the keys to the main hash represent merge levels - 1 for the non-overriding
-# merge, 2 for an overriding merge, and 3 for a two-level merge
-# the rest should be self-explanatory - settings and expected values.
-our %merge1 = ( 1 => { PerlPassEnv => [APACHE_TEST_HOSTTYPE => 'z80'],
- PerlSetEnv => [MergeSetEnv1 => 'SetEnv1Val'],
- PerlSetVar => [MergeSetVar1 => 'SetVar1Val'],
- PerlAddVar => [MergeAddVar1 => ['AddVar1Val1',
-'AddVar1Val2']],
- },
-2 => { PerlSetEnv => [MergeSetEnv2 => 'SetEnv2Val'],
- PerlSetVar => [MergeSetVar2 => 'SetVar2Val'],
- PerlAddVar => [MergeAddVar2 => ['AddVar2Val1',
-'AddVar2Val2']],
- },
-3 => { PerlSetEnv => [MergeSetEnv3 => 'SetEnv3Val'],
- PerlSetVar => [MergeSetVar3 => 'SetVar3Val'],
- PerlAddVar => [MergeAddVar3 => ['AddVar3Val1',
-'AddVar3Val2']],
- },
- );
-
-our %merge2 = ( 1 => { PerlPassEnv => [APACHE_TEST_HOSTTYPE => 'z80'],
- PerlSetEnv => [MergeSetEnv1 => 'SetEnv1Val'],
- PerlSetVar => [MergeSetVar1 => 'SetVar1Val'],
- PerlAddVar => [MergeAddVar1 => ['AddVar1Val1',
-'AddVar1Val2']],
- },
-2 => { PerlSetEnv => [MergeSetEnv2 => 'SetEnv2Merge2Val'],
- PerlSetVar => [MergeSetVar2 => 'SetVar2Merge2Val'],
- PerlAddVar => [MergeAddVar2 => ['AddVar2Merge2Val1',
-'AddVar2Merge2Val2']],
- },
-3 => { PerlSetEnv => [MergeSetEnv3 => 'SetEnv3Val'],
- PerlSetVar => [MergeSetVar3 => 'SetVar3Val'],
- PerlAddVar => [MergeAddVar3 => ['AddVar3Val1',
-'AddVar3Val2']],
- },
- );
-
-our %merge3 = ( 1 => { PerlPassEnv => [APACHE_TEST_HOSTTYPE => 'z80'],
- PerlSetEnv => [MergeSetEnv1 => 'SetEnv1Val'],
- PerlSetVar => [MergeSetVar1 => 'SetVar1Val'],
- PerlAddVar => [MergeAddVar1 => ['AddVar1Val1',
-'AddVar1Val2']],
- },
-2 => { PerlSetEnv => [MergeSetEnv2 => 'SetEnv2Merge3Val'],
- PerlSetVar => [MergeSetVar2 => 'SetVar2Merge3Val'],
- PerlAddVar => [MergeAddVar2 => ['AddVar2Merge3Val1',
-'AddVar2Merge3Val2']],
- },
-3 => { PerlSetEnv => [MergeSetEnv3 => 'SetEnv3Merge3Val'],
- PerlSetVar => [MergeSetVar3 => 'SetVar3Merge3Val'],
- PerlAddVar => [MergeAddVar3 => ['AddVar3Merge3Val1',
-'AddVar3Merge3Val2']],
- },
- );
+# result tables for the below tests (trying to make the code more
+# simple...) the hash itself represents a request
+# the keys to the main hash represent merge levels - 1 for the
+# non-overriding merge, 2 for an overriding merge, and 3 for a
+# two-level merge the rest should be self-explanatory - settings and
+# expected values.
+our %merge1 = (
+1 => { PerlPassEnv => [APACHE_TEST_HOSTTYPE => 'z80'],
+ PerlSetEnv => [MergeSetEnv1 => 'SetEnv1Val'],
+ PerlSetVar => [MergeSetVar1 => 'SetVar1Val'],
+ PerlAddVar => [MergeAddVar1 => ['AddVar1Val1',
+'AddVar1Val2']],
+
cvs commit: modperl-2.0/t/response/TestModperl merge.pm
stas2004/09/25 11:48:18 Modified:t/response/TestModperl merge.pm Log: after moving to its own vhost fix the test to explicitly call $r->subprocess_env to make PerlPassEnv APACHE_TEST_HOSTTYPE visible to the process Revision ChangesPath 1.10 +3 -0 modperl-2.0/t/response/TestModperl/merge.pm Index: merge.pm === RCS file: /home/cvs/modperl-2.0/t/response/TestModperl/merge.pm,v retrieving revision 1.9 retrieving revision 1.10 diff -u -u -r1.9 -r1.10 --- merge.pm 25 Sep 2004 18:47:10 - 1.9 +++ merge.pm 25 Sep 2004 18:48:18 - 1.10 @@ -86,6 +86,9 @@ plan $r, tests => 10; +# need to insert PerlPassEnv entries +$r->subprocess_env; + my $uri = $r->uri; my $hash;
cvs commit: modperl-2.0/t/response/TestModperl merge.pm
stas2004/09/25 11:51:58
Modified:t/response/TestModperl merge.pm
Log:
- revert the last attempt which didn't work
- add a temp workaround
Revision ChangesPath
1.11 +3 -4 modperl-2.0/t/response/TestModperl/merge.pm
Index: merge.pm
===
RCS file: /home/cvs/modperl-2.0/t/response/TestModperl/merge.pm,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -u -r1.10 -r1.11
--- merge.pm 25 Sep 2004 18:48:18 - 1.10
+++ merge.pm 25 Sep 2004 18:51:58 - 1.11
@@ -81,14 +81,10 @@
);
sub handler {
-
my $r = shift;
plan $r, tests => 10;
-# need to insert PerlPassEnv entries
-$r->subprocess_env;
-
my $uri = $r->uri;
my $hash;
@@ -136,6 +132,9 @@
PerlModule TestModperl::merge
+# XXX: temp workaround
+PerlPostReadRequestHandler Apache::OK
+
# these should pass through all merges untouched
PerlPassEnv APACHE_TEST_HOSTTYPE
PerlSetEnv MergeSetEnv1 SetEnv1Val
cvs commit: modperl-2.0/t/response/TestDirective env.pm
stas2004/09/25 12:01:15 Modified:t/response/TestDirective env.pm Log: add a temp workaround for the PerlPassEnv handling bug Revision ChangesPath 1.5 +3 -0 modperl-2.0/t/response/TestDirective/env.pm Index: env.pm === RCS file: /home/cvs/modperl-2.0/t/response/TestDirective/env.pm,v retrieving revision 1.4 retrieving revision 1.5 diff -u -u -r1.4 -r1.5 --- env.pm9 Jul 2004 15:27:32 - 1.4 +++ env.pm25 Sep 2004 19:01:15 - 1.5 @@ -87,6 +87,9 @@ # per-server entry not overwritten PerlSetEnv TestDirective__env_srv2 env_srv2 +# XXX: temp workaround +PerlPostReadRequestHandler Apache::OK + # PerlPassEnv is only per-server PerlPassEnv APACHE_TEST_HOSTNAME
cvs commit: modperl-2.0/t/response/TestDirective env.pm
stas2004/09/25 12:30:07
Modified:t/response/TestModperl merge.pm
t/response/TestDirective env.pm
Log:
unbreak the workaround
Revision ChangesPath
1.12 +1 -1 modperl-2.0/t/response/TestModperl/merge.pm
Index: merge.pm
===
RCS file: /home/cvs/modperl-2.0/t/response/TestModperl/merge.pm,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -u -r1.11 -r1.12
--- merge.pm 25 Sep 2004 18:51:58 - 1.11
+++ merge.pm 25 Sep 2004 19:30:06 - 1.12
@@ -133,7 +133,7 @@
# XXX: temp workaround
-PerlPostReadRequestHandler Apache::OK
+PerlPostReadRequestHandler 'sub { use Apache::Const qw(DECLINED); DECLINED
}'
# these should pass through all merges untouched
PerlPassEnv APACHE_TEST_HOSTTYPE
1.6 +1 -1 modperl-2.0/t/response/TestDirective/env.pm
Index: env.pm
===
RCS file: /home/cvs/modperl-2.0/t/response/TestDirective/env.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -u -r1.5 -r1.6
--- env.pm25 Sep 2004 19:01:15 - 1.5
+++ env.pm25 Sep 2004 19:30:07 - 1.6
@@ -88,7 +88,7 @@
PerlSetEnv TestDirective__env_srv2 env_srv2
# XXX: temp workaround
-PerlPostReadRequestHandler Apache::OK
+PerlPostReadRequestHandler 'sub { use Apache::Const qw(DECLINED); DECLINED }'
# PerlPassEnv is only per-server
PerlPassEnv APACHE_TEST_HOSTNAME
cvs commit: modperl-2.0 Changes
stas2004/09/25 16:27:10
Modified:src/modules/perl modperl_callback.c
.Changes
Log:
make sure that each handler callback starts with a pristine
tainted-ness state, so that previous callback calls won't affect the
consequent ones. Without this change any handler triggering eval or
another function call, that checks TAINT_PROPER, will crash mod_perl
with: "Insecure dependency in eval while running setgid. Callback
called exit." farewell message
Revision ChangesPath
1.76 +18 -1 modperl-2.0/src/modules/perl/modperl_callback.c
Index: modperl_callback.c
===
RCS file: /home/cvs/modperl-2.0/src/modules/perl/modperl_callback.c,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -u -r1.75 -r1.76
--- modperl_callback.c9 Jul 2004 08:01:20 - 1.75
+++ modperl_callback.c25 Sep 2004 23:27:10 - 1.76
@@ -22,8 +22,23 @@
I32 flags = G_EVAL|G_SCALAR;
dSP;
int count, status = OK;
+int tainted_orig = PL_tainted;
+/* handler callbacks shouldn't affect each other's taintedness
+ * state, so start every callback with a clear record and restore
+ * at the end. one of the main problems we are trying to solve is
+ * that when modperl_croak called (which calls perl's
+ * croak(Nullch) to throw an error object) it leaves the
+ * interprter in the tainted state (which supposedly will be fixed
+ * in 5.8.6) which later affects other callbacks that call eval,
+ * etc, which triggers perl crash with:
+ * Insecure dependency in eval while running setgid.
+ * Callback called exit.
+ */
+PL_tainted = TAINT_NOT;
+
if ((status = modperl_handler_resolve(aTHX_ &handler, p, s)) != OK) {
+PL_tainted = tainted_orig;
return status;
}
@@ -147,7 +162,9 @@
apr_table_set(r->notes, "error-notes", SvPV_nolen(ERRSV));
}
}
-
+
+PL_tainted = tainted_orig;
+
return status;
}
1.499 +7 -0 modperl-2.0/Changes
Index: Changes
===
RCS file: /home/cvs/modperl-2.0/Changes,v
retrieving revision 1.498
retrieving revision 1.499
diff -u -u -r1.498 -r1.499
--- Changes 25 Sep 2004 01:53:34 - 1.498
+++ Changes 25 Sep 2004 23:27:10 - 1.499
@@ -12,6 +12,13 @@
=item 1.99_17-dev
+make sure that each handler callback starts with a pristine
+tainted-ness state, so that previous callback calls won't affect the
+consequent ones. Without this change any handler triggering eval or
+another function call, that checks TAINT_PROPER, will crash mod_perl
+with: "Insecure dependency in eval while running setgid. Callback
+called exit." farewell message [Stas]
+
make sure that 'make distclean' cleans all the autogenerated files
[Stas]
cvs commit: modperl-2.0 Changes
stas2004/09/25 20:12:38
Modified:src/modules/perl modperl_callback.c
.Changes
Log:
if some code changes the current interpreter's tainted state to on,
the return value from the handler callback will be tainted, and we
fail to deal with that. So revert to coercing any return value, but
undef (a special case for exit()). to IV, so that tainted values are
handled correctly as well.
Revision ChangesPath
1.77 +2 -17 modperl-2.0/src/modules/perl/modperl_callback.c
Index: modperl_callback.c
===
RCS file: /home/cvs/modperl-2.0/src/modules/perl/modperl_callback.c,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -u -r1.76 -r1.77
--- modperl_callback.c25 Sep 2004 23:27:10 - 1.76
+++ modperl_callback.c26 Sep 2004 03:12:38 - 1.77
@@ -122,28 +122,13 @@
else {
SV *status_sv = POPs;
-if (SvIOK(status_sv)) {
-/* normal IV return (e.g., Apache::OK) */
-status = SvIVX(status_sv);
-}
-else if (status_sv == &PL_sv_undef) {
+if (status_sv == &PL_sv_undef) {
/* ModPerl::Util::exit() and Perl_croak internally
* arrange to return PL_sv_undef with G_EVAL|G_SCALAR */
status = OK;
}
-else if (SvPOK(status_sv)) {
-/* PV return that ought to be treated as IV ("0") */
-status = SvIVx(status_sv);
-MP_TRACE_h(MP_FUNC,
- "coercing handler %s's return value '%s' into %d",
- handler->name, SvPV_nolen(status_sv), status);
-}
else {
-/* any other return types are considered as errors */
-status = HTTP_INTERNAL_SERVER_ERROR;
-ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
- "handler %s didn't return a valid return value!",
- handler->name);
+status = SvIVx(status_sv);
}
}
1.500 +6 -0 modperl-2.0/Changes
Index: Changes
===
RCS file: /home/cvs/modperl-2.0/Changes,v
retrieving revision 1.499
retrieving revision 1.500
diff -u -u -r1.499 -r1.500
--- Changes 25 Sep 2004 23:27:10 - 1.499
+++ Changes 26 Sep 2004 03:12:38 - 1.500
@@ -12,6 +12,12 @@
=item 1.99_17-dev
+if some code changes the current interpreter's tainted state to on,
+the return value from the handler callback will be tainted, and we
+fail to deal with that. So revert to coercing any return value, but
+undef (a special case for exit()). to IV, so that tainted values are
+handled correctly as well. [Stas]
+
make sure that each handler callback starts with a pristine
tainted-ness state, so that previous callback calls won't affect the
consequent ones. Without this change any handler triggering eval or
