headers
Alexander.Elgert | 15 May 19:27
Favicon

AUTH password

Hello,

I am looking for a way to retrieve the AUTH password, without using mod_rewrite ...

 my $cgi = new CGI;
 $cgi->remote_user; # this is the user
 $cgi->remote_password???; # but where is the password?

In PHP, this is $_SERVER['PHP_AUTH_PW'].

It would be nice to know, if there is a proper way to do such a thing.

Greetings,
Alexander Elgert

----
RFC 3875                    CGI Version 1.1                 October 2004

9.2.  Header Fields Containing Sensitive Information

   Some HTTP header fields may carry sensitive information which the
   server should not pass on to the script unless explicitly configured
   to do so.  For example, if the server protects the script by using
   the Basic authentication scheme, then the client will send an
   Authorization header field containing a username and password.  The
   server validates this information and so it should not pass on the
   password via the HTTP_AUTHORIZATION meta-variable without careful
   consideration.  This also applies to the Proxy-Authorization header
   field and the corresponding HTTP_PROXY_AUTHORIZATION meta-variable.
(Continue reading)

Permalink | Reply | 11 comments |
headers
Chris Brooks | 14 May 23:29
Picon

Problem building mod_perl 1.31 -- Missing ExtUtils::Embed

Hi Perl folks,

I'm trying to build mod_perl 1.31 / Apache 1.41 on CentOS 6.2, and I'm getting badly stuck.

I started with the instructions here: http://perl.apache.org/docs/1.0/guide/getwet.html

perl Makefile.PL APACHE_SRC=../apache_1.3.41/src \
    APACHE_PREFIX=/www/perl/htdocs DO_HTTPD=1 USE_APACI=1 EVERYTHING=1

Will configure via APACI
cp apaci/Makefile.libdir ../apache_1.3.41/src/modules/perl/Makefile.libdir
cp apaci/Makefile.tmpl ../apache_1.3.41/src/modules/perl/Makefile.tmpl
cp apaci/README ../apache_1.3.41/src/modules/perl/README
cp apaci/apxs_cflags ../apache_1.3.41/src/modules/perl/apxs_cflags
cp apaci/configure ../apache_1.3.41/src/modules/perl/configure
cp apaci/find_source ../apache_1.3.41/src/modules/perl/find_source
cp apaci/libperl.module ../apache_1.3.41/src/modules/perl/libperl.module
cp apaci/load_modules.pl ../apache_1.3.41/src/modules/perl/load_modules.pl
cp apaci/mod_perl.config.sh ../apache_1.3.41/src/modules/perl/mod_perl.config.sh
cp apaci/mod_perl.exp ../apache_1.3.41/src/modules/perl/mod_perl.exp
cp apaci/perl_config ../apache_1.3.41/src/modules/perl/perl_config
PerlDispatchHandler.........enabled
PerlChildInitHandler........enabled
PerlChildExitHandler........enabled
PerlPostReadRequestHandler..enabled
PerlTransHandler............enabled
PerlHeaderParserHandler.....enabled
PerlAccessHandler...........enabled
PerlAuthenHandler...........enabled
PerlAuthzHandler............enabled
PerlTypeHandler.............enabled
PerlFixupHandler............enabled
PerlHandler.................enabled
PerlLogHandler..............enabled
PerlInitHandler.............enabled
PerlCleanupHandler..........enabled
PerlRestartHandler..........enabled
PerlStackedHandlers.........enabled
PerlMethodHandlers..........enabled
PerlDirectiveHandlers.......enabled
PerlTableApi................enabled
PerlLogApi..................enabled
PerlUriApi..................enabled
PerlUtilApi.................enabled
PerlFileApi.................enabled
PerlConnectionApi...........enabled
PerlServerApi...............enabled
PerlSections................enabled
PerlSSI.....................enabled
Will run tests as User: 'nobody' Group: 'root'
(cd ../apache_1.3.41 && CC="gcc" CFLAGS=" -D_REENTRANT  -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" ./configure --activate-module=src/modules/perl/libperl.a --disable-rule=EXPAT --prefix=/www/perl/htdocs)
Configuring for Apache, Version 1.3.41
 + using installation path layout: Apache (config.layout)
 + activated perl module (modules/perl/libperl.a)
Creating Makefile
Creating Configuration.apaci in src
Creating Makefile in src
 + configured for Linux platform
 + setting C pre-processor to gcc -E
 + using "tr [a-z] [A-Z]" to uppercase
 + checking for system header files
 + adding selected modules
    o perl_module uses ConfigStart/End
      + mod_perl build type: OBJ
      + setting up mod_perl build environment
      + id: mod_perl/1.31
      + id: Perl/v5.10.1 (linux) [/usr/bin/perl]
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at /usr/local/src/mod_perl-1.31/lib/Apache/ExtUtils.pm line 26.
BEGIN failed--compilation aborted at ./modules/perl/perl_config line 6.
Can't locate ExtUtils/Embed.pm in <at> INC ( <at> INC contains: /usr/local/src/mod_perl-1.31/lib /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .).
BEGIN failed--compilation aborted.
      + adjusting Apache build environment
      + enabling Perl support for SSI (mod_include)
 + checking sizeof various data types
 + doing sanity check on compiler and options
Creating Makefile in src/support
Creating Makefile in src/regex
Creating Makefile in src/os/unix
Creating Makefile in src/ap
Creating Makefile in src/main
Creating Makefile in src/modules/standard
Creating Makefile in src/modules/perl
Checking CGI.pm VERSION..........ok
Checking for LWP::UserAgent......ok
Checking for HTML::HeadParser....ok
Writing Makefile for Apache
Writing Makefile for Apache::Connection
Writing Makefile for Apache::Constants
Writing Makefile for Apache::File
Writing Makefile for Apache::Leak
Writing Makefile for Apache::Log
Writing Makefile for Apache::ModuleConfig
Writing Makefile for Apache::PerlRunXS
Writing Makefile for Apache::Server
Writing Makefile for Apache::Symbol
Writing Makefile for Apache::Table
Writing Makefile for Apache::URI
Writing Makefile for Apache::Util
Writing Makefile for mod_perl

Aha! I think, I'll just launch CPAN.pm and install ExtUtils::Embed.

cpan[1]> install ExtUtils::Embed
Reading '/root/.cpan/Metadata'
  Database was generated on Mon, 14 May 2012 20:23:03 GMT
Running install for module 'ExtUtils::Embed'
The most recent version "1.30" of the module "ExtUtils::Embed"
is part of the perl-5.15.4 distribution. To install that, you need to run
  force install ExtUtils::Embed   --or--
  install F/FL/FLORA/perl-5.15.4.tar.gz
Running make test
  Can't test without successful make
Running make install
  Make had returned bad status, install seems impossible
Failed during this command:
 FLORA/perl-5.15.4.tar.gz                     : make NO isa perl

Huh?  I need to install Perl 5.15?  That seems really odd.

I'm currently running Perl v5.10.1.

Help?  What's going wrong?

Thanks,
Chris
Permalink | Reply | 2 comments |
headers
Furst, Carl | 14 May 23:18
Favicon

Trouble with Makefile.PL

Hello all,

I'm having a lot of trouble trying to statically build mod_perl and apache on Solaris 10 Sparc. I get the following error when I try and build statically:

Configuring Apache/2.4.2 mod_perl/2.0.5 Perl/v5.12.3
[  error] Failed to obtain the MPM name. Please specify MP_APXS=/full/path/to/apxs to solve this problem.


Here is the command I am using:

CC=`which gcc` CPP="`which gcc` -E" perl Makefile.PL MP_AP_PREFIX=$HOME/httpd-2.4.2 MP_USE_STATIC=1 MP_AP_CONFIGURE=" \
--prefix=/cms/usr/local/www \
--with-ssl=/opt/mlb \
--enable-static-support \
--enable-mods-shared='most' --with-mpm=prefork \
--enable-mods-static='perl ssl so prefork cgi' \

`which gcc` yields: /usr/local/bin/gcc
It's version :
Reading specs from /usr/local/lib/gcc/sparc-sun-solaris2.10/3.4.6/specs
Configured with: ../configure --with-as=/usr/ccs/bin/as --with-ld=/usr/ccs/bin/ld --enable-shared --enable-languages=c,c++,f77
Thread model: posix
gcc version 3.4.6

Perl –V compiler section:
Compiler:
    cc='gcc -B/usr/ccs/bin/', ccflags ='-fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O',
    cppflags='-fno-strict-aliasing -pipe -I/usr/local/include'
    ccversion='', gccversion='3.4.6', gccosandvers='solaris2.10'
    intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=4321
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define


Any ideas? I don't have apache currently installed and the docs said I didn't need it. However this would indicate that I would. 

Many thanks in advance.

Carl Furst






**********************************************************

MLB.com: Where Baseball is Always On
Permalink | Reply | 3 comments |
headers
Foster, Lewis | 3 May 01:11

mod_perl 2.0.6 binary for Windows

Can anyone on the list point me to where I can get a mod_perl binary for version 2.0.6 for 32 bit Windows? I’m working on resolving an issue where Apache crashes intermittently with the following error when the user cancels the submit or clicks another link after Apache has already started writing data back to their browser:

 

:Apache2 IO flush: (620018) APR does not understand this error code at -e line 0

 

From what I’ve been able to find when researching this, it appears that this issue has been tracked down and resolved in mod_perl 2.0.6.  We usually use PPM to install such things, but we haven’t been able to find anything newer than 2.0.4 available in any of the public repositories we are aware of (ActiveState, uwinnipeg, bribes, trouchelle). 

 

I’m working on compiling 2.0.6 myself (using Apache 2.2.22, ActiveState Perl 5.12.4, Windows Server 2003).  However, I’m leery of using a “home build” in anything besides a test environment, as this is the first time I’ve compiled a binary from scratch for Perl and it’s a large and complex package.  I’m following the instructions for compiling mod_perl for Win32, but if anyone has advice about how to do so successfully, I would appreciate that as well.

 

Permalink | Reply | 0 comments |
headers
Robert Hanson | 2 May 03:44
Picon

Please Help : Perl Script to Make Dynamic Apache MPM-ITK Config

Dear all,


I have multiple users with their own /home folder. These users also sub-domain of my server. for example :


by using MPM-ITK my Apache can be configured to access those folders with UID and GID specified. not as www-data, Apache's default. and that's exactly what I want. I want my Apache change its UID into mac, while accessing /home/mac.example.com and so on...

unfortunately, Apache configuration file seems doesn't support 'variables' to put as AssignUserId on my /etc/apache2/apache.conf

tons of documentation on the internet told me that the configuration should be like this (STATIC) :

<IfModule mpm_itk_module>
AssignUserId user group
</IfModule>

until this Mod Perl gave me a little bit hope to make everything works... I only have this 'clue' to make Apache config file runs dynamically :

but I'm not Perl-guy, I have no idea how to modify those codes to fits my need. please kindly help me... thanks before.
Permalink | Reply | 2 comments |
headers
Bernard Higonnet | 1 May 21:31
Favicon

Can't build mod_perl-2.0.5 for Apache -2.4.2 under FreeBSD 9.0

I have built Apache -2.4.2 "It works!" and am trying to add 
mod_perl-2.0.5 but I get this

perl Makefile.PL MP_APXS=/usr/local/apache2/bin/apxs
Reading Makefile.PL args from @ARGV
    MP_APXS = /usr/local/apache2/bin/apxs
no conflicting prior mod_perl version found - good.
Configuring Apache/2.4.2 mod_perl/2.0.5 Perl/v5.12.4
[  error] '/usr/local/apache2/bin/apxs -q MPM_NAME' failed:
[  error] apxs:Error: Invalid query string `MPM_NAME'.
[  error] Failed to obtain the MPM name.

I reinstalled Apache adding --with-mpm=prefork just in case but got same 
result?

TIA
Bernard Higonnet
Permalink | Reply | 1 comment |
headers
Lars Dɪᴇᴄᴋᴏᴡ 迪拉斯 | 1 May 19:17
Picon
Gravatar

build failure: ‘conn_rec’ has no member named ‘remote_ip’

1. Problem Description:

    /tmp/mod_perl-2.0.6$ make
    cd "src/modules/perl" && make
    make[1]: Entering directory `/tmp/mod_perl-2.0.6/src/modules/perl'
    cc -I/tmp/mod_perl-2.0.6/src/modules/perl -I/tmp/mod_perl-2.0.6/xs -I/usr/include/apr-1
-I/tmp/httpd2.4.2/include -D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe
-fstack-protector -I/usr/local/include
-I/home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads/lib/5.14.2/x86_64-linux-thread-multi/CORE
-DMOD_PERL -g -DMP_DEBUG -DMP_TRACE -DLINUX=2 -DAP_DEBUG  -fPIC \
    -c modperl_interp.c && mv modperl_interp.o modperl_interp.lo
    modperl_interp.c: In function ‘modperl_interp_select’:
    modperl_interp.c:503:35: error: ‘conn_rec’ has no member named ‘remote_ip’
    make[1]: *** [modperl_interp.lo] Fehler 1
    make[1]: Leaving directory `/tmp/mod_perl-2.0.6/src/modules/perl'
    make: *** [modperl_lib] Fehler 2

2. Used Components and their Configuration:

*** mod_perl version 2.000006

*** using /tmp/mod_perl-2.0.6/lib/Apache2/BuildConfig.pm

*** Makefile.PL options:
  MP_APR_CONFIG  => /usr/bin/apr-1-config
  MP_APR_LIB     => aprext
  MP_APXS        => /tmp/httpd2.4.2/bin/apxs
  MP_COMPAT_1X   => 0
  MP_DEBUG       => 1
  MP_GENERATE_XS => 1
  MP_LIBNAME     => mod_perl
  MP_TRACE       => 1
  MP_USE_DSO     => 1

*** The httpd binary was not found

*** (apr|apu)-config linking info

 -L/usr/lib64 -lapr-1 -lrt -lcrypt  -lpthread -ldl 

*** /home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads/bin/perl -V
Summary of my perl5 (revision 5 version 14 subversion 2) configuration:

  Platform:
    osname=linux, osvers=3.1.0-1.2-desktop, archname=x86_64-linux-thread-multi
    uname='linux champion 3.1.0-1.2-desktop #1 smp preempt thu nov 3 14:45:45 utc 2011 (187dde0) x86_64
x86_64 x86_64 gnulinux '
    config_args='-de -Dprefix=/home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads -Dusethreads'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=define, usemultiplicity=define
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='cc', ccflags ='-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector
-I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-O2',
    cppflags='-D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include'
    ccversion='', gccversion='4.6.2', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='cc', ldflags =' -fstack-protector -L/usr/local/lib'
    libpth=/usr/local/lib /lib/../lib64 /usr/lib/../lib64 /lib /usr/lib /lib64 /usr/lib64 /usr/local/lib64
    libs=-lnsl -lndbm -lgdbm -ldb -ldl -lm -lcrypt -lutil -lpthread -lc -lgdbm_compat
    perllibs=-lnsl -ldl -lm -lcrypt -lutil -lpthread -lc
    libc=/lib/libc-2.14.1.so, so=so, useshrplib=false, libperl=libperl.a
    gnulibc_version='2.14.1'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -O2 -L/usr/local/lib -fstack-protector'

Characteristics of this binary (from libperl): 
  Compile-time options: MULTIPLICITY PERL_DONT_CREATE_GVSV
                        PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP
                        PERL_PRESERVE_IVUV USE_64_BIT_ALL USE_64_BIT_INT
                        USE_ITHREADS USE_LARGE_FILES USE_PERLIO USE_PERL_ATOF
                        USE_REENTRANT_API
  Built under linux
  Compiled at Feb 10 2012 09:44:04
  %ENV:
    PERLBREW_HOME="/home/daxim/.perlbrew"
    PERLBREW_PATH="/home/daxim/local/share/perlbrew/bin:/home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads/bin"
    PERLBREW_PERL="perl-5.14.2-threads"
    PERLBREW_ROOT="/home/daxim/local/share/perlbrew"
    PERLBREW_VERSION="0.33"
    PERL_LWP_USE_HTTP_10="1"
  @INC:
    /home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads/lib/site_perl/5.14.2/x86_64-linux-thread-multi
    /home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads/lib/site_perl/5.14.2
    /home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads/lib/5.14.2/x86_64-linux-thread-multi
    /home/daxim/local/share/perlbrew/perls/perl-5.14.2-threads/lib/5.14.2
    .

*** Packages of interest status:

Apache2            : -
Apache2::Request   : -
CGI                : 3.52
ExtUtils::MakeMaker: 6.62
LWP                : 6.04
mod_perl           : -
mod_perl2          : -

3. This is the core dump trace: (if you get a core dump):

  [CORE TRACE COMES HERE]

This report was generated by t/REPORT on Tue May  1 13:26:57 2012 GMT.
Permalink | Reply | 0 comments |
headers
Dan Axtell | 1 May 15:34

mod_perl and RedHat 6

I'm trying to migrate a server to a new machine running 64-bit RedHat 6.  The 
stock RedHat setup is apache 2.2.15, php 5.3.3 and perl 5.10.1.  Normally I 
build the latest Apache 2.2 and Perl/mod_perl in /usr/local and just use that.  
However, this server will also use Drupal so I figured I'd build PHP locally 
as well.

I'm unable to get PHP 5.3 or 5.4 to link properly with the installed mysql, 
pcre and gd libraries (all of which are installed along with the devel 
packages), so I was thinking of just using the stock Apache and PHP and trying 
to build a newer mod_perl with the /usr/local/bin/perl which is 5.14.2.  So I 
tried
/usr/local/bin/perl Makefile.PL MP_APXS=/usr/sbin/apxs

This compiles, but make test gives me this:

Test Summary Report
-------------------
t/api/server_const.t                  (Wstat: 0 Tests: 6 Failed: 2)
  Failed tests:  5-6
Files=242, Tests=2614, 122 wallclock secs ( 1.30 usr  0.41 sys + 91.90 cusr 
10.94 csys = 104.55 CPU)
Result: FAIL
Failed 1/242 test programs. 2/2614 subtests failed.

I'm not sure how serious this failure is and whether I should consider 
installing the resulting mod_perl.so file instead of the stock one.  I can 
always just use the stock Perl/mod_perl but I'd really prefer a newer Perl.

Alternatively, I suppose I can try and set up a reverse proxy to run the 
Drupal stuff on the stock Apache and mod_perl stuff on the custom 
Apache/mod_perl, but I expect I'll run into complications there with various 
virtual hosts and such.

Any suggestions?

Thanks,
Dan
Permalink | Reply | 2 comments |
headers
Joachim Zobel | 29 Apr 10:45
Picon
Favicon

Can I somehow call ap_make_content_type

Hi. 

Is it possible to access a function (ap_make_content_type) that is only
present in xs/tables/current/Apache2/FunctionTable.pm and
xs/maps/apache2_functions.map but not wrapped any further?

Writing a little piece of XS is doable, but I want to do it the mod_perl
way.

Thx,
Joachim
Permalink | Reply | 4 comments |
headers
Fred Moyer | 25 Apr 21:29
Picon
Favicon

[ANNOUNCE] mod_perl 2.0.6

I'm pleased to announce the release of mod_perl 2.0.6, available at
the following apache.org URL, along with a CPAN mirror near you.

http://apache.org/dist/perl/mod_perl-2.0.6.tar.gz
http://apache.org/dist/perl/mod_perl-2.0.6.tar.gz.asc (pgp sig)

md5: 76f4154cffb15972246f03080e9d133c

Thanks to the many contributors to this release! Please see the full
changelog below.

=> Changes for mod_perl 2.0.6:

Preserve 5.8 compatibility surrounding use of MUTABLE_CV [Adam Prime]

Move code after declarations to keep MSVC++ compiler happy. [Steve Hay]

Adopt modperl_pcw.c changes from httpd24 branch. [Torsten Foertsch]

Pool cleanup functions must not longjmp. Catch these exceptions and turn
them into warnings. [Torsten Foertsch]

Fix a race condition in our tipool management.
See http://www.gossamer-threads.com/lists/modperl/dev/104026
Patch submitted by: SalusaSecondus <salusa <at> nationstates.net>
Reviewed by: Torsten Foertsch

Ensure that MP_APXS is set when building on Win32 with MP_AP_PREFIX,
otherwise the bundled Reload and SizeLimit builds will fail to find a
properly configured Test environment.
[Steve Hay]

Fix a few REFCNT bugs.
Patch submitted by: Niko Tyni <ntyni <at> debian.org>
Reviewed by: Torsten Foertsch

Correct the initialization of the build config in ModPerl::MM. The global
variable was only being set once on loading the module, which was before
Apache2::BuildConfig.pm had been written, leading to cwd and MP_LIBNAME
being unset when writing the Reload and SizeLimit makefiles.
[Steve Hay]

Discover apr-2-config from Apache 2.4 onwards. [Gozer]

Apache 2.4 and onwards doesn't require linking the MPM module directly in
the httpd binary anymore. APXS lost the MPM_NAME query, so we can't assume
a given MPM anymore. Introduce a fake MPM 'dynamic' to represent this.
[Torsten Foertsch, Gozer]

Perl 5.14 brought a few changes in Perl_sv_dup() that made a threaded apache
segfault while cloning interpreters.
[Torsten Foertsch]

PerlIOApache_flush() and mpxs_Apache2__RequestRec_rflush() now no longer throw
exceptions when modperl_wbucket_flush() fails if the failure was just a reset
connection or an aborted connection. The failure is simply logged to the error
log instead. This should fix cases of httpd.exe crashing when users press the
Stop button in their web browsers.
[Steve Hay]

Fixed a few issues that came up with LWP 6.00:
- t/response/TestAPI/request_rec.pm assumes HTTP/1.0 but LWP 6 uses 1.1
- t/api/err_headers_out.t fails due to a bug somewhere in LWP 6
- t/filter/TestFilter/out_str_reverse.pm sends the wrong content-length header
[Torsten Foertsch]

Bugfix: Apache2::ServerUtil::get_server{description,banner,version} cannot
be declared as perl constants or they won't reflect added version components
if Apache2::ServerUtil is loaded before the PostConfig phase. Now, they
are ordinary perl functions. [Torsten Foertsch]

Check for the right ExtUtils::Embed version during build [Torsten Foertsch]

Take a lesson from rt.cpan.org #66085 and pass LD_LIBRARY_PATH if mod_env
is present.  Should prevent test failures on some platforms.
[Fred Moyer]
Permalink | Reply | 3 comments |
headers
Vincent Veyron | 16 Apr 18:06
Picon

[Fwd: RE: Safe handling of an SQL query]

Hi Andreas,

I guess you forgot to cc the list.
Picon
From: Andreas Mock <andreas.mock <at> web.de>
Subject: RE: Safe handling of an SQL query
Date: 2012-04-16 14:48:38 GMT
Hi Vincent,

just my 2 cents:
a) Use a db user only with select rights for this reporting stuff.

b) You should always keep the control over the selects which are
fired against your db. Otherwise someone can bring down the db
very easy. The advantages are:
1) You know which selects are made and the impact of them

2) From the business perspective: You have control over the
outcome of the reports. I saw more than one company with
a freedom of report construction and many different reports
with the same semantic label. E.g. a trunover report with
different numbers. IMHO earlier than later you need a kind
of report repository anyway.

Best regards
Andreas

> -----Original Message-----
> From: Vincent Veyron [mailto:vv.lists <at> wanadoo.fr]
> Sent: Monday, April 16, 2012 3:55 PM
> To: modperl <at> perl.apache.org
> Subject: Safe handling of an SQL query
> 
> Hi Group,
> 
> I maintain a business application that uses a LAMP stack of Linux +
> Apache2 + Mod_perl + Postgresql. One recurring problem I have is that
> each client wants his own set of custom reports using queries from the
> database.
> 
> This is currently covered via a table in the database which holds the
> query associated with the report, but that quickly leads to a
> maintenance problem.
> 
> I am thinking of creating a sort of web service, where my customers can
> send a query to the server, via a VB or .NET procedure launched on the
> opening of a document (.doc, .odf, other ) and I'll just serve the
> dataset resulting from the query.
> 
> My question is :
> 
> Can I make sure that whatever query is sent to the server, it will only
> be a SELECT <...> and _never_ a UPDATE or INSERT or DELETE
> ?
> 
> I can check with a regexp, but I am worried about the possibility to
> encode terms of the query into something obscure enough that it'll go
> through. For instance, DELETE in hexadecimal looks like this :
> 44454c4554450d0a
> 
> 
> 
> --
> Vincent Veyron
> http://marica.fr/
> Logiciel de gestion des sinistres assurances et des dossiers contentieux pour le service juridique
Permalink | Reply | 1 comment |

Gmane