Output a page for download

2005-01-12 Thread Sean Davis 
A basic question, but
I would like to output tab-delimited text (from a database lookup) to 
the user as an application/octet-stream with the name 
"tissue_dump.txt".  I can't figure out the correct way to set the 
headers under mod_perl.  Any help?

Thanks,
Sean

Re: Output a page for download

2005-01-12 Thread John Saylor 
hi

( 05.01.12 09:38 -0500 ) Sean Davis:
> I would like to output tab-delimited text (from a database lookup) to 
> the user as an application/octet-stream with the name 
> "tissue_dump.txt".  I can't figure out the correct way to set the 
> headers under mod_perl.  Any help?

you could buy the book.
$r->content_type ()

why are you sending text as application/octet-stream anyway?

-- 
\js oblique strategy: make it more sensual

Re: Output a page for download

2005-01-12 Thread Roman Vašíček 
Hi,
 use $r->content_type('application/octet-stream); to set the content 
type in tissue_dump.txt if file exist and is processed as Mason component 
(or in dhandler if does not exist). I expect code will looks like

  $r->content_type('application/octet-stream'); # set content type
  $m->print($output_data);  # output data
  return;   # stop component processing

 Hope it helps
  Roman

On Wed, Jan 12, 2005 at 09:38:11AM -0500, Sean Davis wrote:
> A basic question, but
> 
> I would like to output tab-delimited text (from a database lookup) to 
> the user as an application/octet-stream with the name 
> "tissue_dump.txt".  I can't figure out the correct way to set the 
> headers under mod_perl.  Any help?
> 
> Thanks,
> Sean

-- 
 best regards
  Ing. Roman Vasicek

 software developer
++
 PetaMem s.r.o., Ocelarska 1, 190 00 Praha 9 - Liben, Czech Republic
 http://www.petamem.com/

no get_handlers in Apache::Filter with Axkit

2005-01-12 Thread Francesc Guasch 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi. I want to use the Axkit and Mason.
I got this error when I try to access to an AxKit page:
Can't locate object method "get_handlers" via package "Apache::Filter"
at /usr/local/web07/perl/lib/site_perl/5.8.6/Apache/Filter.pm line 106.
Mason pages run fine.
This is part of the AxKit config in apache:

~  PerlModule Apache::Filter
~  PerlModule AxKit
~  SetHandler perl-script
~  PerlSetVar Filter On
~  AxProvider Apache::AxKit::Provider::Filter
~  PerlHandler HTML::Mason AxKit
~  AxAddStyleMap application/x-xpathscript
Apache::AxKit::Language::XPathScript
~  AxAddStyleMap text/xsl Apache::AxKit::Language::LibXSLT
~ AxDebugLevel 0
~  AxNoCache On
~  AxAddOutputTransformer My::Transformer
~  AxTranslateOutput On
~  AxOutputCharset iso-8859-1
~  PerlSetVar AxXPSInterpolate 1

I read this could be because I didn't compile mod_perl with
perl_stacked_handlers, nor everything=1. I just tried with both:
DO_HTTPD=0 USE_APACI=1 PERL_STACKED_HANDLERS=1 EVERYTHING=1 PREP_HTTPD=1
~ APACHE_SRC=../$DIR_APACHE/src
This is the latest apache, mod_perl mason, axkit building from sources:
apache_1.3.33
mod_perl-1.29
perl-5.8.6
AxKit/1.62
HTML::Mason 1.28
Any hint will be appreciated. Thank you very much.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFB5Tu1VfvsWQAffzIRAsoVAKDcKssBAUr3pwHpk+VmvSoNh/pZvQCg04lA
dKU8FH/ovtrJKqIYTOtqaCQ=
=4Pw1
-END PGP SIGNATURE-

Re: Output a page for download

2005-01-12 Thread Roman Vašíček 
On Wed, Jan 12, 2005 at 09:51:25AM -0500, John Saylor wrote:
> hi
> 
> ( 05.01.12 09:38 -0500 ) Sean Davis:
> > I would like to output tab-delimited text (from a database lookup) to 
> > the user as an application/octet-stream with the name 
> > "tissue_dump.txt".  I can't figure out the correct way to set the 
> > headers under mod_perl.  Any help?
> 
> you could buy the book.

 or read another documentation.

> $r->content_type ()
> 
> why are you sending text as application/octet-stream anyway?

 good question. If you want to force user to download this file try to 
set the header 'Content-disposition' to the value 
'attachment; filename=tissue_dump.txt'


-- 
 best regards
  Ing. Roman Vasicek

 software developer
++
 PetaMem s.r.o., Ocelarska 1, 190 00 Praha 9 - Liben, Czech Republic
 http://www.petamem.com/

Re: PerlSendHeader in "Location" directive (mod_perl 1.x)

2005-01-12 Thread Stas Bekman 
Ciro The Spider-Man wrote:
Which section you refer to? I can only see nph mentioned in:
http://perl.apache.org/docs/1.0/guide/config.html#E_lt_LocationE_gt__Configuration
saying:
 PerlSendHeader On tells the server to send an HTTP headers to the
 browser on every script invocation. You will want to turn this off
 for nph (non-parsed-headers) scripts.
it doesn't say anything about files.

Mea Culpa. The info about the files directive came from the Porting
and Coding guidelines.
(http://perl.apache.org/docs/1.0/guide/porting.html#NPH__Non_Parsed_Headers__scripts)
which is perfectly correct on its own, but if used together with 
 it won't work, as you have explained.

The best ways to fix this that I came up with are either to:
A) have a seperate Location aliased to the same physical location,
without the PerlSendHeader On  directive. This makes the Files
directive unneccessary.
B) Remove the PerlSendHeader directive from the Location block
completely, and instead add a Directory block for the location being
Aliased (e.g. /usr/local/apache/) with PerlSendHeader set in that.
Then the Files directive will correctly override PerlSendHeader and
NPH scripts function correctly.
It's entirely possible (and even likely) that I missed something
obvious and/or made some dumb error, so if there's a cleaner or more
efficient way, or something I need to do to make the documented way
work right, I'd be grateful for the info.
Patches to improve the explanation(s) will be gladly accepted.

My first instinct would be to simply update the NPH section in the
coding guidelines with these two options, and I'm definitely willing
to do so unless someone has an idea of a better way to go about it.
+1 and add a cross-ref from
/docs/1.0/guide/porting.html#NPH__Non_Parsed_Headers__scripts
--
__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: Output a page for download

2005-01-12 Thread Sean Davis 
good question. If you want to force user to download this file try to
set the header 'Content-disposition' to the value
'attachment; filename=tissue_dump.txt'
$r->content_type('text/plain')
$r->headers_out->set('Content-disposition' => 'attachment; 
filename=tissue_dump.txt');

worked.
Thanks Roman and John.

Re: Output a page for download

2005-01-12 Thread Jay Scherrer 
Wouldn't that be:
Content-type "text/plain" ?

Jay Scherrer
On Wednesday 12 January 2005 06:38 am, Sean Davis wrote:
> A basic question, but
>
> I would like to output tab-delimited text (from a database lookup)
> to the user as an application/octet-stream with the name
> "tissue_dump.txt".  I can't figure out the correct way to set the
> headers under mod_perl.  Any help?
>
> Thanks,
> Sean

request counter

2005-01-12 Thread Torsten Foertsch 
Hi,

is there a counter in Apache2 that indicates how many requests have been 
served by a particular child with prefork mpm?

If yes, is it accessible via perl?

Thanks,
Torsten


pgpjmRIjJN5wk.pgp
Description: PGP signature

OT: Free Software as a "Security Hole"

2005-01-12 Thread Goehring, Chuck, RCI - San Diego 
I post here for lack of a better place.  Sorry in advance to anyone offended.

 

I was speaking to an acquaintance that has a security background and she told 
me her company prohibits the use of "Free" software because there is no 
guarantee that there are no "backdoors" in it.

 

Has anyone successfully dealt with this problem, or seen authoritative opinions 
on the subject?

 

Thanks

Chuck

Re: OT: Free Software as a "Security Hole"

2005-01-12 Thread JupiterHost.Net 

Goehring, Chuck, RCI - San Diego wrote:
I post here for lack of a better place.  Sorry in advance to anyone offended.
I was speaking to an acquaintance that has a security background and she told me her company prohibits the use of "Free" software because there is no guarantee that there are no "backdoors" in it.
She's probably talking about all the "free" wondows crap that does 
spyware and stuff.

Has anyone successfully dealt with this problem, or seen authoritative opinions on the subject?
Sure, don't use free programs that you don't have the source to.
If you use "Free" open source products then you can freely look at 
exactly what the program is doing and know if it doing any bad.

Besides that, dump windows - its not free but it's the bugiest most 
insecure computer product available.

Re: OT: Free Software as a "Security Hole"

2005-01-12 Thread John Saylor 
hi

( 05.01.12 09:21 -0800 ) Goehring, Chuck, RCI - San Diego:
> I was speaking to an acquaintance that has a security background and
> she told me her company prohibits the use of "Free" software because
> there is no guarantee that there are no "backdoors" in it.

why is this not true of proprietary software as well? i remember reading
about this happening but i don't have a reference. 

windows xp sends microsoft all kinds of information about your software
and hardware each time you boot up.

at least with the available source you can compile it locally and review
it if you have the brains and time.

> Has anyone successfully dealt with this problem, or seen authoritative
> opinions on the subject?

it's hard to argue with people who don't want to think things through.

-- 
\js oblique strategy: in total darkness, or in a very large room, very 
quietly

Re: OT: Free Software as a "Security Hole"

2005-01-12 Thread Ian Joyce 
I am assuming you are trying to start a flame war here.

With open software I can at least check if there is a back door. Think
on that for a while.

-Ian


On Wed, 12 Jan 2005 09:21:01 -0800, Goehring, Chuck, RCI - San Diego
<[EMAIL PROTECTED]> wrote:
> I post here for lack of a better place.  Sorry in advance to anyone offended.
> 
> I was speaking to an acquaintance that has a security background and she told 
> me her company prohibits the use of "Free" software because there is no 
> guarantee that there are no "backdoors" in it.
> 
> Has anyone successfully dealt with this problem, or seen authoritative 
> opinions on the subject?
> 
> Thanks
> 
> Chuck
> 
>

[Fwd: Re: OT: Free Software as a "Security Hole"]

2005-01-12 Thread brian wheeler 
I forgot to CC the list!

 Forwarded Message 
> From: brian wheeler <[EMAIL PROTECTED]>
> To: Goehring, Chuck, RCI - San Diego
> <[EMAIL PROTECTED]>
> Subject: Re: OT: Free Software as a "Security Hole"
> Date: Wed, 12 Jan 2005 12:28:34 -0500
> On Wed, 2005-01-12 at 09:21 -0800, Goehring, Chuck, RCI - San Diego
> wrote:
> > I post here for lack of a better place.  Sorry in advance to anyone
> > offended.
> > 
> >  
> > 
> > I was speaking to an acquaintance that has a security background and
> > she told me her company prohibits the use of "Free" software because
> > there is no guarantee that there are no "backdoors" in it.
> > 
> >  
> 
> Define 'free'!  If you're talking closed-source free, then yeah, there's
> a distinct possibility that there's backdoors in it.  Heck, even non-
> free closed-source applications have been known to have backdoors in
> them.
> 
> If by 'free' you mean open-source free, then you can guarantee(*) that
> there aren't any backdoors by looking at the source itself.  Even if you
> don't check yourself, you can be relatively sure that there isn't
> because it would come up rather quickly if someone did take a peek at
> the source.
> 
> Brian
> 
> (*) Guaranteed with the exception of the method described in
> "Reflections on Trusting Trust" by Ken Thompson.
> 
> 
> 
> 
-- 
brian wheeler <[EMAIL PROTECTED]>

RE: Free Software as a "Security Hole"

2005-01-12 Thread Goehring, Chuck, RCI - San Diego 
 
I was looking for something authoratative like FSF, ASF or Richard Stallman 
documents etc.  
 
Thanks in advance.
 
-Original Message- 
From: Goehring, Chuck, RCI - San Diego 
Sent: Wed 1/12/2005 9:21 AM 
To: modperl@perl.apache.org 
Cc: 
Subject: OT: Free Software as a "Security Hole"



I post here for lack of a better place.  Sorry in advance to anyone 
offended.



I was speaking to an acquaintance that has a security background and 
she told me her company prohibits the use of "Free" software because there is 
no guarantee that there are no "backdoors" in it.



Has anyone successfully dealt with this problem, or seen authoritative 
opinions on the subject?



Thanks

Chuck

Re: Free Software as a "Security Hole"

2005-01-12 Thread Skylos 
It makes me wonder how they guarantee that the software they paid for
doesn't have back doors in it.

Skylos

On Wed, 12 Jan 2005 09:34:12 -0800, Goehring, Chuck, RCI - San Diego
<[EMAIL PROTECTED]> wrote:
> 
> I was looking for something authoratative like FSF, ASF or Richard Stallman 
> documents etc.
> 
> Thanks in advance.
> 
> -Original Message-
> From: Goehring, Chuck, RCI - San Diego
> Sent: Wed 1/12/2005 9:21 AM
> To: modperl@perl.apache.org
> Cc:
> Subject: OT: Free Software as a "Security Hole"
> 
> I post here for lack of a better place.  Sorry in advance to anyone 
> offended.
> 
> I was speaking to an acquaintance that has a security background and 
> she told me her company prohibits the use of "Free" software because there is 
> no guarantee that there are no "backdoors" in it.
> 
> Has anyone successfully dealt with this problem, or seen 
> authoritative opinions on the subject?
> 
> Thanks
> 
> Chuck
> 
>

Re: Free Software as a "Security Hole"

2005-01-12 Thread John Saylor 
hi

( 05.01.12 09:34 -0800 ) Goehring, Chuck, RCI - San Diego:
> I was looking for something authoratative like FSF, ASF or Richard
> Stallman documents etc.  

you may have heard of 'google' ...

-- 
\js oblique strategy: remove specifics and convert to ambiguities

[mp2] memory access violation in $subr->run

2005-01-12 Thread Dorian Taylor 
i'm running into a problem with the execution of subrequests. the
process dies in modperl_wbucket_flush. this problem occurs with the
same perl code in prefork.c and worker.c on osx.

note, the subrequest is run from a non-response handler (i've tried
header-parser through fixup, same effect). the crash will not occur
if the handler is invoked as a response handler.

if subrequests aren't meant to be run from non-response handlers,
i suggest trapping and throwing an error.

.dorian

Re: request counter

2005-01-12 Thread Perrin Harkins 
Torsten Foertsch wrote:
is there a counter in Apache2 that indicates how many requests have been 
served by a particular child with prefork mpm?
You can just make one yourself in a global variable.  See 
Apache::SizeLimit for an example.

- Perrin
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.10 - Release Date: 1/10/2005

Re: OT: Free Software as a "Security Hole"

2005-01-12 Thread Juan J. Merelo Guervós 
Goehring, Chuck, RCI - San Diego wrote:
I post here for lack of a better place.  Sorry in advance to anyone offended.

I was speaking to an acquaintance that has a security background and she told me her company 
prohibits the use of "Free" software because there is no guarantee that there are no 
"backdoors" in it.

Has anyone successfully dealt with this problem, or seen authoritative opinions 
on the subject?
 

Yep. Two goons would make it seem an accident, and none would be the wiser.
Jus' kiddin'...
JJ

Re: OT: Free Software as a "Security Hole"

2005-01-12 Thread Jay Scherrer 
Perhaps you sould read the source.
But I think your looking  for some backing  with your discussion. Try 
posting to the [EMAIL PROTECTED] and  see  what 
happens. Free software has their new zine out  perhaps take a read.

Jay Scherrer

On Wednesday 12 January 2005 09:21 am, Goehring, Chuck, RCI - San 
Diego wrote:
> I post here for lack of a better place.  Sorry in advance to anyone
> offended.
>
>
>
> I was speaking to an acquaintance that has a security background
> and she told me her company prohibits the use of "Free" software
> because there is no guarantee that there are no "backdoors" in it.
>
>
>
> Has anyone successfully dealt with this problem, or seen
> authoritative opinions on the subject?
>
>
>
> Thanks
>
> Chuck

Re: Free Software as a "Security Hole"

2005-01-12 Thread Steven Lembark 

-- Skylos <[EMAIL PROTECTED]>
It makes me wonder how they guarantee that the software they paid for
doesn't have back doors in it.
It does: google "microsoft windows easter eggs".
Actually, you have better odds of knowing whether there
are back doors on open source given that there ARE people
who do look through the source for them than trusting
most proprietary development efforts. At least with OSS
(e.g., apache, mod_perl) any problems will be publically
reported and tend to get dealt with.

--
Steven Lembark   85-09 90th Street
Workhorse ComputingWoodhaven, NY 11421
[EMAIL PROTECTED] 1 888 359 3508

Re: request counter

2005-01-12 Thread Stas Bekman 
Torsten Foertsch wrote:
Hi,
is there a counter in Apache2 that indicates how many requests have been 
served by a particular child with prefork mpm?
Yes. The scoreboard.
If yes, is it accessible via perl?
Yes. Apache::Scoreboard:
http://search.cpan.org/dist/Apache-Scoreboard/
and you can see it in use in Apache::VMonitor:
http://search.cpan.org/dist/Apache-VMonitor/
--
__
Stas BekmanJAm_pH --> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Perl module requiring mod_perl

2005-01-12 Thread Patrick LeBoutillier 
Hi,

I am writing a Perl module the requires mod_perl to run. What I would like
to do detect if mod_perl is installed (and the appropriate version) directly
from Makefile.PL (PREREQ_PM).

I'm thinking maybe a ModPerl.pm module could be added to the mod_perl
distro that could contain that current mod_perl version. Like this:

  package ModPerl ;
  $ModPerl::VERSION = ' 1.99_16' ;

Then one could say, in Makefile.PL:

  use ExtUtils::MakeMaker ;
  WriteMakefile(
  NAME  => 'Apache::Whatever',
  VERSION_FROM  => 'Whatever.pm',
  PREREQ_PM => {ModPerl => '1.99_16'},
  );


Any comments/alternatives ?

Patrick
-- 
=
Patrick LeBoutllier
Laval, Québec, Canada

[mp1] Conflict with identical scripts loaded into independent virtual hosts

2005-01-12 Thread David L. Fielding 
Topic: Conflict with identical scripts loaded into independent virtual hosts
Hello,
	We have been running a single instance of a large Perl application under
Apache/mod_perl for a long time. We would like to run the same script (but 
each with
different configuration data) under different virtual hosts.

	According to all of the documentation I've read, a script running under a
virtual host should be loaded into a package name derived from the virtual 
host.
This is supposed to be the default behavior. So the scripts SHOULD be 
independent.
We've even tried to set $Apache::Registry::NameWithVirtualHost = 1; in the 
startup.pl
file without success.

	We are seeing one virtual host script calling subroutines in another virtual
host script. Not what we expected. In the case of our large application we 
see that
many subroutines are prefixed with the virtual host name when we do a trace.

I have isolated the code that does this into half a dozen line. I've 
created
two versions of the trivial script to demonstrate the problem.
Test1:
---
package fred;
use CGI qw(:standard);
use strict;
sub test_sub {
 CGI::p("Host1 subroutine");
}
print CGI::header, start_html (), CGI::p("Host1 parent"), &test_sub(), 
end_html();
---

Test 2:

package fred;
use CGI qw(:standard);
use strict;
sub test_sub {
CGI::p("Host2 subroutine");
}
print CGI::header, start_html (), CGI::p("Host2 parent") , &test_sub(), 
end_html();

1;
From the httpd.conf file: (I'll include the configuration for one of the 
scripts)

  Inside one of our virtual host sections:
RewriteRule ^/Test(.*) /tmp/test/test1.pl

SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
Order deny,allow
deny from all
PerlSendHeader Off

Producing Problem Behavior:
To demonstrate the behavior I first restart Apache. The first time you 
make requests
to a fresh httpd either script works fine. Once started, subsequent 
requests made to the
first virtual host appear to override the subroutines from the second 
virtual host
such that subsequent calls to the second virtual host script end up calling the
subroutine from the first virtual host. Sometimes it's the other way around.
This should not happen according to what I've read.

At first we see normal behavior: [Output copied from browser]
Host1 parent
Host1 subroutine
Host2 parent
Host2 subroutine
Then the virtual hosts get a little confused...
Host1 parent
Host2 subroutine
...
Host2 parent
Host1 subroutine
Sometimes it is easy to reproduce the flaky behavior above, and other times 
it takes
quite a few reloads to do so. If you need additional information please 
feel free to
contact me.

Any help is greatly appreciated.
David

Software:
Apache: 1.3.33
mod_perl: 1.29
> /usr/local/bin/perl -V
Summary of my perl5 (revision 5 version 8 subversion 5) configuration:
  Platform:
osname=solaris, osvers=2.9, archname=sun4-solaris
uname='sunos library27 5.9 generic_117171-05 sun4u sparc 
sunw,sun-fire-v240 '
config_args='-de'
hint=recommended, useposix=true, d_sigaction=define
usethreads=undef use5005threads=undef useithreads=undef 
usemultiplicity=undef
useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
usemymalloc=n, bincompat5005=undef
  Compiler:
cc='gcc', ccflags ='-fno-strict-aliasing -pipe -I/usr/local/include 
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
optimize='-O',
cppflags='-fno-strict-aliasing -pipe -I/usr/local/include'
ccversion='', gccversion='3.3.2', gccosandvers='solaris2.9'
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=4321
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', 
lseeksize=8
alignbytes=8, prototype=define
  Linker and Libraries:
ld='gcc', ldflags =' -L/usr/local/lib '
libpth=/usr/local/lib /usr/lib /usr/ccs/lib
libs=-lsocket -lnsl -ldl -lm -lc
perllibs=-lsocket -lnsl -ldl -lm -lc
libc=/lib/libc.so, so=so, useshrplib=false, libperl=libperl.a
gnulibc_version=''
  Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
cccdlflags='-fPIC', lddlflags='-G -L/usr/local/lib'

 Characteristics of this binary (from libperl):
  Compile-time options: USE_LARGE_FILES
  Built under solaris
  Compiled at Oct 27 2004 10:53:27
  @INC:
/usr/local/lib/perl5/5.8.5/sun4-solaris
/usr/local/lib/perl5/5.8.5
/usr/local/lib/perl5/site_perl/5.8.5/sun4-solaris
/usr/local/lib/perl5/site_perl/5.8.5
/usr/local/lib/perl5/site_perl
.

[mp1] Conflict with identical scripts loaded into independent virtual hosts

2005-01-12 Thread David L. Fielding 

Topic: Conflict with identical scripts loaded into independent virtual hosts
Hello,
We have been running a single instance of a large Perl 
application under
Apache/mod_perl for a long time. We would like to run the same script (but 
each with
different configuration data) under different virtual hosts.

According to all of the documentation I've read, a script running 
under a
virtual host should be loaded into a package name derived from the virtual 
host.
This is supposed to be the default behavior. So the scripts SHOULD be 
independent.
We've even tried to set $Apache::Registry::NameWithVirtualHost = 1; in the 
startup.pl
file without success.

We are seeing one virtual host script calling subroutines in 
another virtual
host script. Not what we expected. In the case of our large application we 
see that
many subroutines are prefixed with the virtual host name when we do a trace.

I have isolated the code that does this into half a dozen line. 
I've created
two versions of the trivial script to demonstrate the problem.

Test1:
---
package fred;
use CGI qw(:standard);
use strict;
sub test_sub {
 CGI::p("Host1 subroutine");
}
print CGI::header, start_html (), CGI::p("Host1 parent"), &test_sub(), 
end_html();
---

Test 2:

package fred;
use CGI qw(:standard);
use strict;
sub test_sub {
CGI::p("Host2 subroutine");
}
print CGI::header, start_html (), CGI::p("Host2 parent") , &test_sub(), 
end_html();

1;
From the httpd.conf file: (I'll include the configuration for one of the 
scripts)

  Inside one of our virtual host sections:
RewriteRule ^/Test(.*) /tmp/test/test1.pl

SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
Order deny,allow
deny from all
PerlSendHeader Off

Producing Problem Behavior:
To demonstrate the behavior I first restart Apache. The first time 
you make requests
to a fresh httpd either script works fine. Once started, subsequent 
requests made to the
first virtual host appear to override the subroutines from the second 
virtual host
such that subsequent calls to the second virtual host script end up 
calling the
subroutine from the first virtual host. Sometimes it's the other way around.
This should not happen according to what I've read.

At first we see normal behavior: [Output copied from browser]
Host1 parent
Host1 subroutine
Host2 parent
Host2 subroutine
Then the virtual hosts get a little confused...
Host1 parent
Host2 subroutine
...
Host2 parent
Host1 subroutine
Sometimes it is easy to reproduce the flaky behavior above, and other 
times it takes
quite a few reloads to do so. If you need additional information please 
feel free to
contact me.

Any help is greatly appreciated.
David

Software:
Apache: 1.3.33
mod_perl: 1.29
> /usr/local/bin/perl -V
Summary of my perl5 (revision 5 version 8 subversion 5) configuration:
  Platform:
osname=solaris, osvers=2.9, archname=sun4-solaris
uname='sunos library27 5.9 generic_117171-05 sun4u sparc 
sunw,sun-fire-v240 '
config_args='-de'
hint=recommended, useposix=true, d_sigaction=define
usethreads=undef use5005threads=undef useithreads=undef 
usemultiplicity=undef
useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
usemymalloc=n, bincompat5005=undef
  Compiler:
cc='gcc', ccflags ='-fno-strict-aliasing -pipe -I/usr/local/include 
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
optimize='-O',
cppflags='-fno-strict-aliasing -pipe -I/usr/local/include'
ccversion='', gccversion='3.3.2', gccosandvers='solaris2.9'
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=4321
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
ivtype='long', ivsize=4, nvtype='double', nvsize=8, Off_t='off_t', 
lseeksize=8
alignbytes=8, prototype=define
  Linker and Libraries:
ld='gcc', ldflags =' -L/usr/local/lib '
libpth=/usr/local/lib /usr/lib /usr/ccs/lib
libs=-lsocket -lnsl -ldl -lm -lc
perllibs=-lsocket -lnsl -ldl -lm -lc
libc=/lib/libc.so, so=so, useshrplib=false, libperl=libperl.a
gnulibc_version=''
  Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
cccdlflags='-fPIC', lddlflags='-G -L/usr/local/lib'

 Characteristics of this binary (from libperl):
  Compile-time options: USE_LARGE_FILES
  Built under solaris
  Compiled at Oct 27 2004 10:53:27
  @INC:
/usr/local/lib/perl5/5.8.5/sun4-solaris
/usr/local/lib/perl5/5.8.5
/usr/local/lib/perl5/site_perl/5.8.5/sun4-solaris
/usr/local/lib/perl5/site_perl/5.8.5
/usr/local/lib/perl5/site_perl
.

Re: Perl module requiring mod_perl

2005-01-12 Thread Michael Schout 
Patrick LeBoutillier wrote:
Hi,
I am writing a Perl module the requires mod_perl to run. What I would like
to do detect if mod_perl is installed (and the appropriate version) directly
from Makefile.PL (PREREQ_PM).
just put something like this in PREREQ_PM
mod_perl => '1.9916'
That will require mod_perl v1.99_16 or later.
Regards,
Michael Schout

[mp2] fun with $r->location

2005-01-12 Thread Dorian Taylor 
i guess i had never come across it before, but i noticed today, in
an attempt to use $r->location as a prefix for scrubbing path
segments off the front of a request URI, that it's the innermost
 block that matches the URI path and that has a Perl*Handler
in it that is returned, not the one in which the handler was
registered.

i'm curious about what would be a good way of reliably getting at
the value of the proper  block (let's leave LocationMatch,
Files ~ etc out of this for the time being).

consider this (assuming @DocumentRoot@/foo/bar/bitz exists):


Options +Indexes +MultiViews
PerlTypeHandler +MyApache::NopHandler


SetHandler perl-script
PerlHandler +MyApache::NopResponse


#whatever, anything
Options +FollowSymlinks


suppose MyApache::NopHandler simply outputs $r->location to the
error log, and MyApache::NopResponse outputs the $r->location to the UA.

GET /foo/ yields the listing for /foo/, and NopHandler logs
$r->location to the error log as /foo.

GET /foo/bar yields the results of NopResponse (which just coughs
up its $r->location, /foo/bar), and NopHandler logs $r->location
as /foo/bar, even though it is registered in .

GET /foo/bar/bitz yields the same results as GET /foo/bar.

how would i reliably get MyApache::NopHandler to only ever emit
"/foo"?

cheers

.dorian

Re: [mp2] memory access violation in $subr->run

2005-01-12 Thread Philippe M. Chiasson 
Please read 
http://perl.apache.org/docs/2.0/user/help/help.html#Reporting_Problems
to learn how to submit a more complete bug report.
This will help us understand your problem better and speed up the bug fixing 
process.
Thanks!
Dorian Taylor wrote:
i'm running into a problem with the execution of subrequests. the
process dies in modperl_wbucket_flush. this problem occurs with the
same perl code in prefork.c and worker.c on osx.
note, the subrequest is run from a non-response handler (i've tried
header-parser through fixup, same effect). the crash will not occur
if the handler is invoked as a response handler.
if subrequests aren't meant to be run from non-response handlers,
i suggest trapping and throwing an error.
.dorian

Philippe M. Chiasson m/gozer\@(apache|cpan|ectoplasm)\.org/ GPG KeyID : 88C3A5A5
http://gozer.ectoplasm.org/ F9BF E0C2 480E 7680 1AE5 3631 CB32 A107 88C3A5A5


signature.asc
Description: OpenPGP digital signature

Re: [mp1] Conflict with identical scripts loaded into independent virtual hosts

2005-01-12 Thread Philippe M. Chiasson 
David L. Fielding wrote:
Topic: Conflict with identical scripts loaded into independent virtual hosts
Hello,
	We have been running a single instance of a large Perl application under
Apache/mod_perl for a long time. We would like to run the same script (but 
each with
different configuration data) under different virtual hosts.

	According to all of the documentation I've read, a script running under a
virtual host should be loaded into a package name derived from the virtual 
host.
This is correct behaviour, yes.
Test1:
---
package fred;
use CGI qw(:standard);
use strict;
sub test_sub {
  CGI::p("Host1 subroutine");
}
print CGI::header, start_html (), CGI::p("Host1 parent"), &test_sub(), 
end_html();
---
Your problem is caused by the fact that you explicitely define a package in 
your
registry script (package fred). Apache::Registry does wrap each registry script
in it's own package (vhost included), but you then place each script back into
the fred package. Thus colliding packages.

Philippe M. Chiasson m/gozer\@(apache|cpan|ectoplasm)\.org/ GPG KeyID : 88C3A5A5
http://gozer.ectoplasm.org/ F9BF E0C2 480E 7680 1AE5 3631 CB32 A107 88C3A5A5


signature.asc
Description: OpenPGP digital signature

Re: [mp2] fun with $r->location

2005-01-12 Thread Geoffrey Young 

> GET /foo/ yields the listing for /foo/, and NopHandler logs
> $r->location to the error log as /foo.
> 
> GET /foo/bar yields the results of NopResponse (which just coughs
> up its $r->location, /foo/bar), and NopHandler logs $r->location
> as /foo/bar, even though it is registered in .
> 
> GET /foo/bar/bitz yields the same results as GET /foo/bar.

those are all exactly what I would expect.  remember that for nested
 blocks settings are merged - it doesn't matter that your
PerlTypeHandler is registered to /foo, for the URL /foo/bar it is merged
with  and it is (ultimately)  (and
it's parent configurations) that service the request.

but fear not, you're not alone in not understanding how nested container
directives behave.  but this might help:

  http://httpd.apache.org/docs/sections.html

--Geoff

RE: OT: Free Software as a "Security Hole"

2005-01-12 Thread Goehring, Chuck, RCI - San Diego 
Thanks.  I actually found a mention in Stallman 
http://www.gnu.org/events/rms-nyu-2001-transcript.txt
 
 

From: Jay Scherrer [mailto:[EMAIL PROTECTED] 
Sent: Wed 1/12/2005 10:18 AM 
To: modperl@perl.apache.org 
Cc: 
Subject: Re: OT: Free Software as a "Security Hole"



Perhaps you sould read the source.
But I think your looking  for some backing  with your discussion. Try
posting to the [EMAIL PROTECTED] and  see  what
happens. Free software has their new zine out  perhaps take a read.

Jay Scherrer

On Wednesday 12 January 2005 09:21 am, Goehring, Chuck, RCI - San
Diego wrote:
> I post here for lack of a better place.  Sorry in advance to anyone
> offended.
>
>
>
> I was speaking to an acquaintance that has a security background
> and she told me her company prohibits the use of "Free" software
> because there is no guarantee that there are no "backdoors" in it.
>
>
>
> Has anyone successfully dealt with this problem, or seen
> authoritative opinions on the subject?
>
>
>
> Thanks
>
> Chuck