diff options
| -rw-r--r-- | Bugzilla/ModPerl.pm | 118 | ||||
| -rw-r--r-- | Bugzilla/ModPerl/BasicAuth.pm | 65 | ||||
| -rw-r--r-- | Bugzilla/ModPerl/StartupFix.pm | 51 | ||||
| -rw-r--r-- | mod_perl.pl | 197 |
4 files changed, 0 insertions, 431 deletions
diff --git a/Bugzilla/ModPerl.pm b/Bugzilla/ModPerl.pm deleted file mode 100644 index 19cd1128f..000000000 --- a/Bugzilla/ModPerl.pm +++ /dev/null @@ -1,118 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. -package Bugzilla::ModPerl; - -use 5.10.1; -use strict; -use warnings; - -use File::Find (); -use Cwd (); -use Carp (); - -# We don't need (or want) to use Bugzilla's template subclass. -# it is easier to reason with the code without all the extra things Bugzilla::Template adds -# (and there might be side-effects, since this code is loaded very early in the httpd startup) -use Template (); - -use Bugzilla::ModPerl::BlockIP; -use Bugzilla::ModPerl::Hostage; - -sub apache_config { - my ($class, $cgi_path) = @_; - - Carp::croak "\$cgi_path is required" unless $cgi_path; - - my %htaccess; - $cgi_path = Cwd::realpath($cgi_path); - my $wanted = sub { - package File::Find; - our ($name, $dir); - - if ($name =~ m#/\.htaccess$#) { - open my $fh, '<', $name or die "cannot open $name $!"; - my $contents = do { - local $/ = undef; - <$fh>; - }; - close $fh; - $htaccess{$dir} = { file => $name, contents => $contents, dir => $dir }; - } - }; - - File::Find::find( { wanted => $wanted, no_chdir => 1 }, $cgi_path ); - my $template = Template->new; - my $conf; - my %vars = ( - root_htaccess => delete $htaccess{$cgi_path}, - htaccess_files => [ map { $htaccess{$_} } sort { length $a <=> length $b } keys %htaccess ], - cgi_path => $cgi_path, - ); - $template->process(\*DATA, \%vars, \$conf); - my $apache_version = Apache2::ServerUtil::get_server_version(); - if ($apache_version =~ m!Apache/(\d+)\.(\d+)\.(\d+)!) { - my ($major, $minor, $patch) = ($1, $2, $3); - if ($major > 2 || $major == 2 && $minor >= 4) { - $conf =~ s{^\s+deny\s+from\s+all.*$}{Require all denied}gmi; - $conf =~ s{^\s+allow\s+from\s+all.*$}{Require all granted}gmi; - $conf =~ s{^\s+allow\s+from\s+(\S+).*$}{Require host $1}gmi; - } - } - - return $conf; -} - -1; - -__DATA__ -# Make sure each httpd child receives a different random seed (bug 476622). -# Bugzilla::RNG has one srand that needs to be called for -# every process, and Perl has another. (Various Perl modules still use -# the built-in rand(), even though we never use it in Bugzilla itself, -# so we need to srand() both of them.) -PerlChildInitHandler "sub { Bugzilla::RNG::srand(); srand(); eval { Bugzilla->dbh->ping } }" -PerlInitHandler Bugzilla::ModPerl::Hostage -PerlAccessHandler Bugzilla::ModPerl::BlockIP - -# It is important to specify ErrorDocuments outside of all directories. -# These used to be in .htaccess, but then things like "AllowEncodedSlashes no" -# mean that urls containing %2f are unstyled. -ErrorDocument 401 /errors/401.html -ErrorDocument 403 /errors/403.html -ErrorDocument 404 /errors/404.html -ErrorDocument 500 /errors/500.html - -<Directory "[% cgi_path %]"> - AddHandler perl-script .cgi - # No need to PerlModule these because they're already defined in mod_perl.pl - PerlResponseHandler Bugzilla::ModPerl::ResponseHandler - PerlCleanupHandler Bugzilla::ModPerl::CleanupHandler Apache2::SizeLimit - PerlOptions +ParseHeaders - Options +ExecCGI +FollowSymLinks - DirectoryIndex index.cgi index.html - AllowOverride none - # from [% root_htaccess.file %] - [% root_htaccess.contents FILTER indent %] -</Directory> - -# AWS SES endpoint for handling mail bounces/complaints -<Location "/ses"> - PerlSetEnv AUTH_VAR_NAME ses_username - PerlSetEnv AUTH_VAR_PASS ses_password - PerlAuthenHandler Bugzilla::ModPerl::BasicAuth - AuthName SES - AuthType Basic - require valid-user -</Location> - -# directory rules for all the other places we have .htaccess files -[% FOREACH htaccess IN htaccess_files %] -# from [% htaccess.file %] -<Directory "[% htaccess.dir %]"> - [% htaccess.contents FILTER indent %] -</Directory> -[% END %] diff --git a/Bugzilla/ModPerl/BasicAuth.pm b/Bugzilla/ModPerl/BasicAuth.pm deleted file mode 100644 index 7248a19f3..000000000 --- a/Bugzilla/ModPerl/BasicAuth.pm +++ /dev/null @@ -1,65 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. -package Bugzilla::ModPerl::BasicAuth; -use 5.10.1; -use strict; -use warnings; - -# Protects a mod_perl <Location> with Basic HTTP authentication. -# -# Example use: -# -# <Location "/ses"> -# PerlAuthenHandler Bugzilla::ModPerl::BasicAuth -# PerlSetEnv AUTH_VAR_NAME ses_username -# PerlSetEnv AUTH_VAR_PASS ses_password -# AuthName SES -# AuthType Basic -# require valid-user -# </Location> -# -# AUTH_VAR_NAME and AUTH_VAR_PASS are the names of variables defined in -# `localconfig` which hold the authentication credentials. - -use Apache2::Const -compile => qw(OK HTTP_UNAUTHORIZED); ## no critic (Freenode::ModPerl) -use Bugzilla::Logging; -use Bugzilla (); - -sub handler { - my $r = shift; - my ($status, $password) = $r->get_basic_auth_pw; - if ($status != Apache2::Const::OK) { - WARN("Got non-OK status: $status when trying to get password"); - return $status - } - - my $auth_var_name = $ENV{AUTH_VAR_NAME}; - my $auth_var_pass = $ENV{AUTH_VAR_PASS}; - unless ($auth_var_name && $auth_var_pass) { - ERROR('AUTH_VAR_NAME and AUTH_VAR_PASS environmental vars not set'); - $r->note_basic_auth_failure; - return Apache2::Const::HTTP_UNAUTHORIZED; - } - - my $auth_user = Bugzilla->localconfig->{$auth_var_name}; - my $auth_pass = Bugzilla->localconfig->{$auth_var_pass}; - unless ($auth_user && $auth_pass) { - ERROR("$auth_var_name and $auth_var_pass not configured"); - $r->note_basic_auth_failure; - return Apache2::Const::HTTP_UNAUTHORIZED; - } - - unless ($r->user eq $auth_user && $password eq $auth_pass) { - $r->note_basic_auth_failure; - WARN('username and password do not match'); - return Apache2::Const::HTTP_UNAUTHORIZED; - } - - return Apache2::Const::OK; -} - -1; diff --git a/Bugzilla/ModPerl/StartupFix.pm b/Bugzilla/ModPerl/StartupFix.pm deleted file mode 100644 index bcc467e9f..000000000 --- a/Bugzilla/ModPerl/StartupFix.pm +++ /dev/null @@ -1,51 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. -package Bugzilla::ModPerl::StartupFix; -use 5.10.1; -use strict; -use warnings; - -use Filter::Util::Call; -use Apache2::ServerUtil (); - -# This module is a source filter that removes every subsequent line -# if this is the first time apache has started, -# as reported by Apache2::ServerUtil::restart_count(), which is 1 -# on the first start. - -my $FIRST_STARTUP = <<'CODE'; -warn "Bugzilla::ModPerl::StartupFix: Skipping first startup using source filter\n"; -1; -CODE - -sub import { - my ($class) = @_; - my ($ref) = {}; - filter_add( bless $ref, $class ); -} - -# this will be called for each line. -# For the first line replaced, we insert $FIRST_STARTUP. -# Every subsequent line is replaced with an empty string. -sub filter { - my ($self) = @_; - my ($status); - if ($status = filter_read() > 0) { - if (Apache2::ServerUtil::restart_count() < 2) { - if (!$self->{did_it}) { - $self->{did_it} = 1; - $_ = $FIRST_STARTUP; - } - else { - $_ = ""; - } - } - } - return $status; -} - -1;
\ No newline at end of file diff --git a/mod_perl.pl b/mod_perl.pl deleted file mode 100644 index ff84e523e..000000000 --- a/mod_perl.pl +++ /dev/null @@ -1,197 +0,0 @@ -#!/usr/bin/perl -T -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. - -package Bugzilla::ModPerl; - -use 5.10.1; -use strict; -use warnings; - -# This sets up our libpath without having to specify it in the mod_perl -# configuration. -use File::Basename; -use File::Spec; -BEGIN { - require lib; - my $dir = dirname(__FILE__); - lib->import($dir, File::Spec->catdir($dir, "lib"), File::Spec->catdir($dir, qw(local lib perl5))); -} - -use Bugzilla::ModPerl::StartupFix; -use Taint::Util qw(untaint); - -use constant USE_NYTPROF => !! $ENV{USE_NYTPROF}; -use constant NYTPROF_DIR => do { - my $dir = $ENV{NYTPROF_DIR}; - untaint($dir); - $dir; -}; -BEGIN { - if (USE_NYTPROF) { - $ENV{NYTPROF} = "savesrc=0:start=no:addpid=1"; - } -} -use if USE_NYTPROF, 'Devel::NYTProf::Apache'; - -use Bugzilla::Constants (); - -# If you have an Apache2::Status handler in your Apache configuration, -# you need to load Apache2::Status *here*, so that any later-loaded modules -# can report information to Apache2::Status. -#use Apache2::Status (); - -# We don't want to import anything into the global scope during -# startup, so we always specify () after using any module in this -# file. - -use Apache2::Log (); -use Apache2::ServerUtil; -use Apache2::SizeLimit; -use ModPerl::RegistryLoader (); -use File::Basename (); -use File::Find (); -use English qw(-no_match_vars $OSNAME); - -# This loads most of our modules. -use Bugzilla (); -# Loading Bugzilla.pm doesn't load this, though, and we want it preloaded. -use Bugzilla::BugMail (); -use Bugzilla::CGI (); -use Bugzilla::Extension (); -use Bugzilla::Install::Requirements (); -use Bugzilla::Util (); -use Bugzilla::RNG (); -use Bugzilla::ModPerl (); - -# Make warnings go to the virtual host's log and not the main -# server log. -BEGIN { *CORE::GLOBAL::warn = \&Apache2::ServerRec::warn; } - -# Pre-compile the CGI.pm methods that we're going to use. -Bugzilla::CGI->compile(qw(:cgi :push)); - -# This means that every httpd child will die after processing a request if it -# is taking up more than $apache_size_limit of RAM all by itself, not counting RAM it is -# sharing with the other httpd processes. -my $limit = Bugzilla->localconfig->{apache_size_limit}; -if ($OSNAME eq 'linux' && ! eval { require Linux::Smaps }) { - WARN('SizeLimit requires Linux::Smaps on linux. size limit set to 800MB'); - $limit = 800_000; -} -Apache2::SizeLimit->set_max_unshared_size($limit); - -my $cgi_path = Bugzilla::Constants::bz_locations()->{'cgi_path'}; - -# Set up the configuration for the web server -my $server = Apache2::ServerUtil->server; -my $conf = Bugzilla::ModPerl->apache_config($cgi_path); -$server->add_config([ grep { length $_ } split("\n", $conf)]); - -# Pre-load localconfig. It might already be loaded, but we need to make sure. -Bugzilla->localconfig; -if ($ENV{LOCALCONFIG_ENV}) { - delete @ENV{ (Bugzilla::Install::Localconfig::ENV_KEYS) }; -} - -# Pre-load all extensions -Bugzilla::Extension->load_all(); - -Bugzilla->preload_features(); - -# Force instantiation of template so Bugzilla::Template::PreloadProvider can do its magic. -Bugzilla->template; - -# Have ModPerl::RegistryLoader pre-compile all CGI scripts. -my $rl = new ModPerl::RegistryLoader(); -# If we try to do this in "new" it fails because it looks for a -# Bugzilla/ModPerl/ResponseHandler.pm -$rl->{package} = 'Bugzilla::ModPerl::ResponseHandler'; -my $feature_files = Bugzilla::Install::Requirements::map_files_to_features(); - -# Prevent "use lib" from doing anything when the .cgi files are compiled. -# This is important to prevent the current directory from getting into -# @INC and messing things up. (See bug 630750.) -no warnings 'redefine'; -local *lib::import = sub {}; -use warnings; - -foreach my $file (glob "$cgi_path/*.cgi") { - my $base_filename = File::Basename::basename($file); - if (my $feature = $feature_files->{$base_filename}) { - next if !Bugzilla->feature($feature); - } - Bugzilla::Util::trick_taint($file); - $rl->handler($file, $file); -} - -# Some items might already be loaded into the request cache -# best to make sure it starts out empty. -# Because of bug 1347335 we also do this in init_page(). -Bugzilla::clear_request_cache(); - -package Bugzilla::ModPerl::ResponseHandler; -use strict; -use base qw(ModPerl::Registry); -use Bugzilla; -use Bugzilla::Constants qw(USAGE_MODE_REST bz_locations); -use Time::HiRes; -use Sys::Hostname; - -sub handler : method { - my $class = shift; - - # $0 is broken under mod_perl before 2.0.2, so we have to set it - # here explicitly or init_page's shutdownhtml code won't work right. - $0 = $ENV{'SCRIPT_FILENAME'}; - - # Prevent "use lib" from modifying @INC in the case where a .cgi file - # is being automatically recompiled by mod_perl when Apache is - # running. (This happens if a file changes while Apache is already - # running.) - no warnings 'redefine'; - local *lib::import = sub {}; - use warnings; - - if (Bugzilla::ModPerl::USE_NYTPROF) { - state $count = {}; - state $dir = Bugzilla::ModPerl::NYTPROF_DIR // bz_locations()->{datadir}; - state $host = (split(/\./, hostname()))[0]; - my $script = File::Basename::basename($ENV{SCRIPT_FILENAME}); - $script =~ s/\.cgi$//; - my $file = $dir . "/nytprof.$host.$script." . ++$count->{$$}; - DB::enable_profile($file); - } - Bugzilla::init_page(); - my $result = $class->SUPER::handler(@_); - if (Bugzilla::ModPerl::USE_NYTPROF) { - DB::disable_profile(); - DB::finish_profile(); - } - - # When returning data from the REST api we must only return 200 or 304, - # which tells Apache not to append its error html documents to the - # response. - return Bugzilla->usage_mode == USAGE_MODE_REST && $result != 304 - ? Apache2::Const::OK - : $result; -} - - -package Bugzilla::ModPerl::CleanupHandler; -use strict; -use Apache2::Const -compile => qw(OK); - -sub handler { - my $r = shift; - - Bugzilla::_cleanup(); - - return Apache2::Const::OK; -} - -1; |