in reply to Re: using perl on server side for secure connections
in thread using perl on server side for secure connections

Thank you thanos for your detailed response. It takes me some time to work through the issues involved. I tried to get through on ssh as root, but I didn't seem to have the necessary values, nor was I allowed to make many attempts. It occurs to me now that I *couldn't* have the values necessary, as I'm just a guy who rents hosting services on 1and1. If all you needed to do was buy the lowest amount of webhosting they offer and have access to the whole enchilada, nothing would be secure.

I'm living a bit of different life to not have root priveleges. Many commands aren't available, such as passwd, but I realized that I was likely not going to be able to change /etc/ssh/sshd_config. If I did, I believe it might hold for all of the clients on that server. (yes/no)? I didn't fail for lack of attempts that usually do something for me in a new environment. Since they have more to do with unix than perl, I omit them. It would seem that ftp'ing is among the few tricks I can pull off with the filesystem they provide:

(uiserver):u61210220:/kunden/homepages/9/d349337426$ groups
ftpusers

[download]

What hit paydirt was the old, reliable

(uiserver):u61210220:~$  perl -MCPAN -e shell

[download]

The dialog confirmed what seemed manifest:

Warning: You do not have write permission for Perl library directories
+.

What approach do you want?  (Choose 'local::lib', 'sudo' or 'manual')
 [local::lib]

[download]

In one attempt, I selected 'sudo' but it was a quick dead end. What did work was making a local::lib in a place where I have write privileges. After autoconfiguration, I was left with values that needed to be added to the shell environment for any of this to work. They seem not to be persistent, so I wrapped these 4 commands in a little bash script, which I'll show between readmore tags with the new envelope variables.

Q4) Is there a more perl way to do this?

---------env vars----
HOME=/kunden/homepages/9/d349337426/htdocs
LANG=C
LC_CTYPE=en_US.UTF-8
LOGNAME=u61210220
MAIL=/var/mail/u61210220
PATH=/kunden/homepages/9/d349337426/htdocs/perl5/bin::/usr/local/sbin:
+/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
PERL5LIB=/kunden/homepages/9/d349337426/htdocs/perl5/lib/perl5
PERL_LOCAL_LIB_ROOT=/kunden/homepages/9/d349337426/htdocs/perl5
PERL_MB_OPT=--install_base "/kunden/homepages/9/d349337426/htdocs/perl
+5"
PERL_MM_OPT=INSTALL_BASE=/kunden/homepages/9/d349337426/htdocs/perl5
PWD=/kunden/homepages/9/d349337426/htdocs
SHELL=/bin/bash
SHLVL=2
SSH_CLIENT=10.71.53.5 46314 22
SSH_CONNECTION=10.71.53.5 46314 74.208.56.168 22
SSH_TTY=/dev/pts/0
TERM=xterm-256color
USER=u61210220
_=/usr/bin/env
---------bash driver----
#!/bin/bash
#  
# 
...
PATH="/kunden/homepages/9/d349337426/htdocs/perl5/bin${PATH:+:${PATH}}
+"; export PATH;
PERL5LIB="/kunden/homepages/9/d349337426/htdocs/perl5/lib/perl5${PERL5
+LIB:+:${PERL5LIB}}"; export PERL5LIB;
PERL_LOCAL_LIB_ROOT="/kunden/homepages/9/d349337426/htdocs/perl5${PERL
+_LOCAL_LIB_ROOT:+:${PERL_LOCAL_LIB_ROOT}}"; export PERL_LOCAL_LIB_ROO
+T;
PERL_MB_OPT="--install_base \"/kunden/homepages/9/d349337426/htdocs/pe
+rl5\""; export PERL_MB_OPT;
PERL_MM_OPT="INSTALL_BASE=/kunden/homepages/9/d349337426/htdocs/perl5"
+; export PERL_MM_OPT;
...
cd "perlmonks"
cd "scripts"
perl 1.upload.pl /home/bob/1.scripts/8.nik.pl | tee -a "$out"
...
exit $SUCCESS

[download]

The good news is that I have a script that can find the necessary modules. I am attempting to run an upload script for the server side, which I found by lurking on a node a few weeks back. I get an error that a file does not exist, but I do have a /home/bob/1.scripts/8.nik.pl on my local machine.

-------executing 1.upload.sh
Can't open /home/bob/1.scripts/8.nik.pl: No such file or directory at 
+/kunden/homepages/9/d349337426/htdocs/perl5/lib/perl5/CGI/Lite.pm lin
+e 862.
Use of uninitialized value $readme in concatenation (.) or string at 1
+.upload.pl line 79.
Use of uninitialized value $readme in <HANDLE> at 1.upload.pl line 87.
readline() on unopened filehandle at 1.upload.pl line 87.

-------cat 1.upload.pl
#!/usr/bin/perl

# Simple example that displays the data associated with
# the "readme" file field in a multiform/form-data request.

use strict;
use warnings;
use CGI::Lite;

my $cgi = CGI::Lite->new;

# Die if the directory is invalid (i.e doesn't exist, can't
# read or write to it, or is not a directory).

$cgi->set_directory ("/tmp") or die "Directory doesn't exist.\n";

# Set the platform. "Unix" is the default. The method accepts 
# platforms in a case insensitive manner, so you can pass 
# "UNIX", "Unix", "unix", etc.

$cgi->set_platform ("Unix");

# Set the buffer size to 1024 bytes (1K). This is the default.

$cgi->set_buffer_size (1024);

# Let's change the way uploaded files are named!

$cgi->filter_filename (\&my_way);

# Tell the module to return filehandles.

$cgi->set_file_type ('handle');

# We want CGI::Lite to perform EOL conversion for all files that have 
+the
# following MIME types:
#
#     application/mac-binhex40
#     application/binhex-40
#
# so, we use the add_mime_type method. In addition, we don't want 
# files of MIME type: text/html to be converted. I'm sure you wouldn't
# want to do that in real life :-)

$cgi->add_mime_type ('application/mac-binhex40');
$cgi->add_mime_type ('application/binhex-40');
$cgi->remove_mime_type ('text/html');

# Let's go ahead and parse the data!

my $data = $cgi->parse_form_data;

print "Content-type: text/plain", "\n\n";

if ($cgi->is_error) {
    my $error_message = $cgi->get_error_message;

    print <<End_of_Error;

Oops! An error occurred while uploading the file. Please go back
and try to upload the file again. In the meanwhile, you may
want to report the following error to the Webmaster:

$error_message

Sorry, and thanks for being patient!

End_of_Error

} else {

    # Dereferences the variable to get a filehandle. Then,
    # iterates through the file, displaying each line to STDOUT.
    #
    # NOTE: $readme also contains the name of the file.

    my $readme = $data->{readme};

    print <<End_of_Header;

Thanks for uploading the file: $readme to our server. Just
in case you're interested, here are the contents of your uploaded
file:

End_of_Header

    while (<$readme>) {
        print;
    }

    # Make sure to close the file!

    $cgi->close_all_files;
}

exit (0);

sub my_way
{
    my $file = shift;

    $file =~ tr/A-Z/a-z/;                # Upper to lowercase
    $file =~ s/(?:%20)+/_/g;             # One or more spaces to "_"
    $file =~ s/%[\da-fA-F]{2}//g;        # Remove all %xx

    return ($file);
}

[download]

I have never executed a CGI script before so I don't know if this is a perfectly good script that I don't know how to work. Currently, the line that draws the error is

while (<$readme>) {

Q5) Given that ~/perlmonks/scripts/uploads is where I want files to land, what perl script will get them there?

Replies are listed 'Best First'.
Re^3: using perl on server side for secure connections
by hippo (Archbishop) on Sep 17, 2018 at 08:30 UTC
    I have never executed a CGI script before so I don't know if this is a perfectly good script that I don't know how to work.

    CGI is a protocol for exchange of data between client and server over HTTP (that's a simplification). The important part here is the "over HTTP" bit. If you are intending to run this script over the web then you'll most likely want to construct a form (which may be static) to go with this script which will then be the form handler. There's more about CGI in the Tutorials section.

    Conversely, if you are not intending to use a script like this over HTTP then it would be better and simpler not to use CGI in the first place.

    It's not immediately clear to me from reading this thread what your ultimate goal is.

[reply]

      Thank you for the reference, hippo, I was able to do a couple things that move my aspirations forward. I use a bash script to set the envelope conditions, wrap the perl upload, and wrap the output with monastery tags. It doesn't quite work but I get enough output to move forward.

      Read more... (2 kB)

      Here is a listing of the uploaded file:

      remote dir is /perlmonks/scripts/cgi
.
..
1.color.cgi
-------cat uploaded file
#!/usr/bin/perl -wT
use 5.011;
use CGI qw(:standard);
use CGI::Carp qw(warningsToBrowser fatalsToBrowser);


# declare the colors hash:
my %colors = (    red => "#ff0000", green=> "#00ff00",
    blue => "#0000ff",    black => "#000000",
    white => "#ffffff" );

# print the html headers
print header;
print start_html("Colors");

foreach my $color (keys %colors) {
    print "<font color=\"$colors{$color}\">$color</font>\n";   
}
print end_html;

__END__

      [download]

      This is the result of the filename as a command:

      
-------executing 1.color.cgi
Content-Type: text/html; charset=ISO-8859-1

<!DOCTYPE html
    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-U
+S">
<head>
<title>Colors</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1
+" />
</head>
<body>
<font color="#000000">black</font>
<font color="#ffffff">white</font>
<font color="#00ff00">green</font>
<font color="#0000ff">blue</font>
<font color="#ff0000">red</font>

</body>
</html>

      [download]

      And this completes the goal I had for this thread, to upload and execute a perl CGI script. Thanks all for comments,

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom