[19744] in Perl-Users-Digest
Perl-Users Digest, Issue: 1939 Volume: 10
daemon@ATHENA.MIT.EDU (Perl-Users Digest)
Tue Oct 16 11:11:42 2001
Date: Tue, 16 Oct 2001 08:10:12 -0700 (PDT)
From: Perl-Users Digest <Perl-Users-Request@ruby.OCE.ORST.EDU>
To: Perl-Users@ruby.OCE.ORST.EDU (Perl-Users Digest)
Message-Id: <1003245012-v10-i1939@ruby.oce.orst.edu>
Content-Type: text
Perl-Users Digest Tue, 16 Oct 2001 Volume: 10 Number: 1939
Today's topics:
Re: putting $1..$9 into a replacement string such as $r <bart.lateur@skynet.be>
Re: putting $1..$9 into a replacement string such as $r (=?ISO-8859-1?Q?sh=F2wd=F6g?=)
Re: putting $1..$9 into a replacement string such as $r (=?ISO-8859-1?Q?sh=F2wd=F6g?=)
Re: putting $1..$9 into a replacement string such as $r (Martien Verbruggen)
reference as a sub name (perl misk)
Re: reference as a sub name <kai@jendrian.de>
Re: reference as a sub name <sguazt@infodrome.net>
Unicode chars and Nimbda? <simon.oliver@umist.ac.uk>
Re: Unicode chars and Nimbda? <Thomas@Baetzler.de>
Writing and reading encrypted string (password) <dump@the-core.net>
Re: Writing and reading encrypted string (password) <paule.p-deleteme-@gmx.de>
Re: Writing and reading encrypted string (password) <dump@the-core.net>
Re: Writing and reading encrypted string (password) <bart.lateur@skynet.be>
Re: Writing and reading encrypted string (password) (John J. Trammell)
Re: Writing and reading encrypted string (password) <bart.lateur@skynet.be>
Digest Administrivia (Last modified: 6 Apr 01) (Perl-Users-Digest Admin)
----------------------------------------------------------------------
Date: Tue, 16 Oct 2001 12:04:17 GMT
From: Bart Lateur <bart.lateur@skynet.be>
Subject: Re: putting $1..$9 into a replacement string such as $repl="=csinfo$1$2^$3"
Message-Id: <qc8ostcrjm8g62777foqtueg7aqo07ekca@4ax.com>
Joe Smith wrote:
>Well, almost. On Win32, "\r\n" is converted to "\n" and on
>MacOS-classic, "\r" is converted to "\n" (if no binmode(FOO)).
No. On MacOS, "\r" nor "\n" are converted. It's just that the meaning of
"\r" and "\n" is the reverse of what it is on other Ascii oriented
platforms: "\r" is chr(10) and "\n" is chr(13).
You're right about Windows, though. "\015\012" is turned into "\012"
when reading from a text file, and the other way around when prointing
to a text file handle. binmode() serves to prevent this conversion, if
you don't want it.
--
Bart.
------------------------------
Date: 16 Oct 2001 06:27:46 -0700
From: showdog@my-deja.com (=?ISO-8859-1?Q?sh=F2wd=F6g?=)
Subject: Re: putting $1..$9 into a replacement string such as $repl="=csinfo$1$2^$3"
Message-Id: <187c116b.0110160527.41129d83@posting.google.com>
Bernard El-Hagin <bernard.el-hagin@lido-tech.net> wrote in message news:<slrn9sno35.85e.bernard.el-hagin@gdndev25.lido-tech>...
> On 15 Oct 2001 14:44:07 -0700, shòwdög <showdog@my-deja.com> wrote:
>
>
> [snip]
>
>
> > Another related question, when you read a line :
> >
> > while <FOO> {}
> >
> > is $_ a single quoted or double quoted variable? based on what i see
> > it is neither, if that makes sense.
>
>
> I don't understand this. The way $_ is interpreted depends
> on how it's quoted.
while <FOO> {
print;
}
In that context?
This is not important to me anyway. What I REALLY need is an answer
to the first q I posted. Its got me and my development team
stumped!!! I will post it again here...
use warnings;
use strict;
my $repl='this is $1. hi there.';
my $search='(foo)';
my $strText="foo foo";
$strText =~ s/$search/$repl/gi;
# what I want the above line to evaluate to is:
# $strText =~ s/(foo)/this is $1. hi there./gi;
print $strText;
__END__
this is $1. hi there. this is $1. hi there.
how do I get $strText to contain "foo" instead of $1?
------------------------------
Date: 16 Oct 2001 06:33:16 -0700
From: showdog@my-deja.com (=?ISO-8859-1?Q?sh=F2wd=F6g?=)
Subject: Re: putting $1..$9 into a replacement string such as $repl="=csinfo$1$2^$3"
Message-Id: <187c116b.0110160533.6febc1c9@posting.google.com>
inwap@best.com (Joe Smith) wrote in message news:<9qgvvj$966$1@nntp1.ba.best.com>...
> In article <187c116b.0110151344.73b0e1f3@posting.google.com>,
> =?ISO-8859-1?Q?sh=F2wd=F6g?= <showdog@my-deja.com> wrote:
> >Another related question, when you read a line :
> >
> >while <FOO> {}
> >
> >is $_ a single quoted or double quoted variable? based on what i see
> >it is neither, if that makes sense.
>
> $_ is not a "quoted variable". It is a scalar variable that has a
> string, consisting of one line of bytes from the intput file, verbatim.
> Well, almost. On Win32, "\r\n" is converted to "\n" and on
> MacOS-classic, "\r" is converted to "\n" (if no binmode(FOO)).
>
> Anyway, if the line from the file is
>
> $5 can't be right, said "the man"
>
> then the contents of $_ will include an actual dollar sign, an
> apostrophe, and two double quotes.
> -Joe
Thanks Joe! That's what I thought. I'm still perplexed though, as
this relates to my original question (I posted a reply to Bernard
where I re-worded it).
Nice page by the way, I worked on a PDP-11 for a couple of years in
'97-'98, it was "fun" to say the least. Too bad I didn't try to load
perl on it.
------------------------------
Date: Tue, 16 Oct 2001 23:51:58 +1000
From: mgjv@tradingpost.com.au (Martien Verbruggen)
Subject: Re: putting $1..$9 into a replacement string such as $repl="=csinfo$1$2^$3"
Message-Id: <slrn9soeru.di2.mgjv@martien.heliotrope.home>
On 16 Oct 2001 06:27:46 -0700,
shòwdög <showdog@my-deja.com> wrote:
> Bernard El-Hagin <bernard.el-hagin@lido-tech.net> wrote in message news:<slrn9sno35.85e.bernard.el-hagin@gdndev25.lido-tech>...
>> On 15 Oct 2001 14:44:07 -0700, shòwdög <showdog@my-deja.com> wrote:
[snippage of quoting stuff]
> This is not important to me anyway. What I REALLY need is an answer
> to the first q I posted. Its got me and my development team
> stumped!!! I will post it again here...
>
> use warnings;
> use strict;
> my $repl='this is $1. hi there.';
> my $search='(foo)';
> my $strText="foo foo";
>
> $strText =~ s/$search/$repl/gi;
> # what I want the above line to evaluate to is:
> # $strText =~ s/(foo)/this is $1. hi there./gi;
>
> print $strText;
> __END__
> this is $1. hi there. this is $1. hi there.
>
> how do I get $strText to contain "foo" instead of $1?
Maybe you want
eval "\$strText =~ s/$search/$repl/gi";
or maybe you don't. This eval is going to be terribly slow.
Maybe you should take a step back, and describe at a higher level what
it is you need to do. We may have better ideas to solve the problem.
Martien
PS. I thought someone already answered this question in this thread? I
seem to recall I saw someone mention eval earlier today.
--
Martien Verbruggen |
Interactive Media Division | In the fight between you and the
Commercial Dynamics Pty. Ltd. | world, back the world - Franz Kafka
NSW, Australia |
------------------------------
Date: 16 Oct 2001 04:22:23 -0700
From: perlmisk@yahoo.co.uk (perl misk)
Subject: reference as a sub name
Message-Id: <7fe42fcd.0110160322.35f5ca34@posting.google.com>
reference as a sub name (I think)
I have a config file:
config.file
@abc = qw %a b c%;
@num = qw %1 2 3%;
and a Perl module that requires the above file.
A sub within the pm is called with a user name as a parameter:
sub get_list {
my $user = shift;
<taint check code snipped>
no strict 'refs';
print @main::{$user}; # how can I access the users' array?
}
The above assumes I want to get an element, instead I want the whole
array.
And is there a way to "use extra-strict". Something that I don't like
about Perl is I now have to check each sub at the start to ensure it
was called with valid parameters, maybe this is too bigger overhead to
worry about but I am very pessimistic - but not desperate so I wont
use Java.
------------------------------
Date: Tue, 16 Oct 2001 13:59:55 +0200
From: Kai Jendrian <kai@jendrian.de>
Subject: Re: reference as a sub name
Message-Id: <628osto6q8lib1hpts9s98rhalqh16t2i7@4ax.com>
Hello,
On 16 Oct 2001 04:22:23 -0700, perlmisk@yahoo.co.uk (perl misk) wrote:
>And is there a way to "use extra-strict". Something that I don't like
>about Perl is I now have to check each sub at the start to ensure it
>was called with valid parameters, maybe this is too bigger overhead to
>worry about but I am very pessimistic - but not desperate so I wont
>use Java.
What about using prototypes?
sub foo ($) {
my $bar = shift;
print "$bar\n";
}
foo('bar'); # fine
foo('bar','nobar'); # should not be allowed
gives you an error!
perldoc perlsub
or http://www.perldoc.com/perl5.6.1/pod/perlsub.html#Prototypes should
help.
.kai
------------------------------
Date: Tue, 16 Oct 2001 14:31:34 +0200
From: "Marco Guazzone" <sguazt@infodrome.net>
Subject: Re: reference as a sub name
Message-Id: <9qh8d3$58$1@serv1.iunet.it>
Hi,
I don't known if I have understood your problem;
anyway if $user is one of '@abc' or '@num' then
you can try with:
sub get_list
{
my $user = shift;
# note: 'eval' interpolates $user and evaluates the result
print join(',', eval($user)), "\n";
}
This work if @abc (or @num) are declared with local,
our, or my (for our e my however there is the constraint
that variables have to be declared before sub definition:
our @abc=....;# or my @abc
sub get_list ....
)
For the parameter checking in a subroutine, if you
don't like check anytime, you can use prototypes; e.g.:
sub get_list($)
{
# ...
}
In these case is Perl that does the check.
Guazzone Marco
"perl misk" <perlmisk@yahoo.co.uk> wrote in message
news:7fe42fcd.0110160322.35f5ca34@posting.google.com...
> reference as a sub name (I think)
>
> I have a config file:
>
> config.file
> @abc = qw %a b c%;
> @num = qw %1 2 3%;
>
>
> and a Perl module that requires the above file.
>
> A sub within the pm is called with a user name as a parameter:
>
> sub get_list {
> my $user = shift;
>
> <taint check code snipped>
>
> no strict 'refs';
> print @main::{$user}; # how can I access the users' array?
> }
>
> The above assumes I want to get an element, instead I want the whole
> array.
>
> And is there a way to "use extra-strict". Something that I don't like
> about Perl is I now have to check each sub at the start to ensure it
> was called with valid parameters, maybe this is too bigger overhead to
> worry about but I am very pessimistic - but not desperate so I wont
> use Java.
------------------------------
Date: Tue, 16 Oct 2001 13:22:40 +0100
From: Simon Oliver <simon.oliver@umist.ac.uk>
Subject: Unicode chars and Nimbda?
Message-Id: <3BCC2690.99913D3A@umist.ac.uk>
Here is part of a log from a code red attack:
2001-10-16 10:28:49 65.70.65.126 - GET /default.ida
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
200 www.worm.com - -
The stuff at the end looks like unicode but what does it translate too?
Sounds like a job for Perl but I don't know how?
--
Simon Oliver
------------------------------
Date: Tue, 16 Oct 2001 14:34:02 +0200
From: =?ISO-8859-1?Q?Thomas_B=E4tzler?= <Thomas@Baetzler.de>
Subject: Re: Unicode chars and Nimbda?
Message-Id: <g7aost0jndhttagrkn97ljfpr1da19468p@4ax.com>
On Tue, 16 Oct 2001, Simon Oliver <simon.oliver@umist.ac.uk> wrote:
[Code Red Virus attack request URL]
>The stuff at the end looks like unicode but what does it translate too?
i386 machine code. You'd have to disassemble it to make any sense of it.
HTH,
--
use strict;my($i,$t,@r)=(0,'5 -.@BHJPT4acd6e2hk2lmn2o4r2s3tuz',map{ord}
split//,unpack('u*','L#`T&)QD5#0`#!!`#%1D)#08`#P05!!(3``$$"``#"0L&``('.
'"`P<!`````0$`'));$t=~s/(\d)(.)/$2x$1/eg;map{$t.=substr$t,$i,1,''while
$_--;$i++}@r;print"$t\n";# Thomas@Baetzler.de - http://baetzler.de/perl
------------------------------
Date: Tue, 16 Oct 2001 15:10:32 +0200
From: Lars Oeschey <dump@the-core.net>
Subject: Writing and reading encrypted string (password)
Message-Id: <iacost8vkrbidcifqg7ls6d9gue5jesj4t@4ax.com>
Hi,
can someone perhaps give me a hint on how I could store a password in
some config file encrypted?
The password should be written by the perl program (e.g. call the perl
prog with a special parameter and the password), and the perl program
must be able to read and decrypt the password in normal run.
Lars
Lars
--
GPZ900R xxMm+2,5Mm http://www.oeschey.de
GS400 xxMm+1,5Mm http://www.the-core.net
------------------------------
Date: Tue, 16 Oct 2001 15:20:49 +0200
From: Falk P. <paule.p-deleteme-@gmx.de>
Subject: Re: Writing and reading encrypted string (password)
Message-Id: <7lcostcdnlce760ntah5t6roq3ja7jkrcd@4ax.com>
Hi Lars,
>can someone perhaps give me a hint on how I could store a password in
>some config file encrypted?
>The password should be written by the perl program (e.g. call the perl
>prog with a special parameter and the password), and the perl program
>must be able to read and decrypt the password in normal run.
i think it would be better not to decrypt the passwords in order to
test if the given password is correct.
i think its better to hash the passwords - e.g. with the
MD5-algorithm (Digets::MD5) -> just compare the hash-value of the
given value with the stored hash-value (and associate the hash's to an
login :)
this should result in a higher level of security, because even if the
file which contains all the passwords is lost, nobody can restore the
passwords because they'r 1-way encrypted (hash-values).
hope it helped a bit, much luck.
-----------
falk
------------------------------
Date: Tue, 16 Oct 2001 16:20:51 +0200
From: Lars Oeschey <dump@the-core.net>
Subject: Re: Writing and reading encrypted string (password)
Message-Id: <sdgost4aghf0ivlngf4qaonge67fkn6git@4ax.com>
On Tue, 16 Oct 2001 15:20:49 +0200, Falk P. <paule.p-deleteme-@gmx.de>
wrote:
>i think it would be better not to decrypt the passwords in order to
>test if the given password is correct.
I know that there's not too much security. But the password is needed
for an ftp connect (where it is cleartext on the network anyway), so
for the ftp server I need the plaintext password. I just want to
prevent poeple from getting the password just by opening the .ini
file.
There's no prompt interaction with the user.
>falk
Lars
Lars
--
GPZ900R xxMm+2,5Mm http://www.oeschey.de
GS400 xxMm+1,5Mm http://www.the-core.net
------------------------------
Date: Tue, 16 Oct 2001 14:30:58 GMT
From: Bart Lateur <bart.lateur@skynet.be>
Subject: Re: Writing and reading encrypted string (password)
Message-Id: <i4hosto11cpms3m0i6j6779lslae8qkqup@4ax.com>
Falk P. wrote:
> i think its better to hash the passwords - e.g. with the
>MD5-algorithm (Digets::MD5) -> just compare the hash-value of the
>given value with the stored hash-value (and associate the hash's to an
>login :)
Or just using the crypt() built-in perl function.
--
Bart.
------------------------------
Date: Tue, 16 Oct 2001 09:46:16 -0500
From: trammell@haqq.hypersloth.invalid (John J. Trammell)
Subject: Re: Writing and reading encrypted string (password)
Message-Id: <slrn9soi1o.oqh.trammell@haqq.hypersloth.net>
On Tue, 16 Oct 2001 16:20:51 +0200, Lars Oeschey <dump@the-core.net> wrote:
> On Tue, 16 Oct 2001 15:20:49 +0200, Falk P. <paule.p-deleteme-@gmx.de>
> wrote:
>
> >i think it would be better not to decrypt the passwords in order to
> >test if the given password is correct.
>
> I know that there's not too much security. But the password is needed
> for an ftp connect (where it is cleartext on the network anyway), so
> for the ftp server I need the plaintext password. I just want to
> prevent poeple from getting the password just by opening the .ini
> file.
> There's no prompt interaction with the user.
You could obfuscate it with MIME::Base64.
--
ultimate_answer_t deep_thought(void) { sleep(years2secs(7500000)); return 42; }
------------------------------
Date: Tue, 16 Oct 2001 14:47:17 GMT
From: Bart Lateur <bart.lateur@skynet.be>
Subject: Re: Writing and reading encrypted string (password)
Message-Id: <glhostge3bal0jm52ja6evc3kmioo2vul4@4ax.com>
Lars Oeschey wrote:
>I know that there's not too much security. But the password is needed
>for an ftp connect (where it is cleartext on the network anyway), so
>for the ftp server I need the plaintext password. I just want to
>prevent poeple from getting the password just by opening the .ini
>file.
Crypt::Blowfish
Crypt::OpenPGP
Crypt::BeoWulf
Crypt::DES
Crypt::GOST
and likely a bunch more, all to be found on CPAN.
--
Bart.
------------------------------
Date: 6 Apr 2001 21:33:47 GMT (Last modified)
From: Perl-Users-Request@ruby.oce.orst.edu (Perl-Users-Digest Admin)
Subject: Digest Administrivia (Last modified: 6 Apr 01)
Message-Id: <null>
Administrivia:
The Perl-Users Digest is a retransmission of the USENET newsgroup
comp.lang.perl.misc. For subscription or unsubscription requests, send
the single line:
subscribe perl-users
or:
unsubscribe perl-users
to almanac@ruby.oce.orst.edu.
To submit articles to comp.lang.perl.announce, send your article to
clpa@perl.com.
To request back copies (available for a week or so), send your request
to almanac@ruby.oce.orst.edu with the command "send perl-users x.y",
where x is the volume number and y is the issue number.
For other requests pertaining to the digest, send mail to
perl-users-request@ruby.oce.orst.edu. Do not waste your time or mine
sending perl questions to the -request address, I don't have time to
answer them even if I did know the answer.
------------------------------
End of Perl-Users Digest V10 Issue 1939
***************************************
