Solved

Premature end of script headers

Posted on 2004-08-26
13
13,847 Views
Last Modified: 2012-05-05
Ok, maybe this is obvious to those of you who are systems/web administrators for I was not suppose to be one.  Never the less I have learned much and have done many things with my apache server, but I cannot seem to get it to run a simple hello world script.
I have checked the permissions of everything.  
drwxr-xr-x  22 root  wheel      512 May 16  2003 var
drwxr-xr-x  10 root  daemon   512 May 13 07:58 /var/www
drwxr-xr-x  2 root    daemon   512 Aug 24 16:26 /var/www/cgi-bin
-rwxr-xr-x  1 root  daemon   76 Aug 24 16:26 /var/www/cgi-bin/hello.cgi

I made sure that the AddHandler line exists in the conf file:
AddHandler cgi-script .cgi

It used to have .pl after the .cgi, but I though I'd it without after reading someones comment.

I made sure I have the module loaded:
-bash-2.05b# httpd -l
Compiled-in modules:
  http_core.c
  mod_env.c
  mod_log_config.c
  mod_mime.c
  mod_negotiation.c
  mod_status.c
  mod_include.c
  mod_autoindex.c
  mod_dir.c
  mod_cgi.c
  mod_asis.c
  mod_imap.c
  mod_actions.c
  mod_userdir.c
  mod_alias.c
  mod_access.c
  mod_auth.c
  mod_so.c
  mod_setenvif.c
  mod_keynote.c
  mod_ssl.c
suexec: disabled; invalid wrapper /usr/sbin/suexec

That also implies that I'm not using suexec, which I also made sure I wasn't.

Here is the <VirtualHost> declaration:
<VirtualHost xxx.xxx.xxx.xxx>
#        Port 80
        DocumentRoot /var/www/htdocs/
        ServerName my.domain.com
        ServerAdmin ChefInnocent@domain.com
        ErrorLog logs/error_log
        TransferLog logs/access_log
<Directory /var/www/htdocs>
        AllowOverride All
</Directory>
<Directory /var/www/cgi-bin>
        SetHandler cgi-script
        Options +ExecCGI
        Order allow,deny
        Allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
</VirtualHost>

It has gone through a growing stage where I've tried adding many things and deleting them one by one to see if I can change the results.  Alas, to no avail.  (I have the actual IP on my server and the actual domain name).

Here is my error log:
[Thu Aug 26 20:47:50 2004] [error] [client xxx.xxx.xxx.xxx] Premature end of script headers: /cgi-bin/hello.cgi

Here is the access log:
xxx.xxx.xxx.xxx - - [26/Aug/2004:20:47:50 -0600] "GET /cgi-bin/hello.cgi HTTP/1.1" 500 538

So, is there any thing else I should check?  I'm really tired of getting that evil "Internal Server Error".

Thanks,
Daniel
0
Comment
Question by:ChefInnocent
13 Comments
 
LVL 3

Expert Comment

by:pat5star
ID: 11910796
I'm just taking a guess here, but was your script written on a windows machine? I once wasted a couple of days in a very similar situation like yours only to find out that it was because of the dos line ending characters that I kept getting "Premature end of script headers" errors. If so, use vi or dostounix or something similar to convert it.

Does your script work on other boxes? If you haven't got another server to test it on have you tried executing a script that you know works for sure?

These are pretty basic ideas, but I can't see anything wrong in what you posted.

-Pat
0
 

Author Comment

by:ChefInnocent
ID: 11915371
It was written on the machine I'm running it on.  I should have mentioned I'm using OpenBSD 3.5 & Apache 1.3.29.
The code is as follows:
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, World.";

if I run it through od -a, I get:
0000000    #   !   /   u   s   r   /   b   i   n   /   p   e   r   l  nl
0000020    p   r   i   n   t  sp   "   C   o   n   t   e   n   t   -   t
0000040    y   p   e   :  sp   t   e   x   t   /   h   t   m   l   \   n
0000060    \   n   "   ;  nl   p   r   i   n   t  sp   "   H   e   l   l
0000100    o   ,  sp   W   o   r   l   d   .   "   ;  nl
0000114

So as you can see, there arn't any dumb characters.
0
 
LVL 15

Expert Comment

by:samri
ID: 11916944
Your /cgi/bin/ directory declaration looks rather funny to me.

--- Mine in on Win2K - Apache2.
ScriptAlias /cgi-bin/ "C:/Program Files/Apache Group/Apache2/cgi-bin/"
<Directory "C:/Program Files/Apache Group/Apache2/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from 127 192.168
</Directory>
----
Try fixing the <Directory..> To look as follows.
<Directory /var/www/cgi-bin>
        Order allow,deny
        Allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
-

Since the directory is already defined as ScriptAlias (http://httpd.apache.org/docs-2.0/mod/mod_alias.html#scriptalias) it does't make much sense to add and SetHandler or AddHandler directive to that Directory tag., which I would think would be redundant (or may be would cause the error).  Give it a shot.

More information on CGI : http://httpd.apache.org/docs-2.0/howto/cgi.html
0
 

Author Comment

by:ChefInnocent
ID: 12046076
Actually, I had started out with the <Directory> tag looking like that, but I've changed it many times in an attempt to get something to work.  It now currently looks like what you have without the SetHandler & Options inside the <directory> tag.  It's still not working.  Also, I've read the two links you sent extensively both before I posted the original message and just again before I posted this.

0
 
LVL 15

Expert Comment

by:samri
ID: 12046755
If you were to run script from command line, did you get the output -

#perl /var/www/cgi-bin/hello.cgi (<--enter)
Content-type: text/html

Hello, World.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:ChefInnocent
ID: 12046797
here is what I get:
-bash-2.05b# ./first.cgi
Content-Type: text/html

Hello, World.

It runs perfectly from the command line.
0
 

Author Comment

by:ChefInnocent
ID: 12046906
I really need to solve this problem soon.  So maybe to expidite it I've uped the points (not that they seem worth much anymore), and I've included my httpd.conf file.  To conserve on space I've taked out the comments, and to preserve the little security I think I have, I've changed all the IPs to xxx.xxx.xxx.xxx and the domain to mydomain.net.

ServerType standalone
ServerRoot "/var/www"
PidFile logs/httpd.pid
ScoreBoardFile logs/apache_runtime_status
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0
Port 80
<IfDefine SSL>
    Listen 80
    Listen 443
</IfDefine>
User www
Group www
ServerAdmin ChefInnocent@mydomain.net
ServerName mydomain.net
DocumentRoot "/var/www/htdocs"

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
<Directory "/var/www/htdocs">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

UserDir disabled
<IfModule mod_dir.c>
    DirectoryIndex index.html index.htm index.shtml index.cgi index.php
</IfModule>

AccessFileName .htaccess

<Files .htaccess>
    Order allow,deny
    Deny from all
</Files>

UseCanonicalName On
TypesConfig conf/mime.types
DefaultType text/plain

<IfModule mod_mime_magic.c>
    MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off
ErrorLog logs/error_log
LogLevel warn

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog logs/access_log common

ServerSignature Off
Alias /icons/ "/var/www/icons/"

<Directory "/var/www/icons">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<Directory "/var/www/htdocs/manual">
    Options MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

IndexOptions FancyIndexing

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

DefaultIcon /icons/unknown.gif

ReadmeName README
HeaderName HEADER

IndexIgnore .??* *~ *

AddEncoding x-compress Z
AddEncoding x-gzip gz

AddLanguage en .en
LanguagePriority en

AddHandler cgi-script .cgi

ErrorDocument 404 /cgi-bin/HTTP_NOT_FOUND.cgi

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0

BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

NameVirtualHost xxx.xxx.xxx.xxx

<VirtualHost xxx.xxx.xxx.xxx>
        DocumentRoot /var/www/htdocs/
        ServerName www.mydomain.net
        ServerAdmin ChefInnocent@mydomain.net
        ErrorLog logs/error_log
        TransferLog logs/access_log
<Directory /var/www/htdocs>
        AllowOverride All
</Directory>
<Directory /var/www/cgi-bin>
        Order allow,deny
        Allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
</VirtualHost>

<VirtualHost xxx.xxx.xxx.xxx>
        DocumentRoot /var/www/planetdavid/web/
        ServerName planetdavid.mydomain.net
        ServerAdmin david@mydomain.net
        ErrorLog logs/planetdavid_error_log
        TransferLog logs/planetdavid_access_log
<Directory /var/www/planetdavid/web>
        AllowOverride All
</Directory>
ScriptAlias /cgi-bin/ /var/www/planetdavid/cgi-bin/
</VirtualHost>

<VirtualHost xxx.xxx.xxx.xxx>
        DocumentRoot /var/www/udi/web/
        ServerName udi.mydomain.net
        ServerAdmin ChefInnocent@mydomain.net
        ErrorLog logs/udi_error_log
        TransferLog logs/udi_access_log
<Directory /var/www/udi/web>
        AllowOverride All
</Directory>
ScriptAlias /cgi-bin/ /var/www/udi/cgi-bin/
<Directory /var/www/udi/cgi-bin>
        Options ExecCGI
        AllowOverride All
</Directory>
</VirtualHost>

<VirtualHost xxx.xxx.xxx.xxx>
        DocumentRoot /var/www/htdocs/oe/
        ServerName oe.mydomain.net
        ServerAdmin ChefInnocent@mydomain.net
        ErrorLog logs/oe_error_log
        TransferLog logs/oe_access_log
<Directory /var/www/htdocs/organizeeverything>
        AllowOverride All
</Directory>
ScriptAlias /cgi-bin/ /var/www/htdocs/oe/cgi-bin/
</VirtualHost>

<IfDefine SSL>
    AddType application/x-x509-ca-cert .crt
    AddType application/x-pkcs7-crl    .crl
</IfDefine>

<IfModule mod_ssl.c>
    SSLPassPhraseDialog  builtin
    SSLMutex  sem
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    SSLRandomSeed startup file:/dev/arandom  512
    SSLLog      logs/ssl_engine_log
    SSLLogLevel info
</IfModule>

<IfDefine SSL>
<VirtualHost _default_:443>
    DocumentRoot /var/www/htdocs
    ServerName new.host.name
    ServerAdmin you@your.address
    ErrorLog logs/error_log
    TransferLog logs/access_log

    SSLEngine on

    SSLCertificateFile    /etc/ssl/server.crt

    SSLCertificateKeyFile /etc/ssl/private/server.key

    CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>
0
 
LVL 15

Expert Comment

by:samri
ID: 12046920
i am pretty much not quite sure what went wrong with your config.

personnally, I would save my existing config, and try to do a clean reinstall.

0
 

Author Comment

by:ChefInnocent
ID: 12104516
Well I went ahead and did a clean install of OpenBSD 3.5.  I kept the basic httpd.conf file they gave me only uncommenting the AddHandler cgi-bin line.  I still get the same Internal Server Error.  As much as I like the idea of a secure server and pure Unix, perhaps I should give up and go back to Linux.  I doubt the issue is with the Apache configuration file, but with how OpenBSD releases Apache.
0
 

Author Comment

by:ChefInnocent
ID: 12105097
Ok, I actually found the answer.  I went and RTFM once more.

Apparently, because Apache is chroot-ed it cannot access everything that a normal user can.  So it ends up that you have to create a bunch of directories and copy files over into those directories under the directory that apache runs in.  Once I knew to do this, I went and copied over some stuff so that perl would work.  Low and behold it finally did!

This of course means that everytime I add a new package to perl, I have to copy it over too, but the choice is easyness of use by not chroot-ing or security by dealing with the copying.

Here is my reference:  http://www.openbsd.org/faq/faq10.html#httpdchroot

0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 12207707
PAQed, with points refunded (500)

Computer101
E-E Admin
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now