MESSAGE
DATE | 2016-10-30 |
FROM | Elfen Magix
|
SUBJECT | Re: [Hangout-NYLXS] Fwd: Re: Apache 2.4, mod_perl 2.0.9,
|
From hangout-bounces-at-nylxs.com Sun Oct 30 12:22:34 2016 Return-Path: X-Original-To: archive-at-mrbrklyn.com Delivered-To: archive-at-mrbrklyn.com Received: from www.mrbrklyn.com (www.mrbrklyn.com [96.57.23.82]) by mrbrklyn.com (Postfix) with ESMTP id 6D1B1160E77; Sun, 30 Oct 2016 12:22:33 -0400 (EDT) X-Original-To: hangout-at-nylxs.com Delivered-To: hangout-at-nylxs.com Received: from nm19-vm1.bullet.mail.ne1.yahoo.com (nm19-vm1.bullet.mail.ne1.yahoo.com [98.138.91.56]) by mrbrklyn.com (Postfix) with ESMTP id A1452160E77 for ; Sun, 30 Oct 2016 12:22:22 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1477844540; bh=RkduMuj8m537n+5xahi+1RKIqXcQQ6O5eVfpLRELbjY=; h=Date:From:Reply-To:To:Subject:References:From:Subject; b=G/V0R7e6ArlF8Qm2rYgxm1VHjwtD7pf6QEOLISjGN5D/q2/gnCUcngv7cj+8y+dQ8odIQa7QwXPnJ1mlv8KlCZh7jcwaeaBkTOZAUi2po0a7qXY2Q5SnI1H25/jBrvUqDmvlKTVOGw1+uIFmGxBTXPATXZpJGXig4pQ0EzHKourgnBt7FCsb66QjKy0sWs8k8GbzXyOOIZEDXPAOgKsbuoTMBxfVSDyHwuwMiELDJS6WO6ZwT6mSZk/zDmsiqo0DSpU2EOkrZanv4GnXgkgGnXRzt5/C0IXh4CvWyq8pa58tZa5tkZOE+7wLfnPacqWHj3werrmrSZzLYWM7SYxocQ== Received: from [98.138.100.111] by nm19.bullet.mail.ne1.yahoo.com with NNFMP; 30 Oct 2016 16:22:20 -0000 Received: from [98.138.89.250] by tm100.bullet.mail.ne1.yahoo.com with NNFMP; 30 Oct 2016 16:22:20 -0000 Received: from [127.0.0.1] by omp1042.mail.ne1.yahoo.com with NNFMP; 30 Oct 2016 16:22:20 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 443588.36070.bm-at-omp1042.mail.ne1.yahoo.com X-YMail-OSG: Bfu1srgVM1nOvpDi41CChGfJYaBcqVml5sFBL7EV4ugzwtzsok6RduzXDYdiEbI XMulQ9lPwAaBaOeaXnGzMcINliBqEDhFrEr_03zBxgzI7pkeu8MVpkMEH2VRk8iXz2yQNtr37uNU Fuq7SzRWoVayNpxmjKzbDSRjpkXNxwFxr1cXgQ7Q3CT3ZL.gAhTflWr2ciiVPPV5yfdqtdSoR5uc bgDfkNtej0n3Uj5Ry17h0Ljp1nmLoiP1xUCaU0LNldPp3WNPuq1Y8DgzBWaO6fqDTowMVtskCPQ6 RABlrFNCgtU.gyZVUXir1BfN6bOcQDh_fW..kyH3jBA2iL3RkTWyfXPqXcI5dFMnseslRjy3NTN3 MwH9QaOPR4zH_xf1uUjr2I8AkCNfE2t1qW1q4OwYVnedjBA_hRm1uGtaW_Wmpk.opGJ5GV3eRZM8 Pskr9ptm7n.yS6SDIS9Js3eXRtO_zLQF2fTFOjJ3wEApIqPQNSLH85BX.hFHnalO9VPQBFJqZg00 lGaI0xYyRNknd52XqABcgvPbyEA-- Received: from jws200082.mail.ne1.yahoo.com by sendmailws132.mail.ne1.yahoo.com; Sun, 30 Oct 2016 16:22:19 +0000; 1477844539.980 Date: Sun, 30 Oct 2016 16:22:19 +0000 (UTC) From: Elfen Magix To: NYLXS Discussions List Message-ID: <978977246.562983.1477844539639-at-mail.yahoo.com> MIME-Version: 1.0 References: <978977246.562983.1477844539639.ref-at-mail.yahoo.com> Subject: Re: [Hangout-NYLXS] Fwd: Re: Apache 2.4, mod_perl 2.0.9, APR::SockAddr->port() missing ? X-BeenThere: hangout-at-nylxs.com X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Elfen Magix , NYLXS Discussions List List-Id: NYLXS Discussions List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: hangout-bounces-at-nylxs.com Sender: "hangout"
I'm going to reply here...
In Perl it is possible to have access to other ports on the system, but if = it is being piped through a third party app (like Apache), then you are lim= ited to the ports the App it limited too. In this case, on a generic Apache= Server, it is Port 80. It there are modifications to the config file(s), = Then one has to look through the Listen Directive and see what is open thro= ugh there, and then see where the information is coming from - the Address = string of the $FORM input.
AS IS, in HTTP or KeepAlive the Port number does not change through the con= nection unless the USER is doing something to try to hack into your system = (like sending HTTP Requests through a tenet or console and study what is re= turned from the server).
Looking at your variables, I think they are not set correctly. The SYSTEM/E= NVIRONMENT Variable used is REMOTE_PORT, and the code to get it should be:
$port=3D$ENV{REMOTE_PORT};
-------------------------------------------- On Sun, 10/30/16, Ruben Safir wrote:
Subject: [Hangout-NYLXS] Fwd: Re: Apache 2.4, mod_perl 2.0.9, APR::SockAdd= r->port() missing ? To: "Hangout" Date: Sunday, October 30, 2016, 9:35 AM =
=
=
=
-------- Forwarded Message -------- Subject: Re: Apache 2.4, mod_perl 2.0.9, APR::SockAddr->port() missing ? Date: Sun, 30 Oct 2016 12:12:57 +0100 From: A. Warnier To: modperl-at-perl.apache.org =
Replying to self.. =
My basic question remains the same : given that neither of the following seem to work under Apache 2.4 / mod_perl 2.0.9 : =
$remote_port =3D $r->connection->client_addr->port; or $remote_port =3D $r->connection->remote_addr->port; =
how could I best obtain, in a mod_perl AAA handler, some unique client port number that is unlikely to change over the duration of a single HHTP client keepalive connection (whether through proxies or not).=C2=A0 I do not really care if this is really the port number which the original client used to establish the connection, as long as it remains stable and unique and, from the Apache/mod_perl webserver point of view, the combination IP:port really is unique for a given client workstation currently accessing the server. =
Unfortunately, I do need an "IP:port" combination, because of some back-end software that relies on this and which I cannot change. Otherwise I guess that I could use $r->connection->id. =
(which I may still try to use as a kind of "alias" for the port number; maybe the back-end software won't realise that it is a fake. But I guess that this is a bit risky, since there is probably no guarantee that this would match the keepalive as the client sees it through possible proxies). =
=
=
>>> >>> In the Apache 2.2 version, this was : >>> >>>=C2=A0 =C2=A0 =C2=A0 $remote_port =3D $r->connection->remote_addr->port; =
=
=
There was this change in Apache 2.4 compared to 2.2 : =
https://httpd.apache.org/docs/trunk/developer/new_api_2_4.html =
"conn_rec->remote_ip and conn_rec->remote_addr =C2=A0 =C2=A0 These fields have been renamed in order to distinguish between the client IP address of the connection and the useragent IP address of the request (potentially overridden by a load balancer or proxy). References to either of these fields must be updated with one of the following options, as appropriate for the module: =
=C2=A0 =C2=A0 =C2=A0 =C2=A0 When you require the IP address of the user agent, which might be connected directly to the server, or might optionally be separated from the server by a transparent load balancer or proxy, use request_rec->useragent_ip and request_rec->useragent_addr. =C2=A0 =C2=A0 =C2=A0 =C2=A0 When you require the IP address of the client that is connected directly to the server, which might be the useragent or might be the load balancer or proxy itself, use conn_rec->client_ip and conn_rec->client_addr. " =
With a corresponding discussion in : https://github.com/eprints/eprints/issues/214 =
Interesting how a change which was originally made as an improvement/clarification, can have so many unforeseen ripple effects. =
=
=
=
On 30.10.2016 08:34, A. Warnier wrote: > On 30.10.2016 01:56, Randolf Richardson wrote: >>=C2=A0 =C2=A0=C2=A0=C2=A0Do the following work for you? >> >>=C2=A0 =C2=A0 =C2=A0 =C2=A0=C2=A0=C2=A0$r->connection->remote_addr->port >>=C2=A0 =C2=A0 =C2=A0 =C2=A0=C2=A0=C2=A0$r->connection->local_addr->port >> > > I'll check again, but $c->remote_addr is supposed to not exist anymore in httpd 2.4, as > far as I know. > Indeed : > > When I modify the code as follows : > >=C2=A0 =C2=A0 =C2=A0 #my $client_addr =3D $r->connection->client_addr; > 1184:=C2=A0 =C2=A0 my $client_addr =3D $r->connection->remote_addr; >=C2=A0 =C2=A0 =C2=A0 $remote_port =3D $client_addr->port; >=C2=A0 =C2=A0 =C2=A0 $remote_ip =3D $r->connection->client_ip; > > Can't locate object method "remote_addr" via package "Apache2::Connection" at > /home/mira/EFS/lib/AUTH/SLC.pm line 1184.\n > > > >>> Hi. >>> >>> Apologies to Steve and Torsten for posting this previously to them directly. >>> It somehow slipped my mind that this would have been a better place. >>> Anyway thus : >>> >>> I am in the process of converting some mod_perl AAA code from Apache 2.2 to 2.4, and I >>> encounter the following problem : >>> >>> Apache error log : >>> >>> Can't locate object method "port" via package "APR::SockAddr" at >>> /home/mira/EFS/lib/AUTH/SLC.pm line 1184.\ >>> >>> which corresponds to : >>> >>> 1183:=C2=A0 =C2=A0 my $client_addr =3D $r->connection->client_addr; >>> 1184:=C2=A0 =C2=A0 $remote_port =3D $client_addr->port; >>> >>> In the Apache 2.2 version, this was : >>> >>>=C2=A0 =C2=A0 =C2=A0 $remote_port =3D $r->connection->remote_addr->port; >>> >>> and worked fine. >>> >>> Environment : >>> >>> Linux d1s008 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2+deb8u3 (2016-07-02) x86_64 >>> GNU/Linux (Debian "Jessie" as far as I know) >>> >>> Apache/2.4.10 (Debian) mod_apreq2-20090110/2.8.0 mod_perl/2.0.9dev Perl/v5.20.2 configured >>> -- resuming normal operations >>> (apache2 and mod_perl are the standard Debian Jessie apt-get packages) >>> >>> >>> I have tried to find clues on the WWW, CPAN etc.. but I do not find anything about >>> APR::SockAddr::port(), except this snippet (quite old..) : >>> >>> CPAN : >>> mod_perl 2.10 Changes : >>> ... >>> 1.99_14 - May 21, 2004 >>> >>>=C2=A0 =C2=A0 =C2=A0=C2=A0=C2=A0APR::SockAddr::port() accessor is now read-only [Stas] >>> >>> Also on the host, the APR::SockAddr module source : >>> >>> /usr/lib/x86_64-linux-gnu/perl5/5.20/APR/SockAddr.pm : >>> >>> quote >>> =3Ditem obj: C<$sock_addr> >>> ( C object|docs::2.0::api::APR::SockAddr>> ) >>> >>> =3Ditem ret: C<$port> ( integer ) >>> >>> =3Ditem since: 2.0.00 >>> unquote >>> >>> .. seems to imply that this should work. >>> (And so do >>> https://metacpan.org/pod/APR::SockAddr#port >>> http://perl.apache.org/docs/2.0/api/APR/SockAddr.html#C_port_ >>> ) >>> >>> Am I doing something wrong ? >>> >>> More importantly to me right now : how can I get the client's connection port number, >>> possibly using a workaround ? I am in control of the Apache httpd configuration. >>> >>> I do not really care if this is the real client port, or a port of some intermediate >>> proxy, as long as it remains consistent across severall KeepAlive calls of the same client >>> workstation. >>> I need this port number to forward to another module (of which I do not have the source), >>> which uses this (and the remote IP), as a kind of persistent identifier for the client >>> connection (for Windows WIA authentication). >>> >>> The only way I can think of right now, would be to add a request header at the httpd level >>> with the remote client IP:port, and then retrieve and decode that same header in my AAA >>> module. But that seems a bit convoluted and heavy-handed. >>> Is there a way in a PerlAuthenHandler to retrieve an "Apache environment variable" >>> directly, which would have been set like so ? >>> >>> RewriteRule .* - [E=3DINFO_REMOTE_ADDR:"%{REMOTE_ADDR}\:%{REMOTE_PORT}",NE] >>> >>> >>> Thanks in advance >>> Andr=C3=A9 Warnier >> >> >> Randolf Richardson - randolf-at-inter-corporate.com >> Inter-Corporate Computer & Network Services, Inc. >> Beautiful British Columbia, Canada >> http://www.inter-corporate.com/ >> >> > =
_______________________________________________ hangout mailing list hangout-at-nylxs.com http://www.nylxs.com/ _______________________________________________ hangout mailing list hangout-at-nylxs.com http://www.nylxs.com/
|
|