MESSAGE
| DATE | 2016-10-30 |
| FROM | Elfen Magix
|
| SUBJECT | Re: [Hangout-NYLXS] Fwd: Re: Apache 2.4, mod_perl 2.0.9,
|
From hangout-bounces-at-nylxs.com Sun Oct 30 12:22:34 2016
Return-Path:
X-Original-To: archive-at-mrbrklyn.com
Delivered-To: archive-at-mrbrklyn.com
Received: from www.mrbrklyn.com (www.mrbrklyn.com [96.57.23.82])
by mrbrklyn.com (Postfix) with ESMTP id 6D1B1160E77;
Sun, 30 Oct 2016 12:22:33 -0400 (EDT)
X-Original-To: hangout-at-nylxs.com
Delivered-To: hangout-at-nylxs.com
Received: from nm19-vm1.bullet.mail.ne1.yahoo.com
(nm19-vm1.bullet.mail.ne1.yahoo.com [98.138.91.56])
by mrbrklyn.com (Postfix) with ESMTP id A1452160E77
for ; Sun, 30 Oct 2016 12:22:22 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
t=1477844540; bh=RkduMuj8m537n+5xahi+1RKIqXcQQ6O5eVfpLRELbjY=;
h=Date:From:Reply-To:To:Subject:References:From:Subject;
b=G/V0R7e6ArlF8Qm2rYgxm1VHjwtD7pf6QEOLISjGN5D/q2/gnCUcngv7cj+8y+dQ8odIQa7QwXPnJ1mlv8KlCZh7jcwaeaBkTOZAUi2po0a7qXY2Q5SnI1H25/jBrvUqDmvlKTVOGw1+uIFmGxBTXPATXZpJGXig4pQ0EzHKourgnBt7FCsb66QjKy0sWs8k8GbzXyOOIZEDXPAOgKsbuoTMBxfVSDyHwuwMiELDJS6WO6ZwT6mSZk/zDmsiqo0DSpU2EOkrZanv4GnXgkgGnXRzt5/C0IXh4CvWyq8pa58tZa5tkZOE+7wLfnPacqWHj3werrmrSZzLYWM7SYxocQ==
Received: from [98.138.100.111] by nm19.bullet.mail.ne1.yahoo.com with NNFMP;
30 Oct 2016 16:22:20 -0000
Received: from [98.138.89.250] by tm100.bullet.mail.ne1.yahoo.com with NNFMP;
30 Oct 2016 16:22:20 -0000
Received: from [127.0.0.1] by omp1042.mail.ne1.yahoo.com with NNFMP;
30 Oct 2016 16:22:20 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 443588.36070.bm-at-omp1042.mail.ne1.yahoo.com
X-YMail-OSG: Bfu1srgVM1nOvpDi41CChGfJYaBcqVml5sFBL7EV4ugzwtzsok6RduzXDYdiEbI
XMulQ9lPwAaBaOeaXnGzMcINliBqEDhFrEr_03zBxgzI7pkeu8MVpkMEH2VRk8iXz2yQNtr37uNU
Fuq7SzRWoVayNpxmjKzbDSRjpkXNxwFxr1cXgQ7Q3CT3ZL.gAhTflWr2ciiVPPV5yfdqtdSoR5uc
bgDfkNtej0n3Uj5Ry17h0Ljp1nmLoiP1xUCaU0LNldPp3WNPuq1Y8DgzBWaO6fqDTowMVtskCPQ6
RABlrFNCgtU.gyZVUXir1BfN6bOcQDh_fW..kyH3jBA2iL3RkTWyfXPqXcI5dFMnseslRjy3NTN3
MwH9QaOPR4zH_xf1uUjr2I8AkCNfE2t1qW1q4OwYVnedjBA_hRm1uGtaW_Wmpk.opGJ5GV3eRZM8
Pskr9ptm7n.yS6SDIS9Js3eXRtO_zLQF2fTFOjJ3wEApIqPQNSLH85BX.hFHnalO9VPQBFJqZg00
lGaI0xYyRNknd52XqABcgvPbyEA--
Received: from jws200082.mail.ne1.yahoo.com by
sendmailws132.mail.ne1.yahoo.com; Sun, 30 Oct 2016 16:22:19 +0000;
1477844539.980
Date: Sun, 30 Oct 2016 16:22:19 +0000 (UTC)
From: Elfen Magix
To: NYLXS Discussions List
Message-ID: <978977246.562983.1477844539639-at-mail.yahoo.com>
MIME-Version: 1.0
References: <978977246.562983.1477844539639.ref-at-mail.yahoo.com>
Subject: Re: [Hangout-NYLXS] Fwd: Re: Apache 2.4, mod_perl 2.0.9,
APR::SockAddr->port() missing ?
X-BeenThere: hangout-at-nylxs.com
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: Elfen Magix ,
NYLXS Discussions List
List-Id: NYLXS Discussions List
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Errors-To: hangout-bounces-at-nylxs.com
Sender: "hangout"
I'm going to reply here...
In Perl it is possible to have access to other ports on the system, but if =
it is being piped through a third party app (like Apache), then you are lim=
ited to the ports the App it limited too. In this case, on a generic Apache=
Server, it is Port 80. It there are modifications to the config file(s), =
Then one has to look through the Listen Directive and see what is open thro=
ugh there, and then see where the information is coming from - the Address =
string of the $FORM input.
AS IS, in HTTP or KeepAlive the Port number does not change through the con=
nection unless the USER is doing something to try to hack into your system =
(like sending HTTP Requests through a tenet or console and study what is re=
turned from the server).
Looking at your variables, I think they are not set correctly. The SYSTEM/E=
NVIRONMENT Variable used is REMOTE_PORT, and the code to get it should be:
$port=3D$ENV{REMOTE_PORT};
--------------------------------------------
On Sun, 10/30/16, Ruben Safir wrote:
Subject: [Hangout-NYLXS] Fwd: Re: Apache 2.4, mod_perl 2.0.9, APR::SockAdd=
r->port() missing ?
To: "Hangout"
Date: Sunday, October 30, 2016, 9:35 AM
=
=
=
=
-------- Forwarded Message --------
Subject: Re: Apache 2.4, mod_perl 2.0.9,
APR::SockAddr->port() missing ?
Date: Sun, 30 Oct 2016 12:12:57 +0100
From: A. Warnier
To: modperl-at-perl.apache.org
=
Replying to self..
=
My basic question remains the same :
given that neither of the following seem to work under
Apache 2.4 /
mod_perl 2.0.9 :
=
$remote_port =3D $r->connection->client_addr->port;
or
$remote_port =3D $r->connection->remote_addr->port;
=
how could I best obtain, in a mod_perl AAA handler, some
unique client
port number that is unlikely to change over the duration of
a single
HHTP client keepalive connection (whether through proxies or
not).=C2=A0 I do
not really care if this is really the port number which the
original
client used to establish the connection, as long as it
remains stable
and unique and, from the Apache/mod_perl webserver point of
view, the
combination IP:port really is unique for a given client
workstation
currently accessing the server.
=
Unfortunately, I do need an "IP:port" combination, because
of some
back-end software that relies on this and which I cannot
change.
Otherwise I guess that I could use
$r->connection->id.
=
(which I may still try to use as a kind of "alias" for the
port number;
maybe the back-end software won't realise that it is a fake.
But I guess
that this is a bit risky, since there is probably no
guarantee that this
would match the keepalive as the client sees it through
possible proxies).
=
=
=
>>>
>>> In the Apache 2.2 version, this was :
>>>
>>>=C2=A0 =C2=A0 =C2=A0 $remote_port =3D
$r->connection->remote_addr->port;
=
=
=
There was this change in Apache 2.4 compared to 2.2 :
=
https://httpd.apache.org/docs/trunk/developer/new_api_2_4.html
=
"conn_rec->remote_ip and conn_rec->remote_addr
=C2=A0 =C2=A0 These fields have been renamed in order to
distinguish between the
client IP address of the connection and the useragent IP
address of the
request (potentially overridden by a load balancer or
proxy). References
to either of these fields must be updated with one of the
following
options, as appropriate for the module:
=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 When you require the IP address
of the user agent, which might
be connected directly to the server, or might optionally be
separated
from the server by a transparent load balancer or proxy,
use
request_rec->useragent_ip and
request_rec->useragent_addr.
=C2=A0 =C2=A0 =C2=A0 =C2=A0 When you require the IP address
of the client that is connected
directly to the server, which might be the useragent or
might be the
load balancer or proxy itself, use conn_rec->client_ip
and
conn_rec->client_addr.
"
=
With a corresponding discussion in :
https://github.com/eprints/eprints/issues/214
=
Interesting how a change which was originally made as an
improvement/clarification, can have so many unforeseen
ripple effects.
=
=
=
=
On 30.10.2016 08:34, A. Warnier wrote:
> On 30.10.2016 01:56, Randolf Richardson wrote:
>>=C2=A0 =C2=A0=C2=A0=C2=A0Do the following work for
you?
>>
>>=C2=A0 =C2=A0 =C2=A0
=C2=A0=C2=A0=C2=A0$r->connection->remote_addr->port
>>=C2=A0 =C2=A0 =C2=A0
=C2=A0=C2=A0=C2=A0$r->connection->local_addr->port
>>
>
> I'll check again, but $c->remote_addr is supposed to
not exist anymore in httpd 2.4, as
> far as I know.
> Indeed :
>
> When I modify the code as follows :
>
>=C2=A0 =C2=A0 =C2=A0 #my $client_addr =3D
$r->connection->client_addr;
> 1184:=C2=A0 =C2=A0 my $client_addr =3D
$r->connection->remote_addr;
>=C2=A0 =C2=A0 =C2=A0 $remote_port =3D
$client_addr->port;
>=C2=A0 =C2=A0 =C2=A0 $remote_ip =3D
$r->connection->client_ip;
>
> Can't locate object method "remote_addr" via package
"Apache2::Connection" at
> /home/mira/EFS/lib/AUTH/SLC.pm line 1184.\n
>
>
>
>>> Hi.
>>>
>>> Apologies to Steve and Torsten for posting this
previously to them directly.
>>> It somehow slipped my mind that this would have
been a better place.
>>> Anyway thus :
>>>
>>> I am in the process of converting some mod_perl
AAA code from Apache 2.2 to 2.4, and I
>>> encounter the following problem :
>>>
>>> Apache error log :
>>>
>>> Can't locate object method "port" via package
"APR::SockAddr" at
>>> /home/mira/EFS/lib/AUTH/SLC.pm line 1184.\
>>>
>>> which corresponds to :
>>>
>>> 1183:=C2=A0 =C2=A0 my $client_addr =3D
$r->connection->client_addr;
>>> 1184:=C2=A0 =C2=A0 $remote_port =3D
$client_addr->port;
>>>
>>> In the Apache 2.2 version, this was :
>>>
>>>=C2=A0 =C2=A0 =C2=A0 $remote_port =3D
$r->connection->remote_addr->port;
>>>
>>> and worked fine.
>>>
>>> Environment :
>>>
>>> Linux d1s008 3.16.0-4-amd64 #1 SMP Debian
3.16.7-ckt25-2+deb8u3 (2016-07-02) x86_64
>>> GNU/Linux (Debian "Jessie" as far as I know)
>>>
>>> Apache/2.4.10 (Debian)
mod_apreq2-20090110/2.8.0 mod_perl/2.0.9dev Perl/v5.20.2
configured
>>> -- resuming normal operations
>>> (apache2 and mod_perl are the standard Debian
Jessie apt-get packages)
>>>
>>>
>>> I have tried to find clues on the WWW, CPAN
etc.. but I do not find anything about
>>> APR::SockAddr::port(), except this snippet
(quite old..) :
>>>
>>> CPAN :
>>> mod_perl 2.10 Changes :
>>> ...
>>> 1.99_14 - May 21, 2004
>>>
>>>=C2=A0 =C2=A0
=C2=A0=C2=A0=C2=A0APR::SockAddr::port() accessor is now
read-only [Stas]
>>>
>>> Also on the host, the APR::SockAddr module
source :
>>>
>>>
/usr/lib/x86_64-linux-gnu/perl5/5.20/APR/SockAddr.pm :
>>>
>>> quote
>>> =3Ditem obj: C<$sock_addr>
>>> ( C object|docs::2.0::api::APR::SockAddr>> )
>>>
>>> =3Ditem ret: C<$port> ( integer )
>>>
>>> =3Ditem since: 2.0.00
>>> unquote
>>>
>>> .. seems to imply that this should work.
>>> (And so do
>>> https://metacpan.org/pod/APR::SockAddr#port
>>> http://perl.apache.org/docs/2.0/api/APR/SockAddr.html#C_port_
>>> )
>>>
>>> Am I doing something wrong ?
>>>
>>> More importantly to me right now : how can I
get the client's connection port number,
>>> possibly using a workaround ? I am in control
of the Apache httpd configuration.
>>>
>>> I do not really care if this is the real client
port, or a port of some intermediate
>>> proxy, as long as it remains consistent across
severall KeepAlive calls of the same client
>>> workstation.
>>> I need this port number to forward to another
module (of which I do not have the source),
>>> which uses this (and the remote IP), as a kind
of persistent identifier for the client
>>> connection (for Windows WIA authentication).
>>>
>>> The only way I can think of right now, would be
to add a request header at the httpd level
>>> with the remote client IP:port, and then
retrieve and decode that same header in my AAA
>>> module. But that seems a bit convoluted and
heavy-handed.
>>> Is there a way in a PerlAuthenHandler to
retrieve an "Apache environment variable"
>>> directly, which would have been set like so ?
>>>
>>> RewriteRule .* -
[E=3DINFO_REMOTE_ADDR:"%{REMOTE_ADDR}\:%{REMOTE_PORT}",NE]
>>>
>>>
>>> Thanks in advance
>>> Andr=C3=A9 Warnier
>>
>>
>> Randolf Richardson - randolf-at-inter-corporate.com
>> Inter-Corporate Computer & Network Services,
Inc.
>> Beautiful British Columbia, Canada
>> http://www.inter-corporate.com/
>>
>>
>
=
_______________________________________________
hangout mailing list
hangout-at-nylxs.com
http://www.nylxs.com/
_______________________________________________
hangout mailing list
hangout-at-nylxs.com
http://www.nylxs.com/
|
|
