Replying to self..
My basic question remains the same :
given that neither of the following seem to work under Apache 2.4 / mod_perl
2.0.9 :
$remote_port = $r->connection->client_addr->port;
or
$remote_port = $r->connection->remote_addr->port;
how could I best obtain, in a mod_perl AAA handler, some unique client port number that is
unlikely to change over the duration of a single HHTP client keepalive connection (whether
through proxies or not). I do not really care if this is really the port number which the
original client used to establish the connection, as long as it remains stable and unique
and, from the Apache/mod_perl webserver point of view, the combination IP:port really is
unique for a given client workstation currently accessing the server.
Unfortunately, I do need an "IP:port" combination, because of some back-end software that
relies on this and which I cannot change. Otherwise I guess that I could use
$r->connection->id.
(which I may still try to use as a kind of "alias" for the port number; maybe the back-end
software won't realise that it is a fake. But I guess that this is a bit risky, since
there is probably no guarantee that this would match the keepalive as the client sees it
through possible proxies).
>>>
>>> In the Apache 2.2 version, this was :
>>>
>>> $remote_port = $r->connection->remote_addr->port;
There was this change in Apache 2.4 compared to 2.2 :
https://httpd.apache.org/docs/trunk/developer/new_api_2_4.html
"conn_rec->remote_ip and conn_rec->remote_addr
These fields have been renamed in order to distinguish between the client IP address
of the connection and the useragent IP address of the request (potentially overridden by a
load balancer or proxy). References to either of these fields must be updated with one of
the following options, as appropriate for the module:
When you require the IP address of the user agent, which might be connected
directly to the server, or might optionally be separated from the server by a transparent
load balancer or proxy, use request_rec->useragent_ip and request_rec->useragent_addr.
When you require the IP address of the client that is connected directly to the
server, which might be the useragent or might be the load balancer or proxy itself, use
conn_rec->client_ip and conn_rec->client_addr.
"
With a corresponding discussion in :
https://github.com/eprints/eprints/issues/214
Interesting how a change which was originally made as an improvement/clarification, can
have so many unforeseen ripple effects.
On 30.10.2016 08:34, A. Warnier wrote:
On 30.10.2016 01:56, Randolf Richardson wrote:
Do the following work for you?
$r->connection->remote_addr->port
$r->connection->local_addr->port
I'll check again, but $c->remote_addr is supposed to not exist anymore in httpd
2.4, as
far as I know.
Indeed :
When I modify the code as follows :
#my $client_addr = $r->connection->client_addr;
1184: my $client_addr = $r->connection->remote_addr;
$remote_port = $client_addr->port;
$remote_ip = $r->connection->client_ip;
Can't locate object method "remote_addr" via package "Apache2::Connection" at
/home/mira/EFS/lib/AUTH/SLC.pm line 1184.\n
Hi.
Apologies to Steve and Torsten for posting this previously to them directly.
It somehow slipped my mind that this would have been a better place.
Anyway thus :
I am in the process of converting some mod_perl AAA code from Apache 2.2 to
2.4, and I
encounter the following problem :
Apache error log :
Can't locate object method "port" via package "APR::SockAddr" at
/home/mira/EFS/lib/AUTH/SLC.pm line 1184.\
which corresponds to :
1183: my $client_addr = $r->connection->client_addr;
1184: $remote_port = $client_addr->port;
In the Apache 2.2 version, this was :
$remote_port = $r->connection->remote_addr->port;
and worked fine.
Environment :
Linux d1s008 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2+deb8u3 (2016-07-02)
x86_64
GNU/Linux (Debian "Jessie" as far as I know)
Apache/2.4.10 (Debian) mod_apreq2-20090110/2.8.0 mod_perl/2.0.9dev Perl/v5.20.2
configured
-- resuming normal operations
(apache2 and mod_perl are the standard Debian Jessie apt-get packages)
I have tried to find clues on the WWW, CPAN etc.. but I do not find anything
about
APR::SockAddr::port(), except this snippet (quite old..) :
CPAN :
mod_perl 2.10 Changes :
...
1.99_14 - May 21, 2004
APR::SockAddr::port() accessor is now read-only [Stas]
Also on the host, the APR::SockAddr module source :
/usr/lib/x86_64-linux-gnu/perl5/5.20/APR/SockAddr.pm :
quote
=item obj: C<$sock_addr>
( C<L<APR::SockAddr object|docs::2.0::api::APR::SockAddr>> )
=item ret: C<$port> ( integer )
=item since: 2.0.00
unquote
.. seems to imply that this should work.
(And so do
https://metacpan.org/pod/APR::SockAddr#port
http://perl.apache.org/docs/2.0/api/APR/SockAddr.html#C_port_
)
Am I doing something wrong ?
More importantly to me right now : how can I get the client's connection port
number,
possibly using a workaround ? I am in control of the Apache httpd configuration.
I do not really care if this is the real client port, or a port of some
intermediate
proxy, as long as it remains consistent across severall KeepAlive calls of the
same client
workstation.
I need this port number to forward to another module (of which I do not have
the source),
which uses this (and the remote IP), as a kind of persistent identifier for the
client
connection (for Windows WIA authentication).
The only way I can think of right now, would be to add a request header at the
httpd level
with the remote client IP:port, and then retrieve and decode that same header
in my AAA
module. But that seems a bit convoluted and heavy-handed.
Is there a way in a PerlAuthenHandler to retrieve an "Apache environment
variable"
directly, which would have been set like so ?
RewriteRule .* - [E=INFO_REMOTE_ADDR:"%{REMOTE_ADDR}\:%{REMOTE_PORT}",NE]
Thanks in advance
André Warnier
Randolf Richardson - rand...@inter-corporate.com
Inter-Corporate Computer & Network Services, Inc.
Beautiful British Columbia, Canada
http://www.inter-corporate.com/
