[Haxe/Neko] Web.getClientIP() invalid return value

[Sam MacPherson]

Hey all,

I am using Haxe/Neko on a 64-bit linux AMI instance on Amazon's EC2. After getting seg faults for Web.getClientIP() I updated to nekovm r1898, and I am now receiving a return value of "0.0.0.0" for every request to Web.getClientIP(). Is this a bug or am I just missing something obvious?

Thanks,

Sam

[Nicolas Cannasse]

Le 22/10/2012 21:02, Sam MacPherson a �crit :

r1898 is unrelated, it fixes something in the development server
(nekotools server) which I think you're not using here.

Someone else reported me a similar problem on 64 bit but I was not able
to reproduce. Could you tell me which version of Apache you're using ?
In 64 bits ? Are you sure you compiled with the corresponding Apache
headers ?

Could you eventually print the content of
CONTEXT()->r->connection->remote_addr->sa.sin.sin_addr in
neko/libs/mod_neko/cgi.c(get_client_iip) ?

Best,
Nicolas

[Sam MacPherson]

On Monday, 22 October 2012 16:05:55 UTC-4, Nicolas Cannasse wrote:

Le 22/10/2012 21:02, Sam MacPherson a �crit :

> Hey all,
>
> I am using Haxe/Neko on a 64-bit linux AMI instance on Amazon's EC2.
> After getting seg faults for Web.getClientIP() I updated to nekovm
> r1898, and I am now receiving a return value of "0.0.0.0" for every
> request to Web.getClientIP(). Is this a bug or am I just missing
> something obvious?

r1898 is unrelated, it fixes something in the development server
(nekotools server) which I think you're not using here.

Someone else reported me a similar problem on 64 bit but I was not able
to reproduce. Could you tell me which version of Apache you're using ?
In 64 bits ? Are you sure you compiled with the corresponding Apache
headers ?

Server version: Apache/2.2.22 (Unix)

Server built:   Aug 21 2012 19:57:44

It is 64-bit.

I did not compile neko. I used a prebuilt binary from http://builds.haxer.be/ .

 

Could you eventually print the content of
CONTEXT()->r->connection->remote_addr->sa.sin.sin_addr in
neko/libs/mod_neko/cgi.c(get_client_iip) ?

I will do this and get back to you.

 

Best,
Nicolas

[Sam MacPherson]

Okay, this

/**

        get_client_ip : void -> string

        <doc>Get the connected client IP</doc>

**/

static value get_client_ip() {

    char buf[15];

    char *ipaddr = (char *) &CONTEXT()->r->connection->remote_addr->sa.sin.sin_addr;

    sprintf(buf, "%d.%d.%d.%d", ipaddr[0], ipaddr[1], ipaddr[2], ipaddr[3]);

    return alloc_string(&buf);

}

returns 0.0.0.0 .

[Nicolas Cannasse]

Le 23/10/2012 19:40, Sam MacPherson a �crit :

> Okay, this
>
> /**
> get_client_ip : void -> string
> <doc>Get the connected client IP</doc>
> **/
> static value get_client_ip() {
> char buf[15];
> char *ipaddr = (char
> *) &CONTEXT()->r->connection->remote_addr->sa.sin.sin_addr;
> sprintf(buf, "%d.%d.%d.%d",
> ipaddr[0], ipaddr[1], ipaddr[2], ipaddr[3]);
> return alloc_string(&buf);
> }
>
> returns 0.0.0.0 .

Uhm... Looks like an issue with either Apache not filling the data
correctly, or the request_rec structure having changed between the
headers you're compiling against and the Apache version you running with...

What does alloc_string(...connection->remote_ip) return instead ?

We stopped using it when we noticed it used the X-Forwarding-IP and thus
allowed IP spoofing.

Best,
Nicolas

[Sam MacPherson]

Okay that worked. IP spoofing is a bit of an issue for security though. =\

On Tuesday, 23 October 2012 14:21:38 UTC-4, Nicolas Cannasse wrote:

Le 23/10/2012 19:40, Sam MacPherson a �crit :

[Sam MacPherson]

Are you sure that Apache uses X-Forwarded-For in that field by default? I've just done a test and sending the header X-Forwarded-For with a fake ip does not seem to change the value of connection->remote_ip.

[Nicolas Cannasse]

Le 23/10/2012 21:12, Sam MacPherson a �crit :

> Are you sure that Apache uses X-Forwarded-For in that field by default?
> I've just done a test and sending the header X-Forwarded-For with a fake
> ip does not seem to change the value of connection->remote_ip.

Interesting. That might depend of the apache version. I'll check again.

Best,
Nicolas

[Miloš Pavić]

I have the same problem with the same configuration.

Apache/2.2.22 (ubuntu)

Ubuntu 12.04 65bit

if i run my script with neko LicenseCheck.n at linux localhost everithing is fine i got 127.0.0.1

but if i run it in mod_neko trough apache i got only fault error

Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection without sending any data.

I read this group but i do not understand what i need to repair or allow in Apache to see client ip with 

var ip:String = Web.getClientIP();

Please if you can help me with more details.

On Tuesday, October 23, 2012 9:47:43 PM UTC+2, Nicolas Cannasse wrote:

Le 23/10/2012 21:12, Sam MacPherson a �crit :

[tdahh]

I get the same on my Raspberry Pi using Raspbian GNU/Linux 7: 0.0.0.0

Running a compiled mod_neko from neko 2.0.0 and haxe-3.1.3.