internal added content lookups fail if using non-standard port

Bug #1691473 reported by Galen Charlton on 2017-05-17
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Evergreen
Medium
Unassigned

Bug Description

The internal lookups of added content done in OpenILS/WWW/EGCatLoader/Record.pm
 can fail in setups where Apache sits behind a proxy and listens to a port other than 80 (as is increasingly possible given the advent of the recommendation to use NGINX or HAProxy in front of the main and WebSockets Apache instances.

Such failures can show up in logs like this:

[2017-05-17 09:35:00] /usr/sbin/apache2 [INFO:13171:Record.pm:544:14950277721317116] tpac: added content connecting to 127.0.0.1 / dev-galen2.equinoxinitiative.org

This should be corrected so that in addition to feeding the value of $ENV{SERVER_ADDR} to Net::HTTP::NB, $ENV{SERVER_PORT} is passed along as well (via PeerPort). We might also want to give admins the ability to configure the server port to use directly, e.g., to allow internal lookups to go over HTTP rather than HTTPS.

Evergreen 2.12+

Galen Charlton (gmc) on 2017-05-17
Changed in evergreen:
milestone: none → 2.12.2
Bill Erickson (berick) on 2017-05-24
Changed in evergreen:
status: New → Confirmed
assignee: nobody → Bill Erickson (berick)
Bill Erickson (berick) wrote :

It looks like supporting HTTPS for internal added content lookups will require adding Net::HTTPS::NB as a new dependency. I propose we continue with the assumption that internal lookups will be HTTP-only and go straight to supporting the admin config option (instead of $ENV{SERVER_PORT}).

Something like:

$port = $self->apache->dir_config('OILSWebInternalHTTPPort') || 80;

Changed in evergreen:
assignee: Bill Erickson (berick) → nobody

> I propose we
> continue with the assumption that internal lookups will be HTTP-only and
> go straight to supporting the admin config option (instead of
> $ENV{SERVER_PORT}).
>
> Something like:
>
> $port = $self->apache->dir_config('OILSWebInternalHTTPPort') || 80;

Works for me.

Bill Erickson (berick) on 2017-05-24
Changed in evergreen:
assignee: nobody → Bill Erickson (berick)
Bill Erickson (berick) wrote :

Pushed code, example configs, release notes:

http://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/berick/lp1691473-catalog-ac-port

To test:

[1] Set a value for OILSWebInternalHTTPPort that's not "80".
[2] Restart/reload Apache
[3] Load a record detail in the catalog
[4] Confirm opensrf logs show:

"tpac: added content connecting to <ip-address>:<new-port> / <hostname>

<new-port> should be the value configured for OILSWebInternalHTTPPort.

tags: added: pullrequest
Changed in evergreen:
assignee: Bill Erickson (berick) → nobody
Changed in evergreen:
milestone: 2.12.2 → 2.12.3
Galen Charlton (gmc) wrote :

Tested and pushed to master and rel_2_12. Thanks, Bill!

Changed in evergreen:
status: Confirmed → Fix Committed
importance: Undecided → Medium
Changed in evergreen:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers