Smalltalk › Frameworks & Tools › Seaside › Seaside General

Seaside Listening on localhost only ?

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

4 messages Options

Sven Van Caekenberghe

Seaside Listening on localhost only ?

Hi All,

I just recently started working with Seaside again after a long
hiatus, so I am probably missing something obvious or simple. While
trying to deploy a test web application on a server (Squeak-3.9-8.i686-
pc-linux-gnu VM on RHEL 4), I discovered that both there and on my
development machine (Squeak 3.8.18beta1U VM on Mac OS X 10.5) using a
Squeak 3.9 image with Seaside 2.8 started with WAKom startOn: 8080
only bind their server socket on localhost (127.0.0.1) and do hence
not accept network connections.

Is this by design (and do I need to put Apache proxying in front of
it) or is there a way to fix this ?

If I am tracing the call graph correctly, I arrive at
TcpListener>>pvtNewListener: where clearly
Socket>>listenerOn:backlogSize:interface: is called with the interface
argument hard-coded to #(127 0 0 1). It seams that Squeak has
NetNameResolver localHostAddress which would give back the 'correct'
interface name to bind the server socket to ?

All hints appreciated!

Thx,

Sven

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

smime.p7s (3K) Download Attachment

Randal L. Schwartz

Re: Seaside Listening on localhost only ?

>>>>> "Sven" == Sven Van Caekenberghe <[hidden email]> writes:

Sven> Is this by design (and do I need to put Apache proxying in front of it)
Sven> or is there a way to fix this ?

This is a good thing. Generally, you'll be putting Apache (or some other
caching web proxy) in front of Seaside, and you don't want people connecting
directly to your smalltalk process.

Sven> If I am tracing the call graph correctly, I arrive at
TcpListener> pvtNewListener: where clearly
Socket> listenerOn:backlogSize:interface: is called with the interface
Sven> argument hard-coded to #(127 0 0 1). It seams that Squeak has
Sven> NetNameResolver localHostAddress which would give back the 'correct'
Sven> interface name to bind the server socket to ?

You should be able to change 127 0 0 1 to 255 255 255 255 to get back
to the insecure behavior.

--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[hidden email]> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

Sebastian Sastre-2

RE: Seaside Listening on localhost only ?

In reply to this post by Sven Van Caekenberghe

Hi Sven,

most surely is a firewall issue. What distro is your server? Make
sure you can telnet that port in that host from remote machines or see
netstat.

Seaside uses KomHttpServer that AFAIK does not have restrictions on hosts by
default nor internal firewall support.

cheers,

Sebastian Sastre

> -----Mensaje original-----
> De: [hidden email]
> [mailto:[hidden email]] En nombre
> de Sven Van Caekenberghe
> Enviado el: Lunes, 26 de Noviembre de 2007 12:59
> Para: [hidden email]
> Asunto: [Seaside] Seaside Listening on localhost only ?
>
> Hi All,
>
> I just recently started working with Seaside again after a
> long hiatus, so I am probably missing something obvious or
> simple. While trying to deploy a test web application on a
> server (Squeak-3.9-8.i686- pc-linux-gnu VM on RHEL 4), I
> discovered that both there and on my development machine
> (Squeak 3.8.18beta1U VM on Mac OS X 10.5) using a Squeak 3.9
> image with Seaside 2.8 started with WAKom startOn: 8080 only
> bind their server socket on localhost (127.0.0.1) and do
> hence not accept network connections.
>
> Is this by design (and do I need to put Apache proxying in front of
> it) or is there a way to fix this ?
>
> If I am tracing the call graph correctly, I arrive at
> TcpListener>>pvtNewListener: where clearly
> Socket>>listenerOn:backlogSize:interface: is called with the interface
> argument hard-coded to #(127 0 0 1). It seams that Squeak has
> NetNameResolver localHostAddress which would give back the 'correct'
> interface name to bind the server socket to ?
>
> All hints appreciated!
>
> Thx,
>
> Sven
>
>

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

Sven Van Caekenberghe

Re: Seaside Listening on localhost only ?

In reply to this post by Randal L. Schwartz

On 26 Nov 2007, at 16:16, Randal L. Schwartz wrote:

> You should be able to change 127 0 0 1 to 255 255 255 255 to get back
> to the insecure behavior.

I got what I want (a server socket not only listening on localhost,
but on any interface of the machine the deployed image is running on)
with the following change:

'From Squeak3.9 of 20 November 2007 [latest update: #7068] on 27
November 2007 at 10:40:11 am'!

!TcpListener methodsFor: 'private' stamp: 'svc 11/27/2007 10:05'!
pvtNewListener: backlogSize
"Create a new socket that listens on our port. The backlog is how
many simultaneous
connections to accept at the same time"

| listener |
listener := self socketClass newTCP.
self socketsToDestroy add: listener.
listener
listenOn: portNumber
backlogSize: backlogSize
interface: #(0 0 0 0) asByteArray.
^listener! !

However, I am still confused whether this is by design or not.
Changing a method is not the ideal for configuration.

Thx,

Sven

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

smime.p7s (3K) Download Attachment