On Wednesday 13 July 2011 01:24:34 Jeff Trawick wrote: > > > > <VirtualHost 127.0.0.1:80 [::1]:80> > > ... rewrite rules ... > > <Location /XML> > > > > #+ localhost auth file > > Order allow,deny > > Allow from 127.0.0.1 > > Allow from ::1 > > Satisfy Any > > #- localhost auth file > > > > </Location> > > ... > > </VirtualHost> > > I now know what is happening. When processing the addresses in the VirtualHost line for 127.0.0.1:80 in vhost.c get_addresses is called get_addresss calls apr_sockaddr_info_get apr_sockaddr_info_get call getaddrinfo in glibc. getaddrinfo assumes that the system will have working IPv4 external connectivity before it can return any answer. A modern Linux system will dynamically add and remove network interfaces. Which means that getaddrinfo will fail in cases that you could arguable expect it to work. For example for numeric address and for address defined in /etc/hosts where /etc/nsswitch.conf uses file before dns. In my specific case the system only has a working lo0 network interface at the time that httpd is started and I want to use 127.0.0.1 to provide authenication free access from within the system, external access is authenticated on _default_:80 as interfaces such as WiFi come up. The question is where should a fix be applied; httpd, apr or glibc? What are your thoughts? I also plan to draw this issue to the systemd developers attention. Barry --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|