52794 – Log file shows ssl port as 443

Bug 52794 - Log file shows ssl port as 443

Summary: Log file shows ssl port as 443

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.2-HEAD
Hardware:	All All

Importance:	P2 enhancement (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-02-29 11:17 UTC by James Michael DuPont
Modified:	2012-03-07 14:44 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description James Michael DuPont 2012-02-29 11:17:20 UTC

The log file shows the requests as being on port 443, but I have configured them on a different port. There is nothing listening on 443.
running 2.2.20-1ubuntu1.2

Example :
wget https://space-station:83


[Wed Feb 29 12:12:56 2012] [info] [client 127.0.0.1] Connection to child 4 established (server space-station:443)
[Wed Feb 29 12:12:56 2012] [info] Seeding PRNG with 648 bytes of entropy
[Wed Feb 29 12:12:56 2012] [info] Initial (No.1) HTTPS request received for child 4 (server space-station:443)

==> custom_log <==
space-station:443 127.0.0.1 - - [29/Feb/2012:12:12:56 +0100] "GET / HTTP/1.0" 200 2328 "-" "Wget/1.12 (linux-gnu)"

==> error_log <==
[Wed Feb 29 12:12:56 2012] [info] [client 127.0.0.1] (70014)End of file found: SSL input filter read failed.
[Wed Feb 29 12:12:56 2012] [info] [client 127.0.0.1] Connection closed to child 4 with standard shutdown (server space-station:443)


thanks,
mike

Comment 1 Eric Covener 2012-02-29 12:25:09 UTC

I think this is expected w/o ServerName example.com:83, but I see that mod_ssl does not consider http://httpd.apache.org/docs/2.2/mod/core.html#usecanonicalphysicalport

Comment 2 Kaspar Brand 2012-03-03 08:38:57 UTC

If the ServerName directive does not include a port number, then that's expected, yes.

What is being printed in the error log lines shown above is mod_ssl's "vhost_id", which is determined independently of any request_rec (it's basically set at startup).

We could change the logging statements to use ap_get_server_name()/ap_get_server_port() for those cases where we have a request_rec - i.e. the one with "Initial (No.1) HTTPS request..." e.g.

As for the "custom_log", it's not clear to me what the first field is referring to. Can you provide the LogFormat directive you've used for logging this request?

Comment 3 James Michael DuPont 2012-03-04 11:33:24 UTC

LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

Comment 4 Kaspar Brand 2012-03-07 07:27:58 UTC

(In reply to comment #3)
> LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\""
> vhost_combined

Ok, this makes clear that it isn't really a mod_ssl specific issue. %p is the canonical port taken from server_rec's "port" field, which is populated from the ServerName directive in core.c:server_hostname_port(). (If you want to log the actual port of the current connection, use "%{local}p" in your LogFormat string.)

Adding "ServerName space-station:83" will solve your issue, and as this is what http://httpd.apache.org/docs/2.2/mod/core.html#servername is recommending ("For optimal reliability and predictability, ..."), I'm closing this bug with WONTFIX.

Comment 5 James Michael DuPont 2012-03-07 14:44:18 UTC

Thanks, I learned something. I hope this report might help someone else with the same problem.
thanks for your help,
mike