Net-Ident-1.25/0000755000000000000000000000000013610770611011730 5ustar rootrootNet-Ident-1.25/t/0000755000000000000000000000000013610770611012173 5ustar rootrootNet-Ident-1.25/t/apache/0000755000000000000000000000000013610770611013414 5ustar rootrootNet-Ident-1.25/t/apache/conf/0000755000000000000000000000000013610770611014341 5ustar rootrootNet-Ident-1.25/t/apache/conf/srm.conf.in0000644000000000000000000000036213610764726016431 0ustar rootrootDocumentRoot $apache_root/html DirectoryIndex index.html PerlFreshRestart On PerlWarn On PerlTaintCheck On Alias /perl/ "$apache_root/perl/" SetHandler perl-script PerlHandler Apache::Registry Options +ExecCGI Net-Ident-1.25/t/apache/conf/apache_config.pl.in0000644000000000000000000000014113610764726020057 0ustar rootroot\$apache_root = "$apache_root"; \$apache_bin = "$apache_bin"; \$apache_addr = "localhost:$port"; Net-Ident-1.25/t/apache/conf/mime.types0000644000000000000000000000007213610764726016367 0ustar rootroot# bare bones mime types text/html html text/plain txt Net-Ident-1.25/t/apache/conf/access.conf.in0000644000000000000000000000011113610764726017061 0ustar rootroot Options All AllowOverride All Net-Ident-1.25/t/apache/conf/httpd.conf.in0000644000000000000000000000142413610764726016753 0ustar rootrootServerType standalone ServerRoot $orig_apache_root PidFile $apache_root/logs/httpd.pid LockFile $apache_root/logs/httpd.lock ScoreBoardFile $apache_root/logs/httpd.scoreboard ResourceConfig $apache_root/conf/srm.conf AccessConfig $apache_root/conf/access.conf TypesConfig $apache_root/conf/mime.types Timeout 300 KeepAlive On MaxKeepAliveRequests 10 KeepAliveTimeout 15 MinSpareServers 1 MaxSpareServers 2 StartServers 1 MaxClients 5 MaxRequestsPerChild 50 $LoadModule Port $port $usergroup HostnameLookups Off ErrorLog $apache_root/logs/error_log $ifversion1.3{ LogLevel debug LogFormat "%h %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined CustomLog $apache_root/logs/access_log combined ServerSignature On }{ TransferLog $apache_root/logs/access_log } Net-Ident-1.25/t/apache/html/0000755000000000000000000000000013610770611014360 5ustar rootrootNet-Ident-1.25/t/apache/html/testapache.txt0000644000000000000000000000001213610764726017245 0ustar rootrootApache OK Net-Ident-1.25/t/apache/perl/0000755000000000000000000000000013610770611014356 5ustar rootrootNet-Ident-1.25/t/apache/perl/testident0000755000000000000000000000143013610764726016317 0ustar rootrootBEGIN { require './inc'; } use Net::Ident qw(:apache lookupFromInAddr); use Apache; use Apache::Constants qw(:common); use Socket; my $r = Apache->request; $r->content_type("text/plain"); $r->send_http_header; my $c = $r->connection; my $localaddr = $c->local_addr; my $remoteaddr = $c->remote_addr; my($localport, $localip) = sockaddr_in($localaddr); my($remoteport, $remoteip) = sockaddr_in($remoteaddr); $r->print("You are connecting from ", inet_ntoa($remoteip), ":$remoteport to ", inet_ntoa($localip), ":$localport\n"); my $user = lookupFromInAddr($localaddr, $remoteaddr, 5) || "LOOKUP FAILED!\n"; $r->print("function lookupFromInAddr says you are: $user\n"); $user = $c->ident_lookup(5) || "LOOKUP FAILED!\n"; $r->print("ident_lookup method says you are: $user\n"); OK; Net-Ident-1.25/t/apache/perl/testmodperl0000755000000000000000000000030213610764726016653 0ustar rootroot#!/usr/bin/perl -w use strict; use Apache; use Apache::Constants qw(:common); my $r = Apache->request; $r->content_type('text/plain'); $r->send_http_header; $r->print("mod_perl OK\n"); OK; Net-Ident-1.25/t/apache/logs/0000755000000000000000000000000013610770611014360 5ustar rootrootNet-Ident-1.25/t/apache/logs/.exists0000644000000000000000000000000013610764726015700 0ustar rootrootNet-Ident-1.25/t/hosts0000644000000000000000000000104613610764726013271 0ustar rootroot# list of hosts on which we can test ident lookups # also include hosts that don't run identd, but do run a regular "telnet" # server, to test "connection refused" errors from the library. # note that these tests actually rely on a common buglet in identd # implementations, in that they let you perform an ident lookup on # a connection that is incoming. # # Right now we know of no ident servers on the internet that serve out. # Patches welcome http://github.com/toddr/Net-Ident 127.0.0.1 #pc.xs4all.nl #xs4all.nl #lyrix.xs4all.nl #lysator.liu.seNet-Ident-1.25/t/compat.t0000755000000000000000000000776113610764726013673 0ustar rootroot# test compatibility-mode FH lookups, if enabled # $Id: compat.t,v 1.6 1999/08/02 10:45:46 john Exp $ require 5.004; use Net::Ident; use Socket; use FileHandle; if ( !grep { $_ eq "_export_hook_fh" } @Net::Ident::EXPORT ) { # no default _export_hook_fh in @EXPORT, so we're not in compatibility mode print "1..0\n"; exit 0; } # code below is most of the same as ident.t... # turn on full debugging, but prepend ``# '' to output to make it disappear in # non-verbose tests # turn on full debugging, but prepend ``# '' to output to make it disappear in # non-verbose tests unless ( open( DEBUGFH, "|-" ) ) { # child... do the stuff $|++; while (<>) { s/^/# /; print; } exit 0; } DEBUGFH->autoflush(1); *Net::Ident::STDDBG = *DEBUGFH; $Net::Ident::DEBUG = 2; # find hosts file my ($hosts) = grep { -r } qw( t/hosts hosts ../t/hosts ); my @hosts; if ( open( HOSTS, $hosts ) ) { @hosts = grep { !/^#/ } ; chomp @hosts; close HOSTS; } else { @hosts = qw(127.0.0.1); } $SIG{ALRM} = sub { 0 }; $| = 1; sub bomb ($) { die "# Aargh: @_\n1..1\nnot ok1\n" } $tcpproto = ( getprotobyname('tcp') )[2] || 6; $identport = ( getservbyname( 'ident', 'tcp' ) )[2] || 113; foreach $host (@hosts) { print "# trying to resolve $host...\n"; if ( $addr = inet_aton($host) ) { $fh = new FileHandle; socket( $fh, PF_INET, SOCK_STREAM, $tcpproto ) or bomb("socket: $!"); print "# connecting to " . inet_ntoa($addr) . ":$identport\n"; alarm(10); if ( connect( $fh, sockaddr_in( $identport, $addr ) ) ) { alarm(0); print "# connected\n"; $connok ||= $fh; $connokhost ||= $host; } else { $e = $!; alarm(0); if ( $e =~ /connection refused/i ) { print "# connection refused\n"; # try to make a connection to the telnet port instead, # to give us some connected filehandle to try the # ident lookup on. print "# connecting to " . inet_ntoa($addr) . ":23\n"; $fh = new FileHandle; socket( $fh, PF_INET, SOCK_STREAM, $tcpproto ) or bomb("socket: $!"); alarm(10); if ( connect( $fh, sockaddr_in( 23, $addr ) ) ) { alarm(0); print "# connected\n"; $connrefuse ||= $fh; $connrefusehost ||= $host; } else { print "# connect: $!\n"; alarm(0); } } else { print "# connect: $e\n"; } } last if $connok && $connrefuse; } } $tests = 1; if ($connok) { print "# Will run regular ident lookups by connecting to $connokhost\n"; $tests++; } if ($connrefuse) { print "# Will run ``connection refused'' tests by connecting to ", $connrefusehost, "\n"; $tests++; } if ( !$connok && !$connrefuse ) { print "# WARNING: not a lot of testing to do without an identd to use!\n"; } print "1..$tests\n"; $i = 1; if ($connok) { print "# standard lookup test that will succeed, using FH->ident_lookup\n"; $username = $connok->ident_lookup(30); print "not " unless $username; print "ok $i\n"; $i++; } if ($connrefuse) { print "# try to get a connection refused error\n"; ( $username, $opsys, $error ) = $connrefuse->ident_lookup(30); print "not " unless !defined $username && !defined $opsys && $error =~ /connection refused/i; print "ok $i\n"; $i++; print "# got: $error\n"; } print "# try to get ident info on a something that's not a socket\n"; my ( $user, $opsys, $error ) = STDERR->ident_lookup(30); print "not " unless !defined $user && !defined $opsys && $error; print "ok $i\n"; $i++; for ( $user, $opsys, $error ) { $_ = "" if !defined; } print "# got: user=$user opsys=$opsys error=$error\n"; Net-Ident-1.25/t/0use.t0000644000000000000000000000027513610764726013252 0ustar rootroot# $Id: 0use.t,v 1.2 1999/03/08 23:27:19 john Exp $ BEGIN { $| = 1; print "1..1\n"; } END { print "not ok 1\n" unless $loaded; } use Net::Ident qw(:fh :apache); $loaded = 1; print "ok 1\n"; Net-Ident-1.25/t/Ident.t0000644000000000000000000001253113610764726013437 0ustar rootroot# -*- Perl -*- # test the Net::Ident module, which is a bitch, because you really # need an ident daemon to test it, and then you usually get a connection # from a remote machine, and then ask for the username. # so what we do is try to make a connection to an ident daemon, on # some machine, and if that succeeds, see if we can do a successful lookup # on that. # This isn't guaranteed to succeed. If you are not (properly) connected # to the internet, and if your localhost doesn't run an ident daemon, # then this script won't work. If you do know a machine that you can # currently reach, which runs an ident daemon, then put it's name or # IPnumber in the 'hosts' file in the t/ directory. # # $Id: ident.t,v 1.12 1999/03/09 23:15:11 john Exp $ require 5.004; use Net::Ident qw(:fh ident_lookup); use FileHandle; use Socket; # turn on full debugging, but prepend ``# '' to output to make it disappear in # non-verbose tests unless ( open( DEBUGFH, "|-" ) ) { # child... do the stuff $|++; while (<>) { s/^/# /; print; } exit 0; } DEBUGFH->autoflush(1); *Net::Ident::STDDBG = *DEBUGFH; $Net::Ident::DEBUG = 2; # find hosts file my ($hosts) = grep { -r } qw( t/hosts hosts ../t/hosts ); my @hosts; if ( open( HOSTS, $hosts ) ) { @hosts = grep { !/^#/ } ; chomp @hosts; close HOSTS; } else { @hosts = qw(127.0.0.1); } $SIG{ALRM} = sub { 0 }; $| = 1; sub bomb ($) { die "# Aargh: @_\n1..1\nnot ok1\n" } $tcpproto = ( getprotobyname('tcp') )[2] || 6; $identport = ( getservbyname( 'ident', 'tcp' ) )[2] || 113; foreach $host (@hosts) { print "# trying to resolve $host...\n"; if ( $addr = inet_aton($host) ) { $fh = new FileHandle; socket( $fh, PF_INET, SOCK_STREAM, $tcpproto ) or bomb("socket: $!"); print "# connecting to " . inet_ntoa($addr) . ":$identport\n"; alarm(10); if ( connect( $fh, sockaddr_in( $identport, $addr ) ) ) { alarm(0); print "# connected\n"; $connok ||= $fh; $connokhost ||= $host; } else { $e = $!; alarm(0); if ( $e =~ /connection refused/i ) { print "# connection refused\n"; # try to make a connection to the telnet port instead, # to give us some connected filehandle to try the # ident lookup on. print "# connecting to " . inet_ntoa($addr) . ":23\n"; $fh = new FileHandle; socket( $fh, PF_INET, SOCK_STREAM, $tcpproto ) or bomb("socket: $!"); alarm(10); if ( connect( $fh, sockaddr_in( 23, $addr ) ) ) { alarm(0); print "# connected\n"; $connrefuse ||= $fh; $connrefusehost ||= $host; } else { print "# connect: $!\n"; alarm(0); } } else { print "# connect: $e\n"; } } last if $connok && $connrefuse; } } $tests = 1; if ($connok) { print "# Will run regular ident lookups by connecting to $connokhost\n"; $tests += 6; } if ($connrefuse) { print "# Will run ``connection refused'' tests by connecting to ", $connrefusehost, "\n"; $tests++; } if ( !$connok && !$connrefuse ) { print "# WARNING: not a lot of testing to do without an identd to use!\n"; } print "1..$tests\n"; $i = 1; if ($connok) { print "# standard lookup test that will succeed, using FH->ident_lookup\n"; $username = $connok->ident_lookup(30); print "not " unless $username; print "ok $i\n"; $i++; print "# now using Net::Ident::lookup\n"; $username2 = Net::Ident::lookup( $connok, 30 ); print "not " if !$username2 || $username2 ne $username; print "ok $i\n"; $i++; print "# now using ident_lookup, and an unqualified FH\n"; *FH = $connok; *FH = \1; # prevent warning, sortof $username2 = ident_lookup( 'FH', 30 ); print "not " if !$username2 || $username2 ne $username; print "ok $i\n"; $i++; print "# now make it fail... establish connection to ident\n"; $lookup = new Net::Ident $connok, 30; print "not " unless $lookup; print "ok $i\n"; $i++; print "not " unless $lookup->getfh && !$lookup->geterror; print "ok $i\n"; $i++; print "# now close original connection\n"; shutdown( $connok, 2 ); close($connok); sleep 1; # give it a little time... print "# try the rest of the lookup, which should fail\n"; ( $username, $opsys, $error ) = $lookup->username; print "# remote identd said: $error\n"; print "not " unless !defined $username && $opsys eq "ERROR"; print "ok $i\n"; $i++; } if ($connrefuse) { print "# try to get a connection refused error\n"; ( $username, $opsys, $error ) = $connrefuse->ident_lookup(30); print "not " unless !defined $username && !defined $opsys && $error =~ /connection refused/i; print "ok $i\n"; $i++; print "# got: $error\n"; } print "# try to get ident info on a handle that's not a socket\n"; $lookup = new Net::Ident STDERR, 30; print "not " unless $lookup && !defined $lookup->getfh && $lookup->geterror; print "ok $i\n"; $i++; print "# got: " . $lookup->geterror . "\n"; Net-Ident-1.25/t/apache.t0000644000000000000000000001421413610770371013606 0ustar rootroot# $Id: apache.t,v 1.28 1999/08/26 23:39:52 john Exp $ use strict; use warnings; use Cwd; use IO::Socket; use Net::Ident; # GET uri from server sub GET { my ( $server, $uri ) = @_; my ( $header, $content ); print "# GET http://$server$uri\n"; eval { my $sock = new IO::Socket::INET PeerAddr => $server, Timeout => 10; $sock or die "cannot connect to $server: $!\n"; $sock->autoflush(1); local $SIG{ALRM} = sub { die "Timeout in GET\n" }; alarm(10); print $sock < ); alarm(0); ( $header, $content ) = $resp =~ /\A((?:.*\n)+)\r?\n([\s\S]*)\Z/; $header or die "server returned garbage: $resp\n"; wantarray ? ( $content, $header ) : $content; }; } my ($apache_bin, $apache_addr, $apache_root, $username, $ourpid); END { # make sure apache dies when we exit, but only if we exit ourselves return if !$ourpid || $ourpid != $$; if ( defined $apache_root && -r "$apache_root/logs/httpd.pid" && open( PID, "$apache_root/logs/httpd.pid" ) ) { my $pid = ; chomp $pid; close PID; kill TERM => $pid and print "# stopped apache\n"; sleep 2; kill KILL => $pid; } } # Initialise apache test. If the below dies at any point, it means the # apache setup failed. This does NOT fail the test, however... eval { # get current directory my $cwd = cwd(); # set our PID, for the END{} routine $ourpid = $$; # verify the apache test is configured -f "$cwd/t/apache/conf/apache_config.pl" or die "Apache test not configured\n"; # read configuration data require "$cwd/t/apache/conf/apache_config.pl"; # write file containing current @INC, to be used by the apache # mod_perl programs. open( INC, ">$apache_root/perl/inc" ) or die "cannot write $apache_root/perl/inc: $!\n"; print INC '@INC = ("', join( '","', map { s/^\./$cwd/; $_ = "$cwd/$_" unless m-^/-; s/\\/\\\\/g; s/"/\\"/g; $_ } @INC ), "\");\n"; close INC; # OK! Let's have fun! print "# Starting apache...\n"; system( $apache_bin, "-f", "$apache_root/conf/httpd.conf" ) and die "Apache returned non-zero exit status: $?\n"; my $startuptime = 3 + time; # do a really silly loopback connection and ident lookup on this # to find out what identd returns. We assume previous tests # already established the proper functioning of Net::Ident in # "normal" circumstances! my $listen = new IO::Socket::INET Listen => 5, LocalAddr => 'localhost', Timeout => 10; $listen or die "SLEEP: Cannot create listening socket: $!\n"; my $listenport = $listen->sockport; my $pid = fork; defined $pid or die "SLEEP: cannot fork: $!\n"; if ( $pid == 0 ) { # child. connect from here to prevent deadlocks my $connect = new IO::Socket::INET PeerAddr => "localhost:$listenport"; $connect or exit 0; # can't generate error. my $dummy = <$connect>; exit 0; } # parent. wait for an incoming connection, or possibly time out my $accept = $listen->accept; $accept or die "SLEEP: Error in accept: $!\n"; # phew. we have an incoming connection from ourselves. let's do the # actual ident lookup. my ( $os, $error ); ( $username, $os, $error ) = Net::Ident::lookup( $accept, 10 ); defined $username or die "SLEEP: Couldn't perform ident lookup: $error\n"; print "# identd tells us we're $username\n"; print $accept "you are $username\n"; close $accept; close $listen; # if you think the above is an extremely silly way to do getpwuid($<), # think again. Just for fun, let's compare the ID we got with getpwuid # and co... sometimes it IS different (for privacy-enhanced identd) if ( ( getpwuid($<) && $username ne getpwuid($<) ) && ( getlogin() && $username ne getlogin() ) && ( $ENV{USER} && $username ne $ENV{USER} ) ) { print "# Hmm... that doesn't look like getpwuid(\$<) = \"", getpwuid($<) || "(undef)", "\"\n"; print "# nor like getlogin() = \"", getlogin() || "(undef)", "\"\n"; print "# nor like $ENV{USER} = \"", $ENV{USER} || "(undef)", "\"\n"; } # let apache warm up some more, if necessary sleep $startuptime - time if $startuptime > time; # test apache itself my $result = GET( $apache_addr, "/testapache.txt" ); defined $result and $result =~ /^Apache OK/ or die "Apache not ready\n"; print "# standard Apache OK\n"; GET( $apache_addr, "/perl/testmodperl" ) =~ /^mod_perl OK/ or die "mod_perl not ready\n"; print "# mod_perl OK\n"; }; if ($@) { my $reason = $@; if ( $reason =~ /^SLEEP: (.*)$/s ) { # we died too soon, apache is still starting up. $reason = $1; # make sure apache starts properly, else we can't kill it sleep 5; } print "# $reason"; print "\n" unless $reason =~ /\n$/; print "1..0\n"; exit 0; } # when we get here, identd is responding, apache is running, and mod_perl # is functioning. Let's finally do some testing of Net::Ident print "1..4\n"; my $i = 1; my ( $reply, $header ) = GET( $apache_addr, "/perl/testident" ); if ( !defined $reply ) { print "not ok $i\n"; $i++; exit 0; } print "ok $i\n"; $i++; if ( $header !~ m{\AHTTP/[\d.]+\s+(\d+)\s} || $1 ne "200" ) { print "# apache barfed\n"; print "not ok $i\n"; $i++; print STDERR "$header\n\n$reply\n"; exit 0; } print "ok $i\n"; $i++; my ( $func, $meth ) = $reply =~ m{ ^function\slookupFromInAddr\ssays\syou\sare:\s(.*)\n ident_lookup\smethod\ssays\syou\sare:\s(.*)\n }xm; if ( !defined $meth ) { print "not ok $i\n"; $i++; exit 0; } print "# ident lookup via apache returned: \"$func\" and \"$meth\"\n"; print( ( $func eq $username ) ? "ok $i\n" : "not ok $i\n" ); $i++; print( ( $meth eq $username ) ? "ok $i\n" : "not ok $i\n" ); $i++; Net-Ident-1.25/INSTALL0000644000000000000000000000271613610764726013001 0ustar rootrootYou should know the drill by now: 1) perl Makefile.PL You might have to answer some questions during this phase. If a previous version of Net::Ident is found on your system, the Makefile.PL will ask you if you want to install this version in a backward-compatible way. This might make it easier for existing scripts. See the Changes file or the pod documentation for more information on what exactly changed. If you want to force installing in a compatible way, add the "-c" switch to the Makefile.PL command line. If you have a mod_perl enabled apache server running on the current machine, and you have an identd daemon installed, you are offered the option to add a test that starts a separate apache process, in which some mod_perl tests are performed. If you are sure you have a mod_perl enabled apache somewhere, but it just doesn't happen to be running right now, add the "-a" switch to the Makefile.PL command line. 2) make Build it. 3) make test Test it. If you asked for a backward-compatible installation, it'll test t/compat, otherwise this test will be skipped. If you asked for the apache tests, the t/apache test will perform those, otherwise this test will be skipped. In other words: if you get skipped tests, do not worry about them. If, however, you asked for the apache test, and the test is skipped, then something is wrong with your apache setup, for example because apache couldn't be started properly. 4) make install Installs the module. Net-Ident-1.25/Makefile.PL0000644000000000000000000005006713610770371013715 0ustar rootroot#!/usr/bin/perl # Makefile for Net::Ident # # $Id: Makefile.PL,v 1.57 1999/08/27 00:00:09 john Exp $ use strict; use warnings; use ExtUtils::MakeMaker qw(:DEFAULT prompt); use Getopt::Long; use Pod::Text; use Socket; use FileHandle; use FindBin qw($Bin); $| = 1; my $intro = < "Produce this helptext", 'force-compat|c' => q{ Force installation of Net::Ident compatible with version 1.11. By default, the installer checks if version 1.11 is installed, and if so, offers the option to install the compatible version. Here ``compatible'' means that C will install the C method in package C.}, 'test-apache|a' => q{ Makes the installer go into the dialogue to configure the apache mod_perl test. This is normally only done when a few basic almost fail-safe tests confirm that you can run this test.}, ); # files that need adapting when we install compatibility mode my @compat_files = qw(Ident.pm); # option processing GetOptions( keys %options ) or $opt_help++; # provide help if necessary if ($opt_help) { open( POD, "|-" ) or pod2text( "<&STDIN", *STDOUT ), exit 0; print POD "=head1 Net::Ident installation\n\n"; print POD $intro; print POD "=over 4\n\n"; for my $opt ( sort keys %options ) { my $txtopt = join( " ", map { "-" x ( length > 1 ? 2 : 1 ) . $_ } split /\|/, $opt ); print POD "=item $txtopt\n\n"; $options{$opt} =~ s/^\s+//mg; print POD $options{$opt}, "\n\n"; } print POD "=back\n\n"; exit 0; } # check and ask if we possibly need compatibility-install sub check_compat () { my $forcetxt = <0 or ($c,$p)=/@@(\d*) (.*) @@/}, @compat_files ); } # initial checks to see if apache is possible at all sub check_initial_apache ($) { my $apinfo = shift; print "\nChecking for Apache.pm... "; eval { require Apache }; if ($@) { print "not found\n"; return; } print "found version $Apache::VERSION\n"; $apinfo->{Apache_pm_version} = $Apache::VERSION; print "Checking for mod_perl.pm... "; eval { require mod_perl }; if ($@) { print "not found\n"; return; } print "found version $mod_perl::VERSION\n"; $apinfo->{mod_perl_pm_version} = $mod_perl::VERSION; print "Checking for identd... "; my $tcpproto = getprotobyname('tcp') || 6; my $identport = ( getservbyname( 'ident', 'tcp' ) )[2] || 113; socket( S, PF_INET, SOCK_STREAM, $tcpproto ) or die "socket: $!\n"; if ( !connect( S, sockaddr_in( $identport, inet_aton("127.1") ) ) ) { print "cannot connect: $!\n"; return; } print "OK\n"; close S; my $forcetxt = <autoflush(1); if ( !connect( S, sockaddr_in( $httpport, inet_aton("127.1") ) ) ) { print "You don't have a webserver running: $!\n\n$forcetxt"; return; } print S "HEAD / HTTP/1.0\r\n\r\n"; my $reply; { # slurp in reply in one go local $/ = undef; $reply = ; } close S; if ( $reply !~ m{^Server:.*mod_perl/([\d.]+)\b}mi ) { print "Your webserver isn't mod_perl enabled\n\n$forcetxt"; return; } print "you have mod_perl/$1\n"; $apinfo->{mod_perl_parsed_version} = $1; # verify versions... but don't do anything with it, just warn # (can this be the cause of trouble???) if ( $apinfo->{mod_perl_parsed_version} != $apinfo->{mod_perl_pm_version} ) { print <{apache_parsed_version} = $1; } print <$errfile" ); exec(@_) or die "Couldn't execute @_: $!\n"; } else { # parent. slurp in output. local $/ = undef; $apout = ; } # wait for child to terminate. close APOUT; # check return status my $error = ''; if ($?) { $error = "`@_' returned with a non-zero exit status: " . ( $? >> 8 ) . "\n"; } # check stderr output if ( -s $errfile ) { $error .= "`@_' returned the following on STDERR:\n"; open( ERR, $errfile ) or die "odd... opening $errfile: $!\n"; { local $/ = undef; $error .= ; } close ERR; } unlink $errfile; return ( $error, $apout ); } # parse httpd output and return info sub parse_httpd_version ($$) { my ( $binary, $arg ) = @_; my ( $error, $apout ) = safe_exec_httpd( $binary, $arg ); return $error if $error; my ($version) = $apout =~ m{version.*Apache/([\d.]+)}; my ($httpd_root) = $apout =~ m{HTTPD_ROOT="([^"]+)"}; my ($httpd_conf) = $apout =~ m{SERVER_CONFIG_FILE="([^"]+)"}; return ( "", $version, $httpd_root, $httpd_conf ); } # parse the httpd.conf to extract User and Group statements sub extract_usergroup ($) { my $apinfo = shift; my $conf = my $usergroup = ""; $usergroup .= "User $1\n" if $apinfo->{httpd_conf_contents} =~ /^\s*user\s+(\w+)/mi; $usergroup .= "Group $1\n" if $apinfo->{httpd_conf_contents} =~ /^\s*group\s+(\w+)/mi; $usergroup; } # parse the httpd.conf and extract LoadModule and AddModule statements # to make sure mod_perl.c gets loaded sub extract_module_statements ($) { my $apinfo = shift; my $httpdconf = $apinfo->{orig_httpd_conf}; my $conf = $apinfo->{httpd_conf_contents}; # first make sure mod_perl.c is added unless ( $conf =~ /^\s*AddModule\s+mod_perl\.c\s*$/mi ) { print "Cannot find mod_perl.c module in $httpdconf\n"; return; } # remove all comments $conf =~ s/^\s*#.*//gm; # remove runs of empty lines $conf =~ s/^\s*$//gm; # remove all .. and .. parts 1 while ( $conf =~ s{((?:(?!).)*)}{}is or $conf =~ s{((?:(?!).)*)}{}is ); # check that we didn't lose mod_perl.c in the process unless ( $conf =~ /^\s*AddModule\s+mod_perl\.c\s*$/mi ) { print <{apache_root} = $apache_root; # find current apache root my ($orig_apache_root) = grep { -d } qw( /usr/local/apache /opt/apache /usr/local/etc/httpd /etc/httpd /Local/Library/WebServer /boot/home/apache /usr/local /usr ); print <{orig_apache_root} = $orig_apache_root = $answ; # find httpd binary my ($apache_bin) = grep { -x } map { m-^/- ? $_ : "$orig_apache_root/$_" } qw( httpd sbin/httpd bin/httpd libexec/httpd /sbin/httpd /usr/sbin/httpd /usr/libexec/httpd ); $answ = prompt( "Where is your httpd executable?", $apache_bin ); if ( !defined $answ ) { print "cannot find httpd executable, no apache test performed.\n"; return; } if ( !-x $answ ) { print "$answ is not executable, no apache test performed.\n"; return; } $apinfo->{apache_bin} = $apache_bin = $answ; my ( $error, $version, $orig_apache_root2, $orig_httpd_conf ) = parse_httpd_version( $apache_bin, "-V" ); if ( !defined $version ) { # try httpd -v ( $error, $version, $orig_apache_root2, $orig_httpd_conf ) = parse_httpd_version( $apache_bin, "-v" ); if ( !defined $version ) { # now give up print "I cannot use $apache_bin:\n$error\n"; return; } } print "$apache_bin is version Apache/$version\n"; $apinfo->{orig_httpd_conf} = $orig_httpd_conf; # verify this version against running version, if possible if ( $apinfo->{apache_parsed_version} && $version ne $apinfo->{apache_parsed_version} ) { print <{orig_apache_root} = $orig_apache_root = $orig_apache_root2; } my $httpdconf = $apinfo->{orig_httpd_conf}; # find proper httpd.conf if ( !$httpdconf || !-r $httpdconf ) { # oh dear. we need the original httpd.conf, but we don't know # where it is exactly, or can't read it. Provide guesses. ($httpdconf) = grep { -r } map { m-^/- ? $_ : "$orig_apache_root/$_" } qw( etc/httpd.conf conf/httpd.conf etc/httpd/httpd.conf Configuration/httpd.conf /usr/local/apache/conf/httpd.conf /usr/local/apache/etc/httpd.conf /opt/apache/conf/httpd.conf /opt/apache/etc/httpd.conf /etc/opt/apache/httpd.conf /etc/httpd/conf/httpd.conf ); } $httpdconf = "$orig_apache_root/$httpdconf" unless $httpdconf =~ m-^/-; $answ = prompt( "Where is your httpd.conf?", $httpdconf ); if ( !defined $answ ) { print "I cannot perform the apache test without httpd.conf\n"; return; } if ( !-r $answ ) { print "Cannot read $answ, cannot proceed without it\n"; return; } $httpdconf = $answ; $apinfo->{orig_httpd_conf} = $httpdconf; # read httpd.conf if ( !open( CONF, $httpdconf ) ) { print "Cannot read $httpdconf: $!\nCannot proceed without it\n"; return; } my $conf; { # slurp in config local $/ = undef; $conf = ; } close CONF; $apinfo->{httpd_conf_contents} = $conf; # extract User/Group info $apinfo->{usergroup} = extract_usergroup($apinfo); # verify mod_perl module is present, if not, find LoadModule statement. my $modlist; ( $error, $modlist ) = safe_exec_httpd( $apache_bin, "-l" ); if ($error) { print "Odd... `$apache_bin -l' returned an error:\n$error\n"; print "I give up!\n"; return; } # check for mod_perl.c my $LoadModule = ""; if ( $modlist !~ /^\s*mod_perl\.c\s*$/m ) { # not present! we need to find the proper Module statements! print "Oops... mod_perl.c isn't in your standard module list...\n"; $LoadModule = extract_module_statements($apinfo) or return; print <{LoadModule} = $LoadModule; # find a usable port my $port = 2706; my $tcpproto = getprotobyname('tcp') || 6; socket( S, PF_INET, SOCK_STREAM, $tcpproto ) or die "socket: $!\n"; $port++ while $port < 2801 && !bind( S, pack_sockaddr_in( $port, INADDR_ANY ) ); close S; if ( $port >= 2801 ) { print "Couldn't find a usable port, strange enough...\n"; return; } $apinfo->{port} = $port; # return success return 1; } # substitute the lot into the config files. sub install_apache ($) { my $apinfo = shift; print <{apache_root}; my $version = $apinfo->{apache_parsed_version}; for my $file (@configfiles) { # read .in file open( IN, "$serverroot/$file.in" ) or die "cannot open $serverroot/$file.in: $!\n"; my $conf; { local $/ = undef; $conf = ; } close IN; # handle $ifversion{}{}. allow 1-level nesting of {} # note: this is a nominee for the "most scary regexp '99" award. # no user serviceable parts inside. flammable. explosive. do not touch. $conf =~ s<\$ifversion([\d.]+)\{([^{}]*(?:\{[^{}]*\}[^{}]*)*)\}\{([^{}]*(?:\{[^{}]*\}[^{}]*)*)\}> < $version ge $1 ? $2 : $3 >gems; # handle $var $conf =~ s{\\(.)|\$(\w+)} { $1 || $apinfo->{$2} }ge; # write config file print "Writing $serverroot/$file ...\n"; open( OUT, ">$serverroot/$file" ) or die "cannot write $serverroot/$file: $!\n"; print OUT $conf; close OUT; } print < 'Net::Ident', ABSTRACT => 'Lookup the username on the remote end of a TCP/IP connection', AUTHOR => 'Jan-Pieter Cornet ', VERSION_FROM => 'Ident.pm', # finds $VERSION PREREQ_PM => { Socket => '0', Fcntl => '0', FileHandle => '0', Carp => '0', Config => '0', Exporter => '0', vars => '0', }, dist => { COMPRESS => 'gzip -9f', SUFFIX => 'gz', }, clean => { FILES => "Net-Ident-* t/apache/conf/access.conf t/apache/conf/apache_config.pl t/apache/conf/httpd.conf t/apache/conf/srm.conf t/apache/logs/access_log t/apache/logs/error_log t/apache/perl/inc" }, META_MERGE => { build_requires => { # 'Apache' => 0, # mod_perl is crazy hard to install. It's not a fair thing to require # 'Apache::Constants' => 0, # mod_perl is crazy hard to install. It's not a fair thing to require 'Test::More', # For Testing. 'IO::Socket', # For Testing }, resources => { license => 'http://dev.perl.org/licenses/', bugtracker => 'http://github.com/toddr/Net-Ident/issues', repository => 'http://github.com/toddr/Net-Ident', }, }, ); Net-Ident-1.25/Changes0000644000000000000000000000726013610770371013233 0ustar rootrootRevision history for Perl extension Net::Ident. 1.25 Sat Jan 18 2020 - Enable github actions testing - Switch to README.md and point to testing status - Fix spelling typo provided by Debian project - Switch primary tracker to github issues - Remove META.yml from source control 1.24 Sun Dec 14 2014 - RT 79165 - Fix for Strawberry Perl - Tidy code base for conformity of future patches 1.23 Sun Jun 13 2010 - Setting values for read only tied hash %! is illegal. removing code. 1.22 Fri Jun 11 09:00:00 CST 2010 - Remove Apache (mod_perl) as a dep for this module 1.21 Fri Jun 11 01:00:00 CST 2010 - Move sub around to fix prototyping bug. - Remove broken ident hosts from list so tests don't break. Right now i know of no working public ident hosts. Patches welcome! - Update Makefile.PL with new options - Add META.yml to module - use %! to determine if error was EINPROGRESS to function in other languages 1.20 Fri Aug 27 00:59:24 CEST 1999 - Public release - Added a few more apache layouts to the Makefile.PL to autodetect. 1.19 Mon Aug 2 22:50:21 CEST 1999 - Added the often asked for, long promised lookupFromInaddr method. - No longer imports ident_lookup into package FileHandle by default, unless you explicitly ask for it (or unless you installed it that way during compile time for compatibility reasons). - Allow adding an ident_lookup method to the Apache::Connection class, as a convenience for mod_perl script writers. - Rewritten tests, included test for the Apache::Connection method by actually launching apache and performing ident lookups from within mod_perl. - Moved selection of FileHandle/IO::Handle class out of the Makefile.PL. PAUSE/CPAN didn't really like modules that weren't present in the distribution, and it didn't allow you to upgrade your perl version underneath. 1.11 Wed Jan 15 01:49:15 MET 1999 - Several bugfixes, and some slight interface changes: - constructor now called `new' instead of `initconnect', constructor now always succeeds, if something has gone wrong in the constructor, all methods return undef (like `getfh'), except for `geterror', which returns the error message. - The recommended exported function is now `ident_lookup' instead of `lookup' - Fixed a bug: now chooses O_NDELAY or O_NONBLOCK from %Config, instead of hardcoding O_NDELAY (argh) - Adding a method to FileHandle would break in perl5.004, it should get added in IO::Handle. Added intelligence in Makefile.PL to detect that and choose the appropriate package. - Miscellaneous pod fixes. - Test script now actually tests multiple different things. 1.10 Sat Jan 11 19:05:35 1997 - original version; created by h2xs 1.16. First release as a perl5 module, complete rewrite for perl5, based on rfc931.pl 1.02 Fri Jan 20 18:20:32 1995 - Quite a big bugfix: "connection refused" to the ident port would kill the perl process with a SIGPIPE if the connect didn't immediately signal it (ie. almost always on remote machines). Also recognises the perl5 package separator :: now on fully qualified descriptors. This is still perl4-compatible, a perl5- only version would require a rewrite to make it neater. Fixed the constants normally found in .ph files (but you shouldn't use those anyway). 1.01 Some Novish evening 1994 - Removed a spurious perl5 -w complaint. First public release. Has been tested against perl 5.000 and perl 4.036. 1.00 Somewhere in 1994 - First neat collection of dusty routines put in a package. Net-Ident-1.25/README.md0000644000000000000000000004012313610766056013217 0ustar rootroot[![](https://github.com/toddr/Net-Ident/workflows/linux/badge.svg)](https://github.com/toddr/Net-Ident/actions) [![](https://github.com/toddr/Net-Ident/workflows/macos/badge.svg)](https://github.com/toddr/Net-Ident/actions) [![](https://github.com/toddr/Net-Ident/workflows/windows/badge.svg)](https://github.com/toddr/Net-Ident/actions) # NAME Net::Ident - lookup the username on the remote end of a TCP/IP connection # SYNOPSIS use Net::Ident; $username = Net::Ident::lookup(SOCKET, $timeout); $username = Net::Ident::lookupFromInAddr($localsockaddr, $remotesockaddr, $timeout); $obj = Net::Ident->new(SOCKET, $timeout); $obj = Net::Ident->newFromInAddr($localsockaddr, $remotesockaddr, $timeout); $status = $obj->query; $status = $obj->ready; $username = $obj->username; ($username, $opsys, $error) = $obj->username; $fh = $obj->getfh; $txt = $obj->geterror; use Net::Ident 'ident_lookup'; $username = ident_lookup(SOCKET, $timeout); use Net::Ident 'lookupFromInAddr'; $username = lookupFromInAddr($localsockaddr, $remotesockaddr, $timeout); use Net::Ident ':fh'; $username = SOCKET->ident_lookup($timeout); use Net::Ident ':apache'; # my Apache $r; $c = $r->connection; $username = $c->ident_lookup($timeout); # OVERVIEW **Net::Ident** is a module that looks up the username on the remote side of a TCP/IP connection through the ident (auth/tap) protocol described in RFC1413 (which supersedes RFC931). Note that this requires the remote site to run a daemon (often called **identd**) to provide the requested information, so it is not always available for all TCP/IP connections. # DESCRIPTION You can either use the simple interface, which does one ident lookup at a time, or use the asynchronous interface to perform (possibly) many simultaneous lookups, or simply continue serving other things while the lookup is proceeding. ## Simple Interface The simple interface comes in four varieties. An object oriented method call of a FileHandle object, an object oriented method of an Apache::Connection object, and as one of two different simple subroutine calls. Other than the calling method, these routines behave exactly the same. - `Net::Ident::lookup (SOCKET` \[`, $timeout`\]`)` **Net::Ident::lookup** is an exportable function. However, due to the generic name of the **lookup** function, it is recommended that you instead import the alias function **Net::Ident::ident\_lookup**. Both functions are exported through `@EXPORT_OK`, so you'll have to explicitly ask for it if you want the function **ident\_lookup** to be callable from your program. You can pass the socket using either a string, which doesn't have to be qualified with a package name, or using the more modern FileHandle calling styles: as a glob or as a reference to a glob. The Socket has to be a connected TCP/IP socket, ie. something which is either **connect()**ed or **accept()**ed. The optional timeout parameter specifies a timeout in seconds. If you do not specify a timeout, or use a value of undef, there will be no timeout (apart from any default system timeouts like TCP connection timeouts). - `Net::Ident::lookupFromInAddr ($localaddr, $remoteaddr` \[`, $timeout`\]`)` **Net::Ident::lookupFromInAddr** is an exportable function (via `@EXPORT_OK`). The arguments are the local and remote address of a connection, in packed \`\`sockaddr'' format (the kind of thing that `getsockname` returns). The optional timeout value specifies a timeout in seconds, see also the description of the timeout value in the `Net::Ident::lookup` section above. The given localaddr **must** have the IP address of a local interface of the machine you're calling this on, otherwise an error will occur. You can use this function whenever you have a local and remote socket address, but no direct access to the socket itself. For example, because you are parsing the output of "netstat" and extracting socket address, or because you are writing a mod\_perl script under apache (in that case, also see the Apache::Connection method below). - `ident_lookup SOCKET` \[`$timeout`\] When you import the \`\`magic'' tag ':fh' using `use Net::Ident ':fh';`, the **Net::Ident** module extends the **FileHandle** class with one extra method call, **ident\_lookup**. It assumes that the object (a FileHandle) it is operating on, is a connected TCP/IP socket, ie. something which is either **connect()**ed or **accept()**ed. The optional parameter specifies the timeout in seconds, just like the timeout parameter of the function calls above.   Some people do not like the way that \`\`proper'' object design is broken by letting one module add methods to another class. This is why, starting from version 1.20, you have to explicitly ask for this behaviour to occur. Personally, I this it's a compromise: if you want an object-oriented interface, then either you make a derived class, like a FileHandleThatCanPerformIdentLookups, and make sure all appropriate internal functions get wrappers that do the necessary re-blessing. Or, you simply extend the FileHandle class. And since Perl doesn't object to this (pun intended :), I find this an acceptable solution. But you might think otherwise. - `ident_lookup Apache::Connection` \[`$timeout`\] When you import the \`\`magic'' tag ':apache' using `use Net::Ident ':apache';`, the **Net::Ident** module extends the **Apache::Connection** class with one extra method call, **ident\_lookup**. This method takes one optional parameter: a timeout value in seconds. This is a similar convenience function as the FileHandle::ident\_lookup method, to be used with mod\_perl scripts under Apache. What these functions return depends on the context: - scalar context In scalar context, these functions return the remote username on success, or undef on error. "Error" is rather broad, it might mean: some network error occurred, function arguments are invalid, the remote site is not responding (in time) or is not running an ident daemon, or the remote site ident daemon says there's no user connected with that particular connection. More precisely, the functions return whatever the remote daemon specified as the ID that belongs to that particular connection. This is often the username, but it doesn't necessarily have to be. Some sites, out of privacy and/or security measures, return an opaque ID that is unique for each user, but is not identical to the username. See _RFC1413_ for more information. - array context In array context, these functions return: `($username, $opsys, $error)`. The _$username_ is the remote username or ID, as returned in the scalar context, or undef on error. The _$opsys_ is the remote operating system as reported by the remote ident daemon, or undef on a network error, or **"ERROR"** when the remote ident daemon reported an error. This could also contain the character set of the returned username. See RFC1413. The _$error_ is the error message, either the error reported by the remote ident daemon (in which case _$opsys_ is **"ERROR"**), or the internal message from the **Net::Ident** module, which includes the system errno `$!` whenever possible. A likely candidate is **"Connection refused"** when the remote site isn't running an ident daemon, or **"Connection timed out"** when the remote site isn't answering our connection request. When _$username_ has a value, _$error_ is always undef, and vice versa. ## EXAMPLE The following code is a complete example, implementing a server that waits for a connection on a port, tells you who you are and what time it is, and closes the connection again. The majority of the code will look very familiar if you just read [perlipc](https://metacpan.org/pod/perlipc). Excersize this server by telnetting to it, preferably from a machine that has a suitable ident daemon installed. #!/usr/bin/perl -w use Net::Ident; # uncomment the below line if you want lots of debugging info # $Net::Ident::DEBUG = 2; use Socket; use strict; sub logmsg { print "$0 $$: @_ at ", scalar localtime, "\n" } my $port = shift || 2345; my $proto = getprotobyname('tcp'); socket(Server, PF_INET, SOCK_STREAM, $proto) or die "socket: $!"; setsockopt(Server, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) or die "setsockopt: $!"; bind(Server, sockaddr_in($port, INADDR_ANY)) or die "bind: $!"; listen(Server,SOMAXCONN) or die "listen: $!"; logmsg "server started on port $port"; my $paddr; for ( ; $paddr = accept(Client,Server); close Client) { my($port,$iaddr) = sockaddr_in($paddr); my $name = gethostbyaddr($iaddr,AF_INET) || inet_ntoa($iaddr); logmsg "connection from $name [" . inet_ntoa($iaddr) . "] at port $port"; my $username = Client->ident_lookup(30) || "~unknown"; logmsg "User at $name:$port is $username"; print Client "Hello there, $username\@$name, it's now ", scalar localtime, "\n"; } ## Asynchronous Interface The asynchronous interface is meant for those who know the ins and outs of the `select()` call (the 4-argument version of `select()`, but I didn't need saying that, did I?). This interface is completely object oriented. The following methods are available: - `new Net::Ident SOCKET, $timeout` This constructs a new Net::Ident object, and initiates the connection to the remote ident daemon. The parameters are the same as described above for the **Net::Ident::lookup** subroutine. This method returns immediately, the supplied _$timeout_ is only stored in the object and used in future methods. If you want to implement your own timeout, that's fine. Simply throw away the object when you don't want it anymore. The constructor will always succeed. When it detects an error, however, it returns an object that "has already failed" internally. In this case, all methods will return `undef` except for the `geterror` method, wich will return the error message. The timeout is _not_ implemented using `alarm()`. In fact you can use `alarm()` completely independant of this library, they do not interfere. - `newFromInAddr $localaddr, $remoteaddr, $timeout` Alternative constructor, that takes two packed sockaddr structures. Otherwise behaves identical to the `new` constructor above. - `query $obj` This object method queries the remote rfc931 deamon, and blocks until the connection to the ident daemon is writable, if necessary (but you are supposed to make sure it is, of course). Returns true on success (or rather it returns the _$obj_ itself), or undef on error. - `ready $obj` \[`$blocking`\] This object method returns whether the data received from the remote daemon is complete (true or false). Returns undef on error. Reads any data from the connection. If _$blocking_ is true, it blocks and waits until all data is received (it never returns false when blocking is true, only true or undef). If _$blocking_ is not true, it doesn't block at all (unless... see below). If you didn't call `query $obj` yet, this method calls it for you, which means it _can_ block, regardless of the value of _$blocking_, depending on whether the connection to the ident is writable. Obviously, you are supposed to call this routine whenever you see that the connection to the ident daemon is readable, and act appropriately when this returns true. Note that once **ready** returns true, there are no longer checks on timeout (because the networking part of the lookup is over anyway). This means that even `ready $obj` can return true way after the timeout has expired, provided it returned true at least once before the timeout expired. This is to be construed as a feature. - `username $obj` This object method parses the return from the remote ident daemon, and blocks until the query is complete, if necessary (it effectively calls `ready $obj 1` for you if you didn't do it yourself). Returns the parsed username on success, or undef on error. In an array context, the return values are the same as described for the **Net::Ident::lookup** subroutine. - `getfh $obj` This object method returns the internal FileHandle used for the connection to the remote ident daemon. Invaluable if you want it to dance in your select() ring. Returns undef when an error has occurred. - `geterror $obj` This object method returns the error message in case there was an error. undef when there was no error. An asynchronous example implementing the above server in a multi-threaded way via select, is left as an excersize for the interested reader. # DISCLAIMER I make NO WARRANTY or representation, either express or implied, with respect to this software, its quality, accuracy, merchantability, or fitness for a particular purpose. This software is provided "AS IS", and you, its user, assume the entire risk as to its quality and accuracy. # AUTHOR Jan-Pieter Cornet, # COPYRIGHT Copyright (c) 1995, 1997, 1999 Jan-Pieter Cornet. All rights reserved. You can distribute and use this program under the same terms as Perl itself. # REVISION HISTORY - V1.20 August 2, 1999. Finally implemented the long-asked-for lookupFromInAddr method. Other changes: - No longer imports ident\_lookup into package FileHandle by default, unless you explicitly ask for it (or unless you installed it that way during compile time for compatibility reasons). - Allow adding an ident\_lookup method to the Apache::Connection class, as a convenience for mod\_perl script writers. - Rewritten tests, included test for the Apache::Connection method by actually launching apache and performing ident lookups from within mod\_perl. - Moved selection of FileHandle/IO::Handle class out of the Makefile.PL. PAUSE/CPAN didn't really like modules that weren't present in the distribution, and it didn't allow you to upgrade your perl version underneath. - V1.11 Jan 15th, 1997. Several bugfixes, and some slight interface changes: - constructor now called `new` instead of `initconnect`, constructor now always succeeds, if something has gone wrong in the constructor, all methods return undef (like `getfh`), except for `geterror`, which returns the error message. - The recommended exported function is now `ident_lookup` instead of `lookup` - Fixed a bug: now chooses O\_NDELAY or O\_NONBLOCK from %Config, instead of hardcoding O\_NDELAY (argh) - Adding a method to FileHandle would break in perl5.004, it should get added in IO::Handle. Added intelligence in Makefile.PL to detect that and choose the appropriate package. - Miscellaneous pod fixes. - Test script now actually tests multiple different things. - V1.10 Jan 11th, 1997. Complete rewrite for perl5. Requires perl5.002 or up. - V1.02 Jan 20th, 1995. Quite a big bugfix: "connection refused" to the ident port would kill the perl process with a SIGPIPE if the connect didn't immediately signal it (ie. almost always on remote machines). Also recognises the perl5 package separator :: now on fully qualified descriptors. This is still perl4-compatible, a perl5- only version would require a rewrite to make it neater. Fixed the constants normally found in .ph files (but you shouldn't use those anyway). \[this release wasn't called **Net::Ident**, of course, it was called **rfc931.pl**\] - V1.01 Around November 1994. Removed a spurious **perl5 -w** complaint. First public release. Has been tested against **perl 5.000** and **perl 4.036**. - V1.00 Dunno, somewhere 1994. First neat collection of dusty routines put in a package. # SEE ALSO [Socket](https://metacpan.org/pod/Socket) RFC1413, RFC931 Net-Ident-1.25/MANIFEST0000644000000000000000000000224113610770611013060 0ustar rootrootChanges revision history INSTALL installation instructions Ident.pm the module itself, contains pod MANIFEST this file Makefile.PL feed to perl to get a makefile README.md extract of the manpage, gives a brief overview t/0use.t script to test "use Net::Ident" t/Ident.t test script that actually makes ident lookups t/apache.t script to test Net::Ident within apache and mod_perl t/compat.t script to test compatibility-mode FH->ident_lookup t/hosts Hosts to use for testing purposes t/apache/conf/httpd.conf.in prototype httpd.conf for test apache t/apache/conf/access.conf.in prototype access.conf t/apache/conf/apache_config.pl.in prototype for apache settings t/apache/conf/srm.conf.in prototype srm.conf t/apache/conf/mime.types bare-bones mime.types t/apache/html/testapache.txt simple .txt file to test basic apache ops t/apache/perl/testmodperl script to test mod_perl operates OK t/apache/perl/testident script to actually test ident within mod_perl t/apache/logs/.exists Directory for the logfiles META.yml Module YAML meta-data (added by MakeMaker) META.json Module JSON meta-data (added by MakeMaker) Net-Ident-1.25/Ident.pm0000644000000000000000000010444313610770371013342 0ustar rootrootpackage Net::Ident; use strict; use warnings; use Socket; use Fcntl; use FileHandle; use Carp; use Config; use Errno; require Exporter; our @ISA = qw(Exporter); our @EXPORT_OK = qw(ident_lookup lookup lookupFromInAddr); our @EXPORT_FAIL; our %EXPORT_TAGS; # EXPORT_HOOKS is a sortof Exporter extension. Whenever one of the keys # of this hash is imported as a "tag", the corresponding function is called our %EXPORT_HOOKS = ( 'fh' => \&_add_fh_method, 'apache' => \&_add_apache_method, 'debug' => \&_set_debug, ); # provide import magic sub _export_hooks () { my ( $tag, $hook ); while ( ( $tag, $hook ) = each %EXPORT_HOOKS ) { my $hookname = "_export_hook_$tag"; # pseudo-function name $EXPORT_TAGS{$tag} = [$hookname]; push @EXPORT_OK, $hookname; push @EXPORT_FAIL, $hookname; } } # put the export hooks in the standard Exporter structures _export_hooks(); # for compatibility mode, uncomment the next line @@ s/^#\s*// @@ # @EXPORT = qw(_export_hook_fh); our $VERSION = "1.25"; our $DEBUG = 0; *STDDBG = *STDERR; sub _set_debug { $DEBUG++; print STDDBG "Debugging turned to level $DEBUG\n"; } # protocol number for tcp. my $tcpproto = ( getprotobyname('tcp') )[2] || 6; # get identd port (default to 113). my $identport = ( getservbyname( 'ident', 'tcp' ) )[2] || 113; # what to use to make nonblocking sockets my $NONBLOCK = eval "&$Config{o_nonblock}"; # turn a filehandle passed as a string, or glob, into a ref # private subroutine sub _passfh ($) { my ($fh) = @_; # test if $fh is a reference. if it's not, we need to process... if ( !ref $fh ) { print STDDBG "passed fh: $fh is not a reference\n" if $DEBUG; # check for fully qualified name if ( $fh !~ /'|::/ ) { print STDDBG "$fh is not fully qualified\n" if $DEBUG; # get our current package my $mypkg = (caller)[0]; print STDDBG "We are package $mypkg\n" if $DEBUG; # search for calling package my $depth = 1; my $otherpkg; $depth++ while ( ( $otherpkg = caller($depth) ) eq $mypkg ); print STDDBG "We are called from package $otherpkg\n" if $DEBUG; $fh = "${otherpkg}::$fh"; print STDDBG "passed fh now fully qualified: $fh\n" if $DEBUG; } # turn $fh into a reference to a $fh. we need to disable strict refs no strict 'refs'; $fh = \*{$fh}; } $fh; } # create a Net::Ident object, and perform a non-blocking connect() # to the remote identd port. # class method, constructor sub new { my ( $class, $fh, $timeout ) = @_; my ( $localaddr, $remoteaddr ); print STDDBG "Net::Ident::new fh=$fh, timeout=" . ( defined $timeout ? $timeout : "" ) . "\n" if $DEBUG > 1; # "try" eval { defined $fh or die "= fh undef\n"; $fh = _passfh($fh); # get information about this (the local) end of the connection. We # assume that $fh is a connected socket of type SOCK_STREAM. If # it isn't, you'll find out soon enough because one of these functions # will return undef real fast. $localaddr = getsockname($fh) or die "= getsockname failed: $!\n"; # get information about remote end of connection $remoteaddr = getpeername($fh) or die "= getpeername failed: $!\n"; }; if ( $@ =~ /^= (.*)/ ) { # here's the catch of the throw # return false, try to preserve errno local ($!); # we make a "fake" $self my $self = { 'state' => 'error', 'error' => "Net::Ident::new: $1\n", }; print STDDBG $self->{error} if $DEBUG; # return our blessed $self return bless $self, $class; } elsif ($@) { # something else went wrong. barf up completely. confess($@); } # continue with the NewFromInAddr constructor $class->newFromInAddr( $localaddr, $remoteaddr, $timeout ); } sub newFromInAddr { my ( $class, $localaddr, $remoteaddr, $timeout ) = @_; my $self = {}; print STDDBG "Net::Ident::newFromInAddr localaddr=", sub { inet_ntoa( $_[1] ) . ":$_[0]" } ->( sockaddr_in($localaddr) ), ", remoteaddr=", sub { inet_ntoa( $_[1] ) . ":$_[0]" } ->( sockaddr_in($remoteaddr) ), ", timeout=", defined $timeout ? $timeout : "", "\n" if $DEBUG > 1; eval { # unpack addresses and store in my ( $localip, $remoteip ); ( $self->{localport}, $localip ) = sockaddr_in($localaddr); ( $self->{remoteport}, $remoteip ) = sockaddr_in($remoteaddr); # create a local binding port. We cannot bind to INADDR_ANY, it has # to be bind (bound?) to the same IP address as the connection we're # interested in on machines with multiple IP addresses my $localbind = sockaddr_in( 0, $localip ); # store max time $self->{maxtime} = defined($timeout) ? time + $timeout : undef; # create a remote connect point my $identbind = sockaddr_in( $identport, $remoteip ); # create a new FileHandle $self->{fh} = new FileHandle; # create a stream socket. socket( $self->{fh}, PF_INET, SOCK_STREAM, $tcpproto ) or die "= socket failed: $!\n"; # bind it to the same IP number as the local end of THESOCK bind( $self->{fh}, $localbind ) or die "= bind failed: $!\n"; # make it a non-blocking socket if ( $^O ne 'MSWin32' ) { fcntl( $self->{fh}, F_SETFL, $NONBLOCK ) or die "= fcntl failed: $!\n"; } # connect it to the remote identd port, this can return EINPROGRESS. # for some reason, reading $! twice doesn't work as it should connect( $self->{fh}, $identbind ) or $!{EINPROGRESS} or die "= connect failed: $!\n"; $self->{fh}->blocking(0) if $^O eq 'MSWin32'; }; if ( $@ =~ /^= (.*)/ ) { # here's the catch of the throw # return false, try to preserve errno local ($!); $self->{error} = "Net::Ident::new: $1\n"; print STDDBG $self->{error} if $DEBUG; # this deletes the FileHandle, which gets closed, # so that might change errno delete $self->{fh}; # do NOT return, so the constructor always succeeds } elsif ($@) { # something else went wrong. barf up completely. confess($@); } # clear errno in case it contains EINPROGRESS $! = 0; # mark the state of the connection $self->{state} = 'connect'; # return a blessed reference bless $self, $class; } # send the query to the remote daemon. # object method sub query { my ($self) = @_; my ( $wmask, $timeout, $emask, $fileno, $err, $query ); print STDDBG "Net::Ident::query\n" if $DEBUG > 1; # bomb out if no fh return undef unless $self->{fh}; # "try" eval { $self->{state} eq 'connect' or die "= calling in the wrong order\n"; $fileno = fileno $self->{fh}; # calculate the time left, abort if necessary. Note that $timeout # is simply left undef if $self->{maxtime} is not defined if ( defined( $self->{maxtime} ) && ( $timeout = $self->{maxtime} - time ) < 0 ) { die "= Connection timed out\n"; } # wait until the socket becomes writable. $wmask = ''; vec( $wmask, $fileno, 1 ) = 1; scalar select( undef, $wmask, $emask = $wmask, $timeout ) or die "= Connection timed out\n"; # Check for errors via select (you never know) vec( $emask, $fileno, 1 ) and die "= connection error: $!\n"; # fh must be writable now vec( $wmask, $fileno, 1 ) or die "= connection timed out or error: $!\n"; # check for errors via getsockopt(SO_ERROR) $err = getsockopt( $self->{fh}, SOL_SOCKET, SO_ERROR ); if ( !defined($err) || ( $! = unpack( 'L', $err ) ) ) { die "= connect: $!\n"; } # create the query, based on the remote port and the local port $query = "$self->{remoteport},$self->{localport}\r\n"; # write the query. Ignore the chance that such a short # write will be fragmented. syswrite( $self->{fh}, $query, length $query ) == length $query or die "= fragmented write on socket: $!\n"; }; if ( $@ =~ /^= (.*)/ ) { # here's the catch of the throw # return false, try to preserve errno local ($!); $self->{error} = "Net::Ident::query: $1\n"; print STDDBG $self->{error} if $DEBUG; # this deletes the FileHandle, which gets closed, # so that might change errno delete $self->{fh}; return undef; } elsif ($@) { # something else went wrong. barf up completely. confess($@); } # initialise empty answer to prevent uninitialised value warning $self->{answer} = ''; # mark the state of the connection $self->{state} = 'query'; # return the same object on success $self; } # read data, if any, and check if it's enough. # object method sub ready { my ( $self, $blocking ) = @_; my ( $timeout, $rmask, $emask, $answer, $ret, $fileno ); print STDDBG "Net::Ident::ready blocking=" . ( $blocking ? "true\n" : "false\n" ) if $DEBUG > 1; # perform the query if not already done. if ( $self->{state} ne 'query' ) { $self->query or return undef; } # exit immediately if ready returned 1 before. elsif ( $self->{state} eq 'ready' ) { return 1; } # bomb out if no fh return undef unless $self->{fh}; # "try" $ret = eval { $fileno = fileno $self->{fh}; # while $blocking, but at least once... do { # calculate the time left, abort if necessary. if ( defined( $self->{maxtime} ) && ( $timeout = $self->{maxtime} - time ) < 0 ) { die "= Timeout\n"; } # zero timeout for non-blocking $timeout = 0 unless $blocking; # wait for something $rmask = ''; vec( $rmask, $fileno, 1 ) = 1; if ( select( $rmask, undef, $emask = $rmask, $timeout ) ) { # something came in vec( $emask, $fileno, 1 ) and die "= error while reading: $!\n"; # check for incoming data if ( vec( $rmask, $fileno, 1 ) ) { # try to read as much data as possible. $answer = ''; defined sysread( $self->{fh}, $answer, 1000 ) or die "= read returned error: $!\n"; # append incoming data to total received $self->{answer} .= $answer; # check for max length length( $self->{answer} ) <= 1000 or die "= remote daemon babbling too much\n"; # if data contains a CR or LF, we are ready receiving. # strip everything after and including the CR or LF and # return success if ( $self->{answer} =~ /[\n\r]/ ) { $self->{answer} =~ s/[\n\r].*//s; print STDDBG "Net::Ident::ready received: $self->{answer}\n" if $DEBUG; # close the socket to the remote identd close( $self->{fh} ); $self->{state} = 'ready'; return 1; } } } } while $blocking; # we don't block, but we didn't receive everything yet... return false. 0; }; if ( $@ =~ /^= (.*)/ ) { # here's the catch of the throw # return undef, try to preserve errno local ($!); $self->{error} = "Net::Ident::ready: $1\n"; print STDDBG $self->{error} if $DEBUG; # this deletes the FileHandle, which gets closed, # so that might change errno delete $self->{fh}; return undef; } elsif ($@) { # something else went wrong. barf up completely. confess($@); } # return the return value from the eval{} $ret; } # return the username from the rfc931 query return. # object method sub username { my ($self) = @_; my ( $remoteport, $localport, $port1, $port2, $replytype, $reply, $opsys, $userid, $error ); print STDDBG "Net::Ident::username\n" if $DEBUG > 1; # wait for data, if necessary. return wantarray ? ( undef, undef, $self->{error} ) : undef unless $self->ready(1); # parse the received string, split it into parts. ( $port1, $port2, $replytype, $reply ) = ( $self->{answer} =~ /^\s*(\d+)\s*,\s*(\d+)\s*:\s*(ERROR|USERID)\s*:\s*(.*)$/ ); # make sure the answer parsed properly, and that the ports are the same. if ( !defined($reply) || ( $self->{remoteport} != $port1 ) || ( $self->{localport} != $port2 ) ) { $self->{error} = "Net::Ident::username couldn't parse reply or port mismatch\n"; print STDDBG $self->{error} if $DEBUG; return wantarray ? ( undef, undef, $self->{error} ) : undef; } # check for error return type if ( $replytype eq "ERROR" ) { print STDDBG "Net::Ident::username: lookup returned ERROR\n" if $DEBUG; $userid = undef; $opsys = "ERROR"; ( $error = $reply ) =~ s/\s+$//; } else { # a normal reply, parse the opsys and userid. Note that the opsys may # contain \ escaped colons, which is why the hairy regexp is necessary. unless ( ( $opsys, $userid ) = ( $reply =~ /\s*((?:[^\\:]+|\\.)*):(.*)$/ ) ) { # didn't parse properly, abort. $self->{error} = "Net::Ident::username: couldn't parse userid\n"; print STDDBG $self->{error} if $DEBUG; return wantarray ? ( undef, undef, $self->{error} ) : undef; } # remove trailing whitespace, except backwhacked whitespaces from opsys $opsys =~ s/([^\\])\s+$/$1/; # un-backwhack opsys. $opsys =~ s/\\(.)/$1/g; # in all cases is leading whitespace removed from the username, even # though rfc1413 mentions that it shouldn't be done, current # implementation practice dictates otherwise. What insane OS would # use leading whitespace in usernames anyway... $userid =~ s/^\s+//; # Test if opsys is "special": if it contains a charset definition, # or if it is "OTHER". This means that it is rfc1413-like, instead # of rfc931-like. (Why can't they make these RFCs non-conflicting??? ;) # Note that while rfc1413 (the one that superseded rfc931) indicates # that _any_ characters following the final colon are part of the # username, current implementation practice inserts a space there, # even "modern" identd daemons. # Also, rfc931 specifically mentions escaping characters, while # rfc1413 does not mention it (it isn't really necessary). Anyway, # I'm going to remove trailing whitespace from userids, and I'm # going to un-backwhack them, unless the opsys is "special". unless ( $opsys =~ /,/ || $opsys eq 'OTHER' ) { # remove trailing whitespace, except backwhacked whitespaces. $userid =~ s/([^\\])\s+$/$1/; # un-backwhack $userid =~ s/\\(.)/$1/g; } $error = undef; } # return the requested information, depending on whether in array context. if ( $DEBUG > 1 ) { print STDDBG "Net::Ident::username returns:\n"; print STDDBG "userid = ", defined $userid ? $userid : "", "\n"; print STDDBG "opsys = ", defined $opsys ? $opsys : "", "\n"; print STDDBG "error = ", defined $error ? $error : "", "\n"; } wantarray ? ( $userid, $opsys, $error ) : $userid; } # do the entire rfc931 lookup in one blow. # exportable subroutine, not a method sub lookup ($;$) { my ( $fh, $timeout ) = @_; print STDDBG "Net::Ident::lookup fh=$fh, timeout=", defined $timeout ? $timeout : "", "\n" if $DEBUG > 1; Net::Ident->new( $fh, $timeout )->username; } # do the entire rfc931 lookup from two in_addr structs sub lookupFromInAddr ($$;$) { my ( $localaddr, $remoteaddr, $timeout ) = @_; print STDDBG "Net::Ident::lookupFromInAddr localaddr=", sub { inet_ntoa( $_[1] ) . ":$_[0]" } ->( sockaddr_in($localaddr) ), ", remoteaddr=", sub { inet_ntoa( $_[1] ) . ":$_[0]" } ->( sockaddr_in($remoteaddr) ), ", timeout=", defined $timeout ? $timeout : "", "\n" if $DEBUG > 1; Net::Ident->newFromInAddr( $localaddr, $remoteaddr, $timeout )->username; } # alias Net::Ident::ident_lookup to Net::Ident::lookup sub ident_lookup ($;$); *ident_lookup = \&lookup; # prevent "used only once" warning ident_lookup(0) if 0; # get the FileHandle ref from the object, to be used in an external select(). # object method sub getfh ($) { my ($self) = @_; $self->{fh}; } # get the last error message. # object method sub geterror ($) { my ($self) = @_; $self->{error}; } # this is called whenever a function in @EXPORT_FAIL is imported. # simply calls the installed export hooks from %EXPORT_HOOKS, or # passes along the export_fail up the inheritance chain sub export_fail { my $pkg = shift; my $fail; my @other; foreach $fail (@_) { if ( $fail =~ /^_export_hook_(.*)$/ && $EXPORT_HOOKS{$1} ) { &{ $EXPORT_HOOKS{$1} }; } else { push @other, $fail; } } if (@other) { @other = SUPER::export_fail(@other); } @other; } # add lookup method for FileHandle objects. Note that this relies on the # use FileHandle; sub _add_fh_method { # determine package to add method to my $pkg = grep( /^IO::/, @FileHandle::ISA ) ? "IO::Handle" : "FileHandle"; # insert method in package. Arguments are already OK for std lookup # turn off strict refs for this glob-mangling trick no strict 'refs'; *{"${pkg}::ident_lookup"} = \&lookup; print STDDBG "Added ${pkg}::ident_lookup method\n" if $DEBUG; } sub _add_apache_method { # add method to Apache::Connection class no strict 'refs'; *{"Apache::Connection::ident_lookup"} = sub { my ( $self, $timeout ) = @_; print STDDBG "Apache::Connection::ident_lookup self=$self, ", "timeout=", defined $timeout ? $timeout : "", "\n" if $DEBUG > 1; lookupFromInAddr( $self->local_addr, $self->remote_addr, $timeout ); }; print STDDBG "Added Apache::Connection::ident_lookup method\n" if $DEBUG; } 1; __END__ =head1 NAME Net::Ident - lookup the username on the remote end of a TCP/IP connection =head1 SYNOPSIS use Net::Ident; $username = Net::Ident::lookup(SOCKET, $timeout); $username = Net::Ident::lookupFromInAddr($localsockaddr, $remotesockaddr, $timeout); $obj = Net::Ident->new(SOCKET, $timeout); $obj = Net::Ident->newFromInAddr($localsockaddr, $remotesockaddr, $timeout); $status = $obj->query; $status = $obj->ready; $username = $obj->username; ($username, $opsys, $error) = $obj->username; $fh = $obj->getfh; $txt = $obj->geterror; use Net::Ident 'ident_lookup'; $username = ident_lookup(SOCKET, $timeout); use Net::Ident 'lookupFromInAddr'; $username = lookupFromInAddr($localsockaddr, $remotesockaddr, $timeout); use Net::Ident ':fh'; $username = SOCKET->ident_lookup($timeout); use Net::Ident ':apache'; # my Apache $r; $c = $r->connection; $username = $c->ident_lookup($timeout); =head1 OVERVIEW B is a module that looks up the username on the remote side of a TCP/IP connection through the ident (auth/tap) protocol described in RFC1413 (which supersedes RFC931). Note that this requires the remote site to run a daemon (often called B) to provide the requested information, so it is not always available for all TCP/IP connections. =head1 DESCRIPTION You can either use the simple interface, which does one ident lookup at a time, or use the asynchronous interface to perform (possibly) many simultaneous lookups, or simply continue serving other things while the lookup is proceeding. =head2 Simple Interface The simple interface comes in four varieties. An object oriented method call of a FileHandle object, an object oriented method of an Apache::Connection object, and as one of two different simple subroutine calls. Other than the calling method, these routines behave exactly the same. =over 4 =item C [C<, $timeout>]C<)> B is an exportable function. However, due to the generic name of the B function, it is recommended that you instead import the alias function B. Both functions are exported through C<@EXPORT_OK>, so you'll have to explicitly ask for it if you want the function B to be callable from your program. You can pass the socket using either a string, which doesn't have to be qualified with a package name, or using the more modern FileHandle calling styles: as a glob or as a reference to a glob. The Socket has to be a connected TCP/IP socket, ie. something which is either Bed or Bed. The optional timeout parameter specifies a timeout in seconds. If you do not specify a timeout, or use a value of undef, there will be no timeout (apart from any default system timeouts like TCP connection timeouts). =item C [C<, $timeout>]C<)> B is an exportable function (via C<@EXPORT_OK>). The arguments are the local and remote address of a connection, in packed ``sockaddr'' format (the kind of thing that C returns). The optional timeout value specifies a timeout in seconds, see also the description of the timeout value in the C section above. The given localaddr B have the IP address of a local interface of the machine you're calling this on, otherwise an error will occur. You can use this function whenever you have a local and remote socket address, but no direct access to the socket itself. For example, because you are parsing the output of "netstat" and extracting socket address, or because you are writing a mod_perl script under apache (in that case, also see the Apache::Connection method below). =item C [C<$timeout>] When you import the ``magic'' tag ':fh' using C, the B module extends the B class with one extra method call, B. It assumes that the object (a FileHandle) it is operating on, is a connected TCP/IP socket, ie. something which is either Bed or Bed. The optional parameter specifies the timeout in seconds, just like the timeout parameter of the function calls above. =cut # add a paragraph about compatibility mode if appropriate. The non-breaking # spaces are to force a new paragraph. # @@12 s/^#// @@ # #=pod # #S< > # #Adding the B method to the B class used to be #automatic in previous version of B. During the installation #of this B package, the system administrator choose to install #it in a compatible way, meaning that on this machine, the B #method is automatically added if you use just C # #=cut # end of extra paragraph =pod S< > Some people do not like the way that ``proper'' object design is broken by letting one module add methods to another class. This is why, starting from version 1.20, you have to explicitly ask for this behaviour to occur. Personally, I this it's a compromise: if you want an object-oriented interface, then either you make a derived class, like a FileHandleThatCanPerformIdentLookups, and make sure all appropriate internal functions get wrappers that do the necessary re-blessing. Or, you simply extend the FileHandle class. And since Perl doesn't object to this (pun intended :), I find this an acceptable solution. But you might think otherwise. =item C [C<$timeout>] When you import the ``magic'' tag ':apache' using C, the B module extends the B class with one extra method call, B. This method takes one optional parameter: a timeout value in seconds. This is a similar convenience function as the FileHandle::ident_lookup method, to be used with mod_perl scripts under Apache. =back What these functions return depends on the context: =over 4 =item scalar context In scalar context, these functions return the remote username on success, or undef on error. "Error" is rather broad, it might mean: some network error occurred, function arguments are invalid, the remote site is not responding (in time) or is not running an ident daemon, or the remote site ident daemon says there's no user connected with that particular connection. More precisely, the functions return whatever the remote daemon specified as the ID that belongs to that particular connection. This is often the username, but it doesn't necessarily have to be. Some sites, out of privacy and/or security measures, return an opaque ID that is unique for each user, but is not identical to the username. See I for more information. =item array context In array context, these functions return: C<($username, $opsys, $error)>. The I<$username> is the remote username or ID, as returned in the scalar context, or undef on error. The I<$opsys> is the remote operating system as reported by the remote ident daemon, or undef on a network error, or B<"ERROR"> when the remote ident daemon reported an error. This could also contain the character set of the returned username. See RFC1413. The I<$error> is the error message, either the error reported by the remote ident daemon (in which case I<$opsys> is B<"ERROR">), or the internal message from the B module, which includes the system errno C<$!> whenever possible. A likely candidate is B<"Connection refused"> when the remote site isn't running an ident daemon, or B<"Connection timed out"> when the remote site isn't answering our connection request. When I<$username> has a value, I<$error> is always undef, and vice versa. =back =head2 EXAMPLE The following code is a complete example, implementing a server that waits for a connection on a port, tells you who you are and what time it is, and closes the connection again. The majority of the code will look very familiar if you just read L. Excersize this server by telnetting to it, preferably from a machine that has a suitable ident daemon installed. #!/usr/bin/perl -w use Net::Ident; # uncomment the below line if you want lots of debugging info # $Net::Ident::DEBUG = 2; use Socket; use strict; sub logmsg { print "$0 $$: @_ at ", scalar localtime, "\n" } my $port = shift || 2345; my $proto = getprotobyname('tcp'); socket(Server, PF_INET, SOCK_STREAM, $proto) or die "socket: $!"; setsockopt(Server, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) or die "setsockopt: $!"; bind(Server, sockaddr_in($port, INADDR_ANY)) or die "bind: $!"; listen(Server,SOMAXCONN) or die "listen: $!"; logmsg "server started on port $port"; my $paddr; for ( ; $paddr = accept(Client,Server); close Client) { my($port,$iaddr) = sockaddr_in($paddr); my $name = gethostbyaddr($iaddr,AF_INET) || inet_ntoa($iaddr); logmsg "connection from $name [" . inet_ntoa($iaddr) . "] at port $port"; my $username = Client->ident_lookup(30) || "~unknown"; logmsg "User at $name:$port is $username"; print Client "Hello there, $username\@$name, it's now ", scalar localtime, "\n"; } =head2 Asynchronous Interface The asynchronous interface is meant for those who know the ins and outs of the C call (the 4-argument version of C, but I didn't need saying that, did I?). This interface is completely object oriented. The following methods are available: =over 4 =item C This constructs a new Net::Ident object, and initiates the connection to the remote ident daemon. The parameters are the same as described above for the B subroutine. This method returns immediately, the supplied I<$timeout> is only stored in the object and used in future methods. If you want to implement your own timeout, that's fine. Simply throw away the object when you don't want it anymore. The constructor will always succeed. When it detects an error, however, it returns an object that "has already failed" internally. In this case, all methods will return C except for the C method, wich will return the error message. The timeout is I implemented using C. In fact you can use C completely independent of this library, they do not interfere. =item C Alternative constructor, that takes two packed sockaddr structures. Otherwise behaves identical to the C constructor above. =item C This object method queries the remote rfc931 daemon, and blocks until the connection to the ident daemon is writable, if necessary (but you are supposed to make sure it is, of course). Returns true on success (or rather it returns the I<$obj> itself), or undef on error. =item C [C<$blocking>] This object method returns whether the data received from the remote daemon is complete (true or false). Returns undef on error. Reads any data from the connection. If I<$blocking> is true, it blocks and waits until all data is received (it never returns false when blocking is true, only true or undef). If I<$blocking> is not true, it doesn't block at all (unless... see below). If you didn't call C yet, this method calls it for you, which means it I block, regardless of the value of I<$blocking>, depending on whether the connection to the ident is writable. Obviously, you are supposed to call this routine whenever you see that the connection to the ident daemon is readable, and act appropriately when this returns true. Note that once B returns true, there are no longer checks on timeout (because the networking part of the lookup is over anyway). This means that even C can return true way after the timeout has expired, provided it returned true at least once before the timeout expired. This is to be construed as a feature. =item C This object method parses the return from the remote ident daemon, and blocks until the query is complete, if necessary (it effectively calls C for you if you didn't do it yourself). Returns the parsed username on success, or undef on error. In an array context, the return values are the same as described for the B subroutine. =item C This object method returns the internal FileHandle used for the connection to the remote ident daemon. Invaluable if you want it to dance in your select() ring. Returns undef when an error has occurred. =item C This object method returns the error message in case there was an error. undef when there was no error. =back An asynchronous example implementing the above server in a multi-threaded way via select, is left as an excersize for the interested reader. =head1 DISCLAIMER I make NO WARRANTY or representation, either express or implied, with respect to this software, its quality, accuracy, merchantability, or fitness for a particular purpose. This software is provided "AS IS", and you, its user, assume the entire risk as to its quality and accuracy. =head1 AUTHOR Jan-Pieter Cornet, =head1 COPYRIGHT Copyright (c) 1995, 1997, 1999 Jan-Pieter Cornet. All rights reserved. You can distribute and use this program under the same terms as Perl itself. =head1 REVISION HISTORY =over 4 =item V1.20 August 2, 1999. Finally implemented the long-asked-for lookupFromInAddr method. Other changes: =over 1 =item * No longer imports ident_lookup into package FileHandle by default, unless you explicitly ask for it (or unless you installed it that way during compile time for compatibility reasons). =item * Allow adding an ident_lookup method to the Apache::Connection class, as a convenience for mod_perl script writers. =item * Rewritten tests, included test for the Apache::Connection method by actually launching apache and performing ident lookups from within mod_perl. =item * Moved selection of FileHandle/IO::Handle class out of the Makefile.PL. PAUSE/CPAN didn't really like modules that weren't present in the distribution, and it didn't allow you to upgrade your perl version underneath. =back =item V1.11 Jan 15th, 1997. Several bugfixes, and some slight interface changes: =over 1 =item * constructor now called C instead of C, constructor now always succeeds, if something has gone wrong in the constructor, all methods return undef (like C), except for C, which returns the error message. =item * The recommended exported function is now C instead of C =item * Fixed a bug: now chooses O_NDELAY or O_NONBLOCK from %Config, instead of hardcoding O_NDELAY (argh) =item * Adding a method to FileHandle would break in perl5.004, it should get added in IO::Handle. Added intelligence in Makefile.PL to detect that and choose the appropriate package. =item * Miscellaneous pod fixes. =item * Test script now actually tests multiple different things. =back =item V1.10 Jan 11th, 1997. Complete rewrite for perl5. Requires perl5.002 or up. =item V1.02 Jan 20th, 1995. Quite a big bugfix: "connection refused" to the ident port would kill the perl process with a SIGPIPE if the connect didn't immediately signal it (ie. almost always on remote machines). Also recognises the perl5 package separator :: now on fully qualified descriptors. This is still perl4-compatible, a perl5- only version would require a rewrite to make it neater. Fixed the constants normally found in .ph files (but you shouldn't use those anyway). [this release wasn't called B, of course, it was called B] =item V1.01 Around November 1994. Removed a spurious B complaint. First public release. Has been tested against B and B. =item V1.00 Dunno, somewhere 1994. First neat collection of dusty routines put in a package. =back =head1 SEE ALSO L RFC1413, RFC931 =cut Net-Ident-1.25/META.yml0000644000000000000000000000154013610770611013201 0ustar rootroot--- abstract: 'Lookup the username on the remote end of a TCP/IP connection' author: - 'Jan-Pieter Cornet ' build_requires: ExtUtils::MakeMaker: '0' IO::Socket: '0' Test::More: '0' configure_requires: ExtUtils::MakeMaker: '0' dynamic_config: 1 generated_by: 'ExtUtils::MakeMaker version 7.34, CPAN::Meta::Converter version 2.150010' license: unknown meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: '1.4' name: Net-Ident no_index: directory: - t - inc requires: Carp: '0' Config: '0' Exporter: '0' Fcntl: '0' FileHandle: '0' Socket: '0' vars: '0' resources: bugtracker: http://github.com/toddr/Net-Ident/issues license: http://dev.perl.org/licenses/ repository: http://github.com/toddr/Net-Ident version: '1.25' x_serialization_backend: 'CPAN::Meta::YAML version 0.018' Net-Ident-1.25/META.json0000644000000000000000000000267013610770611013356 0ustar rootroot{ "abstract" : "Lookup the username on the remote end of a TCP/IP connection", "author" : [ "Jan-Pieter Cornet " ], "dynamic_config" : 1, "generated_by" : "ExtUtils::MakeMaker version 7.34, CPAN::Meta::Converter version 2.150010", "license" : [ "unknown" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec", "version" : 2 }, "name" : "Net-Ident", "no_index" : { "directory" : [ "t", "inc" ] }, "prereqs" : { "build" : { "requires" : { "ExtUtils::MakeMaker" : "0", "IO::Socket" : "0", "Test::More" : "0" } }, "configure" : { "requires" : { "ExtUtils::MakeMaker" : "0" } }, "runtime" : { "requires" : { "Carp" : "0", "Config" : "0", "Exporter" : "0", "Fcntl" : "0", "FileHandle" : "0", "Socket" : "0", "vars" : "0" } } }, "release_status" : "stable", "resources" : { "bugtracker" : { "web" : "http://github.com/toddr/Net-Ident/issues" }, "license" : [ "http://dev.perl.org/licenses/" ], "repository" : { "url" : "http://github.com/toddr/Net-Ident" } }, "version" : "1.25", "x_serialization_backend" : "JSON::PP version 4.02" }