Page MenuHomePhabricator
Create Task
Maniphest T8850

Add a setup warning to make sure users haven't wiped out $_SERVER['REMOTE_ADDR']
Closed, ResolvedPublic
Actions

Description

Installs which use custom code to destroy or overwrite $_SERVER['REMOTE_ADDR'] prior to execution can fail later on in an unintuitive way.

Original Description

I'm at 184623a7c. Creating a standard user account raises an AphrontQueryException with #1048: Column 'remoteAddr' cannot be null.

Screen Shot 2015-07-15 at 12.41.52 PM.png (584×1 px, 74 KB)

Revisions and Commits

rP Phabricator
D16450rPa88dc2afc2a9 Added a setup check for empty REMOTE_ADDR

Related Objects

Event Timeline

maligree created this task.Jul 15 2015, 10:45 AM
maligree raised the priority of this task from to Needs Triage.
maligree updated the task description. (Show Details)
maligree added a subscriber: maligree.
chad updated the task description. (Show Details)Jul 15 2015, 2:25 PM
chad added a subscriber: chad.

I'm not immediately able to reproduce this, and see no other reports. Can you give more details on how we can reproduce this issue?

chad added a project: People.Jul 15 2015, 2:27 PM
maligree added a comment.Jul 15 2015, 2:47 PM

Turns out I had a broken support/preamble.php script (or misconfigured nginx, depending how you look at it), which set $_SERVER['REMOTE_ADDR'] to an empty string.

I'm pretty sure I've had that setup for a while, so it seems some recent-ish changes changed the handling of this.

It's solved for me, but perhaps crashing when writing to user logs without remoteAddr is a bit harsh?

epriestley renamed this task from Creating new user raises: #1048: Column 'remoteAddr' cannot be null to Add a setup warning to make sure users haven't wiped out $_SERVER['REMOTE_ADDR'].Jul 16 2015, 3:17 PM
epriestley triaged this task as Wishlist priority.
epriestley updated the task description. (Show Details)
epriestley edited projects, added Setup; removed People.
joshuaspence added a subscriber: joshuaspence.Aug 29 2015, 9:56 AM
sgielen added a subscriber: sgielen.EditedJul 7 2016, 12:30 PM

I just had this problem as well. Turns out I had a typo in preamble.php. A more descriptive error would be nice, but with this task open at least the cause is easy to find :)

epriestley mentioned this in T11487: Update preamble documentation to consider cluster mode and loadbalancers in series.Aug 16 2016, 8:43 PM
epriestley added a project: Contributor Onboarding.Aug 22 2016, 6:42 PM
epriestley assigned this task to jcox.Aug 22 2016, 8:11 PM
epriestley added a subscriber: epriestley.

Phabricator can be configured with a "preamble" script, for making certain environmental adjustments to deal with loadbalancers. This is described in Configuring a Preamble Script.

This task was reported a while ago and we've changed some of the behavior here, so it may be obsolete or different than described above. Start by figuring out what the current behavior is:

  • Create a preamble script, following the documentation above.
  • Put this in it:
<?php

unset($_SERVER['REMOTE_ADDR']);
  • Load Phabricator, see what happens.

If it fatals with a reasonable error (like "REMOTE_ADDR not defined"), I think that's good enough and we can just close this as resolved. This may be the modern behavior (see recent, vaguely related T11487).

If it sort of works but creating a new user account fails (as in the original report) I can walk you through adding a setup issue to detect this.

epriestley moved this task from Backlog to Basic on the Contributor Onboarding board.Aug 22 2016, 8:12 PM
sgielen added a comment.Aug 22 2016, 8:47 PM

FWIW, in our case the bug was also triggered by logging in for the first time (for this account) using LDAP.

jcox added a comment.Aug 25 2016, 1:47 PM

Alright I was finally able to reproduce it. Calling unset($_SERVER['REMOTE_ADDR']); in the preamble didn't actually end up causing it, which is a bit strange. The only way I could get this to occur was to explicitly set $_SERVER['REMOTE_ADDR'] = null; in the preamble.

pasted_file (162×647 px, 13 KB)

A bit more info: I'm pretty sure the column it's referring to is in the user_log table, which doesn't allow nulls. When I had unset... in the preamble, it would just populate that column with empty strings (not null). The fdasfdafdsf values are when I set REMOTE_ADDR to that string:

mysql> select action,remoteAddr from user_log;
+-----------------+---------------+
| action          | remoteAddr    |
+-----------------+---------------+
| create          | 172.30.60.196 |
| change-password | 172.30.60.196 |
| admin           | 172.30.60.196 |
| login-partial   | 172.30.60.196 |
| login-full      | 172.30.60.196 |
| create          | 172.30.60.127 |
| system-agent    | 172.30.60.127 |
| email-add       | 172.30.60.127 |
| multi-add       | 172.30.60.127 |
| hisec-enter     | 172.30.60.127 |
| email-add       | 172.30.60.127 |
| hisec-exit      | 172.30.60.127 |
| hisec-enter     | 172.30.60.127 |
| email-remove    | 172.30.60.127 |
| hisec-exit      | 172.30.60.127 |
| logout          |               |
| login-fail      |               |
| login-partial   |               |
| hisec-fail      |               |
| hisec-fail      |               |
| hisec-fail      |               |
| login-full      |               |
| hisec-enter     |               |
| create          |               |
| logout          |               |
| login-partial   |               |
| login-full      |               |
| logout          |               |
| login-partial   |               |
| login-full      |               |
| hisec-enter     |               |
| create          |               |
| multi-remove    | fdasfdafdsf   |
| hisec-exit      | fdasfdafdsf   |
+-----------------+---------------+
epriestley added a comment.Aug 25 2016, 2:22 PM

Ah, nice! I'll write up some guidance on adding a setup check for this shortly.

epriestley added a comment.Aug 25 2016, 2:43 PM

First, let's sort of limit the direct damage this misconfiguration causes by changing this line in PhabricatorUserLog->initializeNewLog():

$log->remoteAddr = idx($_SERVER, 'REMOTE_ADDR', '');

I think if you replace that with:

$log->remoteAddr = (string)idx($_SERVER, 'REMOTE_ADDR', '');

...the code should survive your rest case where $_SERVER['REMOTE_ADDR'] being set to null.

Then, let's add a setup check to detect this, since we've seen a few cases of misconfigured preambles. None of the existing setup check groups are perfect, but I think you can add this to PhabricatorPHPConfigSetupCheck.

You should be able to follow the existing checks there. The test if (empty($_SERVER['REMOTE_ADDR'])) { ... } should be sufficient to detect that configuration is bad. We can raise a message in this vein -- I'm focusing on configuration/preamble since I think that's where most of the issues we've seen come from:

No REMOTE_ADDR is available, so Phabricator can not determine the origin address for requests. This will prevent Phabricator from performing important security checks. This most often means you have a mistake in your preamble script. Consult the documentation and double-check that the script is written correctly.

Once written, visiting ConfigSetup Issues with a bad preamble should raise this issue, and fixing the preamble should clear it.

jcox added a revision: D16450: Added a setup check for empty REMOTE_ADDR.Aug 25 2016, 4:32 PM
jcox closed this task as Resolved by committing rPa88dc2afc2a9: Added a setup check for empty REMOTE_ADDR.Aug 25 2016, 5:06 PM
jcox added a commit: rPa88dc2afc2a9: Added a setup check for empty REMOTE_ADDR.
Phabricator · Built by Phacility