I am writing a C++ application that accepts HTTP request from browser and sending back the response.
int port = 2127; //80;
int bind_res = ::bind(port, p_ref->ai_addr, p_ref->ai_addrlen);
The application works as expected on OSX when I set it to listen at port 2127. But when I set it to listen on port 80, the application stopped working with exception:
server: bind: Permission denied
My application is a command line application, and it opened by other GUI application, also written in C++ but with Qt.
How can I gain enough privilege to bind to port 80? Is there any API to show user and password prompt - like in XAMPP Control Panel, for example - to get those privilege?
EDIT:
I write the app for running on OSX 10.8 Mountain Lion.
Usually you cannot bind because of two issues:
something (Apache server, Skype) is already bound to that port.
you run as user and try to bind to a port below 1024.
It feels you have problem with that second case. For running with super user privileges there is sudo command on all Unixes (OSX is Unix).
If you do not like sudo then you can permanently redirect the port to other port that can be bound by user.
Related
I just developed an Application in Qt that uses a WebSocket Server (QWebSocketServer). I did this under Linux and everything worked great, but when I ran the code on Mac OS I was unable to connect to the server from a webpage on Chrome.
The connection took ages, and I got WebSocket opening handshake timed out from Chrome after a few minutes.
In the end I went back to basics and tried Qt's example:
http://doc.qt.io/qt-5/qtwebsockets-sslechoserver-example.html
Exactly the same.
edit:
After removing SSL and using non-secure websockets it works, even on the same port.
Chrome on the Mac can access a secure Qt WebSocket server on a remote (non-Mac) computer, but Chrome on a remote computer times out while connecting to the Mac (securely) - so it would appear to be something wrong with the Qt QWebSocketServer example. It works fine on both Linux and Windows.
There is a connection being made (because the web browser fails instantly if the application isn't running or is closed), but for whatever reason it isn't completing.
Any idea what this might be, or how I can go about trying to track it down?
thanks!
As qt document(http://doc.qt.io/qt-5/qsslsocket.html) says:
Note: Secure Transport SSL backend on macOS may update the default keychain (the default is probably your login keychain) by importing your local certificates and keys. This can also result in system dialogs showing up and asking for permission when your application is using these private keys. If such behavior is undesired, set the QT_SSL_USE_TEMPORARY_KEYCHAIN environment variable to a non-zero value; this will prompt QSslSocket to use its own temporary keychain.
The issue here seems to be some interaction with MacOS's permissions system.
The first time you run the application and connect, the app will pop up a window asking for permissions to access your keychain (I guess to install the certificate).
If you close the dialog at that point, it won't come back, and it seems no QtWebSocketServer based programs will function from then on, until your reboot!
I am using Macbook air and its OS is OS X 10.8.5, installed win7 with virtual box.
And developing web application at win7 virtual box, I want to port forward virtualbox
port to host port. So that I could test app on the host and also to the mobile phone
using same wifi.
First I didn't type host and guest ip and put the port value 8000.
I figured out guest ip and host ip by writing "ipconfig" and "ifconfig".
After running server of guest, I wrote the web address on host browser like below,
http://[guest ip]:8000/
But cannot load the web page of guest.
What is the problem?
And also if I want to load the web application of virtualbox to mobile phone
How could I do it?
Though it looks a bit silly, It would be glad to have an advice.
Thanks in advance :)
I would not recommend you to work that way, you can develop your web application right in your OSX, it would be much easier.
But if you have to do that way. Then first, because your network configuration is NAT, your VM will has an private IP like: 10.0.2.15, you need to forward to port to access, it likes:
From the above image, I forward port 2022 to 22, 2080 to 80 (web server)
So let's say your web is running at the same port 80, here is the URL for you to access to your web: 127.0.0.1:2080
BTW for me i don't like to work through the port forwarding, I prefer to configure my VM using "host only". By that way you can have an ip like 192.168.x.x and you can forget the port forwarding. You can read it more from here:
https://www.virtualbox.org/manual/ch06.html#network_hostonly
Hope it helps you.
I would like if it's possible to communicate with a port and send to it some information.
But , when trying to open:
http://localhost:8080
even with a browser : it gives me :
Oops! Google Chrome could not connect to localhost:8080
Can you help me with this?
The browser is attempting to read from port 8080 but there is no process listening to that port. You need to understand how to activate a process on that port so the browser has something to talk to. If you are using Visual Studio, try using their example of a simple console app to listen on that port. Take a look at: http://msdn.microsoft.com/en-us/library/system.net.httplistener.aspx Have fun...
According to the answer of Bitfiddler:
The browser is attempting to read from port 8080 but there is no process listening to that port. You need to understand how to activate a process on that port so the browser has something to talk to
Using the Windows HTTP API I'm running a HTTP file server on localhost.
This involves calling HttpAddUrl(hRequestQueue, L"http://localhost:80/", NULL).
This fails with ERROR_ACCESS_DENIED unless the user runs the application as administrator. I need this functionality for users who don't have admin privileges. (What's wrong with a user running a localhost server anyway? It's just for the user themselves.)
I found a hotfix for Vista and XP which seems aimed at solving this, but there's nothing for Windows 7. The article implies it was fixed in Vista SP1, and I have Windows 7 SP1 and it's still a problem - did the fix not make it to Windows 7?
Is there anything else I can do to get the server to run for non-admins?
Answering my own question, but found a workaround: the IANA port numbers state ports 49152-65535 are for dynamic/private purposes. HttpAddUrl for localhost on a port >= 49152 works fine for non-admins.
This must be configured on system level because HTTP API uses http.sys (kernel driver). You can use netsh.exe command executed with Administrator privileges to grant access to the user or application:
netsh http add urlacl url=http://localhost:80/ user=EVERYONE listen=yes delegate=no
Ports 1-1024, by default, require administrative access. Otherwise you get error code 5 (ACCESS_DENIED). If you attempt to bind to a port above 1024, e.g.:
http://localhost:8080/
it will work for non-admin users. In your case you tried to listen on port 80, which HttpServer API limits to administrators.
Everything in Windows is controlled by Access Control Lists (ACLs); this includes the listen ports allowed when using HttpServer. You can display the current ACLs used by http by running:
>netsh http show urlacl
If you do that, you'll see a lot of ACLs already defined by various systems.
Windows Communication Foundation
One ACL entry is particularly interesting:
Reserved URL : http://+:80/Temporary_Listen_Addresses/
User: \Everyone
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;WD)
Everyone is granted the right to listen on port 80, as long as you live off of:
/Temporary_Listen_Addresses/
This url is used by Windows Communication Foundation (WCF), which normally constructs a URL of the form:
http://+:80/Temporary_Listen_Addresses/{random-guid}/
It also means, if you really want port 80, you can listen with your own, for example:
http://localhost:80/Temporary_Listen_Addresses/64E3DCC6-FE47-4A86-87F4-48D2E1B44AE9/
As long as nobody is already using port 80 (i'm looking at your Skype!), you'll get it.
WinSock listening sockets do not require admin
While the HttpServer API has ACLs controlling access to ports below 1024, it should be noted that the WinSock API has no restriction.
If you want to use WinSock to open a listening socket on port 80, you do not need to be an administrator. It is only the Http api that has the ACL.
For testing purposes, I'm trying to run a number of client applications connecting to a server all on the same host machine.
The host machine is running Windows 2008 Server Standard 32-bit with Service Pack 2.
On my XP development machine I installed the Microsoft Loopback Adapter in order to run multiple clients connecting from separate IP addresses. My LAN network is 192.168.1.xxx and so I chose 192.168.5.xxx for the loopback adapter addresses.
On my development machine, everything works fine and I am able to see the client applications binding to the loopback adapter using TCPView.
When I try and run the same setup on the Windows 2008 server with the same settings, the client applications are unable to bind to the loopback adapter addresses. There is no activity in TCPView and so I believe there's possibly some configuration setting I'm missing in setting up the loopback adapter.
Can anyone help?
Thanks!
Nick.
Ok, problem solved. I was specifying that the client connect to 127.0.0.1 but when I asked it to connect to a 192.168.5.x address it worked. The server was bound to 0.0.0.0 which suggests that it should still have been bound to 127.0.0.1 anyway but it just didn't seem to work!