LDAP 请求似乎在重复 125 字节数据包时挂起,并且 TCP 连接不会关闭

LDAP 请求似乎在重复 125 字节数据包时挂起,并且 TCP 连接不会关闭

我重写了这个问题,重点关注特定部分。原标题为“Apache 挂起或退出,但保持 TCP 套接字打开并且不接受连接”

问题

问题是,配置为使用 LDAP 进行身份验证的网站(Moodle)在尝试 LDAP 身份验证时挂起。

细节

我使用 tcpdump 捕获了 Apache 发送的 LDAP 请求(即来自 Web 应用程序)和 CLI ldapsearch 实用程序发送的 LDAP 请求的 TCP 数据包。Apache 发送的数据包似乎挂起了,然后又重复发送了这个 125 字节的数据包。我不知道该怎么做,我希望别人能做到。

  • Apache 错误日志中没有记录任何内容。我将错误日志设置为“调试”,但仍然没有任何记录。
  • PHP/Web 应用程序也没有报告任何错误;我也为 PHP 全力提高了 error_reporting。
  • 仅当 LDAP 请求由 Web 应用程序生成和执行时才会发生此问题。
  • 即当我使用与 Web 应用程序相同的凭据和详细信息运行“ldapsearch”时,我会从 LDAP 服务器获得快速而完整的响应
  • LDAP 是 Windows AD。我不知道是什么版本,并且我没有它的管理权限(或者实际上没有任何权限)。
  • 输出自tcpdump

    # ## TCP Packets from Apache
    #
    # tcpdump -r tcpdump_from_apache.out 
    reading from file tcpdump_from_apache.out, link-type EN10MB (Ethernet)
    13:45:00.063879 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [S], seq 920683327, win 5840, options [mss 1460,sackOK,TS val 3353249407 ecr 0,nop,wscale 7], length 0
    13:45:00.106582 IP ldapserver.someuniversity.edu.ldap > webserver-0001.56557: Flags [S.], seq 388153653, ack 920683328, win 8192, options [mss 1380,nop,wscale 8,sackOK,TS val 176288620 ecr 3353249407], length 0
    13:45:00.106602 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [.], ack 1, win 46, options [nop,nop,TS val 3353249411 ecr 176288620], length 0
    13:45:00.106677 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 1:82, ack 1, win 46, options [nop,nop,TS val 3353249411 ecr 176288620], length 81
    13:45:00.152943 IP ldapserver.someuniversity.edu.ldap > webserver-0001.56557: Flags [P.], seq 1:23, ack 82, win 256, options [nop,nop,TS val 176288624 ecr 3353249411], length 22
    13:45:00.152961 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [.], ack 23, win 46, options [nop,nop,TS val 3353249416 ecr 176288624], length 0
    13:45:00.153216 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353249416 ecr 176288624], length 125
    13:45:00.458751 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353249447 ecr 176288624], length 125
    13:45:01.078694 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353249509 ecr 176288624], length 125
    13:45:02.318668 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353249633 ecr 176288624], length 125
    13:45:04.798702 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353249881 ecr 176288624], length 125
    13:45:09.758699 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353250377 ecr 176288624], length 125
    13:45:19.678660 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353251369 ecr 176288624], length 125
    13:45:39.518685 IP webserver-0001.56557 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:207, ack 23, win 46, options [nop,nop,TS val 3353253353 ecr 176288624], length 125
            ...etc...
    
    
    # ## TCP Packets when running "ldapsearch"
    #
    # tcpdump -r tcpdump_from_ldapsearch.out 
    reading from file tcpdump_from_ldapsearch.out, link-type EN10MB (Ethernet)
    13:43:16.194111 IP webserver-0001.mroomstech.com.56550 > ldapserver.someuniversity.edu.ldap: Flags [S], seq 3594896697, win 5840, options [mss 1460,sackOK,TS val 3353239020 ecr 0,nop,wscale 7], length 0
    13:43:16.250285 IP ldapserver.someuniversity.edu.ldap > webserver-0001.mroomstech.com.56550: Flags [S.], seq 3373619350, ack 3594896698, win 8192, options [mss 1380,nop,wscale 8,sackOK,TS val 176278235 ecr 3353239020], length 0
    13:43:16.250322 IP webserver-0001.mroomstech.com.56550 > ldapserver.someuniversity.edu.ldap: Flags [.], ack 1, win 46, options [nop,nop,TS val 3353239026 ecr 176278235], length 0
    13:43:16.250370 IP webserver-0001.mroomstech.com.56550 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 1:82, ack 1, win 46, options [nop,nop,TS val 3353239026 ecr 176278235], length 81
    13:43:16.308445 IP ldapserver.someuniversity.edu.ldap > webserver-0001.mroomstech.com.56550: Flags [P.], seq 1:23, ack 82, win 256, options [nop,nop,TS val 176278241 ecr 3353239026], length 22
    13:43:16.308482 IP webserver-0001.mroomstech.com.56550 > ldapserver.someuniversity.edu.ldap: Flags [.], ack 23, win 46, options [nop,nop,TS val 3353239031 ecr 176278241], length 0
    13:43:16.308680 IP webserver-0001.mroomstech.com.56550 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 82:174, ack 23, win 46, options [nop,nop,TS val 3353239031 ecr 176278241], length 92
    13:43:16.372985 IP ldapserver.someuniversity.edu.ldap > webserver-0001.mroomstech.com.56550: Flags [P.], seq 23:476, ack 174, win 256, options [nop,nop,TS val 176278248 ecr 3353239031], length 453
    13:43:16.373200 IP webserver-0001.mroomstech.com.56550 > ldapserver.someuniversity.edu.ldap: Flags [P.], seq 174:181, ack 476, win 54, options [nop,nop,TS val 3353239038 ecr 176278248], length 7
    13:43:16.373250 IP webserver-0001.mroomstech.com.56550 > ldapserver.someuniversity.edu.ldap: Flags [F.], seq 181, ack 476, win 54, options [nop,nop,TS val 3353239038 ecr 176278248], length 0
    13:43:16.439382 IP ldapserver.someuniversity.edu.ldap > webserver-0001.mroomstech.com.56550: Flags [.], ack 182, win 256, options [nop,nop,TS val 176278254 ecr 3353239038], length 0
    13:43:16.439413 IP ldapserver.someuniversity.edu.ldap > webserver-0001.mroomstech.com.56550: Flags [R.], seq 476, ack 182, win 0, length 0
    

相关内容