httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 20785] - ssl with mod_proxy is very unstable
Date Thu, 11 Sep 2003 01:13:20 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20785>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20785

ssl with mod_proxy is very unstable

katsu-ishii@hitachi-system.co.jp changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|ssl with mod_proxy is very  |ssl with mod_proxy is very
                   |unstable                    |unstable



------- Additional Comments From katsu-ishii@hitachi-system.co.jp  2003-09-11 01:13 -------
I am Katsumi Ishii. 
I belong to Hitachi System and Service,Inc.

Sorry in strage English.

I use mod_proxy and mod_ssl for reverse proxy https connection. 
Less than 50% of the https connetions will fail.

here is my environment.
    OS      : HP-UX 11i
    Apache  : 2.0.47
    OpenSSL : 0.9.7b

and here is error log when the connections failed :
+------------------------------------------------------------------------------+
[Wed Sep 10 10:18:53 2003] [debug] ssl_engine_kernel.c(1766): OpenSSL: 
Handshake: start
[Wed Sep 10 10:18:53 2003] [debug] ssl_engine_kernel.c(1774): OpenSSL: Loop: 
before/connect initialization
[Wed Sep 10 10:18:53 2003] [debug] ssl_engine_kernel.c(1774): OpenSSL: Loop: 
SSLv2/v3 write client hello A
[Wed Sep 10 10:18:53 2003] [debug] ssl_engine_io.c(1484): OpenSSL: read 0/7 
bytes from BIO#400db538 [mem: 40119ca8] (BIO dump follows)
[Wed Sep 10 10:18:53 2003] [debug] ssl_engine_io.c(1431): +---------------------
----------------------------------------------------+
[Wed Sep 10 10:18:53 2003] [debug] ssl_engine_io.c(1462): +---------------------
----------------------------------------------------+
[Wed Sep 10 10:18:53 2003] [info] SSL Proxy connect failed
[Wed Sep 10 10:18:53 2003] [info] Connection to child 1 closed with abortive 
shutdown(server www.zzbojinfo.boj.or.jp:443, client 10.253.253.134)
+------------------------------------------------------------------------------+

I changed my config and tried test, but it doesn't help.

Then I changed source(srclib/apr/network_io/unix/sendrecv.c) for output debug 
log,
 and I tried test.

I found errno=11 in debug log. 
Systemcall(read) set 11[EAGAIN] in "errno".

I amended source(srclib/apr/network_io/unix/sendrecv.c), then I avoided this 
problem.

here is chaged source.
+------------------------------------------------------------------------------+
*** sendrecv.c.org      Fri May 30 21:50:39 2003
--- sendrecv.c          Wed Sep 10 10:21:50 2003
***************
*** 109,114 ****
--- 109,115 ----
  {
      apr_ssize_t rv;
      apr_status_t arv;
+     int roopCnt;

      if (sock->netmask & APR_INCOMPLETE_READ) {
          sock->netmask &= ~APR_INCOMPLETE_READ;
***************
*** 115,123 ****
          goto do_select;
      }

      do {
          rv = read(sock->socketdes, buf, (*len));
!     } while (rv == -1 && errno == EINTR);

      if (rv == -1 && (errno == EAGAIN || errno == EWOULDBLOCK) &&
          apr_is_option_set(sock->netmask, APR_SO_TIMEOUT)) {
--- 116,129 ----
          goto do_select;
      }

+     roopCnt=0;
      do {
          rv = read(sock->socketdes, buf, (*len));
!         if (rv == -1 && (errno == EINTR || errno == EAGAIN)) {
!             apr_sleep(5000);
!         }
!         roopCnt++;
!     } while ((rv == -1 && (errno == EINTR || errno == EAGAIN)) && roopCnt
< 
10);

      if (rv == -1 && (errno == EAGAIN || errno == EWOULDBLOCK) &&
          apr_is_option_set(sock->netmask, APR_SO_TIMEOUT)) {
+------------------------------------------------------------------------------+

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message