httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 42492] - mod_proxy_ajp with SSL front end: data corruption of large POST request
Date Thu, 24 May 2007 10:56:33 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42492>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42492





------- Additional Comments From rpluem@apache.org  2007-05-24 03:56 -------
(In reply to comment #9)

> following two components:
> 
> - tomcat-native from 1.1.6 to 1.1.9
> - libapr (only for tomcat-native) from 1.2.7 to 1.2.8
> 
> This way the requests seem to go through okay using httpd 2.2.0 or 2.2.4 (with
included apr versions).

This is possible. I noticed the following difference between the working and the
non working request:

[Wed May 23 10:15:39 2007] [debug] mod_proxy_ajp.c(193): proxy: data to read
(max 8186 at 4)
[Wed May 23 10:15:39 2007] [debug] mod_proxy_ajp.c(208): proxy: got 2048 bytes
of data
[Wed May 23 10:15:39 2007] [debug] ajp_header.c(643): ajp_read_header:
ajp_ilink_received 06
[Wed May 23 10:15:39 2007] [debug] ajp_header.c(653): ajp_parse_type: got 06

This means mod_proxy_ajp sends the first 2048 bytes of the 3488 bytes of the
POST request body immediately and it gets back a request from Tomcat's AJP
connector to sent more (type 06) (in this case the missing 1440 bytes). And as
the SSL BIO dump afterwards indicates mod_proxy_ajp sends POST request body data
to the Tomcat afterwards.
Next we have

[Wed May 23 10:15:39 2007] [debug] ajp_header.c(643): ajp_read_header:
ajp_ilink_received 04
[Wed May 23 10:15:39 2007] [debug] ajp_header.c(653): ajp_parse_type: got 04

which indicates that Tomcat starts sending the response by sending the response
headers across.

In the second case things look a little bit different:

[Wed May 23 10:15:45 2007] [debug] mod_proxy_ajp.c(193): proxy: data to read
(max 8186 at 4)
[Wed May 23 10:15:45 2007] [debug] mod_proxy_ajp.c(208): proxy: got 2048 bytes
of data
[Wed May 23 10:15:45 2007] [debug] ajp_header.c(643): ajp_read_header:
ajp_ilink_received 04
[Wed May 23 10:15:45 2007] [debug] ajp_header.c(653): ajp_parse_type: got 04

mod_proxy_ajp again only sents the first 2048 bytes of the POST request body
immediately, but instead of asking for more (as in the first case), Tomcat
immediately starts with the response by sending the headers.
So this could be a Tomcat bug. For further verification I think it could be
helpful to have a network sniff of the communication between httpd and Tomcat to
see if there are errors in the messages that could trigger this behaviour on the
Tomcat side.

Why does this not happen in the HTTP case? Well I do not know exactly, but it
may be that in the HTTP case the whole POST request body is sent immediately.
Of course this should only make a difference for POST request bodies < 8k as if
they are larger they need to split into different ajp packets anyway.
So it might be nice to have a debug error log of the same POST request over HTTP
on the frontend.

What about the 56k you talk about in your initial comment? Is this the size of
the request body or is this the size of the response?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message