httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 50481] New: mod_proxy with SSLProxyEngine truncates files fetched with chunked encoding
Date Wed, 15 Dec 2010 16:10:08 GMT

           Summary: mod_proxy with SSLProxyEngine truncates files fetched
                    with chunked encoding
           Product: Apache httpd-2
           Version: 2.2.17
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_proxy


I stumbled on this issue while transferring large compressed files or large
JavaScript files from JBoss/Tomcat through a reverse proxy implemented with
Apache + mod_proxy + mod_ssl. Sometimes files got corrupted during the

I activated mod_dumpio on Apache and on Java and I found
out what triggers this problem.

The problem happens when:
1. Apache is using ProxyPass to an https:// URL.
2. The backend server sends data using Transfer-Encoding: chunked (typically
when dynamically generating content, or when sending data compressed on the
3. The backend splits the chunk length between two different SSL blocks.

For instance, if the backend is sending
"...<previous_chunk>...\r\n2000\r\n...<new_8kb_chunk>...", but the SSL
processor in the backend splits that into "...<previous_chunk>...\r\n2"
(encrypt that, send to the Apache proxy) and then
"000\r\n...<new_8kb_chunk>..." (encrypt that, send to the Apache proxy),
Apache/mod_proxy/mod_ssl will "lose" the "2" in the end of the first SSL block,
consequently it will assume "000\r\n" is the length of the next chunk and it
will fail.

I have done some debugging using mod_dumpio and I have also created a Python
script implementing a dummy webserver that introduces the reported behaviour. I
will post those with the results in comments to this bug.

I am posting this with severity "major" since it causes data corruption. I saw
bug #31822 that might be a related issue, but as that one seems to happen only
with mod_cache and happened with Apache 2.0, I decided to open a separate bug.

I reproduced this exact problem with an Apache 2.2.17 built from scratch but
using APR-1.2.7 from RedHat. These are the configure settings I used:

./configure --prefix /root/apache/install --enable-proxy --enable-ssl
--enable-dumpio --with-apr=/usr --with-apr-util=/usr


Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message