httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 50851] New: mod_proxy_fcgi does not comply with RFC 3875 (CGI 1.1)
Date Tue, 01 Mar 2011 20:30:06 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=50851

           Summary: mod_proxy_fcgi does not comply with RFC 3875 (CGI 1.1)
           Product: Apache httpd-2
           Version: 2.3-HEAD
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: minor
          Priority: P2
         Component: Other Modules
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: mark@catseye.org


mod_proxy_fcgi in trunk currently sets PATH_INFO, SCRIPT_NAME, and
PATH_TRANSLATED incorrectly per RFC 3875 (CGI 1.1).

I am running httpd 2.3.10 with the following mod_proxy_fcgi configuration:

ProxyPass /test/ fcgi://127.0.0.1:9000/www/php-ssl/

The file /www/php-ssl/test.php contains an HTML page with the single PHP
statement: echo "Hello, World!\n"


When an end user requests

https://f14dev1.catseye.org/test/hello.php/some/info?foo=bar&rod=moby

mod_proxy_fcgi sends the following environment variables via the FastCGI
protocol to php-fpm (built from PHP 5.3.5):

HTTPS=on
SSL_TLS_SNI=f14dev1.catseye.org
HTTP_HOST=f14dev1.catseye.org
HTTP_USER_AGENT=Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;
rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.7,ja;q=0.3
HTTP_ACCEPT_ENCODING=gzip,deflate
HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
HTTP_KEEP_ALIVE=115
HTTP_CONNECTION=keep-alive
PATH=/sbin:/usr/sbin:/bin:/usr/bin
SERVER_SIGNATURE=<address>Apache/2.3.10 (Fedora) Server at <a
href="mailto:webmaster@catseye.org">f14dev1.catseye.org</a> Port
443</address>#012
SERVER_SOFTWARE=Apache/2.3.10 (Fedora)
SERVER_NAME=f14dev1.catseye.org
SERVER_ADDR=172.16.168.128
SERVER_PORT=443
REMOTE_ADDR=172.16.168.1
DOCUMENT_ROOT=/www/html-ssl
SERVER_ADMIN=webmaster@catseye.org
SCRIPT_FILENAME=proxy:fcgi://127.0.0.1:9000/www/php-ssl/hello.php/some/info
REMOTE_PORT=50634
GATEWAY_INTERFACE=CGI/1.1
SERVER_PROTOCOL=HTTP/1.1
REQUEST_METHOD=GET
QUERY_STRING=foo=bar&rod=moby
REQUEST_URI=/test/hello.php/some/info?foo=bar&rod=moby
SCRIPT_NAME=/test
PATH_INFO=/www/php-ssl/hello.php/some/info
PATH_TRANSLATED=/www/html-ssl/www/php-ssl/hello.php/some/info


But RFC 3875 section 3.3 states:

> From the meta-variables thus generated, a URI, the 'Script-URI', can
> be constructed.  This MUST have the property that if the client had
> accessed this URI instead, then the script would have been executed
> with the same values for the SCRIPT_NAME, PATH_INFO and QUERY_STRING
> meta-variables. [...]
>
> script-URI = <scheme> "://" <server-name> ":" <server-port>
>              <script-path> <extra-path> "?" <query-string>
>
> where <scheme> is found from SERVER_PROTOCOL, <server-name>,
> <server-port> and <query-string> are the values of the respective
> meta-variables.  The SCRIPT_NAME and PATH_INFO values, URL-encoded
> with ";", "=" and "?"  reserved, give <script-path> and <extra-path>.

Applying this formula to the environment variables, above, yields a script-URI
of:

https://f14dev1.catseye.org:443/test/www/php-ssl/hello.php/some/info?foo=bar&rod=moby

...which is not correct and will fail to execute the same script with the same
values for SCRIPT_NAME and PATH_INFO as required by the RFC.  Instead, it
should be:

https://f14dev1.catseye.org:443/test/hello.php/some/info?foo=bar&rod=moby

The current (not RFC compliant) behavior is part of a larger problem that
prevents php-fpm's status and ping pages from working when php-fpm is used with
mod_proxy_fcgi.  I'd like to address the problem on the httpd side first to
make it easier to justify patches to php-fpm ("httpd does things the way RFC
3875 says, now php-fpm should be fixed to work with it").


Additional background information:

# /usr/sbin/httpd -V
Server version: Apache/2.3.10 (Unix)
Server built:   Mar  1 2011 12:26:00
Server's Module Magic Number: 20101204:0
Server loaded:  APR 1.4.2, APR-UTIL 1.3.10
Compiled using: APR 1.4.2, APR-UTIL 1.3.10
Architecture:   64-bit
Server MPM:     prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=128
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

php-fpm from PHP 5.3.5
Fedora 14 (fully patched)
gcc 4.5.1

httpd custom built with:

./configure --prefix=/etc/httpd --exec-prefix=/usr --bindir=/usr/bin
--sbindir=/usr/sbin --mandir=/usr/share/man --libdir=/usr/lib64
--sysconfdir=/etc/httpd/conf --includedir=/usr/include/httpd
--libexecdir=/usr/lib64/httpd/modules --datadir=/var/www
--with-installbuilddir=/usr/lib64/httpd/build --with-mpm=prefork
--with-apr=/usr --with-apr-util=/usr --enable-suexec --with-suexec
--with-suexec-caller=apache --with-suexec-docroot=/var/www
--with-suexec-logfile=/var/log/httpd/suexec.log
--with-suexec-bin=/usr/sbin/suexec --with-suexec-uidmin=500
--with-suexec-gidmin=100 --enable-pie --with-pcre --enable-mods-shared=all
--enable-ssl --with-ssl --enable-distcache --enable-proxy --enable-cache
--enable-disk-cache --enable-socache-dc --enable-ldap --enable-authnz-ldap
--enable-cgid --enable-authn-anon --enable-authn-alias --enable-session
--enable-session-cookie --enable-session-dbd --enable-lua --enable-dav-lock
--disable-imagemap

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message