httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 60681] Increase severity of "request failed: error reading the headers"
Date Thu, 09 Feb 2017 23:01:11 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=60681

--- Comment #8 from William A. Rowe Jr. <wrowe@apache.org> ---
Actually, let me reframe that. Leaving a breadcrumb of a faulty request
which does *not* hit the access.log file is sensible.

We do need a patch which alters the severity (to APLOG_NOTICE, imo) only of
these no-access-record error cases. It should not exceed the severity of
our other historical timeout errors. Based on other failures during the
header line processing, I believe the patch we are looking for is an actual
400-error response in the case of timeout reading header lines, just as we
have an immediate 400-error response in the case of too many header lines
and header line length limit exceeded. This would be captured in the access
log.

Historically, there is no breadcrumb for connecting and waiting for timeout
force disconnect, and there was no such error record in 2.2.31.

Based on the historical pattern of ignoring any HTTP:
  connect - no request - timeout - loop
vs [error] level report of slowloris 
  connect - trickle request - timeout (or rather, max lines etc) - loop

HTTP Socket Connect:
no record

HTTP Timeout before a header line is read:
no record

HTTP Timeout after header line is read:
[Thu Feb 09 16:16:31 2017] [error] [client 127.0.0.1] request failed: error
reading the headers

HTTP Header limits exceeded (slowloris pattern):
Redundant recording, both error and access log entries;
[Thu Feb 09 16:55:27 2017] [error] [client 127.0.0.1] request failed: error
reading the headers
127.0.0.1 - - [09/Feb/2017:16:52:20 -0600] "GET / HTTP/1.1" 400 290

HTTP Timeout after header lines complete, before C-L request body:
no error log record, access log records:
127.0.0.1 - - [09/Feb/2017:16:32:20 -0600] "GET / HTTP/1.1" 400 226

HTTP Timeout after header lines complete, before T-E:chunked header:
no error log record, access log records:
127.0.0.1 - - [09/Feb/2017:16:41:22 -0600] "GET / HTTP/1.1" 400 226

HTTP Timeout after header lines complete, before T-E:chunked content:
no error log record, access log records:
127.0.0.1 - - [09/Feb/2017:16:41:22 -0600] "GET / HTTP/1.1" 400 226

HTTP Timeout on keepalive:
no record


HTTPS Socket Connect:
[Thu Feb 09 16:21:44 2017] [info] [client 127.0.0.1] Connection to child 192
established (server hub.wrowe.net:443)
[Thu Feb 09 16:21:44 2017] [info] Seeding PRNG with 656 bytes of entropy

HTTPS Handshake Timeout:
[Thu Feb 09 16:21:59 2017] [info] [client 127.0.0.1] (70007)The timeout
specified has expired: SSL handshake interrupted by system [Hint: Stop button
pressed in browser?!]
[Thu Feb 09 16:21:59 2017] [info] [client 127.0.0.1] Connection closed to child
192 with abortive shutdown (server hub.wrowe.net:443)

HTTPS Handshake Completed:
[Thu Feb 09 16:24:53 2017] [info] Connection: Client IP: 127.0.0.1, Protocol:
TLSv1.2, Cipher: ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)

HTTPS Timeout after handshake, before header line is read:
[Thu Feb 09 16:25:08 2017] [info] [client 127.0.0.1] (70007)The timeout
specified has expired: SSL input filter read failed.
[Thu Feb 09 16:25:08 2017] [info] [client 127.0.0.1] Connection closed to child
2 with standard shutdown (server hub.wrowe.net:443)

HTTPS Timeout after handshake, after header line is read:
[Thu Feb 09 16:27:02 2017] [info] [client 127.0.0.1] (70007)The timeout
specified has expired: SSL input filter read failed.
[Thu Feb 09 16:27:02 2017] [error] [client 127.0.0.1] request failed: error
reading the headers
[Thu Feb 09 16:27:02 2017] [info] [client 127.0.0.1] Connection closed to child
128 with standard shutdown (server hub.wrowe.net:443)

HTTPS Keepalive Timeout after initial request:
[Thu Feb 09 16:28:21 2017] [info] Initial (No.1) HTTPS request received for
child 68 (server hub.wrowe.net:443)
[Thu Feb 09 16:28:26 2017] [info] [client 127.0.0.1] (70007)The timeout
specified has expired: SSL input filter read failed.
[Thu Feb 09 16:28:26 2017] [info] [client 127.0.0.1] Connection closed to child
68 with standard shutdown (server hub.wrowe.net:443)

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message