httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: Win 2.3.16 :: SSL and AcceptFilter
Date Wed, 04 Jan 2012 03:19:13 GMT
On 30.12.2011 22:04, Gregg L. Smith wrote:
> On 12/27/2011 10:40 AM, Steffen wrote:
>> Gregg reported it also:
>>
>> I've also found AcceptFilter https none to be problematic. First time
>> you hit a site via https it usually comes up with a blank white
>> nothing. Hitting reload and it comes up proper.
>>
>
> That I did, fishing to see if others were seeing the same thing. It
> looks like they are.

I finally also managed to build 2.4.x on Windows 7 using Visual Studio 10.

Un(?)fortunately I couldn't reproduce this problem. But the system I use 
also works with default AcceptFilter.

For the reference:

- Windows 7 64 bits Professional
- Visual Studio 10 / Windows SDK 7.1
- OpenSSL 1.0.0e, libz 1.2.5, pcre 8.12
- httpd 2.4.x r1226941
- apr 1.4.5, apu 1.4.1, api 1.2.1

Everything build as win7 / x86 / Release.

I tried to reproduce with various AcceptFilter setting inclusing "https 
none" using MSIE, FF and Chrome. I always get the response on the first 
request.

Steffen, Gregg et. al.: Can you reproduce on a test system? Did you 
already reproduce once with increased log level, e.g.

LogLevel info ssl_module:trace8 mpm_winnt_module:trace8

or maybe, since it seems you can reproduce with a single request just use

LogLevel trace8

and post one example for the working case and one for the broken case.

Regards,

Rainer

>> -----Original Message----- From: Steffen
>> Sent: Tuesday, December 27, 2011 7:21 PM
>> To: dev@httpd.apache.org
>> Subject: Re: Win 2.3.16 :: SSL and AcceptFilter
>>
>> Hard to catch, but I was lucky.
>> These are the steps with loglevel info:
>>
>> Start httpd.exe with AcceptFilter https none
>>
>> 1) In browser https://devxp
>> 2) response browser not found
>>
>> in access log: nothing
>> in error log:
>> [ssl:info] [pid 2432:tid 1036] [client 192.168.1.13:2136] AH01964:
>> Connection to child 63 established (server devxp:443)
>> [ssl:info] [pid 2432:tid 1036] [client 192.168.1.13:2137] AH01964:
>> Connection to child 63 established (server devxp:443)
>> [ssl:info] [pid 2432:tid 1036] [client 192.168.1.13:2137] AH02008: SSL
>> library error 1 in handshake (server devxp:443)
>> [ssl:info] [pid 2432:tid 1036] SSL Library Error: error:140760FC:SSL
>> routines:SSL23_GET_CLIENT_HELLO:unknown protocol -- speaking not SSL to
>> HTTPS port!?
>> [ssl:info] [pid 2432:tid 1036] [client 192.168.1.13:2137] AH01998:
>> Connection closed to child 63 with abortive shutdown (server devxp:443)
>>
>> 3) In browser press refresh
>> 4)Response is fine
>>
>> in accesslog:
>> SSLv3 RC4-SHA "GET / HTTP/1.1" 200 46 "-" "Mozilla/4.0 (compatible; MSIE
>> 6.0;...
>>
>> in error log:
>> [ssl:info] [pid 2432:tid 1036] [client 192.168.1.13:2138] AH01964:
>> Connection to child 63 established (server devxp:443)
>> [ssl:info] [pid 2432:tid 1036] (70014)End of file found: [client
>> 192.168.1.13:2138] AH01991: SSL input filter read failed.
>> [ssl:info] [pid 2432:tid 1036] [client 192.168.1.13:2139] AH01964:
>> Connection to child 63 established (server devxp:443)
>> [ssl:info] [pid 2432:tid 1036] (OS 10060)A connection attempt failed
>> because
>> the connected party did not properly respond after a period of time, or
>> established connection failed because connected host has failed to
>> respond.
>> : [client 192.168.1.13:2139] AH01991: SSL input filter read failed.
>>
>>
>>
>>
>> -----Original Message----- From: William A. Rowe Jr.
>> Sent: Tuesday, December 27, 2011 5:42 PM
>> To: dev@httpd.apache.org
>> Subject: Re: Win 2.3.16 :: SSL and AcceptFilter
>>
>> On 12/27/2011 9:46 AM, Steffen wrote:
>>> Reported here already the issue. Also in the AL forum is one with the
>>> same issue.
>>>
>>> Still there definitly is an issue with Acceptfilter and SSL.
>>>
>>> When AcceptFilter https none:
>>> Sometimes page is not displayed, eg. in Chrome with errors
>>>
>>> Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
>>> or
>>> Error 15 (net::ERR_SOCKET_NOT_CONNECTED): Unknown error.
>>>
>>> Nothing in the logs.
>>
>> --- almost always means you want to change LogLevel to debug ---
>> (or maybe even info level will be sufficient).
>>
>> With the new methodology, you can toggle the mpm alone to debug level.
>> Something like;
>>
>> LogLevel info ssl_module:debug mpm_winnt_module:debug
>>
>>
>

Mime
View raw message