httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Russel Van Tuyl <russel.vant...@gmail.com>
Subject Re: [users@httpd] Potential HTTP/2 Bug within Apache 2.4.18
Date Mon, 14 Mar 2016 10:35:39 GMT
I've never applied or tested a patch before, but i'm willing to give it a
shot.

On Mon, Mar 14, 2016 at 5:35 AM, Stefan Eissing <
stefan.eissing@greenbytes.de> wrote:

>
> > Am 13.03.2016 um 04:18 schrieb Russel Van Tuyl <russel.vantuyl@gmail.com
> >:
> >
> > I'm running an Apache 2.4.18 web server (Server-A) compiled from source
> as a reverse proxy. I'm using ProxyPass on Server-A to pass traffic to a
> proxy, nghttpx, listening on 127.0.0.1:3000. This nghttpx proxy sends
> traffic to a second server, Server-B, across the network. Connections from
> a web browser on Client-C work fine connecting to Server-A that connects to
> nghttpx proxy on 127.0.0.1:3000 that connects to Server-B. These
> connections only work when Server-B is using Apache 2.4.17. When Server-B
> is using Apache 2.4.18 the connection errors out and will not complete. The
> exact error message is down below this narrative. I'm not sure why it is
> requesting http://(null)/ . At this point, the only that has changes is
> Server-B's version of Apache. Neither Server-A or the nghttpx's
> configuration change, just the version of Apache on Server-B. I've built
> both Apache 2.4.17 and 2.4.18 from source on Server-B using the same
> configurations. The debug output from mod_http2 for both a failed and
> successful connection can be found here: http://pastebin.com/XnUL8aeh .
> Is this is a bug in Apache 2.4.18 or is there something else I can try and
> do to narrow the problem down?
> >
> >
> > [Sat Mar 12 20:54:53.087621 2016] [http2:debug] [pid 21439:tid
> 140096657385216] h2_stream.c(321): [client 192.168.56.120:34283]
> h2_stream(73-1): RST=2 (internal err) GET http://(null)/
>
> What I see from the 2.4.18 log is that the incoming request has no
> ':authority' header and is rejected. Reading RFC 7540 carefully, this is a
> bug. The nghttpx, acting as h1->h2 proxy MUST not send and :authority
> header. nghttpx does everything right and mod_http2 has it wrong.
>
> Are you able to apply/test a patch?
>
> -Stefan
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


-- 
Respectfully,
Russel Van Tuyl

“If you don’t go after what you want, you’ll never have it. If you don’t
ask, the answer is always no. If you don’t step forward, you’re always in
the same place.” -- Nora Roberts, author

Mime
View raw message