[Bug 60330] New: reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

classic Classic list List threaded Threaded
53 messages Options
123
Reply | Threaded
Open this post in threaded view
|

[Bug 60330] New: reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

            Bug ID: 60330
           Summary: reverse proxy of 100-continue aware backend, sends 100
                    continue even when backend does not
           Product: Apache httpd-2
           Version: 2.4.23
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_proxy_http
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: ---

Reverse proxy of 100-continue aware backend, sends 100 continue even when
backend does not. This causes a client to think it should write a request body,
while the backend may still respond with a 400 and not read the request body.
mod_proxy_http then responds with 502 as a result of AH01097: pass request body
failed

The backend is doing the right thing: it did not send a 100 continue so it
should not be required to read a request body, regardless of transfer encoding
or content-length.

Expected:

mod_proxy_http reverse proxy should not send 100-continue to a client unless
the backend does.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #1 from Jay R. Wren <[hidden email]> ---
Created attachment 34438
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34438&action=edit
in the reverse proxy case, if request had Expects: 100-continue, delay writing
100 continue response until backend has sent 100-continue response

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #2 from Yann Ylavic <[hidden email]> ---
Created attachment 34451
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34451&action=edit
Forward 100-continue (and minimize race when reusing backend connections)

I proposed this patch a while ago on the dev@ list ([1]), this is an update for
latest trunk, with more (though incomplete) testing.

Could you please give it a try?

[1].
https://lists.apache.org/thread.html/4e541e032b8a77ebec8248534637b47cdcd4f38af79baa5259845db0@1430360070@%3Cdev.httpd.apache.org%3E

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

Jim Jagielski <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--- Comment #3 from Jim Jagielski <[hidden email]> ---
*** Bug 55433 has been marked as a duplicate of this bug. ***

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

Jim Jagielski <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

Max Lohrmann <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #4 from Jay R. Wren <[hidden email]> ---
Yann,

I tried that patch, but I still get 503 error when expecting a 100 Continue
response.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #5 from Michael Osipov <[hidden email]> ---
Any chance that this will be fixed? Have the very same problem from a backend
Tomcat. I guess I need to drop mod_proxy and try mod_ajp or drop Apache HTTPd
altogether for this.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

Yann Ylavic <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[hidden email]

--- Comment #6 from Yann Ylavic <[hidden email]> ---
*** Bug 57853 has been marked as a duplicate of this bug. ***

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #7 from Yann Ylavic <[hidden email]> ---
Sorry it's been a long time, I think we need more informations here as to the
exact issue.

What exactly isn't working with the proposed patch?
Where are 100-continue or request bodies lacking or sent inappropriately, on
which side (client/backend)?
IOW, can we please have a description/scenario of what is supposed to work and
how, possibly with the expected request/response on both sides?
What is the configuration being tested?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #8 from Michael Osipov <[hidden email]> ---
(In reply to Yann Ylavic from comment #7)
> Sorry it's been a long time, I think we need more informations here as to
> the exact issue.
>
> What exactly isn't working with the proposed patch?
> Where are 100-continue or request bodies lacking or sent inappropriately, on
> which side (client/backend)?
> IOW, can we please have a description/scenario of what is supposed to work
> and how, possibly with the expected request/response on both sides?
> What is the configuration being tested?

Hi Yann,

I can provide a full verbose log of curl(1) for Tomcat behind HTTPd with faulty
behavior and direct Tomcat communication. Moreover, I can expore the httpd.conf
for that offending behavior.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #9 from Yann Ylavic <[hidden email]> ---
Yes please do, along with the httpd error_log with LogLevel trace7.
Thanks!

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #10 from Michael Osipov <[hidden email]> ---
Created attachment 36015
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36015&action=edit
curl(1) to Tomcat directly

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #11 from Michael Osipov <[hidden email]> ---
Created attachment 36016
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36016&action=edit
curl(1) to Tomcat via HTTPd

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #12 from Michael Osipov <[hidden email]> ---
The error log has been sent privately due to sensitive data. Looking forward to
an analysis.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #13 from Michael Osipov <[hidden email]> ---
FYI, I have tried mod_proxy_{http,ajp} and mod_jk.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #14 from Yann Ylavic <[hidden email]> ---
Thanks Michael, at first glance the error_log is with mod_proxy_ajp, while
attachment 34451 is about mod_proxy_http (and I'd like to keep the scope there
for now).
I agree that unpatched mod_proxy_http sends "100 continue" too soon (actually
independently on the client and backend side).
The patch is precisely to avoid that (hop by hop 100-continue handling), did
you give it a try? If yes, could I have the error_log with mod_proxy_http?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #15 from Michael Osipov <[hidden email]> ---
(In reply to Yann Ylavic from comment #14)
> Thanks Michael, at first glance the error_log is with mod_proxy_ajp, while
> attachment 34451 [details] is about mod_proxy_http (and I'd like to keep the
> scope there for now).
> I agree that unpatched mod_proxy_http sends "100 continue" too soon
> (actually independently on the client and backend side).
> The patch is precisely to avoid that (hop by hop 100-continue handling), did
> you give it a try? If yes, could I have the error_log with mod_proxy_http?

I agree, I have tried all possible modules with the same negative result. I
will redo for you. Moreover, I will compile from trunk along with your patch
and try to reproduce. Does it still apply cleanly to trunk?

Please be patient, I won't be able to test anything before 2018-07-23.

Thank you.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #16 from jfclere <[hidden email]> ---
Created attachment 36046
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36046&action=edit
web.xml (to put in webapps/ROOT/WEB-INF/)

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 60330] reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60330

--- Comment #17 from jfclere <[hidden email]> ---
Created attachment 36047
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36047&action=edit
jsp to demonstrate the issue (put it in webapps/ROOT)

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

123