[Bug 63427] New: Proxy error reading status line from remote server with big files and Content-Length header

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Bug 63427] New: Proxy error reading status line from remote server with big files and Content-Length header

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=63427

            Bug ID: 63427
           Summary: Proxy error reading status line from remote server
                    with big files and Content-Length header
           Product: Apache httpd-2
           Version: 2.4.6
          Hardware: PC
                OS: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_proxy
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: ---

I have this configuration: apache 2.4.6 on a centos 7, configured as https
reverse proxy on a filesender server (http://filesender.org/), on a Redhat 5.3
server. Filesender is a software for sending big files with email links.
The error occurs clicking on the download.php link (for downloading files), and
only for very big files (several GB I guess). Direct links to filesender server
work.

Finally I found the problem, but don't know why it happens: I tought the
problem could be in the headers sent by download.php, so I tryied to comment
them one by one and I found that the one which gives error is the one which
sends file dimension:

header('Content-Length: '.$functions->getFileSize($file));

Commenting out this one eliminates the error.
I don't know if it occurs only with certain type of file or in https only.

Here is verbose log:

[Tue May 14 12:09:09.995372 2019] [ssl:debug] [pid 5421]
ssl_engine_kernel.c(224): [client xxx.xxx.xxx.xxx:14019] AH02034: Initial
(No.1) HTTPS request received for child 32 (server yyy.yyy.yyy.yyy:443)
[Tue May 14 12:09:09.995577 2019] [authz_core:debug] [pid 5421]
mod_authz_core.c(835): [client xxx.xxx.xxx.xxx:14019] AH01628: authorization
result: granted (no directives)
[Tue May 14 12:09:09.995915 2019] [proxy:debug] [pid 5421] mod_proxy.c(1117):
[client xxx.xxx.xxx.xxx:14019] AH01143: Running scheme http handler (attempt 0)
[Tue May 14 12:09:09.995947 2019] [proxy_ajp:debug] [pid 5421]
mod_proxy_ajp.c(713): [client xxx.xxx.xxx.xxx:14019] AH00894: declining URL
http://yyy.yyy.yyy.yyy/filesender/download1.php?vid=zzz
[Tue May 14 12:09:09.995980 2019] [proxy_fcgi:debug] [pid 5421]
mod_proxy_fcgi.c(963): [client xxx.xxx.xxx.xxx:14019] AH01076: url:
http://yyy.yyy.yyy.yyy/filesender/download1.php?vid=zzz proxyname: (null)
proxyport: 0
[Tue May 14 12:09:09.995990 2019] [proxy_fcgi:debug] [pid 5421]
mod_proxy_fcgi.c(966): [client xxx.xxx.xxx.xxx:14019] AH01077: declining URL
http://yyy.yyy.yyy.yyy/filesender/download1.php?vid=zzz
[Tue May 14 12:09:09.996020 2019] [proxy:debug] [pid 5421] proxy_util.c(2256):
[client xxx.xxx.xxx.xxx:14019] AH00944: connecting
http://yyy.yyy.yyy.yyy/filesender/download1.php?vid=zzz to yyy.yyy.yyy.yyy:80
[Tue May 14 12:09:09.996453 2019] [proxy:debug] [pid 5421] proxy_util.c(2422):
[client xxx.xxx.xxx.xxx:14019] AH00947: connected
/filesender/download1.php?vid=zzz to yyy.yyy.yyy.yyy:80
[Tue May 14 12:09:10.708571 2019] [proxy_http:error] [pid 5421] (104)Connection
reset by peer: [client xxx.xxx.xxx.xxx:14019] AH01102: error reading status
line from remote server yyy.yyy.yyy.yyy:80
[Tue May 14 12:09:10.708731 2019] [proxy_http:debug] [pid 5421]
mod_proxy_http.c(1363): [client xxx.xxx.xxx.xxx:14019] AH01105: NOT Closing
connection to client although reading from backend server yyy.yyy.yyy.yyy:80
failed.
[Tue May 14 12:09:10.708801 2019] [proxy:error] [pid 5421] [client
xxx.xxx.xxx.xxx:14019] AH00898: Error reading from remote server returned by
/filesender/download1.php
[Tue May 14 12:09:15.715088 2019] [ssl:debug] [pid 5421] ssl_engine_io.c(992):
[client xxx.xxx.xxx.xxx:14019] AH02001: Connection closed to child 32 with
standard shutdown (server yyy.yyy.yyy.yyy:443)

Here is proxy vhost:

<VirtualHost xxx.xxx.xxx.xxx:443>

ServerName yyy.yyy.yyy.yyy:443

ErrorLog logs/filesender_ssl_error_log
TransferLog logs/filesender_ssl_access_log
LogLevel debug

ProxyPass / http://yyy.yyy.yyy.yyy/
ProxyPassReverse / http://yyy.yyy.yyy.yyy/

SSLEngine on

SSLProtocol +TLSv1.2

SSLCipherSuite
ALL:!ADH:!EXPORT:!SSLv2:!RC4:!DES-CBC-SHA:!EDH-RSA-DES-CBC-SHA:!AECDH-DES-CBC3-SHA:!AECDH-AES128-SHA:!AECDH-AES256-SHA:RC4+RSA:+HIGH:+MEDIUM:+LOW:!3DES:!IDEA
SSLCertificateFile /etc/pki/tls/certs/yyy.yyy.yyy.yyy.cer
SSLCertificateKeyFile /etc/pki/tls/private/yyy.yyy.yyy.yyy.key
SSLCertificateChainFile /etc/pki/tls/certs/yyy.yyy.yyy.yyy.cer

CustomLog logs/filesender_ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

These are headers sent by backend server:

Date: Tue, 14 May 2019 10:37:55 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.3
Cache-Control: private, max-age=10800, pre-check=10800
Last-Modified: Tue, 14 May 2019 10:01:03 GMT
Content-Length: 5165363650
Content-Disposition: attachment; filename="yyy.7z"
Connection: close
Content-Type: application/octet-stream

With these headers I got error, if I remove Content-Length header I can
download file.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]