Re: Apache SSL reverse proxy for chunked content seems to be broken

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Pratyoosh,

We faced same kind of issue. Chunking was not working with smaller files. Please have a look at:

https://issues.apache.org/bugzilla/show_bug.cgi?id=50402

I had recompiled Mod_ssl with the patch and it started working.

Do you have the similar issue?

Thanks,
Anoop

On Fri, Aug 3, 2012 at 10:09 PM, Pratyoosh Sharma <pratyoosh.sharma@xxxxxxxxx> wrote:

We are observing a very strange issue with Apache 2.2.14 serving as a transparent proxy to an application server using mod_proxy, when the application server sends chunked mode response

 

Apache is listening over SSL & reverse proxying to the backend server HTTP, We have SSLProxyEngine & SSLEngine set as on

things work well when the response is not chunked mode encoded, but Apache seems be broken when the backend sends gziped content over chunked mode transport

 

Unfortunately we don't control the backend server to enforce HTTP 1.0 on it

 

[Fri Aug 03 12:18:27 2012] [debug] ssl_engine_io.c(1869): OpenSSL: I/O error, 5 bytes expected to read on BIO#ea68050 [mem: ea78430]

[Fri Aug 03 12:18:27 2012] [info] [client 10.30.90.36] (70007)The timeout specified has expired: SSL input filter read failed.

[Fri Aug 03 12:18:27 2012] [debug] ssl_engine_kernel.c(1893): OpenSSL: Write: SSL negotiation finished successfully

[Fri Aug 03 12:18:27 2012] [info] [client 10.30.90.36] Connection closed to child 88 with standard shutdown (server xxxxxxxxxx:9333)

[Fri Aug 03 12:18:28 2012] [debug] ssl_engine_io.c(1869): OpenSSL: I/O error, 5 bytes expected to read on BIO#ea9a720 [mem: ea590c0]

[Fri Aug 03 12:18:28 2012] [info] [client 10.30.90.36] (70007)The timeout specified has expired: SSL input filter read failed.

[Fri Aug 03 12:18:28 2012] [debug] ssl_engine_kernel.c(1893): OpenSSL: Write: SSL negotiation finished successfully

 

 

We have tried to upgrading to the latest release Apache 2.4 using OpenSSL 1.0.1 with no success, any thoughts on what might be wrong here




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux