|Summary:||mod_proxy_ftp cannot connect under http load in forward proxy|
|Product:||Apache httpd-2||Reporter:||Jon Snow <jsnow27>|
|Component:||mod_proxy||Assignee:||Apache HTTPD Bugs Mailing List <bugs>|
Description Jon Snow 2006-09-05 14:41:39 UTC
Using 2.2.3 on SUN/solaris and PC/suse-linux in a forward proxy configuration. Without other http connections the ftp functionality is fine. With other http connections the ftp starts to fail increasingly under http request load until it no longer functions. This is easily reproduced using one http connection/sec through the forward proxy. Although proxy_util.c(2141) says the connection is complete there are no connection attempts from the proxy to the destination server. This was checked with snoop/tcpdump. In the example below note the hostname as www.gatesec.net for the ftp.suse.org address (220.127.116.11). Successful connections show this: Sep 5 23:34:48 hereford fproxy1: [Tue Sep 05 23:34:48 2006] [debug] mod_proxy_ftp.c(894): proxy: FTP: connecting ftp://ftp.suse.com/ to ftp.suse.com:21 Sep 5 23:34:48 hereford fproxy1: [Tue Sep 05 23:34:48 2006] [debug] proxy_util.c(2141): proxy: FTP: connection complete to 18.104.22.168:21 ((null)) Unsuccessful connections show this when using one connection/sec to http://www.gatesec.net: Sep 5 23:45:19 hereford fproxy1: [Tue Sep 05 23:45:19 2006] [debug] mod_proxy_ftp.c(894): proxy: FTP: connecting ftp://ftp.suse.com/ to ftp.suse.com:21 Sep 5 23:45:19 hereford fproxy1: [Tue Sep 05 23:45:19 2006] [debug] proxy_util.c(2141): proxy: FTP: connection complete to 22.214.171.124:21 (www.gatesec.net) Sep 5 23:45:19 hereford fproxy1: [Tue Sep 05 23:45:19 2006] [debug] mod_proxy_ftp.c(981): proxy: FTP: control connection complete Sep 5 23:45:21 hereford fproxy1: [Tue Sep 05 23:45:21 2006] [debug] mod_proxy_ftp.c(626): proxy:<FTP: 4294967295 <unable to read result> Sep 5 23:45:21 hereford fproxy1: [Tue Sep 05 23:45:21 2006] [debug] proxy_util.c(1816): proxy: FTP: has released connection for (*) Sep 5 23:45:21 hereford fproxy1: [Tue Sep 05 23:45:21 2006] [error] [client 127.0.0.1] proxy: Error reading from remote server returned by ftp://ftp.suse.com/ Sep 5 23:45:21 hereford fproxy1: 127.0.0.1 - - [05/Sep/2006:23:45:19 +1000] "GET ftp://ftp.suse.com/ HTTP/1.1" 502 67 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:126.96.36.199) Gecko/20060719 Firefox/188.8.131.52" /opt/chroot/fproxy-2.2.3/bin/httpd -l Compiled in modules: core.c mod_authn_file.c mod_authn_default.c mod_authz_host.c mod_authz_groupfile.c mod_authz_user.c mod_authz_default.c mod_auth_basic.c mod_include.c mod_filter.c mod_log_config.c mod_logio.c mod_env.c mod_headers.c mod_proxy.c mod_proxy_connect.c mod_proxy_ftp.c mod_proxy_http.c mod_proxy_ajp.c mod_proxy_balancer.c worker.c http_core.c mod_status.c mod_cgid.c mod_dir.c /opt/chroot/fproxy-2.2.3/bin/httpd -V Server version: Apache/2.2.3 Server built: Sep 5 2006 22:33:20 Server's Module Magic Number: 20051115:3 Server loaded: APR 1.2.7, APR-Util 1.2.7 Compiled using: APR 1.2.7, APR-Util 1.2.7 Architecture: 32-bit Server MPM: Worker threaded: yes (fixed thread count) forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/worker" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/fproxy-2.2.3" -D SUEXEC_BIN="/fproxy-2.2.3/bin/suexec" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf"
Comment 1 Mark Pauley 2007-08-06 16:02:42 UTC
I see this with 2.2.4 on Mac OS X 10.4.10 (ppc) compiled with ./configure --enable-mods=all --enable-mods-shared=all --enable-ssl -enable-deflate --enable- headers --enable-proxy --enable-dav --prefix=/usr/local/apache2.2 I can reproduce this fairly easily with a threaded ftp get via an ftp proxy.
Comment 2 Jeff Wu 2008-03-05 16:47:35 UTC
maybe it's the same as #44543 something wrong in the worker re-using stuff.
Comment 3 William A. Rowe Jr. 2018-11-07 21:08:34 UTC
Please help us to refine our list of open and current defects; this is a mass update of old and inactive Bugzilla reports which reflect user error, already resolved defects, and still-existing defects in httpd. As repeatedly announced, the Apache HTTP Server Project has discontinued all development and patch review of the 2.2.x series of releases. The final release 2.2.34 was published in July 2017, and no further evaluation of bug reports or security risks will be considered or published for 2.2.x releases. All reports older than 2.4.x have been updated to status RESOLVED/LATER; no further action is expected unless the report still applies to a current version of httpd. If your report represented a question or confusion about how to use an httpd feature, an unexpected server behavior, problems building or installing httpd, or working with an external component (a third party module, browser etc.) we ask you to start by bringing your question to the User Support and Discussion mailing list, see [https://httpd.apache.org/lists.html#http-users] for details. Include a link to this Bugzilla report for completeness with your question. If your report was clearly a defect in httpd or a feature request, we ask that you retest using a modern httpd release (2.4.33 or later) released in the past year. If it can be reproduced, please reopen this bug and change the Version field above to the httpd version you have reconfirmed with. Your help in identifying defects or enhancements still applicable to the current httpd server software release is greatly appreciated.