|Summary:||PATH_MAX artificially restricts Location path matching length less than LimitRequestLine|
|Component:||Core||Assignee:||Apache HTTPD Bugs Mailing List <bugs>|
Description mark 2019-06-13 16:29:04 UTC
We see errors like (36)File name too long: [client 10.240.105.17:0] AH00127: Cannot map GET /aveksa/nnnnnnnn.......nnn when the PATH component is longer than 4096 characters but still under the LimitRequestLine. This appears to be due to the situation outlined in https://stackoverflow.com/questions/5337891/apache-error-file-name-too-long-cannot-map-get And filesystem path testing is done even though this URL would get handled by a Location directive to proxy the request. IMO paths matching a Location directive should not get mapped to a filesystem path at all if a SetHandler is used. Filesystem limitations should be be applied to a request that will never go to the filesystem.
Comment 1 mark 2019-06-13 16:30:38 UTC
That last line should obviously read.. "Filesystem limitations should *NOT* be applied to a request that will never go to the filesystem."
Comment 2 mark 2019-06-16 11:19:09 UTC
Reviewing the code, this ap_core_translate only seems to be called by mod_rewrite and mod_file_cache, and in this case I know that only mod_rewrite is turned on. So the question is, how do we avoid this code path when a path matches a Location directive. https://github.com/apache/httpd/search?q=ap_core_translate&unscoped_q=ap_core_translate
Comment 3 Christophe JAILLET 2019-06-16 17:17:29 UTC
Turn back to 'Core' component. 'ap_core_translate()' is also defined in the 'translate_name' hook. Unless you are sure that mod_rewrite is involved, it is likely not there that it is hit. This hook is ran 'ap_run_translate_name()'.
Comment 4 mark 2019-06-17 21:26:16 UTC
Hi, yes, I just spotted that when I was testing without mod_rewrite. https://github.com/apache/httpd/blob/4c5c6c659d1e4ebe991f6f629a7cd8c017009a3b/server/core.c#L5900 So, what makes sense to do here? Somehow, when a <Location> matches and a handler is defined, ap_core_translate should be skipped?
Comment 5 Eric Covener 2019-06-17 21:30:33 UTC
(In reply to mark from comment #4) > Hi, yes, I just spotted that when I was testing without mod_rewrite. > > https://github.com/apache/httpd/blob/ > 4c5c6c659d1e4ebe991f6f629a7cd8c017009a3b/server/core.c#L5900 > > So, what makes sense to do here? Somehow, when a <Location> matches and a > handler is defined, ap_core_translate should be skipped? The precedent in mod_proxy is that if you don't care about URI to filesystem mapping, you short-circuit it with your own translate_name that runs earlier. Otherwise, the core doesn't know that a particular handler is going to use the output of the mapping just because it's not a static file -- for example the CGI handler uses the output to figure out what to execute.
Comment 6 mark 2019-06-17 21:45:52 UTC
Ok, thanks, in this case, the handler is the Oracle Webserver Weblogic plugin, https://docs.oracle.com/middleware/12211/webtier/develop-plugin/overview.htm#PLGWL391 So we should ask Oracle to update their plugin to include a translate_name handler. That sounds painful, but probably the only option. I wonder if we should wrap our <Location> inside a <Proxy> or maybe just use Proxy. Can you use set-handler inside <Proxy>? I will peer at the docs.
Comment 7 William A. Rowe Jr. 2019-06-18 04:22:14 UTC
Actually, the hook map_to_storage is the final intercept point before httpd attempts to do this itself (which runs last if no module has reacted.)
Comment 8 Ruediger Pluem 2019-06-18 06:15:25 UTC
(In reply to mark from comment #6) > Ok, thanks, in this case, the handler is the Oracle Webserver Weblogic > plugin, > https://docs.oracle.com/middleware/12211/webtier/develop-plugin/overview. > htm#PLGWL391 > > So we should ask Oracle to update their plugin to include a translate_name > handler. That sounds painful, but probably the only option. > > I wonder if we should wrap our <Location> inside a <Proxy> or maybe just use > Proxy. Can you use set-handler inside <Proxy>? I will peer at the docs. Maybe a crazy idea, but if you write your own translate_name hook in lua? http://httpd.apache.org/docs/2.4/mod/mod_lua.html#luahooktranslatename Should be sufficient to return apache2.DECLINED for all but the URL's that should go to Weblogic and for the ones that should get there set r.filename to a dummy value (probably it is needed that this file exists and can be stated).
Comment 9 mark 2019-06-18 08:49:50 UTC
Looking at server-info I see the following for mod_weblogic Module Name: mod_weblogic.c Content handlers: yes Configuration Phase Participation: Create Directory Config, Merge Directory Configs, Create Server Config, Merge Server Configs Request Phase Participation: Translate Name, Map to Storage, Fixups, Content Handlers In the hooks list: Translate Name: 00 mod_rewrite.c 00 mod_proxy.c 10 mod_alias.c 10 mod_jk.c 10 mod_weblogic.c 30 core.c Map to Storage: -10 core.c 00 mod_proxy.c 10 http_core.c 10 http_core.c 10 mod_jk.c 10 mod_weblogic.c 30 core.c So I would interpret that as mod_weblogic actually inserting some hooks for both of those handler phases. My instinct now is to ditch mod_weblogic for this case and use mod_proxy_balancer instead. Technically mod_weblogic does the same job as mod_proxy_balancer, just with some Weblogic custom behaviours that may not be necessary here.
Comment 10 mark 2019-06-18 09:21:52 UTC
https://docs.oracle.com/middleware/12213/webtier/develop-plugin/plugin_params.htm#PLGWL4398 WLForwardUriUnparsed Default: OFF Applies to: Oracle HTTP Server, Apache HTTP Server When set to ON, the WLS plug-in will forward the original URI from the client to WebLogic Server. When set to OFF (default), the URI sent to WebLogic Server is subject to modification by mod_rewrite or other web server plug-in modules. might also help