Bug 57691 - mod_proxy/proxy_util confuses UDS scheme with HTTP scheme when using RewriteRule
Summary: mod_proxy/proxy_util confuses UDS scheme with HTTP scheme when using RewriteRule
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy_fcgi (show other bugs)
Version: 2.4.12
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-12 13:11 UTC by dferradal
Modified: 2016-07-26 12:38 UTC (History)
2 users (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description dferradal 2015-03-12 13:11:39 UTC
Problem: mod_proxy or proxy_util are confusing a fcgi with a http one

Scenario: The only scenario I have seen where that happens is when you proxy to uds through mod_rewrite.

Example:

ProxyPassMatch ^(.+\.php)(/.+)?$ "unix:/opt/apache/httpd/logs/fpm/owncloud.sock|fcgi://localhost/var/www/" <-- WILL WORK

In the same exact context (VirtualHost):
RewriteRule ^/(.+\.php)(/.+)?$ unix:/opt/apache/httpd/logs/fpm/owncloud.sock|fcgi://localhost/var/www/ [P,L] <-- it seems proxy_util will interpret the client is requesting:
/unix:/opt/apache/httpd/logs/fpm/owncloud.sock|fcgi://localhost/var/www/



As you can see in the trace log bellow it seems like a "/" has been prepended to the uds scheme turning it into a http scheme request:

[Tue Mar 10 20:54:07.372247 2015] [proxy:trace2] [pid 7006:tid 139906126960384] proxy_util.c(1976): [client masked:masked] *: using default reverse proxy worker for https://masked/unix:/opt/apache/httpd/logs/fpm/owncloud.sock%7Cfcgi://localhost/var/www/ (no keepalive)
[Tue Mar 10 20:54:07.372319 2015] [proxy:debug] [pid 7006:tid 139906126960384] mod_proxy.c(1163): [client masked:masked] AH01143: Running scheme https handler (attempt 0)
[Tue Mar 10 20:54:07.372353 2015] [proxy:debug] [pid 7006:tid 139906126960384] proxy_util.c(2193): [client masked:masked] AH00944: connecting https://masked/unix:/opt/apache/httpd/logs/fpm/owncloud.sock%7Cfcgi://localhost/var/www/ to masked:443
[Tue Mar 10 20:54:07.480068 2015] [proxy:debug] [pid 7006:tid 139906126960384] proxy_util.c(2394): [client masked:masked] AH00947: connected /unix:/opt/apache/httpd/logs/fpm/owncloud.sock%7Cfcgi://localhost/var/www/ to masked:443
[Tue Mar 10 20:54:07.480241 2015] [ssl:error] [pid 7006:tid 139906126960384] [remote 188.226.254.185:443] AH01961: SSL Proxy requested for masked:443 but not enabled [Hint: SSLProxyEngine]
[Tue Mar 10 20:54:07.480259 2015] [proxy:error] [pid 7006:tid 139906126960384] AH00961: HTTPS: failed to enable ssl support for masked:443 (masked)

Hope this helps.