Bug 61283 - proxy_wstunnel appends a 502 body if the client doesn't send data before connection close
Summary: proxy_wstunnel appends a 502 body if the client doesn't send data before conn...
Status: RESOLVED FIXED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy_wstunnel (show other bugs)
Version: 2.4.26
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-12 18:30 UTC by Jacob Champion
Modified: 2017-10-03 11:55 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jacob Champion 2017-07-12 18:30:39 UTC
This initially looked similar to bug 60717, but it seems like that might be a coincidence.

If the configured ws:// backend for a proxy_wstunnel request immediately returns a final response code and closes the connection instead of upgrading, proxy_wstunnel will send an extra "Bad Gateway" response body after the response that has already been sent. Here's an example where the backend is responding to a client that hasn't sent a supported Sec-WebSocket-Version:

HTTP/1.1 400 Bad Request
Date: Wed, 12 Jul 2017 16:54:20 GMT
Server: Apache/2.4.28-dev (Unix) OpenSSL/1.0.2g
Sec-WebSocket-Version: 13,8,7
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
</body></html>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>502 Bad Gateway</title>
</head><body>
<h1>Bad Gateway</h1>
<p>The proxy server received an invalid
response from an upstream server.<br />
</p>
</body></html>
Comment 1 Jacob Champion 2017-07-12 19:16:01 UTC
It looks like the code added in r1669299 might be backwards? It sets the `replied` flag if the client sends data, but it seems like we wanted it to be set if the server sends data.
Comment 2 Yann Ylavic 2017-07-12 21:52:50 UTC
Actually it was fixed in r1754164, but never proposed for backport (my bad).
Comment 3 felipe 2017-07-14 22:05:56 UTC
Is there any wiggle room to consider backporting this?

It affects more than just 502 responses; in my experience, *any* time the backend server sends a valid WS payload and closes the connection right away triggers this bug. My application is a log tailer, and any time I fetch a log that’s already completed I run into this bug.

I observed it in 2.4.25. I didn’t try 2.4.27.
Comment 4 Yann Ylavic 2017-07-14 22:33:32 UTC
Proposed for backport with r1801997.
Comment 5 Jacob Champion 2017-07-14 23:11:31 UTC
(In reply to felipe from comment #3)
> It affects more than just 502 responses; in my experience, *any* time the
> backend server sends a valid WS payload and closes the connection right away
> triggers this bug.
I've updated the bug title to help other people looking for this problem; thanks for pointing it out.
Comment 6 Yann Ylavic 2017-10-03 11:55:01 UTC
Backported to 2.4.28 in r1802144.