You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2017/04/21 18:15:40 UTC
[Bug 61023] New: Reverse proxy closes connection when using special
characters in post request
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
Bug ID: 61023
Summary: Reverse proxy closes connection when using special
characters in post request
Product: Apache httpd-2
Version: 2.4.23
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy
Assignee: bugs@httpd.apache.org
Reporter: dominik.winkelbauer@respon.se
Target Milestone: ---
If the following character sequence is used anywhere in a POST Request body,
the reverse proxy server closes the connection before it can be finished:
" |
In words: <double quotation mark><space><pipe><space>
In hex: \x22\x20\x7C\x20
After doing that you can find the following two lines in the error log:
[proxy_http:error] [pid 6096:tid 7192] (OS 10054)An existing connection was
forcibly closed by the remote host. : [client xxx.xxx.xxx.xxx:62062] AH02609:
read request body failed to xxx.xxx.xxx.xxx:80 (the.requested.url) from
xxx.xxx.xxx.xxx (), referer: http://the.requested.url
[proxy_http:error] [pid 6096:tid 7192] [client xxx.xxx.xxx.xxx:62062] AH01097:
pass request body failed to xxx.xxx.xxx.xxx:80 (the.requested.url) from
xxx.xxx.xxx.xxx (), referer: http://the.requested.url
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61023] Reverse proxy closes connection when using special
characters in post request
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
Günter Huber <gh...@respon.se> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61023] Reverse proxy closes connection when using special
characters in post request
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
--- Comment #6 from Eric Covener <co...@gmail.com> ---
Reading the post body returned WSAECONNRESET.
Nothing from the ASF would synthesize that based on the data being read and
processed.
Historically this would be more likely AV/firewall on Windows outside of httpd.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61023] Reverse proxy closes connection when using special
characters in post request
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
--- Comment #3 from dominik.winkelbauer@respon.se ---
That was also my first explanation, but if I send the same request directly to
the webserver (without a reverse proxy server in between), everything works
fine.
So i concluded that this has to be a problem of the reverse proxy server.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61023] Reverse proxy closes connection when using special
characters in post request
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
Günter Huber <gh...@respon.se> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |gh_bugzilla@respon.se
--- Comment #5 from Günter Huber <gh...@respon.se> ---
Created attachment 34949
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34949&action=edit
mod_dumpio output
I'm a colleague of Dominik and I digged a bit deeper in this problem.
There is no error log entry in the webservers error log (the server behind the
Apache Reverse Proxy).
The dumpio log of the request and the sent POST data are contained in the
attached file.
The system the Apache reverse proxy is running on is Windows. I suspect the
problem may be related to the Windows version of Apache.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61023] Reverse proxy closes connection when using special
characters in post request
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
--- Comment #2 from Ruediger Pluem <rp...@apache.org> ---
The error message says that the remote side closed the connection NOT the
reverse proxy. This means your backend is unable to handle these POST request
bodies. This would be a bug of backend server software or your backend
application. Not of the reverse proxy.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61023] Reverse proxy closes connection when using special
characters in post request
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
OS| |All
Status|NEW |NEEDINFO
--- Comment #1 from Eric Covener <co...@gmail.com> ---
Can you share a packet capture from the webserver showing it?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 61023] Reverse proxy closes connection when using special
characters in post request
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=61023
--- Comment #4 from Luca Toscano <to...@gmail.com> ---
As Eric pointed out it would be great if you could support your thesis with
some tcpdump pcap and/or with
https://httpd.apache.org/docs/2.4/mod/mod_dumpio.html.
What happens when the webserver receives a proxied request? Does it show
anything in its logs? As Ruediger pointed out it seems that the backend
webserver closes its connection for some reason, meanwhile you reported that
hitting it directly works fine.
Thanks!
Luca
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org