DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=43504>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43504 Summary: ajp buffer overflow using mod_proxy Product: Apache httpd-2 Version: 2.2.6 Platform: All OS/Version: Linux Status: NEW Severity: critical Priority: P2 Component: mod_proxy_balancer AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Dear Ladies and Gentlemen, after upgrading vom Apache 2.2.4 to 2.2.6 my configuration with mod_proxy and AJP stopped working. Downgrading to 2.2.4 it worked again. (Platform is Red Hat Linux Enterprise 4) The Apache error log showed: [Fri Sep 28 14:38:53 2007] [error] ajp_msg_append_uint8(): BufferOverflowException 4 4 [Fri Sep 28 14:38:53 2007] [error] ajp_msg_append_uint8(): BufferOverflowException 4 4 When accessing the webpage i got: "Service Temporarily Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later." There are two servers which are spoken to via mod_proxy / balancer and AJP. One is primary and the other standby. Normally the first gets served. After upgrading to 2.2.6 the state of the primary changes to error and the standby does not jump in. The Backends are Tomcat 5.5.20. Balancer Page: Load Balancer Manager for www.xxx.com Server Version: Apache/2.2.6 (Unix) mod_ssl/2.2.6 PHP/5.2.3 Server Built: Sep 28 2007 13:05:04 -------------------------------------------------------------------------------- LoadBalancer Status for balancer://testname_lb StickySession Timeout FailoverAttempts Method 0 1 byrequests Worker URL Route RouteRedir Factor Set Status Elected To From ajp://192.168.40.146:8009 1 0 Stby Ok 0 0 0 ajp://192.168.40.145:8009 1 0 Err 4 0 0 Apache 2.2.4 and 2.2.6 are both compiled with the following parameters: ./configure --prefix=/usr/local/apache2 --enable-proxy --enable-proxy-ajp -- enable-proxy-balancer --enable-proxy-connect --enable-proxy-http --enable- rewrite --enable-ssl --with-mpm=worker --with-included-apr Bes regards, Marcus Albrecht ------------- Apache Config: ServerRoot "/usr/local/apache2" Listen 80 HostnameLookups off LoadModule php5_module modules/libphp5.so AddType application/x-httpd-php .php .phtml <IfModule !mpm_netware_module> User nobody Group nobody </IfModule> ServerAdmin [EMAIL PROTECTED] ServerName xxx.xxx.de DocumentRoot "/usr/local/apache2/htdocs" <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Deny from all </Directory> <Directory "/usr/local/apache2/htdocs"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> <IfModule dir_module> DirectoryIndex index.html </IfModule> <FilesMatch "^\.ht"> Order allow,deny Deny from all Satisfy All </FilesMatch> ErrorLog logs/error_log LogLevel warn <IfModule log_config_module> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common <IfModule logio_module> # You need to enable mod_logio.c to use %I and %O LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" % I %O" combinedio </IfModule> CustomLog logs/access_log common </IfModule> <IfModule alias_module> ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" </IfModule> <IfModule cgid_module> #Scriptsock logs/cgisock </IfModule> <Directory "/usr/local/apache2/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> DefaultType text/plain <IfModule mime_module> TypesConfig conf/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz </IfModule> # Server-pool management (MPM specific) Include conf/extra/httpd-mpm.conf # Multi-language error messages #Include conf/extra/httpd-multilang-errordoc.conf # Fancy directory listings #Include conf/extra/httpd-autoindex.conf # Language settings #Include conf/extra/httpd-languages.conf # User home directories #Include conf/extra/httpd-userdir.conf # Real-time info on requests and configuration #Include conf/extra/httpd-info.conf # Virtual hosts NameVirtualHost xxx.xxx.xxx.xxx:80 # Local access to the Apache HTTP Server Manual #Include conf/extra/httpd-manual.conf # Distributed authoring and versioning (WebDAV) #Include conf/extra/httpd-dav.conf # Various default settings #Include conf/extra/httpd-default.conf # Secure (SSL/TLS) connections #Include conf/extra/httpd-ssl.conf <IfModule ssl_module> SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule> <VirtualHost xxx.xxx.xxx.xxx:80> ServerName www.xxx.com ServerAdmin [EMAIL PROTECTED] # DocumentRoot /data/domain/xxx/html/ ErrorLog /data/xxx-error.log CustomLog /data/xxx-access.log combined KeepAlive On KeepAliveTimeout 2 ProxyRequests Off RewriteEngine On # If /cps* the get Data from internal RewriteCond %{REQUEST_URI} /cps[\/]? #RewriteRule ^/(.*) ajp://192.168.40.145:8009/$1 [L,P] RewriteRule ^/(.*) balancer://testname_lb/$1 [L,P] # If anythin else then above the redicet to first page (Proxy Pass with rewrite) RewriteCond %{REQUEST_URI} /.* RewriteRule ^/$ balancer://testname_lb/cps/rde/xchg/project/hs.xsl/index.html [P] RewriteRule ^/index.html$ balancer://testname_lb/cps/rde/xchg/project/index.html [P] <Proxy balancer://testname_lb> BalancerMember ajp://192.168.40.146:8009 keepalive=on ping=15 timeout=30 status=+H BalancerMember ajp://192.168.40.145:8009 keepalive=on ping=15 timeout=30 ProxySet lbmethod=byrequests </Proxy> <Location /balancer-manager/> SetHandler balancer-manager Order Deny,Allow Deny from all Allow from 192.168 </Location> </VirtualHost> -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
