https://issues.apache.org/bugzilla/show_bug.cgi?id=54827
Bug ID: 54827
Summary: 2.2.24 new SSL dummy connection handling causes very
long restart (including graceful restart)
Product: Apache httpd-2
Version: 2.2.24
Hardware: PC
OS: Linux
Status: NEW
Severity: major
Priority: P2
Component: Core
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
Recently I've upgraded from 2.2.23 to 2.2.24. Graceful and normal restarts
started taking ages (like 5 minutes instead of 5 seconds).
Stracing shows that it does it's tls 1.0 dummy close for few minutes and after
that finally server finishes restarting.
Changing order so Listen 80 is after Listen 443 also fixes that problem -
graceful restart takes seconds and not minutes (since internal dummy connection
is non-ssl then).
So likely 2.2.24 regression is caused by:
*) core: Use a TLS 1.0 close_notify alert for internal dummy connection if
the chosen listener is configured for https. [Joe Orton]
and I suggest backporting PR 39653 fix to 2.2.x:
* server/mpm_common.c (dummy_connection): If possible, use a non-SSL
listening port to use for the dummy connection, to avoid causing
(confusing) error log spam by sending EOF down an SSL port
otherwise tls 1.0 close notify hack can become pain for more people.
Using openssl 1.0.1e here. (There is also possibility that the bug is in
openssl and not in apache but still PR 39653 fix is worth backporting IMO)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
