Configuration:
Red Hat Enterprise Linux AS release 3 (Taroon Update 2)
Kernel 2.4.21-15.0.2.ELsmp
mod_perl 1.99_14 (compiled from source; "make test" reports all tests successful)
OpenSSL 0.9.7a Feb 19 2003
Apache 2.0.50 (compiled from source)
./configure --prefix=/usr --localstatedir=/etc/httpd --sysconfdir=/etc/httpd/conf --sbindir=/usr/sbin --libexecdir=/etc/httpd/modules --enable-so --enable-auth-dbm=shared --enable-rewrite=shared --enable-mime-magic=shared --enable-ssl=shared --enable-mods-shared=most CPPFLAGS=-I/usr/kerberos/include
Problem:
Since switching from Apache 2.0.47 to 2.0.49, I have started receiving occasional messages in the error log of one of my SSL servers, like this:
[Fri Jul 02 11:14:30 2004] [info] Initial (No.1) HTTPS request received for child 0 (server [server name]:443)
[Fri Jul 02 11:14:30 2004] [info] (104)Connection reset by peer: core_output_filter: writing data to the network
[Fri Jul 02 11:14:30 2004] [error] 5894: ModPerl::Registry: Software caused connection abort at [path to script and line number].\n
[Fri Jul 02 11:14:30 2004] [error] 5894: ModPerl::Registry: Software caused connection abort at [path to script and line number].\n
This problem has persisted since I went to 2.0.50 recently.
What I've found so far:
- The script/line number recorded in the error log points to the library of perl functions we use to generate content dynamically. The script parses each HTML page and does special output. The error happens when the script tries to write the HTTP header to stdout. The script is configured to run, like so:
<Files *.mperl> SetHandler perl-script PerlResponseHandler ModPerl::Registry PerlOptions +ParseHeaders </Files> AddType application/x-wrapper .shtml .shm Action application/x-wrapper [path to a .mperl script]
- Interestingly, this error only occurs on the SSL side of our server.
- I have a custom ErrorDocument for 500 errors which captures the environment variables of the session, and the user in all cases seems to be using IE 6.0.
- This error only happens about 10-20 times per day. I can reproduce it by:
o Navigating to a page on the site
o Clicking on a link from that page to another one on the site
o Quickly pressing IE's reload button, before the page from the previous step has a chance to display
I have not received any complaints from users, so I suspect that the above case (or something similar to it) is the cause on the client's side.
- We upgraded from Apache 2.0.47, which did not exhibit this problem. Or, perhaps, the problem was there, but just wasn't getting reported like it is in .49 and .50.
- After reading up on the error messages, both using Google, and the Apache FAQ, I have tried these things, to no avail:
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
EnableSendfile Off
EnableMMAP Off
I tried the latter two, because the web pages in question, while dynamically generating their output, are stored on an NFS-mounted partition. I figured it couldn't hurt, but it didn't help either.
I have written to the Apache Developers' list, but the only suggestion I got was that the initial "Connection reset by peer" error is to be expected, but that mod_perl probably shouldn't be generating the pair of "[error]" level log messages.
I don't entirely buy this, since there was a behavior change when only Apache was upgraded (I kept the same mod_perl version when this started happening.) It also only happens when SSL is added to the mix.
However, if you do agree that mod_perl needs to be more tolerant of this particular condition then, in my opinion, not only should the error not be logged with the "[error]" severity, but the ErrorDocument 500 should also not be called.
--
Dan Wilga [EMAIL PROTECTED]
Web Technology Specialist http://www.mtholyoke.edu
Mount Holyoke College Tel: 413-538-3027
South Hadley, MA 01075 "Who left the cake out in the rain?"
-- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
