I've got an SCGI project I'm working on. My setup: buildroot, arm, 1.10.3. I'm using auth_request to authorize any restricted resources, auth_request uses SCGI to my auth client. 99% of the time, I get normal, expected behavior. Randomly an http resource will have a bad SCGI request format from Nginx to my auth client, which causes that resource to get denied. It appears that Nginx has a problem formatting the SCGI request, has an invalid size at the front (per SCGI spec), which is typically 6-8 bytes larger than the bytes sent over the socket. Looks like a string handling bug. Here are some SCGI requests that come in bad ( 2 examples, each one has good on top, bad below)
https://paste.ngx.cc/386b Thanks, -Phil
_______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
