mod proxy causes duplicate query strings when nocanon option is used

Bug #455873 reported by James Troup
26
This bug affects 2 people
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Medium
Unassigned
Hardy
Medium
Dave Walker

Bug Description

Binary package hint: apache2

When mod proxy is used with the nocanon option apache duplicates the
query string arguments in the URL. This is a known bug in 2.2.8 and
was fixed in 2.2.9, c.f.:

  <https://issues.apache.org/bugzilla/show_bug.cgi?id=44803>
  <http://mail-archives.apache.org/mod_mbox/httpd-cvs/200806.mbox/%<email address hidden>%3E>

To reproduce:

1) Create an apache.conf file, e.g. like:

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so

Listen 5555

ErrorLog /dev/null
PidFile /dev/null

ProxyPass / http://127.0.0.1:8000/ nocanon
ProxyPassReverse / http://127.0.0.1:8000/
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Then run apache with it, e.g. apache2 -X -f apache.conf

2) run 'python -m SimpleHTTPServer' in another terminal/window/whatever

3) finally run 'wget -q -O /dev/null http://localhost:5555/foo?bar' in another terminal

Output from hardy(-updates) apache:

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
localhost - - [19/Oct/2009 23:16:09] code 404, message File not found
localhost - - [19/Oct/2009 23:16:09] "GET /foo?bar?bar HTTP/1.1" 404 -
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Expected output:

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
localhost - - [19/Oct/2009 23:16:34] code 404, message File not found
localhost - - [19/Oct/2009 23:16:34] "GET /foo?bar HTTP/1.1" 404 -
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Attached is a dpatch which we're using in production and fixes the
issue for us. Could we please get an SRU with this for hardy?

Revision history for this message
James Troup (elmo) wrote :
Changed in apache2 (Ubuntu):
assignee: nobody → Ubuntu Server Team (ubuntu-server)
Mathias Gug (mathiaz)
Changed in apache2 (Ubuntu):
assignee: Ubuntu Server Team (ubuntu-server) → Canonical Server Team (canonical-server)
Chuck Short (zulcss)
Changed in apache2 (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Matt Zimmerman (mdz)
Changed in apache2 (Ubuntu):
assignee: Canonical Server Team (canonical-server) → Chuck Short (zulcss)
Revision history for this message
Chuck Short (zulcss) wrote :

I have queued it up for the next upload. Thanks for the patch.

Regards
chuck

Changed in apache2 (Ubuntu Hardy):
status: New → In Progress
Revision history for this message
Martin Pitt (pitti) wrote :

Fixed in 2.2.9, i. e. intrepid onwards.

Changed in apache2 (Ubuntu):
assignee: Chuck Short (zulcss) → nobody
status: Triaged → Fix Released
Changed in apache2 (Ubuntu Hardy):
assignee: nobody → Chuck Short (zulcss)
importance: Undecided → Medium
status: In Progress → Fix Committed
tags: added: verification-needed
Revision history for this message
Martin Pitt (pitti) wrote : Please test proposed package

Accepted apache2 into hardy-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

FYI-- this package is going to be superseded with a pending security upload.

Revision history for this message
Martin Pitt (pitti) wrote :

Any chance to test this soon, so that the fix can be folded into the security update or moved to -updates before?

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This has been superseded by 2.2.8-1ubuntu0.14.

Revision history for this message
Martin Pitt (pitti) wrote :

Chuck, can you please merge and re-upload?

Changed in apache2 (Ubuntu Hardy):
status: Fix Committed → Triaged
tags: removed: verification-needed
Dave Walker (davewalker)
Changed in apache2 (Ubuntu Hardy):
assignee: Chuck Short (zulcss) → Dave Walker (davewalker)
Revision history for this message
Colin Watson (cjwatson) wrote :

Accepted into hardy-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in apache2 (Ubuntu Hardy):
status: Triaged → Fix Committed
tags: added: verification-needed
Dave Walker (davewalker)
tags: added: verification-failed
removed: verification-needed
Revision history for this message
Dave Walker (davewalker) wrote :

Fails verification for introducing a regression bug #583698.

Revision history for this message
Colin Watson (cjwatson) wrote :

I've posted an analysis to bug 583698; the exact same bug is present in hardy as released, as well as in the current version in hardy-updates, so I don't believe it should cause this proposed update to fail verification.

tags: added: verification-needed
removed: verification-failed
Revision history for this message
Andrew Straw (astraw) wrote :

Although I'm not a member of the SRU verification team, I can verify that 2.2.8-1ubuntu0.16 in hardy-proposed fixes the issue for me on i386. (Before upgrading to this, I was being hit by this bug when attempt to setup a reverse proxy to a CouchDB server.)

Martin Pitt (pitti)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Martin Pitt (pitti) wrote :

So it seems that bug 583698 is not actually a regression from this SRU, so this seems fine to go. Thanks for testing!

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apache2 - 2.2.8-1ubuntu0.16

---------------
apache2 (2.2.8-1ubuntu0.16) hardy-proposed; urgency=low

  * debian/patches/211_fix_mod_proxy_nocanon.dpatch: Fix duplicated query string
    when using nocanon option to mod_proxy. Patch courtesy of James Troup, based
    on upstream cherry pick. (LP: #455873)
 -- Dave Walker (Daviey) <email address hidden> Mon, 17 May 2010 18:06:59 +0100

Changed in apache2 (Ubuntu Hardy):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers