gzip compression broken in UniFi (built-in tomcat)

Bug #1692870 reported by Jean-Louis Dupond
50
This bug affects 9 people
Affects Status Importance Assigned to Milestone
zlib (Ubuntu)
Fix Released
High
Steve Langasek
Zesty
Won't Fix
High
Unassigned
Artful
Fix Released
High
Steve Langasek

Bug Description

[Impact]
Since I upgraded from Ubuntu 16.10 to 17.04, my Guest portal for my UniFi system was broken (https://www.ubnt.com/download/unifi/).

Curl gave me the following response:
# curl -vvvv --compress localhost:8880/guest/s/default/
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8880 (#0)
> GET /guest/s/default/ HTTP/1.1
> Host: localhost:8880
> User-Agent: curl/7.52.1
> Accept: */*
> Accept-Encoding: deflate, gzip
>
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Content-Type: text/html;charset=utf-8
< Transfer-Encoding: chunked
< Content-Encoding: gzip
< Vary: Accept-Encoding
< Date: Tue, 23 May 2017 11:19:22 GMT
<
* Error while processing content unencoding: invalid code lengths set
* Failed writing data
* Curl_http_done: called premature == 1
* Closing connection 0
curl: (23) Error while processing content unencoding: invalid code lengths set

[Test Case]
- Install UniFi controller on Ubuntu 17.04 (http://dl.ubnt.com/unifi/5.4.16/unifi_sysvinit_all.deb)
- Go to https://<ip>:8443/manage/site/default/settings/guestcontrol
- Or do: curl -vvvv --compress <ip>:8880/guest/s/default/

When compression is enabled, its broken.
When disabling compression in curl, it works fine.

After some debugging, I found out that downgrading to zlib 1:1.2.8.dfsg-2ubuntu5.1 was a workaround.

Now after digging into the issue some more, I found the following upstream patch (unreleased version), fixes the issue:
https://github.com/madler/zlib/commit/f9694097dd69354b03cb8af959094c7f260db0a1

[Regression Potential]
Everybody upgrading from 16.10 (or previous) to 17.04 will be affected by this.

The patch is taken from upstream, so this isn't a change we will need to keep different from upstream.

I've already created a new package (see debdiff) that fixes the issue.

[Other Info]
Now as the UniFi controller is just some Tomcat, which relies on Java (OpenJDK), which uses zlib for its built-in Compression/Decompression. I guess even more java related tools can be broken. But I didn't have time to test this.

At least some other people using UniFi have the same issue, see:
https://community.ubnt.com/t5/UniFi-Wireless/ERR-CONTENT-DECODING-FAILED-on-guest-portal-customisation/td-p/1903419

Revision history for this message
Jean-Louis Dupond (dupondje) wrote :
description: updated
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "New version with patch included." seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

tags: added: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in zlib (Ubuntu):
status: New → Confirmed
tags: added: regression-release
tags: added: rls-aa-incoming
Revision history for this message
Jean-Louis Dupond (dupondje) wrote :

I tried to simulate the issue with Tomcat 7.0.77 (which is the version UniFi uses), but I was unable to simulate this on Ubuntu 17.04.

The 'use-dso' patch that I removed in the debdiff, just point to an empty file. So no use that file is in the deb.

Thanks

description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in zlib (Ubuntu Zesty):
status: New → Confirmed
Revision history for this message
Steve Langasek (vorlon) wrote :

Why does your debdiff drop the use-dso patch? Can you confirm that *not* disabling the use-dso patch still lets this work for you?

Revision history for this message
Steve Langasek (vorlon) wrote :

Sorry, you already addressed this in comment #4.

Changed in zlib (Ubuntu):
importance: Undecided → High
Changed in zlib (Ubuntu Zesty):
importance: Undecided → High
Revision history for this message
Steve Langasek (vorlon) wrote :

For SRU, this is going to need a better test case.

tags: removed: rls-aa-incoming
Steve Langasek (vorlon)
Changed in zlib (Ubuntu Zesty):
assignee: nobody → Steve Langasek (vorlon)
assignee: Steve Langasek (vorlon) → nobody
Changed in zlib (Ubuntu):
assignee: nobody → Steve Langasek (vorlon)
status: Confirmed → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package zlib - 1:1.2.11.dfsg-0ubuntu2

---------------
zlib (1:1.2.11.dfsg-0ubuntu2) artful; urgency=medium

  * Add upstream patch to fix deflateParams().
    Upstream commit: f9694097dd69354b03cb8af959094c7f260db0a1
    LP: #1692870
  * Drop empty patch debian/patches/use-dso

 -- Jean-Louis Dupond <email address hidden> Tue, 23 May 2017 13:32:29 +0200

Changed in zlib (Ubuntu Artful):
status: Fix Committed → Fix Released
Mathew Hodson (mhodson)
Changed in zlib (Ubuntu Zesty):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.