gzip compression broken in UniFi (built-in tomcat)

Bug #1692870 reported by Jean-Louis Dupond on 2017-05-23
50
This bug affects 9 people
Affects Status Importance Assigned to Milestone
zlib (Ubuntu)
High
Steve Langasek
Zesty
High
Unassigned
Artful
High
Steve Langasek

Bug Description

[Impact]
Since I upgraded from Ubuntu 16.10 to 17.04, my Guest portal for my UniFi system was broken (https://www.ubnt.com/download/unifi/).

Curl gave me the following response:
# curl -vvvv --compress localhost:8880/guest/s/default/
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8880 (#0)
> GET /guest/s/default/ HTTP/1.1
> Host: localhost:8880
> User-Agent: curl/7.52.1
> Accept: */*
> Accept-Encoding: deflate, gzip
>
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Content-Type: text/html;charset=utf-8
< Transfer-Encoding: chunked
< Content-Encoding: gzip
< Vary: Accept-Encoding
< Date: Tue, 23 May 2017 11:19:22 GMT
<
* Error while processing content unencoding: invalid code lengths set
* Failed writing data
* Curl_http_done: called premature == 1
* Closing connection 0
curl: (23) Error while processing content unencoding: invalid code lengths set

[Test Case]
- Install UniFi controller on Ubuntu 17.04 (http://dl.ubnt.com/unifi/5.4.16/unifi_sysvinit_all.deb)
- Go to https://<ip>:8443/manage/site/default/settings/guestcontrol
- Or do: curl -vvvv --compress <ip>:8880/guest/s/default/

When compression is enabled, its broken.
When disabling compression in curl, it works fine.

After some debugging, I found out that downgrading to zlib 1:1.2.8.dfsg-2ubuntu5.1 was a workaround.

Now after digging into the issue some more, I found the following upstream patch (unreleased version), fixes the issue:
https://github.com/madler/zlib/commit/f9694097dd69354b03cb8af959094c7f260db0a1

[Regression Potential]
Everybody upgrading from 16.10 (or previous) to 17.04 will be affected by this.

The patch is taken from upstream, so this isn't a change we will need to keep different from upstream.

I've already created a new package (see debdiff) that fixes the issue.

[Other Info]
Now as the UniFi controller is just some Tomcat, which relies on Java (OpenJDK), which uses zlib for its built-in Compression/Decompression. I guess even more java related tools can be broken. But I didn't have time to test this.

At least some other people using UniFi have the same issue, see:
https://community.ubnt.com/t5/UniFi-Wireless/ERR-CONTENT-DECODING-FAILED-on-guest-portal-customisation/td-p/1903419

Jean-Louis Dupond (dupondje) wrote :
description: updated

The attachment "New version with patch included." seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

tags: added: patch
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in zlib (Ubuntu):
status: New → Confirmed
tags: added: regression-release
tags: added: rls-aa-incoming
Jean-Louis Dupond (dupondje) wrote :

I tried to simulate the issue with Tomcat 7.0.77 (which is the version UniFi uses), but I was unable to simulate this on Ubuntu 17.04.

The 'use-dso' patch that I removed in the debdiff, just point to an empty file. So no use that file is in the deb.

Thanks

description: updated
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in zlib (Ubuntu Zesty):
status: New → Confirmed
Steve Langasek (vorlon) wrote :

Why does your debdiff drop the use-dso patch? Can you confirm that *not* disabling the use-dso patch still lets this work for you?

Steve Langasek (vorlon) wrote :

Sorry, you already addressed this in comment #4.

Changed in zlib (Ubuntu):
importance: Undecided → High
Changed in zlib (Ubuntu Zesty):
importance: Undecided → High
Steve Langasek (vorlon) wrote :

For SRU, this is going to need a better test case.

tags: removed: rls-aa-incoming
Steve Langasek (vorlon) on 2017-08-17
Changed in zlib (Ubuntu Zesty):
assignee: nobody → Steve Langasek (vorlon)
assignee: Steve Langasek (vorlon) → nobody
Changed in zlib (Ubuntu):
assignee: nobody → Steve Langasek (vorlon)
status: Confirmed → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package zlib - 1:1.2.11.dfsg-0ubuntu2

---------------
zlib (1:1.2.11.dfsg-0ubuntu2) artful; urgency=medium

  * Add upstream patch to fix deflateParams().
    Upstream commit: f9694097dd69354b03cb8af959094c7f260db0a1
    LP: #1692870
  * Drop empty patch debian/patches/use-dso

 -- Jean-Louis Dupond <email address hidden> Tue, 23 May 2017 13:32:29 +0200

Changed in zlib (Ubuntu Artful):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers