Backport Apache fix "Honor ProxyTimeout" (54973)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Apache2 Web Server |
Fix Released
|
Critical
|
||
| | apache2 (Ubuntu) |
Undecided
|
Unassigned | ||
| | Trusty |
Undecided
|
Unassigned | ||
Bug Description
As suggested by Manfred Hampl, I now open a bug report from this question:
I use Apache 2.4.7 with mod_proxy_fcgi which is affected of this bug: https:/
Is it possible to backport this patch to 2.4.7 (fixed in 2.4.8, see link @ bottom page)? Would be nice to use timeouts higher than 30 seconds ;)
My system is an up-to-date Ubuntu Server 14.04.3 LTS with Apache 2.4.7-1ubuntu4.8
Thanks in advance!
|
|
#2 |
we confirm this behavior with:
mod_proxy_fcgi
mod_proxy
apache event mpm
on latest stable apache 2.4.6
we are using:
(we tried both inside and outside virtualhost: )
<Proxy fcgi://
ProxySet timeout=3600
ProxySet connectiontimeo
</Proxy>
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://
OR
RewriteCond %{ENV:REDIRECT_
RewriteRule ^/?(.*\.php)$ fcgi://
but none of them accepts the timeout:
[proxy_fcgi:error] (70007)The timeout specified has expired: [...] AH01075: Error dispatching request to:
|
|
#3 |
Created attachment 30828
proposed patch
This patch removes hardcoded 30 second timeout from mod_proxy_fcgi and replaces it with ProxyTimeout/
|
|
#4 |
Created attachment 30829
proposed patch v2
Better patch respecting previous "conn->
|
|
#5 |
The fact that you were not able to set "timeout=300" is caused by PR 43513.
|
|
#6 |
Created attachment 30833
proposed patch v3
Even better patch. Now uses apr_socket_
|
|
#7 |
Fixed in 2.4.8:
*) mod_proxy_fcgi: Use apr_socket_
30 seconds timeout. [Jan Kaluza]
| description: | updated |
| description: | updated |
| Changed in apache2: | |
| importance: | Unknown → Critical |
| status: | Unknown → Fix Released |
| Robie Basak (racb) wrote : | #8 |
Hi Robin,
Thank you for taking the time to report this bug and helping to make Ubuntu better.
This request looks reasonable to me. I'll add it to the queue. To help process it faster, we will need:
Identification of the upstream patch in upstream VCS (commit ID and preferably a link to the commit in a web view of the VCS).
Manual verification by a developer that the patch is still applicable to the version in 14.04.
A test case with step by step instructions on how to reproduce the issue on 14.04.
The full procedure is documented at: https:/
Thanks
| tags: | added: bitesize |
| Changed in apache2 (Ubuntu Trusty): | |
| status: | New → Triaged |
| Changed in apache2 (Ubuntu): | |
| status: | New → Fix Released |
| Robin Kluth (commifreak) wrote : | #9 |
I can help you to identify the upstream patch in upstream VCS for now ;)
The revision: http://
Regards,
| Robin Kluth (commifreak) wrote : | #10 |
Eh.. Did someone changed something?
I've tested a few tips to set the Timeout. Now it works as expected? In the same way as it not worked earlier. Weird.
For the log:
php5-fpm 5.5.9+dfsg-
apache2 2.4.7-1ubuntu4.9
And the config:
<VirtualHost 192.168.205.69:80>
ServerName site
ServerAdmin mail
DocumentRoot "/var/www/site/"
LogLevel warn
ErrorLog ${APACHE_
CustomLog ${APACHE_
ProxyTimeout 600
<Directory "/var/www/site/">
Options -Indexes
Require all granted
AllowOverride All
</Directory>
<LocationMatch "^/(.*\
ProxyPass fcgi://
</LocationMatch>
DirectoryIndex index.html index.php
</VirtualHost>
FPM got same timeout (max_execution_
This is working. Dont ask me why. I didnt found any changelog entry for this.
| Christian Ehrhardt (paelzer) wrote : | #11 |
Based on the examples here and the referred Apache bug I recreated this and confirms that it works.
There were some proxy fixes recently, maybe one of them affected this as well without knowing about it.
Steps to reproduce:
trusty container
apt-get install php5-fpm apache2 libapache2-
config for the site is:
cat /etc/apache2/
<VirtualHost 10.0.4.126:80>
DocumentRoot /var/www/html
ProxyTimeout 600
<Directory "/var/www/html/">
Options -Indexes
Require all granted
AllowOverride All
</Directory>
<LocationMatch "^/(.*\
ProxyPass fcgi://
</LocationMatch>
</VirtualHost>
enable site and enable proxy
ln -s /etc/apache2/
ln -s /etc/apache2/
ln -s /etc/apache2/
ln -s /etc/apache2/
Change the default local socket to match apache config in /etc/php5/
listen = 9000
Now place a long duration script as /var/www/
<?php
error_
$time = time();
for ($t = 0; $t <= 290; $t+=5) {
sleep(5);
}
error_
?>
then access your servers apache to the php file, gets redirected and takes a while
http://
It would now be up to the initial reporter to check if it works for them as well.
Setting to incomplete until we hear again.
| Changed in apache2 (Ubuntu Trusty): | |
| status: | Triaged → Incomplete |
| Christian Ehrhardt (paelzer) wrote : | #12 |
I can indeed confirm that the referred fix is in 2.4.7-1ubuntu4.11.
Looking back in versions when it got added I found it was already in 2.4.7-1ubuntu4.
If this needs something else to trigger or if it was meant to be a precise bug please let us know.
| Bryce Harrington (bryce) wrote : | #13 |
Trusty ended standard support in April 2019.
| Changed in apache2 (Ubuntu Trusty): | |
| status: | Incomplete → Won't Fix |
mod_proxy_fcgi is configured to proxy request to php-fpm as follow:
ProxyPassMatch ^/(.*\.php)$ fcgi://
If a php script takes more than 30 seconds to execute, a HTTP RC 500 is returned to the client.
php max_execution_time is set to 300 seconds
I used the following script to validate that the error was not due to php max_execution_time issue.
<?php
error_
$time = time();
for ($t = 0; $t <= 15; $t++) {
sleep(5);
}
error_
?>
after 30 seconds, the HTTP 500 is returned to the client, but in the php error_log the script continue its execution.
According to the documentation, TimeOut is set to 60 seconds by default, so it should not be an issue, but in case, the following explicit definition were tested without improvement:
1. ProxyPassMatch ^/(.*\.php)$ fcgi://
2. in virtual host: ProxyTimeout 300
3 in server config: TimeOut 300
The only workaround found was to hardcode the timeout in the mod_proxy_fcgi.c:
--- ./modules/
+++ ./modules/
@@ -575,7 +575,7 @@
/* We need SOME kind of timeout here, or virtually anything will
* cause timeout errors. */
if (! conn->worker-
- timeout = apr_time_
+ timeout = apr_time_
}
rv = apr_poll(&pfd, 1, &n, timeout);