Bug 107229

Summary:	Apache 2.x/1.x return extra chars in 404 and 401 requests (others?).
Product:	[Retired] Red Hat Linux	Reporter:	Cove Schneider <cove>
Component:	httpd	Assignee:	Joe Orton <jorton>
Status:	CLOSED CURRENTRELEASE	QA Contact:	David Lawrence <dkl>
Severity:	medium	Docs Contact:
Priority:	medium
Version:	9	CC:	cove
Target Milestone:	---
Target Release:	---
Hardware:	i686
OS:	Linux
URL:	https://www.wildpackets.com/brokenlink
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2003-10-29 18:23:11 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Cove Schneider 2003-10-15 23:48:06 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.0.2)
Gecko/20030208 Netscape/7.02

Description of problem:
In this example below you can see that there is a "55" and a "87" inserted in
the response for some reason:

% telnet www.wildpackets.com 80                            0 13:58:27
Trying 206.169.32.70...
Connected to www.wildpackets.com.
Escape character is '^]'.
GET /bogus HTTP/1.1
Host: www.wildpackets.com

HTTP/1.1 200 OK
Date: Wed, 15 Oct 2003 20:58:40 GMT
Server: Apache/2.0.40 (Red Hat Linux)
Accept-Ranges: bytes
X-Powered-By: PHP/4.2.2
Set-Cookie: sid=d1GkgsbzRcvn7vvc; expires=Wed, 15-Oct-2003 22:58:45 GMT; path=/
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

55
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>
87
...

According to this post, the problem can also happen with redirects, which can
prevent them from working. I believe this is one of the problems I'm having too,
but I can't seem to reproduce it or determin if it is happening at the moment.

See:
http://lists.debian.org/debian-apache/2003/debian-apache-200305/msg00006.html

Some other sites that exibit the same problem are:
www.slashdot.org
www.etrade.com


Version-Release number of selected component (if applicable):
httpd-2.0.40-21.5

How reproducible:
Always

Steps to Reproduce:
1.telnet www.wildpackets.com 80
2.Type "GET /some_broken_link HTTP/1.1\nHost: www.wildpackets.com\n\n"
3.
    

Actual Results:  55
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
[cut]

Expected Results:  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
[cut]

Additional info:

It doesn't appear to be dependant on mod_proxy. We have it disabled on another
server and the problem still shows up:

WP100512:~% telnet rst.wildpackets.com 80
Trying 10.4.58.6...
Connected to rst.wildpackets.com.
Escape character is '^]'.
GET /boguf HTTP/1.1
Host: rst.wildpackets.com

HTTP/1.1 404 Not Found
Date: Wed, 15 Oct 2003 21:05:14 GMT
Server: Apache/2.0.40 (Red Hat Linux)
Vary: accept-language
Accept-Ranges: bytes
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

1


21e
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
    "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Object not found!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rev="made" href="mailto:root@localhost" />
<style type="text/css">
<!--
body { color: #000000; background-color: #FFFFFF; }
a:link { color: #0000CC; }
-->
</style>
</head>

<body>
<h1>Object not found!</h1>
<dl>
<dd>

92


    The requested URL was not found on this server.

  

    If you entered the URL manually please check your
    spelling and try again.

  


13
</dd></dl><dl><dd>

66
If you think this is a server error, please contact
the <a href="mailto:root@localhost">webmaster</a>

ef

</dd></dl>

<h2>Error 404</h2>
<dl>
<dd>
<address>
  <a href="/">rst.wildpackets.com</a>
  <br />
  
  <small>Wed Oct 15 14:05:14 2003</small>
  <br />
  <small>Apache/2.0.40 (Red Hat Linux)</small>
</address>
</dd>
</dl>
</body>
</html>

1


0


The modules used by this server are:
rst:/etc/httpd/conf% egrep modules httpd.conf
# finding out what major optional modules you are running
# Statically compiled modules (those listed by `httpd -l') do not need
# LoadModule foo_module modules/mod_foo.so
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule fastcgi_module modules/mod_fastcgi.so
LoadModule auth_ldap_module   modules/mod_auth_ldap.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule cgid_module modules/mod_cgid.so

Comment 1 Joe Orton 2003-10-16 08:18:27 UTC

The telnet output is a correct HTTP/1.1 response including the chunked encoding.

What bug are you seeing in a real browser, in what circumstances, in what
configuration?

Comment 2 Cove Schneider 2003-10-27 18:11:07 UTC

Ok. I didn't know this was chunked encoding. The problem that I'm having is with
using Apple's Safari v1.0 (85.5) browser accessing SquirrelMail 1.4.2. For some
reason when using SSL the login hangs indefinably. Since the connection is over
SSL, I'm not able to determine what's going on. I tried using ssldump, but it
doesn't display the http session for some reason. Any suggestions appreciated.

Comment 3 Joe Orton 2003-10-27 20:16:32 UTC

Have you confirmed that it only fails if using Safari and SSL?  Other browsers
with SSL work, likewise Safari with non-SSL?

You can get ssldump to display application (HTTP) traffic, with the -d flag, if
you also point it at the private key for the SSL server using -k - the man page
explains the options.

Comment 4 Cove Schneider 2003-10-28 00:11:30 UTC

I've determined that only Safari is effected. Netscape works and so does IE.

Here's what I get with ssldump -d (-A doesn't help either):

New TCP connection #2: wrks-10-4-3-220.dhcp.wildpackets.com(53853) <->
rst.wildpackets.com(443)
2 1  0.0012 (0.0012)  C>S SSLv2 compatible client hello
  Version 3.1 
  cipher suites
  TLS_RSA_WITH_3DES_EDE_CBC_SHA  
  Unknown value 0xff83  
  TLS_RSA_WITH_RC4_128_SHA  
  TLS_RSA_WITH_RC4_128_MD5  
  TLS_RSA_WITH_DES_CBC_SHA  
  Unknown value 0xff82  
  TLS_RSA_EXPORT_WITH_RC4_40_MD5  
  TLS_RSA_EXPORT_WITH_DES40_CBC_SHA  
  TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5  
  SSL_RSA_WITH_RC2_CBC_MD5  
  TLS_RSA_WITH_NULL_MD5  
  SSL2_CK_RC4  
  SSL2_CK_RC4_EXPORT40  
  SSL2_CK_RC2  
  SSL2_CK_RC2_EXPORT40  
  SSL2_CK_DES  
  SSL2_CK_3DES  
2 2  0.0017 (0.0005)  S>C  Handshake
      ServerHello
        Version 3.1 
        session_id[32]=
          94 c3 c1 47 23 92 7f db 15 6a 25 1a ee 2f 4a 25 
          fc b8 f7 ff e1 80 8a bf 21 4e ea 2a 09 92 e7 13 
        cipherSuite         TLS_RSA_WITH_3DES_EDE_CBC_SHA
        compressionMethod                   NULL
2 3  0.0017 (0.0000)  S>C  Handshake
      Certificate
2 4  0.0017 (0.0000)  S>C  Handshake
      ServerHelloDone
2 5  0.0065 (0.0047)  C>S  Handshake
      ClientKeyExchange
2 6  0.0414 (0.0348)  C>S  ChangeCipherSpec
2 7  0.0414 (0.0000)  C>S  Handshake
2 8  0.0418 (0.0003)  S>C  ChangeCipherSpec
2 9  0.0418 (0.0000)  S>C  Handshake
2 10 0.0433 (0.0015)  C>S  application_data
2 11 0.1378 (0.0944)  S>C  application_data

At this point it hangs. I'm not sure why -d doesn't dump the ASCII data, from
the best I can determine ssldump uses ctype functions to determin weather data
is printable or not. This is partly what lead me to believe that the Apache
server was returning questionable data, albeit it could just as well be an
oversight in ssldump.

Comment 5 Cove Schneider 2003-10-29 18:23:11 UTC

Latest version of Safari 1.1 (v100) resolves this issue.