| Summary: | occasional 502 errors on httpd load balancer | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Michael Young <m.a.young> |
| Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 5.6 | CC: | cward, mvadkert, pvrabec |
| Target Milestone: | rc | Keywords: | OtherQA |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openssl-0.9.8e-19.el5 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-07-21 07:41:41 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Michael Young
2011-03-18 12:48:35 UTC
Hello guys, is there a way how to reproduce this bug other than trying to simulate the reported environment where it occured? Could you please provide some steps how to reproduce this bug and verify the potential patch other than code review? Thanks Unfortunately I do not have any reproducer - it would have to be a multithreaded SSL client application that tries to connect to the server simultaneously with multiple threads. My test system was apache running as an https load balancer in front of two apache https backends. I loaded the system by running 20-30 jobs which were repeatedly doing a wget (set to discard the page after retrieving it). The backends were running Blackboard software behind apache but as I was only ever fetching the front page that probably doesn't matter. When I was testing I got it to show these 502 outbursts 3 times that day. I then ran it over the weekend with the patch applied (but without the Blackboard software as I had broken it by filling up the database with log entries) without any further failures. We have also been running the patched openssl on our live system for a week now and not seen any repeat of these 502 outbursts. It looks like I forgot to mention that the httpd load balancers were using the worker MPM, though I don't know if that is significant. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1010.html |