Bug 379811 - Apache CacheMaxExpire directive ignored (upstream reported bug with patch)
Apache CacheMaxExpire directive ignored (upstream reported bug with patch)
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: httpd (Show other bugs)
5.0
All Linux
high Severity high
: rc
: ---
Assigned To: Joe Orton
BaseOS QE Security Team
:
Depends On:
Blocks: 499522 740242 820738
  Show dependency treegraph
 
Reported: 2007-11-13 07:38 EST by Issue Tracker
Modified: 2012-05-10 16:19 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 740242 (view as bug list)
Environment:
Last Closed: 2011-07-21 04:53:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Issue Tracker 2007-11-13 07:38:51 EST
Escalated to Bugzilla from IssueTracker
Comment 1 Issue Tracker 2007-11-13 07:38:53 EST
State the problem

   1. Provide time and date of problem

      Always when using the module.

   2. Provide clear and concise problem description as it is understood at the time of escalation

It looks like the CacheMaxExpire setting from the http config is ignored when you use the cache module

The age in the response header exceeds the setting we specified with the CacheMaxExpire directive.  Only when the Expires header time is reached the content expires, although the documentation says that this maximum value is enforced even if an expiry date was supplied with the document.
http://httpd.apache.org/docs/2.2/mod/mod_cache.html#cachemaxexpire

from customer's httpd config:

  <IfModule mod_cache.c>
      CacheDefaultExpire 7200
      #CacheLastModifiedFactor 0.5
      CacheMaxExpire 14400
      #MCacheRemovalAlgorithm LRU

  #    CacheIgnoreHeaders Set-Cookie Keep-Alive Connection Expires
       CacheIgnoreHeaders Set-Cookie Via


   3. State specific action requested of SEG

Check if the upstream bug which already has a patch could be included or if any other work around would solve their problem.

   4. State whether or not a defect in the product is suspected

http://issues.apache.org/bugzilla/show_bug.cgi?id

If you find it necessary to include more information please let me know.

Thanks.

This event sent from IssueTracker by mpoole  [Support Engineering Group]
 issue 137789
Comment 2 Martin Poole 2007-11-13 07:41:27 EST
Upstream bugs (both with patches against 2.2)

  http://issues.apache.org/bugzilla/show_bug.cgi?id=21260
  http://issues.apache.org/bugzilla/show_bug.cgi?id=39418

Neither have been accepted/committed.
Comment 3 RHEL Product and Program Management 2007-12-03 15:47:37 EST
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release.  This request will
be reviewed for a future Red Hat Enterprise Linux release.
Comment 4 RHEL Product and Program Management 2008-06-02 16:28:28 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 5 RHEL Product and Program Management 2008-10-27 14:23:46 EDT
This request was previously evaluated by Red Hat Product Management
for inclusion in the current Red Hat Enterprise Linux release, but
Red Hat was unable to resolve it in time.  This request will be
reviewed for a future Red Hat Enterprise Linux release.
Comment 9 RHEL Product and Program Management 2010-08-09 15:52:33 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 10 Joe Orton 2011-02-11 10:57:56 EST
This is a mismatch between implementation and the docs.

CacheMaxExpire currently only takes effect in bounding the calculated expiry time in the absence of an Expires header, despite what the docs say.

Changing that behaviour is probably undesirable, but we could introduce either a new directive or a parameter for this directive to enable use of CacheMaxExpire as a bound on all expiry calculation, depending on upstream consensus.
Comment 15 Denise Dumas 2011-06-16 11:08:39 EDT
Requesting blocker approval - Joe has a fix ready to go and QE agrees.
Comment 17 errata-xmlrpc 2011-07-21 04:53:02 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1067.html
Comment 18 errata-xmlrpc 2011-07-21 07:46:03 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1067.html

Note You need to log in before you can comment on or make changes to this bug.