Description of problem: If mod_ldap and mod_authnz_ldap are enabled after servicing a number of requests get "stuck" in a loop consuming 100% of the CPU. Version-Release number of selected component (if applicable): httpd-2.2.3-11.el5.centos How reproducible: 1) install apache + ldap 2) configure <Location> to be protected with a password using mod_ldap as the backend. 3) store an index.html w/ a meta-refresh in the protected area 4) browse to protected URI and authenticate 5) let metarefresh reload the page a few thousand times 6) note the 100% cpu usage and mod_ldap blocking the page load. Additional info: from #apache on freenode, the instability is fixed in 2.2.8 and above. When I asked for the patchset this is what I got: http://svn.apache.org/viewvc?view=rev&revision=595664 Perhaps it makes more sense to compile 2.2.8 modules against the RH httpd-2.2.3 build? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 (gdb) bt #0 0x00002aaaab390794 in apr_date_parse_rfc () from /usr/lib64/libaprutil-1.so.0 #1 0x00002aaaab390f4b in apr_rmm_calloc () from /usr/lib64/libaprutil-1.so.0 #2 0x00002aaab089dd05 in util_ald_alloc () from /etc/httpd/modules/mod_ldap.so #3 0x00002aaab089dfac in util_ald_create_cache () from /etc/httpd/modules/mod_ldap.so #4 0x00002aaab089e3ba in util_ald_create_caches () from /etc/httpd/modules/mod_ldap.so #5 0x00002aaab089c117 in ?? () from /etc/httpd/modules/mod_ldap.so #6 0x00002aaab0aa57ad in ?? () from /etc/httpd/modules/mod_authnz_ldap.so #7 0x00002aaaaee6ff90 in ?? () from /etc/httpd/modules/mod_auth_basic.so #8 0x0000555555578be2 in ap_run_check_user_id () from /usr/sbin/httpd #9 0x0000555555579df7 in ap_process_request_internal () from /usr/sbin/httpd #10 0x000055555558b5d8 in ap_process_request () from /usr/sbin/httpd #11 0x0000555555588870 in ap_register_input_filter () from /usr/sbin/httpd #12 0x0000555555584a52 in ap_run_process_connection () from /usr/sbin/httpd #13 0x000055555558f20b in ap_graceful_stop_signalled () from /usr/sbin/httpd #14 0x000055555558f49a in ap_graceful_stop_signalled () from /usr/sbin/httpd #15 0x000055555558f550 in ap_graceful_stop_signalled () from /usr/sbin/httpd #16 0x0000555555590246 in ap_mpm_run () from /usr/sbin/httpd #17 0x000055555556ae04 in main () from /usr/sbin/httpd (gdb) The program is running. Quit anyway (and detach it)? (y or n) y
Thanks for the report. We can backport that fix for a future update.
(Please contact Red Hat Support if you need a supported fix for this issue in the mean time)
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0185.html