https://issues.apache.org/bugzilla/show_bug.cgi?id=57511
Bug ID: 57511
Summary: Opening plain TCP Socket on SSL port causes denial of
new connections
Product: Apache httpd-2
Version: 2.4.10
Hardware: PC
Status: NEW
Severity: major
Priority: P2
Component: mpm_winnt
Assignee: [email protected]
Reporter: [email protected]
Found this problem the other day. Could very easily lead to a denial of service
on any windows apache instance using SSL.
Problem:
1. Configure httpd with an SSL enabled port
2. Open a browser to some page over SSL
3. Open a plain TCP client socket to that port
4. Refresh the browser and notice it hangs until the plain TCP client socket is
closed.
This is true whether the browser is on the same machine as the plain TCP client
socket, or whether the browser is located somewhere else entirely.
To be clear, in this situation, it is only http traffic that is hung. If I try
to open new TCP connections when httpd is in this state, they complete
successfully. But http requests do not receive any response, apparently waiting
for httpd to service them; httpd is presumably blocking and waiting for a SSL
handshake or something.
I was only able to reproduce this on windows. I tried this against a linux box
setup with the worker mpm (seems closest conceptually to the winnt mpm), and it
did not hang in the same way the windows implementation did, so I assume the
problem is there.
note: this appears to be a different issue from bug #37791, since there is no
segfault / crash.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
