Configuration:
Red Hat Enterprise Linux AS release 3 (Taroon Update 2)
Kernel 2.4.21-15.0.2.ELsmp
mod_perl 1.99_14 (compiled from source; "make test" reports all tests successful)
OpenSSL 0.9.7a Feb 19 2003
Apache 2.0.50 (compiled from source)
./configure --prefix=/usr --localstatedir=/etc/httpd --sysconfdir=/etc/httpd/conf --sbindir=/usr/sbin --libexecdir=/etc/httpd/modules --enable-so --enable-auth-dbm=shared --enable-rewrite=shared --enable-mime-magic=shared --enable-ssl=shared --enable-mods-shared=most CPPFLAGS=-I/usr/kerberos/include
Problem:
Since switching from Apache 2.0.47 to 2.0.49, I have started receiving occasional messages in the error log of one of my SSL servers, like this:
[Fri Jul 02 11:14:30 2004] [info] Initial (No.1) HTTPS request received for child 0 (server [server name]:443)
[Fri Jul 02 11:14:30 2004] [info] (104)Connection reset by peer: core_output_filter: writing data to the network
[Fri Jul 02 11:14:30 2004] [error] 5894: ModPerl::Registry: Software caused connection abort at [path to script and line number].\n
[Fri Jul 02 11:14:30 2004] [error] 5894: ModPerl::Registry: Software caused connection abort at [path to script and line number].\n
This problem has persisted since I went to 2.0.50 recently.
What I've found so far:
- The script/line number recorded in the error log points to the library of perl functions we use to generate content dynamically. The script parses each HTML page and does special output. The error happens when the script tries to write the HTTP header to stdout. The script is configured to run, like so:
<Files *.mperl> SetHandler perl-script PerlResponseHandler ModPerl::Registry PerlOptions +ParseHeaders </Files> AddType application/x-wrapper .shtml .shm Action application/x-wrapper [path to a .mperl script]
- Interestingly, this error only occurs on the SSL side of our server.
- I have a custom ErrorDocument for 500 errors which captures the environment variables of the session, and the user in all cases seems to be using IE 6.0.
- This error only happens about 10-20 times per day. I can reproduce it by:
o Navigating to a page on the site
o Clicking on a link from that page to another one on the site
o Quickly pressing IE's reload button, before the page from the previous step has a chance to display
I have not received any complaints from users, so I suspect that the above case (or something similar to it) is the cause on the client's side.
- We upgraded from Apache 2.0.47, which did not exhibit this problem. Or, perhaps, the problem was there, but just wasn't getting reported like it is in .49 and .50.
- After reading up on the error messages, both using Google, and the Apache FAQ, I have tried these things, to no avail:
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
EnableSendfile Off
EnableMMAP Off
I tried the latter two, because the web pages in question, while dynamically generating their output, are stored on an NFS-mounted partition. I figured it couldn't hurt, but it didn't help either.
If you have ideas about the possible cause of this problem, I can privately email you an error log of the SSL session produced with "LogLevel debug". I can also send you the environment variables at the time of the error.
-- Dan Wilga [EMAIL PROTECTED] Web Technology Specialist http://www.mtholyoke.edu Mount Holyoke College Tel: 413-538-3027 South Hadley, MA 01075 "Who left the cake out in the rain?"
