[pound] Issues with Pound 3.0d

Thu, 17 Sep 2020 11:27:26 -0700 

Hi all,

I've been testing Pound 3.0d and I found some issues.
Would you mind helping me out? Maybe I'm missing something.

I list below the environment and tests that were produced.

- The environment:
OS: CentOS Linux release 8.2.2004 (Core)
Kernel version: 4.18.0-193.14.2.el8_2.x86_64

Pound 2.8
/etc/pound.cfg:
User            "pound"
Group           "pound"
Control "/var/lib/pound/pound.cfg"

ListenHTTP
        Address 0.0.0.0
        Port 80
        Service
                BackEnd
                        Address 127.0.0.1
                        Port 8080
                End
        End
End

ListenHTTPS
        Address 0.0.0.0
        Port 443
        Cert "/etc/ssl/cert.pem"
        Service
                BackEnd
                        Address 127.0.0.1
                        Port 8080
                End
        End
End

Pound 3.0d
/etc/pound/pound.yaml:
              Backends:
                  - &be
                      Address: 127.0.0.1
                      Port: 8080

              HTTPListeners:
                  -   Address: 0.0.0.0
                      Port: 80
                      Services:
                          -   Backends:
                                  - *be

              HTTPSListeners:
                  -   Address: 0.0.0.0
                      Port: 443
                      Services:
                          -   Backends:
                                  - *be
                      Certificates:
                              - "/etc/ssl/cert.pem"

Nginx 1.14.1: Default configuration listening in the port 8080 only with
the module php-fpm enabled. No ssl configuration.
Apache 2.4.37: Default configuration listening in the port 8080 only with
the module php-fpm enabled. No ssl configuration.

- The tests & results:
1 Pound 2.8 and Nginx or Apache with PHP configured.
HTTP/HTTPS:
    - Html pages work through.
    - PHP pages work through.

2 Pound 3.0d and Nginx or Apache with PHP configured.
HTTP:
    - Html pages work through.
    - PHP pages partially load. Using curl -v, it is possible to see errors
related to encoding: Malformed encoding found in chunked-encoding.
HTTPS:
    Either HTML or PHP pages throw a core dump in the function do_sni.

You can see the backtrace here [1].

Another thing I noted is that some options from Pound 2 seem to be missing
on Pound 3 or I couldn't find them in the man file. E.g. Alive, xHTTP
values, HeadRemove, RewriteLocation, AddHeader vs HeadAdd,
SSLHonorCipherOrder, SSLAllowClientRenegotiation, XSSLHeaders, Disable (for
SSL/TSL protocols), among others (see man pound vs man pound3).

Are we planing on having those options on Pound 3 as well?

PS: I built an RPM for Pound 3 on el8 here [2].
It is just a draft and might require improvement.

1 https://copr.fedorainfracloud.org/coprs/brandfbb/Pound3-Experimental/
2 https://pastebin.com/WfuB8a9F

Thanks in advance.

- Breno

-- 
pound mailing list
pound@apsis.ch
https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch

Reply via email to