[Mod-security-developers] Do not work with 2.6.0
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[Mod-security-developers] Do not work with 2.6.0
|
From: momo-i <web...@mo...> - 2011-06-03 14:30:37
|
Hi all, # first, my native language is japanese. # I'm not so good at English, may be difficult to read, please forgive me. I have searched for on Google, I could not find a similar case, so send to mailing list for the first time. Please forgive become long ones. (1) I have compiled 2.6.0 yesterday, If configured SecResponseBodyAccess to On, IE displays the error. (2) And generating post traffic on Drupal(7.2), httpd is an abnormally high CPU. I tried httpd 2.2.17-19, and the results were all the same. I also tried 2.5.13 with the same settings, no problem. (1) Set to debug level 9 and using telnet command. Using modsecurity-crs_2.2.0 and modsecurity.conf-recommended --- # telnet localhost 80 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. GET / HTTP/1.0 Host: localhost Connection closed by foreign host. --- debug.log http://ja.pastebin.ca/2074112 I think that the reason for this result is always returned null. "APR_BUCKET_IS_EOS(bucket)" And, for testing, comment out the following line, this issue is resolved. http://ja.pastebin.ca/2074116 However, I am so familiar with Apache modules, whether or not I would not know this is a permanent solution. apache2/apache2_io.c line: 862 --- if (msr->of_done_reading == 0) { /* We are done for now. We will be called again with more data. */ return APR_SUCCESS; } --- (2) Also, using drupal(7.2) POST, loops following line... (25 million lines per second) [03/Jun/2011:22:47:18 +0900] [localhost/sid#2538b78][rid#7f341c002970][/][9] Input filter: Bucket type EOS contains 0 bytes. http://ja.pastebin.ca/2074118 --- POST / HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://localhost/ Accept-Language: ja-JP User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip, deflate Host: localhost Content-Length: 133 Connection: Keep-Alive Cache-Control: no-cache --- here is httpd version. --- # /opt/apache2/bin/httpd -V Server version: Apache/2.2.19 (Unix) Server built: Jun 3 2011 10:01:37 Server's Module Magic Number: 20051115:28 Server loaded: APR 1.4.5, APR-Util 1.3.12 Compiled using: APR 1.4.5, APR-Util 1.3.12 Architecture: 64-bit Server MPM: Worker threaded: yes (fixed thread count) forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/worker" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/opt/apache2" -D SUEXEC_BIN="/opt/apache2/bin/suexec" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" --- 2.6.0 compile option ------------------------ LUA_SONAMES=so ./configure --prefix=/opt/apache2/modsec --with-apxs=/opt/apache2/bin/apxs ------------------------ Thank you for your kind cooperation. Regards, momo-i. |
