Bug#226954: marked as done (apache: mod_proxy; auth/basic; tomcat4: apache inserts blank line in header)
Your message dated Wed, 08 Jun 2005 14:22:04 +0200
with message-id <87k6l5m42b.fsf@vawad.err.no>
and subject line Sarge is released
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 9 Jan 2004 17:45:35 +0000
>From schaefer@alphanet.ch Fri Jan 09 11:44:46 2004
Return-path: <schaefer@alphanet.ch>
Received: from client80-83-46-147.abo.net2000.ch (shakotay.alphanet.ch) [80.83.46.147]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1AezD0-0005A8-00; Fri, 09 Jan 2004 10:10:03 -0600
Received: by shakotay.alphanet.ch (Postfix, from userid 103)
id D96143706F4; Fri, 9 Jan 2004 17:10:01 +0100 (CET)
Received: by defian (Postfix, from userid 1000)
id 7BBAC2AD26; Fri, 9 Jan 2004 16:59:53 +0100 (MET)
From: Marc SCHAEFER <schaefer@alphanet.ch>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apache: mod_proxy; auth/basic; tomcat4: apache inserts blank line in header
X-Mailer: reportbug 1.50
Date: Fri, 09 Jan 2004 16:59:52 +0100
Message-Id: <20040109155953.7BBAC2AD26@defian>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin
2.60-master.debian.org_2003_11_25-bugs.debian.org_2004_1_5
(1.212-2003-09-23-exp) on master.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=HAS_PACKAGE autolearn=no
version=2.60-master.debian.org_2003_11_25-bugs.debian.org_2004_1_5
X-Spam-Level:
Package: apache
Version: 1.3.26-0woody3
Severity: important
Tags: patch
Hi,
if using mod_proxy in Apache and the remote HTTP server returns
a HTTP/1.1 401 (authentification required), but there is nothing
after the 401 after the space, Apache adds a space and thus
makes the additional header lines displayed in your WWW client.
Bad case:
HTTP/1.1 401
Content-Type: text/html;charset=ISO-8859-1
Connection: close
Content-Language: en-US
Date: Fri, 09 Jan 2004 15:19:57 GMT
Server: Apache Tomcat/4.1 (HTTP/1.1 Connector)
WWW-Authenticate: Basic realm="Authentication for bla platform."
Good case:
replace the first line with
HTTP/1.1 401 blaaa
(you can easily reproduce this by typing by hand through a
nc -l -p 4000)
This was found by using tomcat4.1 with Apache and mod_proxy and
an authentification module.
References: (although this is Apache 2, it applies).
http://bugzilla.redhat.com/bugzilla/long_list.cgi?buglist=89179
Patch:
Apparently the fix is already in testing/unstable, this is
for documentation for people who wants to maintain stable
packages.
diff -urP apache_1.3.26/src/modules/proxy/proxy_util.c apache_1.3.26/apache_1.3.26/src/modules/proxy/proxy_util.c
--- build-tree/apache_1.3.26/src/modules/proxy/proxy_util.c Tue Jun 18 02:59:59 2002
+++ build-tree/apache_1.3.26/src/modules/proxy/proxy_util.c Mon Feb 3 18:13:26 2003
@@ -1,7 +1,7 @@
/* ====================================================================
* The Apache Software License, Version 1.1
*
- * Copyright (c) 2000-2002 The Apache Software Foundation. All rights
+ * Copyright (c) 2000-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -1607,6 +1607,12 @@
}
*backasswards = 0;
+ /* there need not be a reason phrase in the response,
+ * and ap_getline() already deleted trailing whitespace.
+ * But RFC2616 requires a SP after the Status-Code. Add one:
+ */
+ if (strlen(buffer) < sizeof("HTTP/1.x 200 ")-1)
+ buffer = ap_pstrcat(r->pool, buffer, " ", NULL);
buffer[12] = '\0';
r->status = atoi(&buffer[9]);
buffer[12] = ' ';
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux defian 2.4.21 #1 Fri Nov 7 18:54:07 MET 2003 i686
Locale: LANG=C, LC_CTYPE=fr_CH
Versions of packages apache depends on:
ii apache-common 1.3.26-0woody3 Support files for all Apache webse
ii dpkg 1.9.21 Package maintenance system for Deb
ii libc6 2.2.5-11.5 GNU C Library: Shared libraries an
ii libdb2 2:2.7.7.0-7 The Berkeley database routines (ru
ii libexpat1 1.95.2-6 XML parsing C library - runtime li
ii logrotate 3.5.9-8 Log rotation utility
ii mime-support 3.18-1.3 MIME files 'mime.types' & 'mailcap
ii perl 5.6.1-8.3 Larry Wall's Practical Extraction
ii perl [perl5] 5.6.1-8.3 Larry Wall's Practical Extraction
---------------------------------------
Received: (at 226954-done) by bugs.debian.org; 8 Jun 2005 12:22:06 +0000
>From tfheen@err.no Wed Jun 08 05:22:06 2005
Return-path: <tfheen@err.no>
Received: from vawad.err.no [129.241.93.49]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DfzZO-0000HB-00; Wed, 08 Jun 2005 05:22:06 -0700
Received: from tfheen by vawad.err.no with local (Exim 4.34)
id 1DfzZM-000338-Iq; Wed, 08 Jun 2005 14:22:04 +0200
To: 224783-done@bugs.debian.org, 237377-done@bugs.debian.org,
226954-done@bugs.debian.org, 263322-done@bugs.debian.org,
288625-done@bugs.debian.org
Subject: Sarge is released
Mail-Copies-To: never
From: Tollef Fog Heen <tfheen@err.no>
Organization: Private
Date: Wed, 08 Jun 2005 14:22:04 +0200
Message-ID: <87k6l5m42b.fsf@vawad.err.no>
User-Agent: Gnus/5.1007 (Gnus v5.10.7) Emacs/21.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Delivered-To: 226954-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 2
Closing this bug as sarge is now released and this is a bug which only
affects woody.
--
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'
`-
Reply to: