Bug#936034: broken http2 in apache2 2.4.25-3+deb9u8 for mod_dav_svn on stretch?
Package: apache2
Version: 2.4.25-3+deb9u8
It seems that since the updated version above, my svn server (through
mod_dav_svn) does not serve contents correctly when using http2:
sh> curl --http2 --verbose https://scm.cri.ensmp.fr/svn/nlpmake/trunk/makes/setup_pips.sh
* ALPN, server accepted to use h2
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5576f7c8a3f0)
> GET /svn/nlpmake/trunk/makes/setup_pips.sh HTTP/2
> Host: scm.cri.ensmp.fr
> User-Agent: curl/7.58.0
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* Unexpected EOF
* Connection #0 to host scm.cri.ensmp.fr left intact
curl: (56) Unexpected EOF
But it works fine with "curl --http1.1 …"
Also, site works well with http1.1 browsers (eg w3m), but is inaccessible
with modern http2 compatible browsers (firefox, chrome), which is
consistent.
After some investigating, I found:
[Thu Aug 29 11:49:14.974371 2019] [core:notice] [pid 19929:tid 140177116143680] AH00052: child pid 19972 exit signal Segmentation fault (11)
Last time it worked with http2:
10.2.14.177 - - [26/Aug/2019:23:33:01 +0200] "GET /svn/nlpmake/trunk/makes/setup_pips.sh HTTP/2.0" 200 11361 "-" "curl/7.58.0"
So it is broken since after that date, which I guess is when the server
was updated to the above version. It seems that there was no simulaneous
mod_dav_svn updates, so the issue appeared with apache2 latest update.
Current workaround is to disactivate http2 module.
--
Fabien
Reply to: