Bug#936034: broken http2 in apache2 2.4.25-3+deb9u8 for mod_dav_svn on stretch?

To: Fabien <fabien@apache.org>, 936034@bugs.debian.org
Subject: Bug#936034: broken http2 in apache2 2.4.25-3+deb9u8 for mod_dav_svn on stretch?
From: Stefan Fritsch <sf@sfritsch.de>
Date: Sun, 22 Sep 2019 10:50:24 +0200
Message-id: <[🔎] 2c3c5eca-5be6-5024-e2f4-5371beb756d1@sfritsch.de>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 936034@bugs.debian.org
In-reply-to: <alpine.DEB.2.21.1908291131430.28828@lancre>
References: <alpine.DEB.2.21.1908291131430.28828@lancre> <alpine.DEB.2.21.1908291131430.28828@lancre>

Sorry for the late response.

This is unfortunately a bug in subversion that is now triggered by the
new http2 module. The fix is here
http://svn.apache.org/viewvc?view=revision&revision=1845204 .

I will have to ask how this can be fixed, by DSA or by stable point release.

Am 29.08.19 um 11:55 schrieb Fabien:
> 
> Package: apache2
> Version: 2.4.25-3+deb9u8
> 
> It seems that since the updated version above, my svn server (through
> mod_dav_svn) does not serve contents correctly when using http2:
> 
>   sh> curl --http2 --verbose
> https://scm.cri.ensmp.fr/svn/nlpmake/trunk/makes/setup_pips.sh
>   * ALPN, server accepted to use h2
>   * Using HTTP2, server supports multi-use
>   * Connection state changed (HTTP/2 confirmed)
>   * Copying HTTP/2 data in stream buffer to connection buffer after
> upgrade: len=0
>   * Using Stream ID: 1 (easy handle 0x5576f7c8a3f0)
>   > GET /svn/nlpmake/trunk/makes/setup_pips.sh HTTP/2
>   > Host: scm.cri.ensmp.fr
>   > User-Agent: curl/7.58.0
>   > Accept: */*
>   >
>   * Connection state changed (MAX_CONCURRENT_STREAMS updated)!
>   * Unexpected EOF
>   * Connection #0 to host scm.cri.ensmp.fr left intact
>   curl: (56) Unexpected EOF
> 
> But it works fine with "curl --http1.1 …"
> 
> Also, site works well with http1.1 browsers (eg w3m), but is
> inaccessible with modern http2 compatible browsers (firefox, chrome),
> which is consistent.
> 
> After some investigating, I found:
> 
>  [Thu Aug 29 11:49:14.974371 2019] [core:notice] [pid 19929:tid
> 140177116143680] AH00052: child pid 19972 exit signal Segmentation fault
> (11)
> 
> Last time it worked with http2:
> 
>  10.2.14.177 - - [26/Aug/2019:23:33:01 +0200] "GET
> /svn/nlpmake/trunk/makes/setup_pips.sh HTTP/2.0" 200 11361 "-"
> "curl/7.58.0"
> 
> So it is broken since after that date, which I guess is when the server
> was updated to the above version. It seems that there was no simulaneous
> mod_dav_svn updates, so the issue appeared with apache2 latest update.
> 
> Current workaround is to disactivate http2 module.
>

Reply to:

Prev by Date: Bug#940838: apache2: does not serve compressed svg (.svgz) by default
Next by Date: ☯ We hebben nog een beleving naar U klaar staan. Kijk snel.
Previous by thread: Bug#940838: apache2: does not serve compressed svg (.svgz) by default
Next by thread: ☯ We hebben nog een beleving naar U klaar staan. Kijk snel.
Index(es):
- Date
- Thread