From: Stefan Fritsch Date: Wed, 4 Jan 2012 20:15:28 +0000 (+0000) Subject: Merge r1092076, r1100513: X-Git-Tag: 2.2.22~40 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0cc2f8bdd079521ec24cad942ec804a4d03e518b;p=thirdparty%2Fapache%2Fhttpd.git Merge r1092076, r1100513: Try to prevent a single long request marking a worker in error. Submitted by: jfclere Reviewd by: jfclere, rjung, rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1227298 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 4277203ae8c..9c8fc293668 100644 --- a/CHANGES +++ b/CHANGES @@ -14,6 +14,9 @@ Changes with Apache 2.2.22 *) mod_log_config: Fix segfault when logging nameless, valueless cookie. PR 52256. [Stefan Fritsch] + *) mod_proxy_ajp: Try to prevent a single long request from marking a worker + in error. [Jean-Frederic Clere] + *) config: Update the default mod_ssl configuration: Disable SSLv2, only allow >= 128bit ciphers, add commented example for speed optimized cipher list, limit MSIE workaround to MSIE <= 5. [Kaspar Brand] diff --git a/STATUS b/STATUS index db91525fc19..6136ea67f08 100644 --- a/STATUS +++ b/STATUS @@ -92,13 +92,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_proxy_ajp: try to prevent a single long request marking a worker in error. - Trunk version of patch: - http://svn.apache.org/viewvc?view=revision&revision=r1092076 - http://svn.apache.org/viewvc?view=revision&revision=r1100513 - http://people.apache.org/~jfclere/patches/ajp_timeout.patch - +1: jfclere, rjung, rpluem - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/modules/proxy/ajp_link.c b/modules/proxy/ajp_link.c index 04c8f092e92..2f2688df7d3 100644 --- a/modules/proxy/ajp_link.c +++ b/modules/proxy/ajp_link.c @@ -95,7 +95,7 @@ apr_status_t ajp_ilink_receive(apr_socket_t *sock, ajp_msg_t *msg) if (status != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, status, NULL, "ajp_ilink_receive() can't receive header"); - return AJP_ENO_HEADER; + return (APR_STATUS_IS_TIMEUP(status) ? APR_TIMEUP : AJP_ENO_HEADER); } status = ajp_msg_check_header(msg, &blen); diff --git a/modules/proxy/mod_proxy_ajp.c b/modules/proxy/mod_proxy_ajp.c index 92084e31829..06f0d8ed61f 100644 --- a/modules/proxy/mod_proxy_ajp.c +++ b/modules/proxy/mod_proxy_ajp.c @@ -337,6 +337,15 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r, "proxy: read response failed from %pI (%s)", conn->worker->cp->addr, conn->worker->hostname); + + /* If we had a successful cping/cpong and then a timeout + * we assume it is a request that cause a back-end timeout, + * but doesn't affect the whole worker. + */ + if (APR_STATUS_IS_TIMEUP(status) && conn->worker->ping_timeout_set) { + return HTTP_GATEWAY_TIME_OUT; + } + /* * This is only non fatal when we have not sent (parts) of a possible * request body so far (we do not store it and thus cannot sent it