From: Jim Jagielski <jim@apache.org>
Date: Thu, 25 Aug 2016 12:50:22 +0000 (+0000)
Subject: Merge r1753167 from trunk:
X-Git-Tag: 2.4.24~290
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3b80fadac74f6f17790e32de3606429acc7d5be6;p=thirdparty%2Fapache%2Fhttpd.git

Merge r1753167 from trunk:

mod_proxy_fcgi: avoid loops serving proxied error documents

This commit should solve the issue indicated in PR 55415.
Httpd loops while serving a error document if:
1) The error document's content is proxied.
2) ProxyErrorOverride is set.
The solution proposed is to limit the use of ap_die only
to the initial request. I tested the change with very basic
scenarios but I am not sure if I got all the use cases,
feedback is really welcome.


Submitted by: elukey
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1757671 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 4af97f686fb..ac799bdf9a1 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@
 
 Changes with Apache 2.4.24
 
+  *) mod_proxy_fcgi: avoid loops when ProxyErrorOverride is enabled
+     and the error documents are proxied. PR 55415. [Luca Toscano]
+
   *) mod_proxy_fcgi: read the whole FCGI response even when the content has
      not been modified (HTTP 304) to avoid subsequent bougus reads and
      confusing error messages logged. [Luca Toscano]
diff --git a/STATUS b/STATUS
index ce873ad8987..e30c2cae3e9 100644
--- a/STATUS
+++ b/STATUS
@@ -117,11 +117,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  *) mod_proxy_fcgi: avoid loops serving proxied error documents.
-     trunk patch: http://svn.apache.org/r1753167
-     2.4.x patch: trunk works (modulo CHANGES)
-     +1: elukey, ylavic, sf
-
   *) mod_http: Add the HEAD method to the lookup hash for completeness.
       Trunk version of patch:
          http://svn.apache.org/r1753257
diff --git a/modules/proxy/mod_proxy_fcgi.c b/modules/proxy/mod_proxy_fcgi.c
index edbd23daa4a..943e04dc459 100644
--- a/modules/proxy/mod_proxy_fcgi.c
+++ b/modules/proxy/mod_proxy_fcgi.c
@@ -678,8 +678,8 @@ recv_again:
                                 }
                             }
 
-                            if (conf->error_override &&
-                                ap_is_HTTP_ERROR(r->status)) {
+                            if (conf->error_override
+                                && ap_is_HTTP_ERROR(r->status) && ap_is_initial_req(r)) {
                                 /*
                                  * set script_error_status to discard
                                  * everything after the headers