Mailing List Archive

Comment #1 on issue 1284 by g...@openov.nl: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Just wrote this to Alvaro:

Hi,


I have set up a test for the Chrome vs Cherokee vs SSL bug.

After a lot of debugging some conclusions arrive;

the Content-Length basically is set, SSL_read only gets 1 actual byte
back. and the following sequence can be seen in cherokee trace:

thread.c:0659 ( process_active_connections): Active
connections:
thread.c:0667 ( process_active_connections): \- thread
(0x6125f0) processing conn (0x622e20), phase 6 'Reading POST',
socket=18,read
thread.c:0679 ( process_active_connections): thread
(0x6125f0) processing conn (0x622e20), phase 6 'Reading POST',
socket=18, read


The post reading (thread.c:1215) already returned 'eagain', but it
does so only once. It will get there because it is shortcutted at
thread.c:771

Now after I found this, I commented it out... and 'wow' it worked
again. So... could you pretty please look at this. (And
cherokee-project.org)


Stefan

===============

The quick workaround: comment out line 771 in thread.c. No guarantees!

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #2 on issue 1284 by pig...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

The other workaround is to use rev proxy instead of *cgi

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Updates:
Status: Accepted
Owner: alobbs
Labels: Type-Defect Priority-Critical Component-Logic Usability OpSys-All

Comment #3 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

(No comment was entered for this change.)

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #4 on issue 1284 by leecook...@gmail.com: SSL POST REQUESTS break
on Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

online.wsj.com login (drop-down on right side) also fails on https login,
but works if the form action is http. Same symptoms where it works in all
other browsers and Chrome <= 14

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #5 on issue 1284 by alobbs: SSL POST REQUESTS break on Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Reproduced. A few PHP lines were enough:

===========
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
echo '<h1>POST</h1>';
echo '<pre>';
print_r($_POST);
echo '</pre><hr/>';
} else {
print('<form method="POST" action="/index.php">');
print(' <input type="hidden" name="foo" value="bar">');
print(' <input type="submit">');
print('</form>');
}
?>
===========

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #6 on issue 1284 by aminl...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Chrome 15 is now stable resulting in our site (and any other site with a
ssl certificate) to break.

What's the status on getting the fix up and running?

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #7 on issue 1284 by pig...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

As I said before... the fast workaround seems to be rev-proxy because it
fully works for me (while the non rev-proxy doesnt).

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #8 on issue 1284 by aminl...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

It seems that google has decided to give the world a 6 week window to fix
the problem:

Yes, 15.0.874.106 doesn't include 1/n-1 record splitting and, based on
policy, it's unlikely that the rest of the 15 series will. The change was
more disruptive than the beta period had suggested and we're working with
several large sites who need to update.

1/n-1 record splitting will continue on the beta and dev channels and will
reappear in 6 weeks with Chrome 16.

- from http://code.google.com/p/chromium/issues/detail?id=98101



_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #9 on issue 1284 by jordan.a...@gmail.com: SSL POST REQUESTS break
on Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

I'm also seeing this error, and only for Chrome 16+. I don't have the
option of doing reverse proxy since I'm using the uwsgi handler. Is there
any solution for me other than recompiling? I'm not comfortable commenting
out lines of code without understanding the full effect of doing so.

Also, is this related using the uwsgi handler or is it any handler? The
comments above suggest that changes to Cherokee could fix this, but I was
unsure whether the problem exists in the server or the handler.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #10 on issue 1284 by aminl...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

I'm using the fcgi handler, so it's not just uwsgi...

Reverse proxy can be an option, but only if you defer http processing
to another app, like gunicorn.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #11 on issue 1284 by scai...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Today has been released Chrome 16, and Cherokee has problems with the
Googles TLS False Start.
All the SSL post will be fail.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #12 on issue 1284 by aminl...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Any word on this?

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #13 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

See the other bug report. We are working on the new-event branch. It is not
production grade yet. But it looks promising.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #14 on issue 1284 by arsi.hal...@gmail.com: SSL POST REQUESTS break
on Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Hi Stefan, What other bug report are you referring to?

We are deploying new servers with Cherokee version 1.2.101 + uWSGI + Django
and seem to have this same issue with Chrome users. Any suggestion how to
fix this.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #15 on issue 1284 by aminl...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

You can find a package with the quick fix (commenting out that line) that
Stefan posted about at https://launchpad.net/~sciyoshi/+archive/ppa

We've been using the package from that ppa in production for a few weeks.
It's was compiled for natty, but it installs fine on oneiric so we didn't
recompile.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #16 on issue 1284 by shen...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Here are my notes/log from a chat with Stefan on #cherokee IRC about the
issue:

https://gist.github.com/eb2a5f7741efb1d0053d

I believe this is the offending line that needs to be commented out:
https://github.com/cherokee/webserver/blob/master/cherokee/thread.c#L771

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #17 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Today I have deployed the 'new-events' branch
https://github.com/cherokee/webserver/tree/new-events to all our servers
taking SSL post requests. Most likely Alvaro will merge soon.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #18 on issue 1284 by lnu...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

is the package https://launchpad.net/~sciyoshi/+archive/ppa Working Fine
so I can take the patch and release a new cherokee packages for launchpad
and add the patch to Debian Unstable ?

or sould I wait for the new cherokee release with 'new-events' for the new
packages?



_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #19 on issue 1284 by arsi.hal...@gmail.com: SSL POST REQUESTS break
on Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

We re-compiled the Cherokee with the quickfix and it seems to be working
fine. We are now running Cherokee + uWSGI + Django on Ubuntu 10.04 without
problems.
Thanks!

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #20 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Wait till new-events is ready.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #21 on issue 1284 by sare...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

We serve a lot of https content and immediately got complaints from dozens
of Chrome users about not being able to use forms when we moved our servers
to Cherokee last week. We are using fcgi handlers. At least I'm happy to
have found this thread after extensive googling and being completely
confused.

Is there an ETA for this new-events being ready? Days? Weeks?

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #22 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

It is already merged in the dev branch. So I guess there will be a release
candidate. Nothing is stopping you from fetching it from github.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #23 on issue 1284 by ste...@konink.de: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

http://www.cherokee-project.com/download/pre-releases/cherokee-1.3.0A1.tar.gz

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev

Comment #24 on issue 1284 by sare...@gmail.com: SSL POST REQUESTS break on
Chrome 15
http://code.google.com/p/cherokee/issues/detail?id=1284

Thanks.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev