Question

версия Apache 2.2.17 на сервере Windows 2003

Вот как его пойдут:
user -> AA.com request -> Apache proxy server on AA.com network -> BB.com

Это работало без проблем до недели назад, не было никаких изменений, внесенных в конфигурацию Apache или любой сетевой элемент между ними.

Включена отладка, и я вижу это:

    TimeStamp = Mon Jan 16 12:50:29 2012
    [TimeStamp] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //bb.com/user/login.jsp
    [TimeStamp] [debug] proxy_util.c(1506): [client <<IP-of-internal-nw-AA.com>>] proxy: https: found worker https://bb.com for https://bb.com/user/login.jsp
    [TimeStamp] [debug] mod_proxy.c(1015): Running scheme https handler (attempt 0)
    [TimeStamp] [debug] mod_proxy_http.c(1965): proxy: HTTP: serving URL https://bb.com/user/login.jsp
    [TimeStamp] [debug] proxy_util.c(2011): proxy: HTTPS: has acquired connection for (bb.com)
    [TimeStamp] [debug] proxy_util.c(2067): proxy: connecting https://bb.com/user/login.jsp to bb.com:443
    [TimeStamp] [debug] proxy_util.c(2193): proxy: connected /context/user/login.jsp to bb.com:443
    [TimeStamp] [debug] proxy_util.c(2444): proxy: HTTPS: fam 2 socket created to connect to bb.com
    [TimeStamp] [debug] proxy_util.c(2576): proxy: HTTPS: connection complete to <<IP-of-BB.com>>:443 (bb.com)
    [TimeStamp] [info] [client <<IP-of-BB.com>>] Connection to child 0 established (server AA.com:80)
    [TimeStamp] [info] Seeding PRNG with 136 bytes of entropy
    [TimeStamp] [warn] [client <<IP-of-internal-nw-AA.com>>] proxy: no HTTP 0.9 request (with no host line) on incoming request and preserve host set forcing hostname to be AA.com for uri /context/user/login.jsp
    [TimeStamp] [debug] ssl_engine_kernel.c(1866): OpenSSL: Handshake: start
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: before/connect initialization
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv2/v3 write client hello A
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 7/7 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 72/72 bytes from BIO#<<RENAMED>> [mem: 2840b97] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 read server hello A
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 2239/2239 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_kernel.c(1321): [client <<IP-of-BB.com>>] Certificate Verification: depth: 1, subject: <<CERT>>
    [TimeStamp] [debug] ssl_engine_kernel.c(1321): [client <<IP-of-BB.com>>] Certificate Verification: depth: 1, subject: <<CERT>>
    [TimeStamp] [debug] ssl_engine_kernel.c(1321): [client <<IP-of-BB.com>>] Certificate Verification: depth: 0, subject:  <<SSL SERIAL NUMBER, ETC>>
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 read server certificate A
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 4/4 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: 0e                                               .                |
    [TimeStamp] [debug] ssl_engine_io.c(1865): | 0004 - <SPACES/NULS>
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 read server done A
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 write client key exchange A
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 write change cipher spec A
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 write finished A
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 flush data
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 1/1 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: 01                                               .                |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 56/56 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_kernel.c(1874): OpenSSL: Loop: SSLv3 read finished A
    [TimeStamp] [debug] ssl_engine_kernel.c(1870): OpenSSL: Handshake: done
    [TimeStamp] [info] Connection: Client IP: <<IP-of-BB.com>>, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits)
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 1455/1556 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 101/101 bytes from BIO#<<RENAMED>> [mem: 2841144] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] mod_proxy_http.c(1735): proxy: start body send
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 1476/1476 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 1476/1476 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 65/65 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 1476/1476 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 1459/1459 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 1470/1470 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 5/5 bytes from BIO#<<RENAMED>> [mem: 2840b90] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 442/1476 bytes from BIO#<<RENAMED>> [mem: 2840b95] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>> |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1889): OpenSSL: read 812/1034 bytes from BIO#<<RENAMED>> [mem: 2840d4f] (BIO dump follows)
    [TimeStamp] [debug] ssl_engine_io.c(1822): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1861): | 0000: <<BINARY DUMP>>.... |
    [TimeStamp] [debug] ssl_engine_io.c(1867): +-------------------------------------------------------------------------+
    [TimeStamp] [debug] ssl_engine_io.c(1900): OpenSSL: I/O error, 222 bytes expected to read on BIO#<<RENAMED>> [mem: 284107b]
    [TimeStamp] [info] [client <<IP-of-internal-nw-AA.com>>] (OS 10053)An established connection was aborted by the software in your host machine.  : core_output_filter: writing data to the network
    [TimeStamp] [debug] mod_proxy_http.c(1839): proxy: end body send
    [TimeStamp] [debug] proxy_util.c(2029): proxy: HTTPS: has released connection for (bb.com)
    [Mon Jan 16 12:50:30 2012] [debug] ssl_engine_io.c(1900): OpenSSL: I/O error, 5 bytes expected to read on BIO#27c90a8 [mem: 27eb848]
    [Mon Jan 16 12:50:30 2012] [info] [client <<IP-of-BB.com>>] (OS 10054)An existing connection was forcibly closed by the remote host.  : SSL input filter read failed.
    [Mon Jan 16 12:50:30 2012] [error] [client <<IP-2-of-internal-nw-AA.com>>] (OS 10054)An existing connection was forcibly closed by the remote host.  : proxy: error reading status line from remote server bb.com:443
    [Mon Jan 16 12:50:30 2012] [debug] mod_proxy_http.c(1458): [client <<IP-2-of-internal-nw-AA.com>>] proxy: NOT Closing connection to client although reading from backend server bb.com:443 failed.
    [Mon Jan 16 12:50:30 2012] [error] [client <<IP-2-of-internal-nw-AA.com>>] proxy: Error reading from remote server returned by /context/user/login.jsp
    [Mon Jan 16 12:50:30 2012] [debug] proxy_util.c(2029): proxy: HTTPS: has released connection for (bb.com)
    [Mon Jan 16 12:50:31 2012] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //bb.com/user/login.jsp
    [Mon Jan 16 12:50:31 2012] [debug] proxy_util.c(1506): [client <<IP-2-of-internal-nw-AA.com>>] proxy: https: found worker https://bb.com for https://bb.com/user/login.jsp

1.) Я думаю, что это ключевая ошибка: ** [debug] mod_proxy_http.c(1458): [client <<IP-2-of-internal-nw-AA.com>>] proxy: NOT Closing connection to client although reading from backend server BB.com:443 failed.** Разве проблема в том, что BB.com не возвращает данные в ответ?

Вот часть конфигурации apache на AA.com: ServerName AA.com ServerAlias AA.com

        CacheEnable disk /context
        CacheMinFileSize 1
        CacheMaxFileSize 10485760
        CacheIgnoreHeaders Set-Cookie

        SSLProxyEngine On
        ProxyPreserveHost On
        ProxyTimeout 1500

        KeepAlive On
        KeepAliveTimeout 45
        #########################
        ProxyPass /context https://BB.com/context disablereuse=on retry=0
        RequestHeader set X-Forwarded-Proto "https"

        SetEnv force-proxy-request-1.0 1
        SetEnv proxy-nokeepalive 1
    </VirtualHost>

Есть указатели?
1.) Не неверен ли ProxyTimeout?
2.) Это были предложенные решения, поэтому добавлено:

        SetEnv force-proxy-request-1.0 1
        SetEnv proxy-nokeepalive 1

Ошибка apache2: (OS 10054) соединение принудительно закрыто

Пожалуйста, войдите или зарегистрируйтесь чтобы ответить на этот вопрос.

Ответы [ 0 ]

Ошибка apache2: (OS 10054) соединение принудительно закрыто

Пожалуйста, войдите или зарегистрируйтесь чтобы ответить на этот вопрос.

Ответы [ 0 ]

Похожие темы