php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #67606 FPM with mod_fastcgi/apache2.4 is broken after db537b1f commit
Submitted: 2014-07-11 07:36 UTC Modified: 2014-08-14 17:56 UTC
Votes:2
Avg. Score:3.0 ± 2.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: ondrej@php.net Assigned: dzuelke (profile)
Status: Closed Package: FPM related
PHP Version: 5.6.0RC2 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ondrej@php.net
New email:
PHP Version: OS:

 

 [2014-07-11 07:36 UTC] ondrej@php.net
Description:
------------
As reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754384

Reverting db537b1f fixes the issue.

Test script:
---------------
mod_fastcgi configuration:

AddHandler php5-fcgi .php
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /var/run/php5-fpm.sock -pass-header Authorization


Expected result:
----------------
Page interpreted and loaded.

Actual result:
--------------
After the upgrade, every PHP page displays "file not found" and I get this error in /var/log/apache2/error.log:

FastCGI: server "/usr/lib/cgi-bin/php5-fcgi" stderr: Primary script unknown

Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-07-11 14:26 UTC] dz at heroku dot com
He says he can't use mod_proxy_fcgi, because the Authorization header is stripped by mod_proxy, but this is documented behavior.

He should simply add

SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1

to his config.

With https://gist.github.com/progandy/6ed4eeea60f6277c3e39 (or Apache 2.4.10+) and 5.6.0RC2+, there are no more issues like double slashes or errors when rewriting to PATH_INFO (see PR link below).

The "break" in question was caused by https://github.com/php/php-src/pull/694; it fixes the issue described in https://bugs.php.net/bug.php?id=67541.

It also makes https://bugs.php.net/bug.php?id=65641 obsolete

mod_fastcgi is old, crappy, unmaintained, deprecated stuff. People should use mod_proxy_fcgi with Apache 2.4.

I'll try and see if I can figure out a way of fixing the original issue without causing the breakage described here (need to get mod_fastcgi working first, which isn't trivial unfortunately).
 [2014-07-11 15:38 UTC] tyrael@php.net
-Assigned To: +Assigned To: dzuek
 [2014-07-11 15:38 UTC] tyrael@php.net
David: the original premise on that pull request was that the removed parts shouldn't really affect existing installations:
"Clearly, neither applies in the case of FastCGI, so both are safe to delete."
I would be glad if we could keep the compatibility with mod_fastcgi.
 [2014-07-11 15:47 UTC] dz at heroku dot com
Yes, agreed, I'm looking into it. Building mod_fastcgi with recent Apache versions is actually a bit of a challenge, but no worries, we'll get there. Expect an updated patch soon; I want to get a fix into RC3.

Who is that "dzuek" assignee guy though? ;)
 [2014-07-11 16:04 UTC] dz at heroku dot com
To explain the issue a bit, the breakage seems to stem from intentionally broken or non-existant paths handed to mod_fastcgi so it somehow knows to pass stuff to PHP-FCGI (it's all quite hacky, as many comments on the Interwebs point out).

In more recent versions of Debian, apparently php-fcgi is the FPM, not the CGI binary. That's why the FPM change affects this. People are using this approach because it was documented before FPM existed.

The code that my PR removed basically inadvertently fixed up those paths even though it was meant to address something totally different.

Will report back with more findings.
 [2014-07-14 08:32 UTC] tyrael@php.net
-Assigned To: dzuek +Assigned To: dzuelke
 [2014-07-14 08:34 UTC] tyrael@php.net
thanks for the heads-up!
 [2014-07-14 08:40 UTC] ondrej@php.net
David,

1) Debian has patched mod_fastcgi that works with Apache 2.4 if you need compilable source code: https://packages.qa.debian.org/liba/libapache-mod-fastcgi.html

2) I am not saying this has to be fixed in FPM, if you can come up with fix for mod_fastcgi, I think it be sufficient.

Also "php-fcgi" is just a placeholder, it could be named "queen-of-england" and it would work the same.  It just have to match the other parts of the config file and the important part is the "FastCgiExternalServer".

Ondrej
 [2014-08-09 06:39 UTC] dz at heroku dot com
Fixed in https://github.com/php/php-src/pull/765
 [2014-08-14 17:34 UTC] dz at heroku dot com
This has been merged in 844e2e81f56fca1f49c73df4e15866cd1ba37f30, so this issue can be closed.
 [2014-08-14 17:56 UTC] jpauli@php.net
-Status: Assigned +Status: Closed
 [2014-08-14 17:56 UTC] jpauli@php.net
Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php


 [2014-08-29 10:00 UTC] dz at heroku dot com
Ported to 5.4 in ee275e34c8b303945945c650d4bc90dcc2ac0b17 / b206b0e29d2cf9a41b94befedfefd806a71d0846 and merged to 5.5 in e55c641792df2caf813b5df3272144974e4d8fc7
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 12:01:29 2024 UTC