php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #42779 Incorrect forcing from HTTP/1.0 request to HTTP/1.1 response
Submitted: 2007-09-27 16:40 UTC Modified: 2008-11-12 19:07 UTC
From: aya at eh dot org Assigned: iliaa
Status: Closed Package: Apache2 related
PHP Version: 5.2.1 OS: *
Private report: No CVE-ID:
 [2007-09-27 16:40 UTC] aya at eh dot org
Description:
------------
There seems to have been a change in the 'Connection' output header for HTTP/1.0 requests somewhere between PHP v5.2.0 and PHP v5.2.3.

IIRC, according to the relevant RFCs, When processing an HTTP/1.0 request, the server should respond with an HTTP/1.1 response line if it supports HTTP/1.1, but the entity headers should be compatible with HTTP/1.0.

A simple "GET / HTTP/1.0" to a PHP page in v5.2.0 returns...

HTTP/1.1 200 OK
Connection: close
...other stuff...

...and then closes the connections as soon as the entity has been sent.

However, the same request in v5.2.3 returns...

HTTP/1.1 200 OK
...other stuff...

...and then waits for another request, without sending a "Connection: keep-alive" header. This is the correct behaviour for an HTTP/1.1 request, but not an HTTP/1.0 request.

In practise, this change prevents apachebench from working correctly against PHP scripts.



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-09-28 14:58 UTC] aya at eh dot org
After having done some more research, I think I've found the problem. I believe it was introduced in PHP v5.2.1 in sapi/apache2handler/sapi_apache2.c revision 1.57.2.10.2.8 as part of the fix for bug #38602.

It's reasonable to downgrade the protocol version to HTTP/1.0 upon receiving a header beginning with "HTTP/1.0 ", but upgrading the protocol version to HTTP/1.1 upon receiving a header beginning with "HTTP/1.1 " is wrong.

If an HTTP/1.1 webserver receives an HTTP/1.0 request, it should respond with a header beginning with "HTTP/1.1 " to indicate to the client that it is capable of processing HTTP/1.1 requests, BUT the following response should still be an HTTP/1.0 response.

The section of the code which reads...
    /* httpd requires that r->status_line is set to the first digit of
     * the status-code: */
    if (sline && strlen(sline) > 12 && strncmp(sline, "HTTP/1.", 7) == 0 && sline[8] == ' ') {
        ctx->r->status_line = apr_pstrdup(ctx->r->pool, sline + 9);
        ctx->r->proto_num = 1000 + (sline[7]-'0');
        if ((sline[7]-'0') == 0) {
            apr_table_set(ctx->r->subprocess_env, "force-response-1.0", "true");
        } else {
            apr_table_set(ctx->r->subprocess_env, "force-response-1.1", "true");
        }
    }

...should have the 'else' clause removed.
 [2008-01-16 15:51 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 23 09:02:23 2014 UTC