php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #63231 force-cgi-redirect does not works under FastCGI
Submitted: 2012-10-07 00:14 UTC Modified: 2012-10-08 08:45 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: phodur at zoznam dot sk Assigned:
Status: Open Package: CGI/CLI related
PHP Version: 5.3.17 OS: FreeBSD (all UNIX like OS)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: phodur at zoznam dot sk
New email:
PHP Version: OS:

 

 [2012-10-07 00:14 UTC] phodur at zoznam dot sk
Description:
------------
This is same as #37157. But may be I will better describe the problem. Because Dmitry closed #37157 as NOT A BUG.

Ok, test environment is Apache 2.2.X with PHP 5.3.X. Base Apache config is:

--- CUT ---

Alias /php-bin/                        /www/php-bin/php5

<Directory /www/php-bin/>

   Options ExecCGI
   SetHandler fastcgi-script

</Directory>

AddHandler                              php5-script     .php
Action                                  php5-script     /php-bin/php5

--- CUT ---

FastCGI (mod_fastcgi) related config is (this is not important for reproducing this bug, it is provided only FYI):

--- CUT ---

FastCgiIpcDir                           /var/run/apache22/fastcgi/
FastCgiWrapper                          On
FastCgiConfig                           -idle-timeout 30 -killInterval 300 -maxClassProcesses 1 -maxProcesses 100 -minProcesses 0 -pass-header HTTP_AUTHORIZATION -restart-delay 2 -singleThreshold 100

--- CUT ---

PHP was compiled only with CGI SAPI support and is run with following wrapper (it's /www/php-bin/php5 file mentioned earlier):

--- CUT ---

#!/bin/sh

PHP_CGI=/usr/local/bin/php-cgi
PHP_FCGI_CHILDREN=4
PHP_FCGI_MAX_REQUESTS=500

export PHP_FCGI_CHILDREN
export PHP_FCGI_MAX_REQUESTS

exec $PHP_CGI

--- CUT ---

Ok, last but not least the PHP's FastCGI config:

--- CUT ---

;doc_root
;user_dir
cgi.force_redirect = 1
cgi.fix_pathinfo = 0

--- CUT ---


Ok, so when you hit:

http://[domain]/index.php

it works, the Apache translates this request according to Action directive to

http://[domain]/php-bin/php5/index.php

and you will see the results.

When you hit http://[domain]/php-bin/php5/index.php directly, it will also works (FastCGI PHP SAPI incorrectly does not check the REDIRECT_STATUS environmental variable for value of 200).

When you change PHP cgi.fix_pathinfo to 1 (so the environmental variables conforms to FastCGI/CGI specs), the last request incorrectly determine the /www/php-bin/php5 as the PHP script and executes it. This is because one of the main jobs of FastCGI/CGI SAPI is to determine WHAT to execute. When fix_pathinfo is set to 1, it uses also REDIRECT_URL env variable, which is not set when you access directly interpreter with passed script as PATH_INFO (http://[domain]/php-bin/php5/index.php).

The only workaround at this time is use mod_rewrite and disable access to the interpreter:

RewriteEngine on
RewriteCond %{ENV:REDIRECT_STATUS} !200
RewriteRule ^/php-bin/php5 - [F]


Conclusion, this is NOT actually mod_fastcgi and/or configuration issue, this is really bug in FastCGI/CGI SAPI of PHP (in opossite what Dmitry says in #37157)





Test script:
---------------
See above

Expected result:
----------------
See above

Actual result:
--------------
See above

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-10-08 08:45 UTC] phodur at zoznam dot sk
Just a quick followup to the original post.

I have discovered, that force cgi redirect mechanism does not works because another 
bug in mod_fastcgi.

Mod_fastcgi by defaul do not pass any env variables from PHP process when executing 
PHP (not only PHP). It clears ENV simillary to suexec wrapper. There is flag you can 
pass to FastCGIConfig directive, but it do not works as expected. By inspecting the 
source of mod_fastcgi, I can state, that when you pass ENV to FastCGI process using 
this directive, mod_fastcgi uses it's value as it is in the stage the Apache process 
was started (not when the request is actually executed).

Grrr
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Sun Sep 23 03:01:26 2018 UTC