/ Zope / Apsis / Pound Mailing List / Archive / 2003 / 2003-12 / EMERGENCY PLEASE HELP

[ << ] [ >> ]

[ Virtual directory virtual hosting for Zope with ... ] [ Pound-current fix / Robert Segall ... ]

EMERGENCY PLEASE HELP
"Joel Johnston" <j.johnston(at)FinancialAid.com>
2003-12-10 23:44:55 [ FULL ]
I've been using Pound successfully for about a month now.  I'm using
OpenSSL to facilitate our SSL connections and everything is fine except
for about 10% of our users.  That 10% sees
https://www.mysite.com:443/secure/
<https://www.mysite.com/secure/>
where they should be seeing https://www.mysite.com/secure.  The
folks
that get the port number appended to their url get a 443 error or a Page
can not be displayed error.  Does anyone know under what circumstances
this could happen?  Please let me know all you can, as I'm being told
that we're going to have to disengage Pound tomorrow if we can't fix it.
Problem is, I can't replicate the error to even troubleshoot the
problem.  Thank you very much.
 
Joel Johnston - Network Engineer / Web Developer 
402 W. Broadway, Suite 770 
San Diego, CA 92101 
Phone: 888-868-1391 Ext.8024
E-mail: j.johnston(at)financialaid.com 
CONFIDENTIALITY NOTICE: This communication and any accompanying
document(s) are privileged and confidential and are intended for the
sole use of the addressee(s). If you have received this transmission in
error, you are advised that any disclosure, copying, distribution, or
the taking of any action in reliance upon it is strictly prohibited.
Moreover, any such inadvertent disclosure shall not compromise or waive
the FinancialAid.com-client privilege as to this communication or
otherwise. If you have received this communication in error, please
immediately delete it and contact us at privacy(at)financialaid.com or by
telephone at 619-400-8000. Thank you. FinancialAid.com LLC

RE: EMERGENCY PLEASE HELP
"Joel Johnston" <j.johnston(at)FinancialAid.com>
2003-12-11 00:01:51 [ FULL ]
I'm also seeing the following in the logs.
 
 
Dec 10 14:02:35 fafw2 pound: can't read header
Dec 10 14:02:35 fafw2 pound: 138221568 error read from 66.103.44.66:
Unknown error: 0
 
And
 
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Joel Johnston - Network Engineer / Web Developer 
402 W. Broadway, Suite 770 
San Diego, CA 92101 
Phone: 888-868-1391 Ext.8024
E-mail: j.johnston(at)financialaid.com 
CONFIDENTIALITY NOTICE: This communication and any accompanying
document(s) are privileged and confidential and are intended for the
sole use of the addressee(s). If you have received this transmission in
error, you are advised that any disclosure, copying, distribution, or
the taking of any action in reliance upon it is strictly prohibited.
Moreover, any such inadvertent disclosure shall not compromise or waive
the FinancialAid.com-client privilege as to this communication or
otherwise. If you have received this communication in error, please
immediately delete it and contact us at privacy(at)financialaid.com or by
telephone at 619-400-8000. Thank you. FinancialAid.com LLC
 
  _____  

From: Joel Johnston 
Sent: Wednesday, December 10, 2003 2:45 PM
To: pound(at)apsis.ch
Subject: EMERGENCY PLEASE HELP
 
I've been using Pound successfully for about a month now.  I'm using
OpenSSL to facilitate our SSL connections and everything is fine except
for about 10% of our users.  That 10% sees
https://www.mysite.com:443/secure/
<https://www.mysite.com/secure/>
where they should be seeing https://www.mysite.com/secure.  The
folks
that get the port number appended to their url get a 443 error or a Page
can not be displayed error.  Does anyone know under what circumstances
this could happen?  Please let me know all you can, as I'm being told
that we're going to have to disengage Pound tomorrow if we can't fix it.
Problem is, I can't replicate the error to even troubleshoot the
problem.  Thank you very much.
 
Joel Johnston - Network Engineer / Web Developer 
402 W. Broadway, Suite 770 
San Diego, CA 92101 
Phone: 888-868-1391 Ext.8024
E-mail: j.johnston(at)financialaid.com 
CONFIDENTIALITY NOTICE: This communication and any accompanying
document(s) are privileged and confidential and are intended for the
sole use of the addressee(s). If you have received this transmission in
error, you are advised that any disclosure, copying, distribution, or
the taking of any action in reliance upon it is strictly prohibited.
Moreover, any such inadvertent disclosure shall not compromise or waive
the FinancialAid.com-client privilege as to this communication or
otherwise. If you have received this communication in error, please
immediately delete it and contact us at privacy(at)financialaid.com or by
telephone at 619-400-8000. Thank you. FinancialAid.com LLC

RE: EMERGENCY PLEASE HELP
"Joel Johnston" <j.johnston(at)FinancialAid.com>
2003-12-11 00:14:18 [ FULL ]
Even more details
 
When a user goes to https://www.mysite.com/secure the page
loads
insecure and the url appears as http://www.mysite.com:443/secure 
If we
have them simply add an S to http at this point, it loads secure. 
 
Joel Johnston - Network Engineer / Web Developer 
402 W. Broadway, Suite 770 
San Diego, CA 92101 
Phone: 888-868-1391 Ext.8024
E-mail: j.johnston(at)financialaid.com 
CONFIDENTIALITY NOTICE: This communication and any accompanying
document(s) are privileged and confidential and are intended for the
sole use of the addressee(s). If you have received this transmission in
error, you are advised that any disclosure, copying, distribution, or
the taking of any action in reliance upon it is strictly prohibited.
Moreover, any such inadvertent disclosure shall not compromise or waive
the FinancialAid.com-client privilege as to this communication or
otherwise. If you have received this communication in error, please
immediately delete it and contact us at privacy(at)financialaid.com or by
telephone at 619-400-8000. Thank you. FinancialAid.com LLC
 
  _____  

From: Joel Johnston 
Sent: Wednesday, December 10, 2003 3:02 PM
To: pound(at)apsis.ch
Subject: RE: EMERGENCY PLEASE HELP
 
I'm also seeing the following in the logs.
 
 
Dec 10 14:02:35 fafw2 pound: can't read header
Dec 10 14:02:35 fafw2 pound: 138221568 error read from 66.103.44.66:
Unknown error: 0
 
And
 
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111 (~~~~~~~:
~~~~:~~~~~~~~~~~~~~~~~~~~~~~)
Dec 10 14:01:02 fafw2 pound: bad header from 69.68.82.111
(~~~~~~~~~~~~~~~: ~~~~~ ~~~~~~~)
Joel Johnston - Network Engineer / Web Developer 
402 W. Broadway, Suite 770 
San Diego, CA 92101 
Phone: 888-868-1391 Ext.8024
E-mail: j.johnston(at)financialaid.com 
CONFIDENTIALITY NOTICE: This communication and any accompanying
document(s) are privileged and confidential and are intended for the
sole use of the addressee(s). If you have received this transmission in
error, you are advised that any disclosure, copying, distribution, or
the taking of any action in reliance upon it is strictly prohibited.
Moreover, any such inadvertent disclosure shall not compromise or waive
the FinancialAid.com-client privilege as to this communication or
otherwise. If you have received this communication in error, please
immediately delete it and contact us at privacy(at)financialaid.com or by
telephone at 619-400-8000. Thank you. FinancialAid.com LLC
 
  _____  

From: Joel Johnston 
Sent: Wednesday, December 10, 2003 2:45 PM
To: pound(at)apsis.ch
Subject: EMERGENCY PLEASE HELP
 
I've been using Pound successfully for about a month now.  I'm using
OpenSSL to facilitate our SSL connections and everything is fine except
for about 10% of our users.  That 10% sees
https://www.mysite.com:443/secure/
<https://www.mysite.com/secure/>
where they should be seeing https://www.mysite.com/secure.  The
folks
that get the port number appended to their url get a 443 error or a Page
can not be displayed error.  Does anyone know under what circumstances
this could happen?  Please let me know all you can, as I'm being told
that we're going to have to disengage Pound tomorrow if we can't fix it.
Problem is, I can't replicate the error to even troubleshoot the
problem.  Thank you very much.
 
Joel Johnston - Network Engineer / Web Developer 
402 W. Broadway, Suite 770 
San Diego, CA 92101 
Phone: 888-868-1391 Ext.8024
E-mail: j.johnston(at)financialaid.com 
CONFIDENTIALITY NOTICE: This communication and any accompanying
document(s) are privileged and confidential and are intended for the
sole use of the addressee(s). If you have received this transmission in
error, you are advised that any disclosure, copying, distribution, or
the taking of any action in reliance upon it is strictly prohibited.
Moreover, any such inadvertent disclosure shall not compromise or waive
the FinancialAid.com-client privilege as to this communication or
otherwise. If you have received this communication in error, please
immediately delete it and contact us at privacy(at)financialaid.com or by
telephone at 619-400-8000. Thank you. FinancialAid.com LLC

RE: EMERGENCY PLEASE HELP
Roland <pound(at)gmx.net>
2003-12-11 00:47:07 [ FULL ]
--On Mittwoch, 10. Dezember 2003 15:01 -0800 Joel Johnston
<j.johnston(at)FinancialAid.com> wrote:
[...]

Someone surfing with NIS munging headers.
Tell them to go read RFC and ask Symantec for a refund...
[...]

Please switch off HTML on the list, and those boring footers also
dont get any better if appended two or three times.

Roland

Re: EMERGENCY PLEASE HELP
Robert Segall <roseg(at)apsis.ch>
2003-12-11 09:50:16 [ FULL ]
On Thursday 11 December 2003 00:01, Joel Johnston wrote:[...]

You can safely ignore this: this is the result of header-mangling, usually by 
a proxy on the client side. The affected headers are quietly discarded but 
the request is answered anyway.[...]

Re: EMERGENCY PLEASE HELP
Robert Segall <roseg(at)apsis.ch>
2003-12-11 09:52:39 [ FULL ]
On Wednesday 10 December 2003 23:44, Joel Johnston wrote:[...]

https://www.x.com is exactly the same thing as
https://www.x.com:443 - the 
default port for HTTPS is 443. It should make no difference whatsoever for a 
client browser. I would look to see if there is something else here...[...]

Re: EMERGENCY PLEASE HELP
Robert Segall <roseg(at)apsis.ch>
2003-12-11 09:54:31 [ FULL ]
On Thursday 11 December 2003 00:14, Joel Johnston wrote:[...]

I suggest you have a serious look at your configuration - this looks as a 
conflicting listening port and/or some strange redirection.[...]

RE: EMERGENCY PLEASE HELP
"Joel Johnston" <j.johnston(at)FinancialAid.com>
2003-12-11 18:04:27 [ FULL ]
I miss documented my problem.  When a user goes to
https://www.mysite.com/secure
(without a trailing slash,) the page
redirects to http://www.mysite.com:443/secure
(notice there's no https.)
If I put in a trailing slash, the page works as expected. I'm looking at
my NAT settings for anything that might cause this, but so far no luck..
Thanks for all of your help.



-----Original Message-----
From: Robert Segall [mailto:roseg(at)apsis.ch] 
Sent: Thursday, December 11, 2003 12:53 AM
To: pound(at)apsis.ch
Subject: Re: EMERGENCY PLEASE HELP

On Wednesday 10 December 2003 23:44, Joel Johnston wrote:[...]
except[...]
Page[...]
it.[...]

https://www.x.com is exactly the same thing as
https://www.x.com:443 -
the 
default port for HTTPS is 443. It should make no difference whatsoever
for a 
client browser. I would look to see if there is something else here...[...]

Re: EMERGENCY PLEASE HELP
Robert Segall <roseg(at)apsis.ch>
2003-12-12 10:20:43 [ FULL ]
On Thursday 11 December 2003 18:04, Joel Johnston wrote:[...]

It may be the result of an "unusual" double redirect. I made a small change in 
the location rewriting code, so download and try Pound-current. If that 
doesn't help try sniffing the data between Pound and the back-end - with that 
we might be able to help.[...]

MailBoxer