Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-51554

Broken file serving under Apache and PHP-FPM via mod_proxy_fcgi, when the filename is not only plain ASCII or w/ blank spaces

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.8.8, 2.9.2, 3.0
    • Fix Version/s: 2.8.9, 2.9.3
    • Component/s: Libraries
    • Labels:
    • Environment:
    • Testing Instructions:
      Hide

      (difficulty: moderate, requires system administration expertise to deploy PHP under Apache via PHP-FPM with mod_proxy _fcgi using CentOS 7 and/or Ubuntu 14.04)

      Prerequisites
      NB: This worked on Trisquel 7.0, I assume it should also work on Debian/Ubuntu

      • Install the php5-fpm package: apt-get install php5-fpm
      • Enable apache modules: a2enmod proxy_fcgi
      • Edit /etc/php5/fpm/pool.d/www.conf:
        • change listen = /var/run/php5-fpm.sock to listen = 127.0.0.1:9000
        • uncomment listen.allowed_clients and make sure it is: listen.allowed_clients = 127.0.0.1
      • Restart php5-fpm: service php5-fpm restart
      • Set up a virtual host with a config like this:

      <VirtualHost *:80>
              ServerName stable_master_fcgi.local
              ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/full/path/to/docroot/$1
              DirectoryIndex /index.php index.php
              DocumentRoot /full/path/to/docroot
              ErrorLog ${APACHE_LOG_DIR}/error.log
              CustomLog ${APACHE_LOG_DIR}/access.log combined
      </VirtualHost>
      

      • Enable your vhost and add make an info.php file containing <? php phpinfo();
      • Access your new vhost in a browser and verify that Server API is FPM/FastCGI
      • Access the same URL, info.php, appending slash arguments composed by plain ASCII and UTF-8 encoded characters including "+" and " " chars to verify that SCRIPT_NAME contains the expected PATH_INFO value at the end and PATH_INFO is URL-encoded

      Testing

      1. Publish a resource, e.g. a PNG, whose name is not only plain ASCII text, including blank spaces, in a restricted access course (no guest, no front page) e.g.: filename_UTF 8_en+coded_それが動作するはず.png. The file should be shown to the user (no HTTP 404).
      2. [Regression test] Execute the testing instructions of MDL-47210 w/o considering the Windows/IIS setting: here, we want to preserve the successful redirect even with UTF-8 based filenames under a bugged mod_proxy_fcgi env.
      Show
      (difficulty: moderate, requires system administration expertise to deploy PHP under Apache via PHP-FPM with mod_proxy _fcgi using CentOS 7 and/or Ubuntu 14.04) Prerequisites NB: This worked on Trisquel 7.0, I assume it should also work on Debian/Ubuntu Install the php5-fpm package: apt-get install php5-fpm Enable apache modules: a2enmod proxy_fcgi Edit /etc/php5/fpm/pool.d/www.conf: change listen = /var/run/php5-fpm.sock to listen = 127.0.0.1:9000 uncomment listen.allowed_clients and make sure it is: listen.allowed_clients = 127.0.0.1 Restart php5-fpm: service php5-fpm restart Set up a virtual host with a config like this: <VirtualHost *:80> ServerName stable_master_fcgi.local ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/full/path/to/docroot/$1 DirectoryIndex /index.php index.php DocumentRoot /full/path/to/docroot ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> Enable your vhost and add make an info.php file containing <? php phpinfo(); Access your new vhost in a browser and verify that Server API is FPM/FastCGI Access the same URL, info.php , appending slash arguments composed by plain ASCII and UTF-8 encoded characters including "+" and " " chars to verify that SCRIPT_NAME contains the expected PATH_INFO value at the end and PATH_INFO is URL-encoded Testing Publish a resource, e.g. a PNG, whose name is not only plain ASCII text, including blank spaces, in a restricted access course (no guest, no front page) e.g.: filename_UTF 8_en+coded_それが動作するはず.png. The file should be shown to the user (no HTTP 404). [ Regression test ] Execute the testing instructions of MDL-47210 w/o considering the Windows/IIS setting: here, we want to preserve the successful redirect even with UTF-8 based filenames under a bugged mod_proxy_fcgi env.
    • Difficulty:
      Moderate
    • Affected Branches:
      MOODLE_28_STABLE, MOODLE_29_STABLE, MOODLE_30_STABLE
    • Fixed Branches:
      MOODLE_28_STABLE, MOODLE_29_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      m30_MDL-51554_Apache_PHP-FPM_Broken_File_Serving

      Description

      Long story: https://moodle.org/mod/forum/discuss.php?d=319482.
      Shortly, when Apache is configured with PHP-FPM at least in a plain CentOS 7 (Apache/2.4.6 PHP/5.4.16) _SERVER["SCRIPT_NAME"] and _SERVER["PATH_INFO"] are different from those ones coming under PHP as module:

      1. _SERVER["SCRIPT_NAME"] contains _SERVER["PATH_INFO"]. This is kind a bug in PHP, https://bugs.php.net/bug.php?id=65641 which is fixed in 5.6.3 and 5.5.18.
      2. _SERVER["PATH_INFO"] is URL-encoded

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  9/Nov/15