request hangs when auth_request is used and cumulative request size exceeds client_header_buffer_size

[defanator]

Sample configuration:

load_module /home/test/ngx_http_modsecurity_module-debug.so;

user nginx;
worker_processes 1;

error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    access_log off;

    server {
        listen 80 default_server;
        server_name localhost;

        location = /do {
            modsecurity on;
            modsecurity_rules_file /etc/nginx/modsec/modsecurity.conf;
            auth_request /auth;
            proxy_pass https://www.bing.com/search?q=nginx;
        }

        location = /auth {
            return 200;
        }
    }
}

The /etc/nginx/modsec/modsecurity.conf is the standard one from https://github.com/SpiderLabs/ModSecurity/blob/v3/master/modsecurity.conf-recommended.

The default value of the client_header_buffer_size is 1024 bytes.

Test request with (headers size + body size) <= 1024 works fine. If (headers size + body size) is greater than 1024, request hangs forever:

test@vagrant:~/nginx-1.15.2$ curl -vi -X POST --data-binary @p -H "Content-Type: application/json" http://localhost/do
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 80 (#0)
> POST /do HTTP/1.1
> Host: localhost
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Type: application/json
> Content-Length: 1051
> Expect: 100-continue
> 
< HTTP/1.1 100 Continue
HTTP/1.1 100 Continue

* We are completely uploaded and fine
^C

nginx debug log:

2018/10/30 07:41:49 [debug] 28313#28313: *3 http finalize request: 0, "/auth?" a:1, c:2
2018/10/30 07:41:49 [debug] 28313#28313: *3 auth request done s:200
2018/10/30 07:41:49 [debug] 28313#28313: *3 http wake parent request: "/do?"
2018/10/30 07:41:49 [debug] 28313#28313: *3 http posted request: "/do?"
2018/10/30 07:41:49 [debug] 28313#28313: *3 http request empty handler
2018/10/30 07:41:49 [debug] 28313#28313: timer delta: 0
2018/10/30 07:41:49 [debug] 28313#28313: worker cycle
2018/10/30 07:41:49 [debug] 28313#28313: epoll timer: -1

 [hangs here; below lines are produced after terminating curl with Ctrl+C]

2018/10/30 07:43:23 [debug] 28313#28313: epoll: fd:3 ev:2001 d:00007FD43B6C8201
2018/10/30 07:43:23 [debug] 28313#28313: *3 http run request: "/do?"
2018/10/30 07:43:23 [debug] 28313#28313: *3 http reading blocked
2018/10/30 07:43:23 [debug] 28313#28313: timer delta: 94041
2018/10/30 07:43:23 [debug] 28313#28313: worker cycle
2018/10/30 07:43:23 [debug] 28313#28313: epoll timer: -1

Working on a fix already.

[zimmerle]

Hi @defanator,

Thanks for point this out. Is that something that you feel confident to marge into our master?

[zimmerle]

Never mind. Just saw the pull request.

☕☕☕☕☕☕☕☕