On Wed, Apr 11, 2012 at 1:43 PM, Johan Corveleyn <jcorvel_at_gmail.com> wrote:
> On Wed, Apr 11, 2012 at 12:28 PM, Philip Martin
> <philip.martin_at_wandisco.com> wrote:
>> Johan Corveleyn <jcorvel_at_gmail.com> writes:
>>
>>> I don't know what Surf-Shield does. Its description says: "Can detect
>>> exploit sites and other complex online threats". There is some more
>>> explanation on the AVG website, but it's still pretty vague [2]. Maybe
>>> it does some throttling of requests/responses, inspecting things or
>>> so, ... but whatever it does, svn+serf should probably not crash or
>>> hang.
>>
>> You could compare the apache logs with/without Surf-Shield.
>> You could
>> capture the traffic with/without Surf-Shield and compare.
Ok, I picked the first failing test, authz_tests.py#4, and executed
that with and without Surf-Shield. Please find in attachment two zip
files of those two runs, containing Apache logs and a wire capture, as
well as the crash dump file.
I don't see a difference in the Apache logs (they are identical,
except that the crashing one stops earlier). The wire capture ... I'm
not sure. The one from the crash is obviously smaller. But when I
"follow TCP stream" they both seem identical (same number of bytes and
all), and when I then filter out the followed stream, nothing remains.
So I'm not sure where the difference is ...
I'm hoping someone can take it from here. I'm not familiar with this
part of the code. Maybe the best place to start digging is the crash
dump (and/or a more thorough analysis of both wire captures). If I
hear nothing in the next couple of days, I'll put this into the issue
tracker so it isn't forgotten.
>> Which version
>> of Apache are you using?
>
> 2.2.19
>
>> Which MPM?
>
> That would be the default on Win XP, which is mpm_winnt. [3]
>
--
Johan
Received on 2012-04-14 23:43:04 CEST