^{Originally posted by dbakker January 24, 2022}
We've been getting random errors from mod_auth_openidc like this:

[client XXXXX:0] oidc_cache_file_read: could not read enough bytes from: "PATH", bytes_read (0) != len (16),

We suspect this might be caused by a race condition in src/cache/file.c. Our appliction is javascript based and fires tens of json requests at the same time, potentially triggering multiple oidc_cache_file_set's / oidc_cache_file_get's at once.

The way that oidc_cache_file_set works now is that it always opens the file with APR_FOPEN_TRUNCATE and only after does an APR_FLOCK_EXCLUSIVE. This means that after oidc_cache_file_get gets a lock it might find an empty file because of a oidc_cache_file_set that has preemptively emptied the file.

As a suggested fix, perhaps the file could be truncated after locking instead of before.

Additional info:
mod_auth_openidc version: 2.4.10 (latest)

config settings:

OIDCCacheType file
OIDCCacheDir /var/cache/apache2/mod_auth_openidc/cache
OIDCSessionType server-cache

OIDCSessionInactivityTimeout 28800
OIDCSessionMaxDuration 28800

OIDCHTTPTimeoutShort 30

OIDCStateMaxNumberOfCookies 7 true

OIDCProviderMetadataURL https://URL
OIDCRedirectURI https://URL
OIDCCryptoPassphrase 123securekey123
OIDCClientID apache2
OIDCClientSecret 123securekey123
OIDCRemoteUserClaim preferred_username
OIDCHTMLErrorTemplate /srv/www/authentication.html</div>