httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 29744] - CONNECT does not work over existing SSL connection
Date Sat, 04 Mar 2006 03:50:39 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=29744>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=29744





------- Additional Comments From emmanuel.e@gmx.net  2006-03-04 04:50 -------
Hi Everyone,

Firstly chunked encoding could possibly fail because of this if mod_proxy_http
also has some direct writes to the socket instead of through the ap_rwrite. I
havent combed through the source but I am fairly sure that chunked transfer
seems to work fine in my experience.

Secondly I do understand what you are saying in the test case. I am actually
running a proxy on an SSL enabled apache server. Since browsers so far cant be
easily tweaked to communicate over SSL to a proxy I've written a small Perl
script which acts as another proxy between the browser and the SSL enabled
proxy. The browser talks normal HTTP to the Perl script. The Perl script talks
SSL to the SSL enabled proxy. I ran into problems when the browser tried to
CONNECT to a secure site over this setup. The Perl script would negotiate SSL
allright but then as soon as the CONNECT request went through mod_proxy_connect
would hijack the connection and send back normal HTTP. There seems to be no
problem with mod_proxy, mod_proxy_http and mod_proxy_ftp.

Thats how I came across this bug. I had a hard time compiling apache on Windows
but after very clear instructions from www.devside.net I finally managed to
compile the patch. The patch worked great with 2.0.52. Recently I decided to set
up another machine as a similar proxy. This time also as usual I picked up the
precompiled binary at http://www.apache.org/dist/perl/win32-bin/. The version
had been upgraded to 2.0.54. On a whim I decided to check it out without
installing the patch. Surprisingly it worked fine. Thats how I came to the
conclusion that mod_proxy_connect seems to have been fixed. I really dont have
another spare machine to test this again to reconfirm. But let me see what I can do.

Emmanuel

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message