httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 39243] - Can't post files larger than 128k onto ssl client cert secured site
Date Tue, 11 Jul 2006 14:42:21 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39243>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39243


jorton@redhat.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |NEEDINFO




------- Additional Comments From jorton@redhat.com  2006-07-11 14:42 -------
Well, the default could be bumped to 256K, that wouldn't be unreasonable.

But you should really design your site to ensure that the first request to a
client-cert-protected area is not a POST request with a large body; make it a
GET or something.  Any request body has to be buffered into RAM to handle this
case, so represents an opportunity to DoS the server.

To bump the limit you can build like:
 
   ./configure CPPFLAGS=-DSSL_MAX_IO_BUFFER=256000

Anybody for whom 128K is too small but 256K would be sufficient, please add a
comment here, to gauge interest in making that change.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message