httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 29744] CONNECT does not work over existing SSL connection
Date Sun, 13 Sep 2009 20:00:18 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=29744

--- Comment #92 from Lionel VICTOR <lionel.victor@free.fr> 2009-09-13 13:00:04 PDT ---
(In reply to comment #86)
> Applied to httpd-trunk in r813178, can you test and verify it works on trunk?

As far as I'm concerned, the version in trunk works. I haven't tested it as
thoroughly as what is described in Comment #87 though.

What Stefan Fritsch writes reminds me of something I read... I though it was
fixed in the patch I proposed... I guess I was wrong. Sorry about that.

I have a frequent use of the patch but it is set up on low bandwidth server
with very few authenticated clients. Never setup a test environment for the
patch.


About the other issue (Why don't we stick with direct socket communication with
the backend)... well... my answer would be that if we use SSL that's probably
because we do not want that traffic in clear...so having apache ignoring our
security policy and replying directly into the socket hence bypassing the ssl
layer is not nice (and IS buggy). I admit that the security issue is not a
deadly one though :o) ! (but well... with some time and pain... that may be a
nice door to something... use it as an oracle or... Shame I don't have time to
dig and think about it...)

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message