Karl Chen wrote: .... > Would it be possible to connect to a non-SSL port, if possible, so > at least the string "internal dummy connection" shows up? > > Even better would be to not show that string at all. When I > connect to httpd and close the connection without sending > anything,
Not sending anything will not pop you out of an accept() on *BSD where an HTTP accept filter is active: http://www.freebsd.org/cgi/man.cgi?query=accf_http This is the only way to make it work on all platforms. The preferred fix is of course to not need it at all. But that has other difficulties with the current listener model. One solution is to look at supporting SSL in the loopback hack client, just so things get logged correctly. > I don't get any log entries. Would that work for > dummy_connection() also? If that won't work, would it be possible > to arrange something like: a receipt of "NOOP\r\n" on > (ip6-)?localhost:* is ignored without logging (unless configured > otherwise). > Well, we can't just ignore them, since then an attacker could use them, and the default config wouldn't log them. (Yes, Ugh). So, this is all in bugzilla already: http://issues.apache.org/bugzilla/show_bug.cgi?id=39653 http://issues.apache.org/bugzilla/show_bug.cgi?id=41191 -Paul
