DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=29744>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=29744 connect method don't work on ssl sockets ------- Additional Comments From [EMAIL PROTECTED] 2004-07-13 17:25 ------- I can't test if it works with mod_ssl of apache 1.3, but I think mod_ssl is not the guilty party; it is entirely bypassed by mod_proxy as soon as mod_proxy starts answering (HTTP/1.0 200 Connection Established...). I read through modules/proxy/proxy_connect.c and the author states that he is using the wrong functions to write to the client (i.e. apr_send directly on the client socket, instead of using ap_rwrite), IMO that is easily to fix fixed. The bigger problem is that proxy_connect also reads from the client through the client socket (and not the chain of filters, which includes the ssl encryption), I also don't know if it is even possible to read from the client in a clean way if the HTTP request is complete ( CONNECT bla:22 HTTP/1.0\r\n\r\n ). The standards are not explicit about allowing/disallowing CONNECT over https, they only state https = http + TLS (or SSL) from which I conclude that the tunnel should traverse the currently established connection (so tunnel over ssl in the case of https). Short explanation why I even bother with this: suppose you have a firewall somewhere which only allows traffic through port 443 and you want to ssh home. You could, of course, run ssh on port 443, but then you can not run apache+mod_ssl there. It would be an elegant solution to tunnel a connection to port 22 though the https server. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
