DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=39154>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39154 Summary: Problem with webdav over SSL with client certificate autentication Product: Apache httpd-2 Version: 2.2.0 Platform: All OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: mod_ssl AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] I have a problem with apache 2.2.0 + mod_ssl and mod_dav If I try to upload a file over a Client-Certificate secured connection to Webdav-folder on Apache-Server, I get a unspecified error on the Webdav-client (MS Explorer) and a request body exceeds maximum size for SSL buffer-error on the Apache-side. If I take off the Client-Certificate-Authentication everything works fine. I think that is a bug in the mod_ssl module. Thank's Gregory ---------------- Logfile: Error.log [Thu Mar 30 13:25:26 2006] [error] [client 217.228.63.33] request body exceeds maximum size for SSL buffer [Thu Mar 30 13:25:26 2006] [error] [client 217.228.63.33] could not buffer message body to allow SSL renegotiation to proceed access.log 217.228.63.33 - - [30/Mar/2006:13:25:15 +0200] "PROPFIND /freunde/upload/test HTTP/1.1" 207 853 "-" "Microsoft Data Access Internet Publishing Provider DAV" 217.228.63.33 - - [30/Mar/2006:13:25:15 +0200] "PROPFIND /freunde/upload/test HTTP/1.1" 207 963 "-" "Microsoft Data Access Internet Publishing Provider DAV" 217.228.63.33 - - [30/Mar/2006:13:25:20 +0200] "HEAD /freunde/upload/test/test.jpg HTTP/1.1" 404 - "-" "Microsoft Data Access Internet Publishing Provider DAV" 217.228.63.33 - - [30/Mar/2006:13:25:20 +0200] "PUT /freunde/upload/test/test.jpg HTTP/1.1" 413 1090 "-" "Microsoft Data Access Internet Publishing Provider DAV" ---------------- Configuration: http.conf: <VirtualHost 80.xx.xx.xx:443> ServerName www.xxxxxxx.de DocumentRoot /home/xxxxxxx.de/httpsdocs CustomLog /home/xxxxxxx.de/statistics/logs/access_ssl.log CustomLog /home/xxxxxxx.de/statistics/logs/request_ssl.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" ErrorLog /home/xxxxxxx.de/statistics/logs/error_ssl.log SSLEngine on SSLOptions +StrictRequire . . . DavLockDB /home/xxxxxx.de/conf/webdav/lockdb Alias /freunde/upload /home/xxxxxx.de/webdav/freunde <Directory /home/xxxxxx.de/webdav/freunde> SSLVerifyClient require SSLRequire (%{SSL_CIPHER} !~ m/^(EXP|NULL)/ and %{SSL_CLIENT_S_DN_O} eq "Xxxxxx" && %{SSL_CLIENT_S_DN_CN} in {"Gregor Meinusch"} ) Dav On <LimitExcept GET HEAD OPTIONS> </LimitExcept> Options +SymLinksIfOwnerMatch -Includes -ExecCGI </Directory> . . . </virtualhost> Ssl-global.conf AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin #SSLSessionCache nonenotnull #SSLSessionCache dbm:/var/lib/apache2/ssl_cache #SSLSessionCache shmht:/var/lib/apache2/ssl_scache(512000) #SSLSessionCache shm:/var/lib/apache2/ssl_cache(512000) SSLSessionCache shmcb:/var/lib/apache2/ssl_scache SSLSessionCacheTimeout 600 SSLMutex file:/var/lib/apache2/ssl_mutex SSLMutex sem SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLProtocol all -SSLv2 SSLCertificateFile /home/xxxxxx.de/conf/certificates/www.xxx.de.cert SSLCertificateKeyFile /home/xxxxxx.de/conf/certificates/www.xxx.de.key SSLCACertificateFile /home/xxxxxx.de/conf/certificates/cacerts.pem SSLVerifyDepth 2 SSLRandomSeed startup builtin SSLRandomSeed connect builtin -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
