DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42625>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42625 Summary: mod_ssl does not support LimitRequestBody Product: Apache httpd-2 Version: 2.2-HEAD Platform: Other OS/Version: All Status: NEW Severity: minor Priority: P2 Component: mod_ssl AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Core Apache module provides LimitRequestBody option to limit request body. That works well with HTTP protocol but doesn't work with HTTPS. That happens because mod_ssl does not support this option and instead has it's own hard coded limit. The limit is set to 128K in ssl_engine_io.c: /* 128K maximum buffer size by default. */ #ifndef SSL_MAX_IO_BUFFER #define SSL_MAX_IO_BUFFER (128 * 1024) #endif .... /* Fail if this exceeds the maximum buffer size. */ if (total > SSL_MAX_IO_BUFFER) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "request body exceeds maximum size for SSL buffer"); return HTTP_REQUEST_ENTITY_TOO_LARGE; } That leads to two problems: 1. Inability to submit POST requests bigger than 128K 2. Inability to lower that limit to something smaller than 128K Ideal solution for this problem would implementing suport for LimitRequestBody in mod_ssl or providing an alternative SSLLimitRequestBody option. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
