Full_Name: Dennis Norgord Version: 2.4.10-1.3.9 OS: Redhat Linux 6.2 Submission from: (NULL) (158.222.124.59) There are three problems with the following configuration: <VirtualHost _default_:5000> ProxyRequests On RewriteEngine on RewriteRule ^/(.+) https://$1 [P] </VirtualHost> This configuration can be used to - http ==> Apache ==> https ==> The request http://localhost:5000/www.verisign.com/ fetches the page https://www.verisign.com The three problems are: 1) Memory leak in ssl_engine_ext.c, function ssl_ext_mp_new_connection(). ssl_ctx is allocated and never freed. This results in over 1K bytes leaked per request. 2) There is no mechanism to check the server certificate. 3) Every request performs a full SSL handshake, even when to the same host. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
