DO NOT REPLY [Bug 40004] - Mod_rewrite 'Last' flag doesn't seem to end rewriting

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40004


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
  Component|mod_rewrite |Documentation
 Resolution|INVALID |




--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 07:39 ---
It's kinda documented, but too implicit and so quite bad. The place for such
requests is here ;)
You can also place patches here or enter the docs list
(http://httpd.apache.org/docs-project/) :-)

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40026] New: - Impossibility to unset Server Header

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40026

   Summary: Impossibility to unset Server Header
   Product: Apache httpd-2
   Version: 2.0.58
  Platform: PC
OS/Version: Linux
Status: NEW
  Severity: normal
  Priority: P2
 Component: mod_headers
AssignedTo: bugs@httpd.apache.org
ReportedBy: [EMAIL PROTECTED]


These work:
Header always add X-Test-Header: Success
Header always unset Content-Length

This does not work:
Header always unset Server

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40004] - Mod_rewrite 'Last' flag doesn't seem to end rewriting

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40004





--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 07:47 ---
I'd love to supply a patch, but I don't know enough about what's going on to
write one for this.  I'd be supplying some 'G' for the GIGO process.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40004] - Mod_rewrite 'Last' flag doesn't seem to end rewriting

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40004


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|REOPENED|ASSIGNED




--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 10:47 ---
The new rewrite flags documentation (httpd.apache.org/docs/rewrite/flags.html)
will be providing more detail on things like this. I'll be certain to cover this
particular annoyance there. Thanks for the reminder.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40029] New: - mod_proxy should interoperate with RPC over HTTP

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40029

   Summary: mod_proxy should interoperate with RPC over HTTP
   Product: Apache httpd-2
   Version: 2.2.2
  Platform: PC
   URL: http://some.server/rpc
OS/Version: FreeBSD
Status: NEW
  Severity: normal
  Priority: P4
 Component: mod_proxy
AssignedTo: bugs@httpd.apache.org
ReportedBy: [EMAIL PROTECTED]


This is more of an enhancement request, and it might concern the core as well: 
When Apache is used to proxy HTTP/1.1 requests and it encounters unknown
methods, it should relay the content of both the request and the response body
parts as they arrive - i.e. without any blocking, buffering or delaying.

Background:

I'm trying to grant road warrior users access to our company Exchange server
through RPC over HTTP.  In my setup, an Apache 2.2.2 on a FreeBSD server in the
DMZ should act as a proxy between the Internet and the IIS on on the Exchange
server.  The communication is SSL-encrypted in both directions (SSLEngine and
SSLProxyEngine On).

Unfortunately, the Outlook client just hangs when trying to access Exchange
through the proxy.  The Apache error log shows these messages:

[Mon Jul 10 10:48:48 2006] [error] (70007)The timeout specified has expired:
proxy: prefetch request body failed to : () from
 ()

After working on this for quite some time, I believe I can rule out the usual
configuration and certificate problems that are described on various websites. 
Also, I have a Linux in my internal network with an older version of Apache
(2.0.53) where the same proxy configuration works (not too stable and
performant, but it does work).

I did some analysis with ssldump on both proxies.  Apparently, RPC over HTTP
opens two HTTP/1.1 requests:  One with request method RPC_IN_DATA to send data
to the server, and one with method RPC_OUT_DATA to send data back to the client.
 The body consists of raw binary data, and the connections are apparently
re-used for several RPCs.

I.e. after sending the headers for both connections, the client sends a request
on the IN connections, reads the response from the OUT connection, sends another
request on the IN connection and so on - which means that any buffering in the
proxy is absolutely deadly in this scenario.

Here's an example of an IN connection header:
RPC_IN_DATA /rpc/rpcproxy.dll?:6002 HTTP/1.1
Accept: application/rpc
User-Agent: MSRPC
Host: 
Content-Length: 1073741824
Connection: Keep-Alive
Cache-Control: no-cache
Pragma: no-cache
Authorization: Basic 

And here's an example of an OUT connection header:
RPC_OUT_DATA /rpc/rpcproxy.dll?:6002 HTTP/1.1
Accept: application/rpc
User-Agent: MSRPC
Host: 
Content-Length: 76
Connection: Keep-Alive
Cache-Control: no-cache
Pragma: no-cache
Authorization: Basic 

ssldump on the Apache 2.2.2 machine shows that the RPC_OUT_DATA is correctly
forwarded to the Exchange server.  For the RPC_IN_DATA, OTOH, the proxy doesn't
even open a connection to the Exchange server.  I can only guess that's it's
trying to read (prefetch?) a part or all of the 1073741824 bytes
(Content-Length) before opening the session to the Exchange server.

Unfortunately, the client only sends a small request (~ 100 bytes) on the IN
connection and starts waiting for a response on the OUT connection. It never
gets one, though, since the request hasn't reached the Exchange server yet.

On the Apache 2.0.53 server, however, both requests are forwarded to the
Exchange server, and the body bits are also relayed in a direct and timely
manner.  I've tried an Apache 2.0.58 on the FreeBSD server, but that one doesn't
work, either.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 35256] - %2F will be decoded in PATH_INFO (Documentation to AllowEncodedSlashes says no decoding will be done)

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=35256





--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 14:03 ---
I am also experiencing this problem but without any proxy stuff.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 35256] - %2F will be decoded in PATH_INFO (Documentation to AllowEncodedSlashes says no decoding will be done)

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=35256


[EMAIL PROTECTED] changed:

   What|Removed |Added

 CC||[EMAIL PROTECTED]




-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40015] - Apache 1.3.x Windows binary no longer on mirrors

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40015


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||INVALID




--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 15:31 ---
1.3.35 Binaries are available on archive.apache.org:
http://archive.apache.org/dist/httpd/binaries/win32/

We will no longer be producing win32 binaries for 1.3 -- Reconsider not being
able to upgrade to 2.2.



-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40029] - mod_proxy should interoperate with RPC over HTTP

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40029


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||INVALID




--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 15:32 ---
(In reply to comment #0)

> ssldump on the Apache 2.2.2 machine shows that the RPC_OUT_DATA is correctly
> forwarded to the Exchange server.  For the RPC_IN_DATA, OTOH, the proxy 
> doesn't
> even open a connection to the Exchange server.  I can only guess that's it's
> trying to read (prefetch?) a part or all of the 1073741824 bytes
> (Content-Length) before opening the session to the Exchange server.

Correct, we prefetch the whole body to avoid HTTP smuggling attacks with invalid
Content-Length headers. This is a security fix in 2.2.x and >= 2.0.55. (see
http://httpd.apache.org/security/vulnerabilities_20.html and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088). Correct me if I am
wrong but I do not think that RPC_IN_DATA and RPC_OUT_DATA are specfied in any 
RFC.

> 
> Unfortunately, the client only sends a small request (~ 100 bytes) on the IN
> connection and starts waiting for a response on the OUT connection. It never
> gets one, though, since the request hasn't reached the Exchange server yet.

This is an incorrect use of the http protocol. Bad luck for Microsoft.

So I do not see any chance that we can do anything here. => Invalid


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40026] - Impossibility to unset Server Header

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40026


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||INVALID




--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 15:44 ---
This currently works as designed. In the proxy case we have the following 
situation:

If no Server header is set (either because the backend does not set one or
because you have unset it the Server header is set with the default value).

In the non proxy case the Server header is always set to the predefined value.
It cannot be changed.
So I mark this as invalid. Feel free to reopen if you think that this is either
a documentation bug or an enhancement.

BTW: Unsetting the Content-Length header is not really a smart idea as it breaks
HTTP/1.1 connections.
S

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40026] - Impossibility to unset Server Header

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40026


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|INVALID |




--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 15:54 ---
In this case, the design is broken. "Server" is not required by RFC 2616.

The Content-Length header was unset for testing purposes (if unsetting headers
does work).

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40029] - mod_proxy should interoperate with RPC over HTTP

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40029





--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 16:11 ---
So, there's no chance for "be generous in what you accept"? (Apache is already
"strict in what it delivers")

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40004] - Mod_rewrite 'Last' flag doesn't seem to end rewriting

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40004





--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 16:57 ---
The more I think about it, the more I think this is a misfeature.  If '[L]'
doesn't stop further rewriting (in directory rules), then it doesn't serve a
purpose (in directory rules).  Is there a workaround?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40030] New: - mod_dav documentation could be improved

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40030

   Summary: mod_dav documentation could be improved
   Product: Apache httpd-2
   Version: 2.2.2
  Platform: Other
OS/Version: other
Status: NEW
  Severity: trivial
  Priority: P2
 Component: Documentation
AssignedTo: bugs@httpd.apache.org
ReportedBy: [EMAIL PROTECTED]


The documentaiton page at http://httpd.apache.org/docs/2.2/mod/mod_dav.html

Has:


  require user admin



This example does not seem the best general purpose case since it omits the HEAD
and POST options, which would allow to standard URL access to occur but
correctly limit methods employed by DAV.


  require user admin


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40029] - mod_proxy should interoperate with RPC over HTTP

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40029





--- Additional Comments From [EMAIL PROTECTED]  2006-07-12 20:57 ---
Sorry, not in this case as this opens up a security hole if we are not strict 
here.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 39746] - mod_rewrite & mod_proxy & %2F in URL

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39746


[EMAIL PROTECTED] changed:

   What|Removed |Added

 CC||[EMAIL PROTECTED]




-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 40035] New: - Windows Server 2003 "("R2")" 64-Bit Edition no cgi

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=40035

   Summary: Windows Server 2003 "("R2")" 64-Bit Edition no cgi
   Product: Apache httpd-2
   Version: 2.2.2
  Platform: Other
OS/Version: Windows Server 2003
Status: NEW
  Severity: critical
  Priority: P2
 Component: All
AssignedTo: bugs@httpd.apache.org
ReportedBy: [EMAIL PROTECTED]


This installer version even though it installs Apache cannot execute cgi's and 
thereafter .pl and .php scripts.

It is felt that since many things are not allowed to execute upon install this 
is part of the Data Execution Prevention [DEP] of the Windows Server 64-bit 
schema and the lack of configurability for the Apache install, i.e., there is 
no option to specify the layout.

Advice is to suggest that those developers building Windows binaries for their 
distribution provide the documentation necessary to fully configure Apache in 
their environment and allow for alternative install paths to the default 
Windows install paths.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]