Re: svn commit: r1384924 - in /httpd/httpd/trunk: include/httpd.h server/request.c

2014-04-24 Thread Christophe JAILLET
Hi, the comment is wrong. 'ap_sub_req_lookup_dirent' uses the fact that 'rnew-uri' has some extra space after the NUL. 'rnew-uri' is allocated via 'ap_escape_uri' which is defined as: #define ap_escape_uri(ppool,path) ap_os_escape_path(ppool,path,1) So, what matters here is the case in

SSL backend via ProxyRemote (using CONNECT)

2014-04-24 Thread Yann Ylavic
Hello, with the following (chained) configuration : VirtualHost 127.0.0.1:80 ServerName reverse-proxy ProxyPass / https://backend:443/ ProxyRemote * http://proxy:8080 #ProxyRequests off /VirtualHost VirtualHost 127.0.0.1:8080 ServerName forward-proxy ProxyRequests on

Re: mod_ssl: TLS/HTTPS multiplexing with other protocols

2014-04-24 Thread Graham Leggett
On 23 Apr 2014, at 8:39 PM, Daniel Pocock dan...@pocock.pro wrote: This brings me to the observation that something needs to do the TLS handshake and then look at the request body from the client (e.g. the HTTP request line or SIP request line) to work out what type of request it is. All of

RE: SSL backend via ProxyRemote (using CONNECT)

2014-04-24 Thread Plüm , Rüdiger , Vodafone Group
-Original Message- From: Yann Ylavic [mailto:ylavic@gmail.com] Sent: Donnerstag, 24. April 2014 15:05 To: httpd Subject: SSL backend via ProxyRemote (using CONNECT) Hello, with the following (chained) configuration : VirtualHost 127.0.0.1:80 ServerName

Re: SSL backend via ProxyRemote (using CONNECT)

2014-04-24 Thread Yann Ylavic
On Thu, Apr 24, 2014 at 3:29 PM, Plüm, Rüdiger, Vodafone Group ruediger.pl...@vodafone.com wrote: IMHO this is a flaw of the backend as IMHO full URL's are allowed also in non proxy cases by the RFC. I agree, but I can't do anything on the (broken) backend side, proxy only... I can live with

Re: SSL backend via ProxyRemote (using CONNECT)

2014-04-24 Thread Yann Ylavic
On Thu, Apr 24, 2014 at 3:37 PM, Yann Ylavic ylavic@gmail.com wrote: On Thu, Apr 24, 2014 at 3:29 PM, Plüm, Rüdiger, Vodafone Group ruediger.pl...@vodafone.com wrote: IMHO this is a flaw of the backend as IMHO full URL's are allowed also in non proxy cases by the RFC. I agree, but I

Re: svn commit: r1384924 - in /httpd/httpd/trunk: include/httpd.h server/request.c

2014-04-24 Thread Graham Leggett
On 24 Apr 2014, at 8:34 AM, Christophe JAILLET christophe.jail...@wanadoo.fr wrote: the comment is wrong. 'ap_sub_req_lookup_dirent' uses the fact that 'rnew-uri' has some extra space after the NUL. 'rnew-uri' is allocated via 'ap_escape_uri' which is defined as: #define

Re: [PATCH] Fix settings options with ProxyPassMatch

2014-04-24 Thread Yann Ylavic
Hi Jan, sorry for the late. On Tue, Apr 22, 2014 at 3:39 PM, Jan Kaluža jkal...@redhat.com wrote: Hi again, the patch has been here for some time already. I hesitate to commit it to trunk without any review, because it changes the core code in mod_proxy and I'm afraid that there could exist