Joe Orton wrote:
On Tue, Jan 31, 2006 at 02:42:27PM +0000, Stephen Collyer wrote:Joe Orton wrote:On Tue, Jan 31, 2006 at 12:34:27PM +0000, Stephen Collyer wrote:I have an SSL enabled Apache 2.0.55, with a CGI enabled Location accessible via SSL. When I try to execute a POST against this location, I get a 405 "Method not allowed" response.This is http://issues.apache.org/bugzilla/show_bug.cgi?id=12355 - which was fixed in 2.2.0; you can apply this patch to 2.0.x releases:http://issues.apache.org/bugzilla/attachment.cgi?id=16495Joe Thanks - that certainly looks like the problem. I notice that there are some potential workarounds mentioned on that page. Is there an "official" workaround, or should someone with a 2.0 Apache simply bite the bullet and apply the patch ? (or move to 2.2.0 ?)Ignore all the patches in the PR other than the one I referenced above - that is the same as the code which went into 2.2. There is no "official" fix for 2.0 unless and until something gets committed, but the above patch is as close as you'll get until then.
Right. Howver, by "workaround" I was referring to a configuration change (maybe adding that SSLOptions +OptRenegotiate ?). I'm unclear as to why the error message suggests a config fix, but a patch is necessary - I guess the question is, if I can fix the problem by changing the config (and it's not clear to me yet if I can), what does the patch buy me ? The closing of a security hole maybe ? -- Regards Stephen Collyer Netspinner Ltd --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|