Hello, I'm just struggling around with using Connection: Upgrade. I issue a GET / HTTP/1.1-request (see bottom for the exact one) and the part of the reply which is generated by php is send in cleartext (the client naturally doesn't want to accept that and closes the connection): [pid 16349] recv(8, "\24\3\1\0\1\1\26\3\1\0000f\212W\335\273\16L\352\357\3054\32\204\311\376 \264a4l\3670\17\303e\224\202\370!\361\271\311\320\360\356\210ZN\255w\314 ~\351\377=}\250irfoobarfoobarfoobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar", 2048, 0) = 119 PHP-script is: <?php for ($i = 0; $i < 10; $i++) echo "foobar"; ?> How to reproduce: Download http://people.apache.org/~bnicholes/tlsupgrade/tlsupgrade.c Compile it using gcc -lssl -o tlsupgrade tlsupgrade.c Run it using: strace -s 2048 ./tlsupgrade http://localhost/index.php (Replace the address of your test server and file if necessary) Then look out for the first 5 bytes of the cleartext (fooba in my case) which will appear in the reply. If you use ./tlsupgrade <URL> -u, it will issue OPTIONS * HTTP/1.1 before using Upgrade: TLS/1.0 which will lead an empty 200-reply before another request is made... This usually works without any problems. So, in conclusion: The request that makes problems is: GET /index.php HTTP/1.1 Host: localhost Upgrade: TLS/1.0 Connection: Upgrade I am using Apache 2.2.3 on Debian Linux (unstable). Is this a bug? I think so. I'd be thankful for any patches or ideas where/how to patch it. Best regards, Michael Stapelberg --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|