[Issues] [mod_gnutls 0000097]: Support for proxying from SSL to plain HTTP

Mantis Bug Tracker issues at outoforder.cc
Tue Mar 16 13:21:48 EDT 2010


A NOTE has been added to this issue. 
====================================================================== 
http://issues.outoforder.cc/view.php?id=97 
====================================================================== 
Reported By:                belg4mit
Assigned To:                
====================================================================== 
Project:                    mod_gnutls
Issue ID:                   97
Category:                   Apache Integration
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     new
Apache Version:             2.0.52 
====================================================================== 
Date Submitted:             2009-04-08 22:59 EDT
Last Modified:              2010-03-16 13:21 EDT
====================================================================== 
Summary:                    Support for proxying from SSL to plain HTTP
Description: 
With mod_gnutls it does not seem possible to proxy SSL content.
We have an SSL host (one of several thanks to SNI), and wish to
expose some of its contents over an unencrypted connection via
a proxypass. Trying

  LoadModule proxy_module modules/mod_proxy.so
  LoadModule proxy_http_module modules/mod_proxy_http.so
  <VirtualHost example.org:80>
    ProxyPass /NoAuth https://example.org/NoAuth
  </VirtualHost>

begets

[warn] proxy: No protocol handler was valid for the URL
/NoAuth/Calendar/42/. If you are using a DSO version of mod_proxy, make
sure the proxy submodules are included in the configuration using
LoadModule.

With mod_ssl, it seems the SSLProxyEngine directive comes into play here.
======================================================================
Relationships       ID      Summary
----------------------------------------------------------------------
related to          0000087 mod_gnutls doesn't work with mod_proxy_...
====================================================================== 

---------------------------------------------------------------------- 
 (0000157) nmav (manager) - 2009-06-30 14:09
 http://issues.outoforder.cc/view.php?id=97#c157 
---------------------------------------------------------------------- 
Can you try 0.5.x? 

---------------------------------------------------------------------- 
 (0000162) belg4mit (reporter) - 2009-06-30 18:57
 http://issues.outoforder.cc/view.php?id=97#c162 
---------------------------------------------------------------------- 
Link to http://issues.outoforder.cc/view.php?id=87?

Is Mantis really so lame as to not process email responses, like bugzilla
or RT?
Just in case, paste by hand email response to .5.x request:

Once I finally figured out how to get pkg-config to do it's thing*,
I upgraded to .5.5 and still get the same error. mod_proxy,
mod_proxy_http
and mod_connect are all loaded.

* Required a more modern gnutls than the stated 2.4 (acutally >2.7.7 for
  the pkg-config meta files, which gnutls *doesn't even install*) 

---------------------------------------------------------------------- 
 (0000171) nmav (manager) - 2009-07-20 17:19
 http://issues.outoforder.cc/view.php?id=97#c171 
---------------------------------------------------------------------- 
Can you check http://issues.outoforder.cc/view.php?id=87
Is your setup related to his? 

---------------------------------------------------------------------- 
 (0000199) doud (reporter) - 2010-03-16 12:07
 http://issues.outoforder.cc/view.php?id=97#c199 
---------------------------------------------------------------------- 
I have exactly the same problem, for me it's not related with issue
0000087

OS: FreeBSD 8
httpd: apache 2.2.8
mod_gnutls : 5.5

I have just migred mod_ssl to mod_gnutls, proxy worked fine.
mod_gnutls work without Proxy Requests.

Do you already fix, or find a solution ? 

---------------------------------------------------------------------- 
 (0000200) doud (reporter) - 2010-03-16 12:31
 http://issues.outoforder.cc/view.php?id=97#c200 
---------------------------------------------------------------------- 
I just notice it work fine when the proxy path is http

        ProxyPass / http://foo.bar.local/
        ProxyPassReverse / http://foo.bar.local/

And not when https:

        ProxyPass / https://foo.bar.local/
        ProxyPassReverse / https://foo.bar.local/

error.log :
[Tue Mar 16 16:30:50 2010] [warn] proxy: No protocol handler was valid for
the URL /. If you are using a DSO version of mod_proxy, make sure the proxy
submodules are included in the configuration using LoadModule. 

---------------------------------------------------------------------- 
 (0000201) nmav (manager) - 2010-03-16 12:51
 http://issues.outoforder.cc/view.php?id=97#c201 
---------------------------------------------------------------------- 
Which version of mod_gnutls do you use? Is it 0.5.5? 

---------------------------------------------------------------------- 
 (0000202) doud (reporter) - 2010-03-16 13:21
 http://issues.outoforder.cc/view.php?id=97#c202 
---------------------------------------------------------------------- 
Yes 0.5.5 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-04-08 22:59 belg4mit       New Issue                                    
2009-04-08 22:59 belg4mit       Apache Version            => 2.0.52          
2009-06-30 14:09 nmav           Note Added: 0000157                          
2009-06-30 14:09 nmav           Issue Monitored: nmav                        
2009-06-30 18:57 belg4mit       Note Added: 0000162                          
2009-07-20 17:18 nmav           Relationship added       related to 0000087  
2009-07-20 17:19 nmav           Note Added: 0000171                          
2010-03-16 12:07 doud           Note Added: 0000199                          
2010-03-16 12:31 doud           Note Added: 0000200                          
2010-03-16 12:51 nmav           Note Added: 0000201                          
2010-03-16 13:21 doud           Note Added: 0000202                          
======================================================================




More information about the Issues mailing list