[Issues] [mod_gnutls 0000097]: Support for proxying from SSL to plain HTTP
Mantis Bug Tracker
issues at outoforder.cc
Tue Mar 16 13:39:22 EDT 2010
A NOTE has been added to this issue.
======================================================================
http://issues.outoforder.cc/view.php?id=97
======================================================================
Reported By: belg4mit
Assigned To:
======================================================================
Project: mod_gnutls
Issue ID: 97
Category: Apache Integration
Reproducibility: always
Severity: minor
Priority: normal
Status: new
Apache Version: 2.0.52
======================================================================
Date Submitted: 2009-04-08 22:59 EDT
Last Modified: 2010-03-16 13:39 EDT
======================================================================
Summary: Support for proxying from SSL to plain HTTP
Description:
With mod_gnutls it does not seem possible to proxy SSL content.
We have an SSL host (one of several thanks to SNI), and wish to
expose some of its contents over an unencrypted connection via
a proxypass. Trying
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
<VirtualHost example.org:80>
ProxyPass /NoAuth https://example.org/NoAuth
</VirtualHost>
begets
[warn] proxy: No protocol handler was valid for the URL
/NoAuth/Calendar/42/. If you are using a DSO version of mod_proxy, make
sure the proxy submodules are included in the configuration using
LoadModule.
With mod_ssl, it seems the SSLProxyEngine directive comes into play here.
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0000087 mod_gnutls doesn't work with mod_proxy_...
======================================================================
----------------------------------------------------------------------
(0000157) nmav (manager) - 2009-06-30 14:09
http://issues.outoforder.cc/view.php?id=97#c157
----------------------------------------------------------------------
Can you try 0.5.x?
----------------------------------------------------------------------
(0000162) belg4mit (reporter) - 2009-06-30 18:57
http://issues.outoforder.cc/view.php?id=97#c162
----------------------------------------------------------------------
Link to http://issues.outoforder.cc/view.php?id=87?
Is Mantis really so lame as to not process email responses, like bugzilla
or RT?
Just in case, paste by hand email response to .5.x request:
Once I finally figured out how to get pkg-config to do it's thing*,
I upgraded to .5.5 and still get the same error. mod_proxy,
mod_proxy_http
and mod_connect are all loaded.
* Required a more modern gnutls than the stated 2.4 (acutally >2.7.7 for
the pkg-config meta files, which gnutls *doesn't even install*)
----------------------------------------------------------------------
(0000171) nmav (manager) - 2009-07-20 17:19
http://issues.outoforder.cc/view.php?id=97#c171
----------------------------------------------------------------------
Can you check http://issues.outoforder.cc/view.php?id=87
Is your setup related to his?
----------------------------------------------------------------------
(0000199) doud (reporter) - 2010-03-16 12:07
http://issues.outoforder.cc/view.php?id=97#c199
----------------------------------------------------------------------
I have exactly the same problem, for me it's not related with issue
0000087
OS: FreeBSD 8
httpd: apache 2.2.8
mod_gnutls : 5.5
I have just migred mod_ssl to mod_gnutls, proxy worked fine.
mod_gnutls work without Proxy Requests.
Do you already fix, or find a solution ?
----------------------------------------------------------------------
(0000200) doud (reporter) - 2010-03-16 12:31
http://issues.outoforder.cc/view.php?id=97#c200
----------------------------------------------------------------------
I just notice it work fine when the proxy path is http
ProxyPass / http://foo.bar.local/
ProxyPassReverse / http://foo.bar.local/
And not when https:
ProxyPass / https://foo.bar.local/
ProxyPassReverse / https://foo.bar.local/
error.log :
[Tue Mar 16 16:30:50 2010] [warn] proxy: No protocol handler was valid for
the URL /. If you are using a DSO version of mod_proxy, make sure the proxy
submodules are included in the configuration using LoadModule.
----------------------------------------------------------------------
(0000201) nmav (manager) - 2010-03-16 12:51
http://issues.outoforder.cc/view.php?id=97#c201
----------------------------------------------------------------------
Which version of mod_gnutls do you use? Is it 0.5.5?
----------------------------------------------------------------------
(0000202) doud (reporter) - 2010-03-16 13:21
http://issues.outoforder.cc/view.php?id=97#c202
----------------------------------------------------------------------
Yes 0.5.5
----------------------------------------------------------------------
(0000203) nmav (manager) - 2010-03-16 13:39
http://issues.outoforder.cc/view.php?id=97#c203
----------------------------------------------------------------------
Then could you please give me the smallest configuration that can be used
to replicate your problem?
Issue History
Date Modified Username Field Change
======================================================================
2009-04-08 22:59 belg4mit New Issue
2009-04-08 22:59 belg4mit Apache Version => 2.0.52
2009-06-30 14:09 nmav Note Added: 0000157
2009-06-30 14:09 nmav Issue Monitored: nmav
2009-06-30 18:57 belg4mit Note Added: 0000162
2009-07-20 17:18 nmav Relationship added related to 0000087
2009-07-20 17:19 nmav Note Added: 0000171
2010-03-16 12:07 doud Note Added: 0000199
2010-03-16 12:31 doud Note Added: 0000200
2010-03-16 12:51 nmav Note Added: 0000201
2010-03-16 13:21 doud Note Added: 0000202
2010-03-16 13:39 nmav Note Added: 0000203
======================================================================
More information about the Issues
mailing list