You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Claus Fischer <cl...@clausfischer.com> on 2006/02/08 18:25:14 UTC

[users@httpd] Apache module to pass "decrypted socket" to application server?

Hi Apache users and maintainers,


Summary:

I am looking for a way to multiplex incoming SSL connections
on port 443 between Apache and an application server with an
application specific protocol that requires bidirectional
TCP transport. (See more detailed description below).

Is there a module or configuration possibility for Apache
to achieve that goal?





Detailed description:

I have an application server that uses a custom TCP transport
protocol. The protocol is not just request-response oriented;
once a client has connected to the application server, both
sides may spontaneously send and receive data over the line.

I want this application server to offer an SSL service connection
at port 443, parallel to Apache, so that regular HTTP requests
that start with one of "GET", "PUT", "POST", ...
will be handled by apache, and connections starting with a
self-defined keyword will be routed to the application server.

(I can modify the code of both server and client somewhat.)



A possible solution would be to write an SSL server like
stunnel, which looks at the first keyword of the request
and then creates a connection to either Apache or the
application server.

However, thereby I would lose all of Apache's logging and
IP verification capabilities, and CGI scripts behind Apache
would not get that information either.


Does Apache have a module that lets Apache accept the SSL
connection, decrypt it, and based on a keyword (or even
some requested URL) "pass on" the socket, i.e. forward
all further transport, unencrypted, to the application
server?
I need something that does not look at the protocol
between client and server at all, no header parsing,
timeouts, chunked encoding, no HTTP protocol at all
applied. Just encrypting/decrypting the byte stream.


If you know a solution for this problem that does not
require writing a SSL proxy, I'd be glad to hear
from you.

Regards,

Claus

-- 
Claus Fischer <cl...@clausfischer.com>
http://www.clausfischer.com/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] 2.2 ErrorDocument weirdness

Posted by Joshua Slive <jo...@slive.ca>.

On 2/8/06, David Salisbury <sa...@globe.gov> wrote:
>
> There's worse things than this, but I wonder if anyone has this weirdness.
>
> Apache 2.2, upon a server error, would send the error message
> using text as it's content-type, thereby the html would display as text
> in the browser. I fixed this by changing the DefaultType to text/html
> from text/plain
>
> ----
> # DefaultType is the default MIME type for documents which the server
> # cannot find the type of from filename extensions.
> DefaultType text/html
> ----
>
> Though it seems strange to me that Apache doesn't know what it's generating. :)
> But the weird part is that I'm still getting the message:
> "Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request."
> even though I have commented out any ErrorDocuments defined.
>
> anyone else experience this?

Sounds like:
http://issues.apache.org/bugzilla/show_bug.cgi?id=37938

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] 2.2 ErrorDocument weirdness

Posted by David Salisbury <sa...@globe.gov>.

There's worse things than this, but I wonder if anyone has this weirdness.

Apache 2.2, upon a server error, would send the error message
using text as it's content-type, thereby the html would display as text
in the browser. I fixed this by changing the DefaultType to text/html 
from text/plain

----
# DefaultType is the default MIME type for documents which the server
# cannot find the type of from filename extensions.
DefaultType text/html
----

Though it seems strange to me that Apache doesn't know what it's generating. :)
But the weird part is that I'm still getting the message:
"Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request."
even though I have commented out any ErrorDocuments defined.

anyone else experience this?

-Dave





---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org