You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Ramon Loureiro <br...@hotmail.com> on 2017/11/07 12:46:12 UTC

[users@httpd] RES: Receiving only 8000 bytes in CGI programs using post method

Hi again!

I forgot to mention some very important information:

When we are in non-secure mode, via port 8086, on localhost or on the same network the content is not cut and CGI reads all content.

When we are out of the network where the APACHE server is running, through port 8086 in non-secure mode, the content is cut off and the CGI only reads the first 8000 bytes.

So we can not read all the content when we are remote and not secure, without SSL.

Any suggestion? Any security settings to let the same operation between localhost and remote?

Thank you,
Ramon Loureiro

De: Hotmail Ramon [mailto:braga_ramon@hotmail.com]
Enviada em: terça-feira, 7 de novembro de 2017 09:27
Para: 'users@httpd.apache.org'
Assunto: Receiving only 8000 bytes in CGI programs using post method

Hi,

We have an Apache / 2.4.27 (Win32) OpenSSL / 1.0.2l running on Win7. The server serves the Web pages on port 80 and port 443.

Here is the brief description of the problem we are in.

When we use the Apache server to service non-secure web pages (server running on port 8086) all bytes are sent to CGI programs during the publishing method. Always returns response 200, and does not return response 413. But the CGI only reads 8000 bytes, and the rest is not read.

When we use the same server with secure web pages running on port 443, the CGI reads all blocks other than the first 8000 bytes.

We enable the module mod_dumpio and put it in debug mode, and through it we can see that when we use SSL the data is read through OpenSSL. The log appears "dumpio_in (data-TRANSIENT): 8192 bytes" and dumpio_in (data-TRANSIENT): 7633 bytes.

Headers:
Content-Length: 15825, referer: https://hafidvirtual.ddns.net/cgi-bin/XEDITAR.EXE

8192 + 7633 = 15825 bytes

When we do not use SSL, sending the same content appears in the log "dumpio_in (data-HEAP): 8000 bytes", "dumpio_in (data-HEAP): 192 bytes", "dumpio_in (data-HEAP): 568 bytes" dumpio_in (data-HEAP): 7065 bytes ".

Headers:
Content-Length: 15825, referer: http://hafidvirtual.ddns.net:8086/cgi-bin/XEDITAR.EXE

8000 + 192 + 568 + 7065 = 15825 bytes

So when we do not use SSL, the CGI only gets the first 8000 bytes, which is the first stack / heap block.

For us this solution of using SSL is complicated. Is there another way to solve this?

Any help to solve this problem is greatly appreciated.

Thank you,
Ramon Loureiro