/ Zope / Apsis / Pound Mailing List / Archive / 2007 / 2007-11 / Pound-2.3.2 X-SSL-certificate single-line patch

[ << ] [ >> ]

[ I'm not sure I have my timeouts correct in this ... ] [ Too many open files / Thorsten Kramm ... ]

Pound-2.3.2 X-SSL-certificate single-line patch
Jeff McCune <mccune(at)math.ohio-state.edu>		 2007-11-15 22:31:17 [ FULL ] 
Hi,

I'd like to submit a small patch to Pound for inclusion in a future  
release.

While using Pound-2.3.2 as an SSL front end for Mongrel, I ran into an  
issue where by Mongrel's HTTP parser strictly interprets headers and  
returns a 500 error while parsing the X-SSL-certificate header.  This  
error is described in the Mongrel mailing list thread, located at:

http://osdir.com/ml/lang.ruby.mongrel.general/2006-10/msg00074.html

I don't believe the Fix to Mongrel that Zed mentioned in the above  
thread ever made it into the code, as Mongrel still only parses the  
first line of the multiline header.

In any event, a single line encoding of the PEM certificate is still  
valid, and will probably play nicer with other HTTP servers as well.   
Please let me know if you'd like to keep the existing behavior, at  
which point I'll try and patch Mongrel to accept the multiple line X- 
SSL-certificate header.

Thanks,
--
Jeff McCune
Systems Manager
The Ohio State University
Department of Mathematics
Attachments:  
0001-Pound-Single-Line-x509certificate-header.patch application/octet-stream 2003 Bytes
0002-Pound-man-page.patch application/octet-stream 651 Bytes
MailBoxer