1 |
Well, my 'work around' was a little bit more extreme.... |
2 |
|
3 |
I upgraded to 2.2.0, which I know it hard masked. So I may be in for a world |
4 |
of pain by doing so. ATM though everything appears to be working. |
5 |
|
6 |
Thanks for the input though. When a 2.0.56 ebuild becomes available I will |
7 |
probably downgrade to that. |
8 |
|
9 |
|
10 |
On Friday 03 March 2006 04:00 pm, Andy Dustman wrote: |
11 |
> On 3/3/06, Stelian Ionescu <stelian.ionescu-zeus@×××××.it> wrote: |
12 |
> > On Fri, Mar 03, 2006 at 04:31:44PM -0500, Andy Dustman wrote: |
13 |
> > >On 3/3/06, Edward Muller <edwardam@××××××××.com> wrote: |
14 |
> > >> One of our clients has the following setup: |
15 |
> > >> httpd 2.0.55 (Gentoo package 2.0.55-r1) |
16 |
> > >> Zope 2.6.1 |
17 |
> > >> |
18 |
> > >> Apache proxies zope for a http and https host via mod_rewrite/proxy |
19 |
> > >> |
20 |
> > >> POSTs going to httpd=>zope via http are fine, posts going to |
21 |
> > >> httpd=>zope via https are not. |
22 |
> > > |
23 |
> > >Yup: |
24 |
> > > |
25 |
> > >https://bugs.gentoo.org/show_bug.cgi?id=121402 |
26 |
> > >http://issues.apache.org/bugzilla/show_bug.cgi?id=37145 |
27 |
> > > |
28 |
> > >Unfortunately for you and me, despite having the patch available from |
29 |
> > >upstream, the developer closed the bug with the comment "2.0.56 should |
30 |
> > >be out real soon now, which addresses this problem." That was a month |
31 |
> > >ago. |
32 |
> > |
33 |
> > 1) download this patch: |
34 |
> > http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/2.0.x/modules/prox |
35 |
> >y/proxy_http.c?p2=%2Fhttpd%2Fhttpd%2Fbranches%2F2.0.x%2Fmodules%2Fproxy%2F |
36 |
> >proxy_http.c&p1=httpd%2Fhttpd%2Fbranches%2F2.0.x%2Fmodules%2Fproxy%2Fproxy |
37 |
> >_http.c&r1=372046&r2=372045&rev=372046&view=diff&makepatch=1&diff_format=u |
38 |
> > to /usr/portage/net-www/apache/files/plone.patch |
39 |
> > 2) add this lines to the src_unpack in apache-2.0.55-r1.ebuild right |
40 |
> > after "epatch ${GENTOO_PATCHDIR}...": |
41 |
> > |
42 |
> > epatch ${FILESDIR}/plone.patch |
43 |
> > |
44 |
> > 3) execute: ebuild /usr/portage/net-www/apache/apache-2.0.55-r1.ebuild |
45 |
> > digest 4) remerge apache-2.0.55-r1 |
46 |
> > |
47 |
> > (I'm ssuming that you're using an ~arch apache and that your portage |
48 |
> > tree is in /usr/portage; alternativerly you might copy the ebuild to an |
49 |
> > overlay and add the patch there) |
50 |
> |
51 |
> Actually, I just found a workaround. I saw something about |
52 |
> mod_security, and thought that by adding that as an intermediate |
53 |
> processing layer, it might fix the problem, and it does. |
54 |
> |
55 |
> 1) emerge mod_security |
56 |
> |
57 |
> 2) edit /etc/apache2/modules.d/99_mod_security.conf to suit, and in |
58 |
> particular, you must comment out this rule: |
59 |
> |
60 |
> # Forbid file upload |
61 |
> #SecFilterSelective "HTTP_CONTENT_TYPE" multipart/form-data |
62 |
> |
63 |
> Otherwise, you can't submit POST form data. |
64 |
> |
65 |
> 3) add -D SECURITY to the args in /etc/conf.d/apache2 |
66 |
> |
67 |
> 4) /etc/init.d/apache2 restart |
68 |
> |
69 |
> BTW, it's not a Plone- or Zope-specific problem. It can happen anytime |
70 |
> you are using mod_ssl to mod_proxy and have multi-part form data. |
71 |
> -- |
72 |
> The Pythonic Principle: Python works the way it does |
73 |
> because if it didn't, it wouldn't be Python. |
74 |
|
75 |
-- |
76 |
Edward Muller - Interlix |
77 |
edwardam@××××××××.com |
78 |
417-862-0573 |
79 |
PGP Key: http://interlix.com/Members/edwardam/pgpkeys |