LimitRequestBody 0

LimitRequestBody 0

am 05.06.2008 18:47:25 von Keith Hellman

--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

This sounds a lot like=20
https://issues.apache.org/bugzilla/show_bug.cgi?id=3D42625
https://issues.apache.org/bugzilla/show_bug.cgi?id=3D12355

But I think it is different. I'm using certificates for authentication
to all of my pages:


# applied to _all_ URLs
SSLRequireSSL

SSLVerifyClient require
SSLVerifyDepth 5
SSLCACertificateFile /root/openssl/doberman-ca.crt
SSLOptions +FakeBasicAuth
SSLRequire %{SSL_CLIENT_S_DN_O} eq "mcprogramming.com" and \
%{SSL_CLIENT_S_DN_OU} in {"doberman", "localhost"}


When I try to upload an image to my wiki (MoinMoin, 1.70rc2) I get=20
a 413:
Request Entity Too Large
The requested resource
/m17test/MyStartingPage
does not allow request data with POST requests, or the amount of data
provided in the request exceeds the capacity limit.
Apache/2.2.8 (Debian) mod_ssl/2.2.8 OpenSSL/0.9.8g mod_wsgi/2.0
Python/2.5.2 Server at localhost Port 443

I can add
LimitRequestBody 2147483647
to conf and things work splendidly, but if I use
LimitRequestBody 0
(which should allow unlimited upload sizes), I'm back to the error
messages above.

Any thoughts? All the version info is in the error message, this is on
a debian testing system.

TIA
--=20
Keith Hellman #include
khellman@mcprogramming.com from disclaimer import standard
khellman@mines.edu
-*- =
=20
public key @ pgp.mit.edu 9FCF40FD=20
Y!M: mcprogramming AIM/ICQ: 485403897 =
=20
gtalk: jabber@mcprogramming.com =
=20
-*- =
=20

"The First Python function ever written (takes place in the Garden of Eden)"

Guido sayeth "I will write def foo():"
"Hmm, I could use an import, or two",
Satan said, in a whirl, "Why not write it in Perl?",
and the second function ever written - def foo_you():=20

-- Python Limmerick Contest submission by cappy2112
http://groups-beta.google.com/group/comp.lang.python/browse_ thread/threa=
d/d7a780beaff2e88a/

--WIyZ46R2i8wDzkSu
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFISBiceAsFcZ/PQP0RAoXDAKCppHaksWfZ960Qpe0JPXxadjIbrgCf bsWD
uNGEMYg63ivMGcu5APQe0DQ=
=YZSv
-----END PGP SIGNATURE-----

--WIyZ46R2i8wDzkSu--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: LimitRequestBody 0

am 05.06.2008 19:05:52 von Keith Hellman

--rJwd6BRFiFCcLxzm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Oh yeah, I forgot to mention: everything works AOK if I try using http
instead (hence, I'm posting on the modssl list).
--=20
Keith Hellman #include
khellman@mcprogramming.com from disclaimer import standard
khellman@mines.edu
-*- =
=20
public key @ pgp.mit.edu 9FCF40FD=20
Y!M: mcprogramming AIM/ICQ: 485403897 =
=20
gtalk: jabber@mcprogramming.com =
=20
-*- =
=20

"We will perhaps eventually be writing only small modules which are identif=
ied
by name as they are used to build larger ones, so that devices like
indentation, rather than delimiters, might become feasible for expressing l=
ocal
structure in the source language."

-- Donald E. Knuth, "Structured Programming with goto Statements", Computing
Surveys, Vol 6 No 4, Dec. 1974

--rJwd6BRFiFCcLxzm
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFISBzweAsFcZ/PQP0RAjPnAJ96frSoUxSBD+75UTJGXEmzXhjB/wCg sfnS
X/gWaif8SgCIRCZxuFGXZsw=
=/1N6
-----END PGP SIGNATURE-----

--rJwd6BRFiFCcLxzm--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: LimitRequestBody 0

am 06.06.2008 09:40:44 von Joe Orton

On Thu, Jun 05, 2008 at 10:47:25AM -0600, Keith Hellman wrote:
> This sounds a lot like
> https://issues.apache.org/bugzilla/show_bug.cgi?id=42625
> https://issues.apache.org/bugzilla/show_bug.cgi?id=12355
>
> But I think it is different. I'm using certificates for authentication
> to all of my pages:
>
>
> # applied to _all_ URLs
> SSLRequireSSL
>
> SSLVerifyClient require

You should put all this inside the VirtualHost config for the SSL
vhost(s) in question. That way you avoid having to do a per-location
renegotiation and the request body buffering which is necessary in that
case.

joe
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org