[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: Content-Length with HTTPS
****** message to minivend-users from Barry Treahy <treahy@mmaz.com> ******
MV is running as is Roxen. I can access both the MV configuration interface as well as my database
application. Now that I've completed some preliminary development and tests, I wanted to continue
development with the login interface that will be controlled on an encrypted port. MV responds with my login
page through its CGI interface and when I click on the POST key, that is when all hell breaks loose and MV
croaks with the previously mentioned errors.
Barry
Steve wrote:
> Ok lets back up a few since I am not familiar with your previous post.
> Assumed in the catalog.cfg file you have listed the correct path to the
> SSL server? What happens when you run MV in nonsecure mode and manually
> type in the s to the http? If it will not run then it is server config
> and not MV if it does run it is MV config and we shall attack it from
> that point. You should be able to type in whatever url you want with or
> without the s and it should run. Let me know
>
> Steve
>
> Barry Treahy wrote:
> >
> > I posted a problem about 4 weeks ago about using MV with a http server
> > called Roxen. It worked great except when I run MV through an https
> > (SSL3) port on Roxen and the suggestions from this list stated a bad
> > ScriptAlias. Roxen doesn't have this type of animal, but I verified
> > that the equivalent was all right and proceeded to beat up the Roxen
> > people.
> >
> > To refresh everyones memory, I'm getting the error:
> >
> > dell400.mmaz.com - - [13/January/1999:17:57:19 +0000] -
> > /cgi-bin/midwest-mi.cgi/process Could not open error file : No such
> > file or directory
> > >
> > > to report this error:
> > > dell400.mmaz.com - - [13/January/1999:17:57:19 +0000] -
> > /cgi-bin/midwest-mi.cgi/process Runtime error: Syntax error in post
> > input:
> > > > POST /cgi-bin/midwest-mi.cgi/process?9gMkhgQy;;5 HTTP/1.0
> > > > Referer: https://secure.midwest-microwave.c
> > > >
> > >
> >
> > and the crux of the problem seems to be that MV sees the value of
> > Content-Length for the entity body and uses it for the stream read
> > which truncates the input stream at 102 bytes and the original stream
> > actual looks like:
> >
> > SSL.connection: received packet of type 23
> > SSL.sslfile->ssl_read_callback: application_data: 'POST
> > /cgi-bin/midwest-mi.cgi/process?9gMkhgQy;;5 HTTP/1.0
> > Referer:
> > https://secure.midwest-microwave.com:27786/cgi-bin/midwest-mi.cgi/login
> >
> > Connection: Keep-Alive
> > User-Agent: Mozilla/4.04 [en] (WinNT; U)
> > Host: secure.midwest-microwave.com:27786
> > Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
> > image/png, */*
> > Accept-Language: en
> > Accept-Charset: iso-8859-1,*,utf-8
> > Cookie: RoxenUserID=0x368a7b7c; MV_SESSION_ID=9gMkhgQy:38.186.45.95
> > Content-type: application/x-www-form-urlencoded
> > Content-length: 102
> >
> > mv_click=Login&mv_doit=return&mv_nextpage=checklogin&mv_username=xxUSERNAMExx&mv_password=xxPASSWORDxx'
> >
> > SSL3:ssl_accept_callback(X)
> >
> > When I do the same test WITHOUT encryption, the header stuff does not
> > appear and MV works fine. The questions is, whose fault is this???
> > It seems that after beating on the Roxen folks for the past 3 weeks,
> > it may be MV fault after all since the stream isn't being read
> > correctly! Can anyone please offer some helpful insights??
> >
> > TIA
> >
> > Barry
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
