Add missing \r when breaking up a long header in add_ssl_headers().

graygnuorg / pound

Light-weight reverse proxy, load balancer and HTTPS front-end for Web servers.

GNU General Public License v3.0

48 stars 13 forks source link

Add missing \r when breaking up a long header in add_ssl_headers(). #36

Closed leres closed 2 months ago

leres commented 2 months ago

Thanks for 0208af3, it solves the "out of memory" syslog messages.

The fixed version was reporting 400/Bad Request. Since my backend is 80/http I used tcpdump to get traces of the 4.11 (working) and 4.13 (not working) headers. The difference is that 4.11 sends the X-SSL-certificate header all in one line but 4.13 breaks up this header into ~column 74 length lines. It does so with the sequence LF HT (0x0a, 0x09). The lack of CR (0x0d) was making apache unhappy so here's a patch that adds it.

graygnuorg commented 2 months ago

Hi Craig,

I used tcpdump to get traces of the 4.11 (working) and 4.13 (not working) headers. The difference is that 4.11 sends the X-SSL-certificate header all in one line but 4.13 breaks up this header into ~column 74 length lines. It does so with the sequence LF HT (0x0a, 0x09). The lack of CR (0x0d) was making apache unhappy so here's a patch that adds it.

Massive thanks for spotting out and fixing that!

Regards, Sergey