From: Sean D. <sea...@sb...> - 2008-02-18 08:05:45
|
> Apache does not allow CONNECT statements over HTTPS, unless you patch it > yourself. This is documented on several places. Speaking of, is there any further resolution to this? The bugtraq for this hasn't had activity for the last 4 months and the latest patch is for 2.2.6 of which there are vulnerabilities for. I sure would like to be able to upgrade to the latest version and still maintain a working proxytunnel. I'm no C-coder but I'm going to see if I can adapt the 2.2.6 patch to 2.6.8, hopefully not much has been changed (if any) in the altered pieces of code. Be nice if somebody with more capability than I would host a patch repository to maintain this functionality across new versions of apache. |