Bug 488939 - mod_rewrite+mod_ssl+SSLVerifyClient = no POST variables
mod_rewrite+mod_ssl+SSLVerifyClient = no POST variables
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: httpd (Show other bugs)
All Linux
low Severity medium
: rc
: ---
Assigned To: Joe Orton
Depends On:
  Show dependency treegraph
Reported: 2009-03-06 05:51 EST by Joe Orton
Modified: 2011-02-16 08:58 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Consequence: Fix: Result:
Story Points: ---
Clone Of: 488886
Last Closed: 2011-02-16 08:58:02 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Joe Orton 2009-03-06 05:51:05 EST
+++ This bug was initially created as a clone of Bug #488886 +++

Description of problem:
If SSLClientVerify for a <directory> is configured, such as:
<Directory "/var/www/html/site">
  SSLVerifyClient require
  SSLVerifyDepth  10

And mod rewrite is configured for this site: (via .htaccess in before mentioned

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

Submitting a POST with variables defined do NOT show up on the script/php side.
 Disabling mod_rewrite or SSLVerifyClient for the path will cause POST
variables to be defined.

Version-Release number of selected component (if applicable):

How reproducible:
every time

Steps to Reproduce:
1. setup an https server with a certificate bundle and turn on sslVerifyClient
2. install a client certificate in your browser
3. setup mod rewrite rules
4. load any page, and try to submit POST variables.  phpinfo() will show no $_POST is defined.
Actual results:
no $_POST variables in php land with this configuration

Expected results:
need those $_POST variables

Additional info:

--- Additional comment from jorton@redhat.com on 2009-03-06 05:39:07 EDT ---

Ah, this is a known bug in the mod_ssl per-dir-reneg code; I fixed it upstream a while back.  Thanks for the report.

--- Additional comment from jorton@redhat.com on 2009-03-06 05:40:39 EDT ---

Fixed upstream by: http://svn.apache.org/viewvc?rev=591393&view=rev
Comment 5 Florian Nadge 2011-01-13 08:20:06 EST
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    New Contents:



Comment 6 Florian Nadge 2011-01-13 08:20:40 EST
Please be so kind and add a few key words to the technical note of this
bugzilla entry using the following structure:





Comment 7 errata-xmlrpc 2011-02-16 08:58:02 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.