httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rpl...@apache.org
Subject svn commit: r757720 - /httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
Date Tue, 24 Mar 2009 10:56:56 GMT
Author: rpluem
Date: Tue Mar 24 10:56:55 2009
New Revision: 757720

URL: http://svn.apache.org/viewvc?rev=757720&view=rev
Log:
* Do not allow name based virtual hosts in the case no hostname was
  provided via SNI.

Modified:
    httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=757720&r1=757719&r2=757720&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Tue Mar 24 10:56:55 2009
@@ -186,6 +186,16 @@
             return HTTP_BAD_REQUEST;
         }
     }
+    else if (r->connection->vhost_lookup_data) {
+        /*
+         * We are using a name based configuration here, but no hostname was
+         * provided via SNI. Don't allow that.
+         */
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+                     "No hostname was provided via SNI for a name based"
+                     " virtual host");
+        return HTTP_FORBIDDEN;
+    }
 #endif
     SSL_set_app_data2(ssl, r);
 



Mime
View raw message