httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: 2.4.17-protocols-http2/ - SNI issue
Date Wed, 16 Sep 2015 10:16:27 GMT
On Wed, Sep 16, 2015 at 12:04 PM, Plüm, Rüdiger, Vodafone Group
<ruediger.pluem@vodafone.com> wrote:
>
>> > Am 16.09.2015 um 11:36 schrieb Yann Ylavic <ylavic.dev@gmail.com>:
>> >
>> > ISTM that the test should be:
>> >            if (strcasecmp(host, servername)
>> >                || (sslconn->server
>> >                    && !ssl_util_vhost_matches(host, sslconn->server)))
>> >
>> > instead of:
>> >           if (strcasecmp(host, servername)
>> >                || !sslconn->server
>> >                || !ssl_util_vhost_matches(host, sslconn->server))
>> >
>> > Not sure sslconn->server isn't NULL here for the first request.
>
> I shouldn't be.

Right, the issue is possibly here:

Index: modules/ssl/ssl_engine_kernel.c
===================================================================
--- modules/ssl/ssl_engine_kernel.c    (revision 1703149)
+++ modules/ssl/ssl_engine_kernel.c    (working copy)
@@ -1937,7 +1937,7 @@ static apr_status_t init_vhost(conn_rec *c, SSL *s
     if (c) {
         SSLConnRec *sslcon = myConnConfig(c);

-        if (sslcon->server != c->base_server) {
+        if (sslcon->server && sslcon->server != c->base_server) {
             /* already found the vhost */
             return APR_SUCCESS;
         }
--

> Maybe setting the loglevel to Debug could help to see the other SNI stuff that was going
on before and if it correctly identified the correct vhost via SNI.

+1

Mime
View raw message