DO NOT REPLY [Bug 51709] New: ServerName/ServerAlias don't work if Host: header from HTTP request matches VirtualHost address

Tue, 23 Aug 2011 01:14:33 -0700 

https://issues.apache.org/bugzilla/show_bug.cgi?id=51709

             Bug #: 51709
           Summary: ServerName/ServerAlias don't work if Host: header from
                    HTTP request matches VirtualHost address
           Product: Apache httpd-2
           Version: 2.2.19
          Platform: PC
               URL: http://mail-archives.apache.org/mod_mbox/httpd-dev/201
                    108.mbox/%3C4E527F44.7090504%40lenk.info%3E
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Core
        AssignedTo: [email protected]
        ReportedBy: [email protected]
    Classification: Unclassified


As discussed on the mailing list, the following issue was found:

Short summary:
If it matches, the parameter from VirtualHost overrides any ServerName or
ServerAlias directive. Under some rare conditions, content for the wrong
virtual host is delivered.

Detailed description:
I have configuration with two virtual hosts v1 and v2, both listening on
the same IP address. Assuming that v1.local and v2.local both resolve to the IP
address 10.0.0.1, the configuration for the virtual hosts basically
looks like this:

Listen: 10.0.0.1:80 http
NameVirtualHost 10.0.0.1:80
<VirtualHost v2.local:80>     # <-- this is NO typo!
    ServerName v1.local
    DocumentRoot /srv/v1
</VirtualHost>
<VirtualHost v2.local:80>
    ServerName v2.local
    DocumentRoot /srv/v2
</VirtualHost>

For HTTP requests with the request header 'Host: v2.local:80', the
request always ends up on virtual host v1, delivering the content from
/srv/v1.

Reading the code (version 2.2.19) I discovered, that in the function
check_hostalias() defined in server/vhost.c the host header is
matched against the parameter from the VirtualHost container first,
before it is then matched against any ServerName or ServerAlias
directive. And as soon as the first VirtualHost seems to match, no
ServerName or ServerAliases are checked. So, essentially any name or IP
literal specified as parameter to VirtualHost seems to have precedence
over all ServerName or ServerAlias directives.

I've already consulted the SVN history. Apparently this code flow didn't
change since the NameVirtualHost directive was added (SVN Rev. 79345)
back in October 1997, and maybe is even older.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to