https://issues.apache.org/bugzilla/show_bug.cgi?id=56414
Bug ID: 56414
Summary: SNI & HTTP hostname different because of user@
Product: Apache httpd-2
Version: 2.2.22
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
Assignee: [email protected]
Reporter: [email protected]
Hello,
I use Apache 2.2.22 on my Debian Wheezy (7 / stable) box.
Here is the message I have in error.log, from a user using a subversion client
:
Hostname www.domain.com provided via SNI and hostname [email protected]
provided via HTTP are different
Here is a quick fix I wrote, but perhaps something more official / clean could
be written.
In modules/ssl/ssl_engine_kernel.c,
I added these 7 first lines,
and I modified the 8th one :
char *hostcut = malloc(strlen(host) + 1);
strcpy(hostcut,host);
if (strstr (hostcut,"@"))
{
hostcut=strstr (hostcut,"@");
hostcut=&hostcut[1];
}
if (strcasecmp(hostcut, servername)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
"Hostname %s provided via SNI and hostname %s provided"
" via HTTP are different", servername, hostcut);
return HTTP_BAD_REQUEST;
}
Thank you very much,
Best regards,
Ben
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
