On Wed, Sep 16, 2015 at 12:04 PM, Plüm, Rüdiger, Vodafone Group
<[email protected]> wrote:
>
>> > Am 16.09.2015 um 11:36 schrieb Yann Ylavic <[email protected]>:
>> >
>> > ISTM that the test should be:
>> > if (strcasecmp(host, servername)
>> > || (sslconn->server
>> > && !ssl_util_vhost_matches(host, sslconn->server)))
>> >
>> > instead of:
>> > if (strcasecmp(host, servername)
>> > || !sslconn->server
>> > || !ssl_util_vhost_matches(host, sslconn->server))
>> >
>> > Not sure sslconn->server isn't NULL here for the first request.
>
> I shouldn't be.
Right, the issue is possibly here:
Index: modules/ssl/ssl_engine_kernel.c
===================================================================
--- modules/ssl/ssl_engine_kernel.c (revision 1703149)
+++ modules/ssl/ssl_engine_kernel.c (working copy)
@@ -1937,7 +1937,7 @@ static apr_status_t init_vhost(conn_rec *c, SSL *s
if (c) {
SSLConnRec *sslcon = myConnConfig(c);
- if (sslcon->server != c->base_server) {
+ if (sslcon->server && sslcon->server != c->base_server) {
/* already found the vhost */
return APR_SUCCESS;
}
--
> Maybe setting the loglevel to Debug could help to see the other SNI stuff
> that was going on before and if it correctly identified the correct vhost via
> SNI.
+1
