Debug log attached.
On Wednesday 16/09/2015 at 12:06, Plüm wrote:
-----Original Message----- From: Stefan Eissing [mailto:[email protected]] Sent: Mittwoch, 16. September 2015 11:38 To: [email protected] Subject: Re: 2.4.17-protocols-http2/ - SNI issueGood point. Limited online today. If someone wants to give this a shot,please.you please check the logs with some kind of hex tool if there is really no difference between both strings? The logic to detect a difference in theAm 16.09.2015 um 11:36 schrieb Yann Ylavic <[email protected]>: On Wed, Sep 16, 2015 at 11:24 AM, Plüm, Rüdiger, Vodafone Group <[email protected]> wrote:-----Original Message----- From: Steffen Sent: Mittwoch, 16. September 2015 11:14 To: [email protected] Subject: 2.4.17-protocols-http2/ - SNI issue[][ssl:error] [pid 3428:tid 3952] AH02032: Hostname http://www.apachelounge.com provided via SNI and hostname http://www.apachelounge.com provided via HTTPare differentThe above is very weird as both times we see http://www.apachelounge.com. Cancode is just a usual strcasecmp. So I sense some hidden characters somewhere, which might give us a hint where things go really wrong.Ahh I did miss that he used Stefans branch and not the 2.4.x branch.ISTM that the test should be: if (strcasecmp(host, servername) || (sslconn->server&& !ssl_util_vhost_matches(host, sslconn->server)))instead of: if (strcasecmp(host, servername) || !sslconn->server|| !ssl_util_vhost_matches(host, sslconn->server))Not sure sslconn->server isn't NULL here for the first request.I shouldn't be. Maybe setting the loglevel to Debug could help to see the other SNI stuff that was going on before and if it correctly identified the correct vhost via SNI.Regards Rüdiger
serror.log
Description: Binary data
