Michael Osipov created SERF-185:
-----------------------------------
Summary: serf_get sets incorrect hostname for SNI
Key: SERF-185
URL: https://issues.apache.org/jira/browse/SERF-185
Project: serf
Issue Type: Bug
Affects Versions: serf-1.3.9
Environment: * IP. 192.168.1.10
* Hostname (A record): server.ad001.company.net
* Hostname (CNAME): server.old.company.net => server.ad001.company.net
* Tomcat 8.5 with APR/OpenSSL TLS Virtual Hosting
* Default host: server.ad001.company.net
Reporter: Michael Osipov
When issues following request with {{./serf_get -H -m GET
https://server.old.siemens.net:8443/}} the {{server_name}} value in the SNI
extension is {{server.old.siemens.net:8443}}, but has to be
{{server.old.siemens.net}} (stripped port). Tomcat is not able to match the
input against its confguration and delivers the wrong certificate.
The error is in:
{code}
./test/serf_get.c:226: serf_ssl_set_hostname(conn_ctx->ssl_ctx,
ctx->hostinfo);
{code}
where {{hostinfo}} contains hostname and port which is suitable for the
{{Host}} header, but not for SNI.
Subversion itself does not suffer from this issue.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
