date:20160922

[Bug 58007] 400 Bad Request with fully qualified domain name over HTTPS

2016-09-22 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=58007

Yann Ylavic  changed:

   What|Removed |Added

 CC||j...@acm.org

--- Comment #18 from Yann Ylavic  ---
*** Bug 57810 has been marked as a duplicate of this bug. ***

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 58007] 400 Bad Request with fully qualified domain name over HTTPS

2016-09-22 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=58007

--- Comment #17 from Yann Ylavic  ---
Is it still reproducible with latest 2.4 (2.4.23)?

The SNI string is not compared directly with the Host header anymore, and the
decision to block the request (now with status 421) is solely based on the
compatibility (TLS configuration/parameters wise) of the vhost selected from
the handshake (based on the SNI) and the one finally selected from the request
(based on the Host header).

Both selections compare with the ServerName/ServerAlias(es) declared in the
configuration, so it's up to admin to use a FQDN, or not, or both (one as
Servername, the other as ServerAlias).

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 57810] Should apache ignore difference in trailing dot between SNI and HTTP requests?

2016-09-22 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=57810

Yann Ylavic  changed:

   What|Removed |Added

 Resolution|--- |DUPLICATE
 Status|NEW |RESOLVED

--- Comment #3 from Yann Ylavic  ---


*** This bug has been marked as a duplicate of bug 58007 ***

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 58007] 400 Bad Request with fully qualified domain name over HTTPS

2016-09-22 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=58007

--- Comment #16 from Fred Morris  ---
When I tried this just now, apache.org served up a certificate for
openoffice.org.

-- 
You are receiving this mail because:
You are the assignee for the bug.

-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 58007] 400 Bad Request with fully qualified domain name over HTTPS

[Bug 58007] 400 Bad Request with fully qualified domain name over HTTPS

[Bug 57810] Should apache ignore difference in trailing dot between SNI and HTTP requests?

[Bug 58007] 400 Bad Request with fully qualified domain name over HTTPS

4 matches

Site Navigation

Mail list logo

Footer information