You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2014/04/15 23:16:36 UTC
[Bug 56414] New: SNI & HTTP hostname different because of user@
https://issues.apache.org/bugzilla/show_bug.cgi?id=56414
Bug ID: 56414
Summary: SNI & HTTP hostname different because of user@
Product: Apache httpd-2
Version: 2.2.22
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
Assignee: bugs@httpd.apache.org
Reporter: ben.rubson@gmail.com
Hello,
I use Apache 2.2.22 on my Debian Wheezy (7 / stable) box.
Here is the message I have in error.log, from a user using a subversion client
:
Hostname www.domain.com provided via SNI and hostname my-user@www.domain.com
provided via HTTP are different
Here is a quick fix I wrote, but perhaps something more official / clean could
be written.
In modules/ssl/ssl_engine_kernel.c,
I added these 7 first lines,
and I modified the 8th one :
char *hostcut = malloc(strlen(host) + 1);
strcpy(hostcut,host);
if (strstr (hostcut,"@"))
{
hostcut=strstr (hostcut,"@");
hostcut=&hostcut[1];
}
if (strcasecmp(hostcut, servername)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
"Hostname %s provided via SNI and hostname %s provided"
" via HTTP are different", servername, hostcut);
return HTTP_BAD_REQUEST;
}
Thank you very much,
Best regards,
Ben
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 56414] SNI & HTTP hostname different because of user@
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=56414
--- Comment #2 from Ben RUBSON <be...@gmail.com> ---
I did not look at client side no.
Client is Versions v1.3.0 :
http://www.versionsapp.com
This client has username and password fields.
However, it adds a my-user@ string in the location field before the domain.
I though that it was something authorized to use something like
my-user@www.domain.com, this is why I wrote this little patch.
Ben
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 56414] SNI & HTTP hostname different because of user@
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=56414
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
--- Comment #1 from Eric Covener <co...@gmail.com> ---
The mismatch sounds like a client bug, has someone looked at it from the client
side?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org