Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
apache2
httpd-2.2.x-bnc798733-SNI_ignorecase.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File httpd-2.2.x-bnc798733-SNI_ignorecase.diff of Package apache2
diff -rNU 20 ../httpd-2.2.17-o/modules/ssl/ssl_engine_kernel.c ./modules/ssl/ssl_engine_kernel.c --- ../httpd-2.2.17-o/modules/ssl/ssl_engine_kernel.c 2010-02-27 22:00:58.000000000 +0100 +++ ./modules/ssl/ssl_engine_kernel.c 2013-01-28 16:04:26.000000000 +0100 @@ -119,41 +119,41 @@ #ifndef OPENSSL_NO_TLSEXT if ((servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name))) { char *host, *scope_id; apr_port_t port; apr_status_t rv; /* * The SNI extension supplied a hostname. So don't accept requests * with either no hostname or a different hostname. */ if (!r->hostname) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, "Hostname %s provided via SNI, but no hostname" " provided in HTTP request", servername); return HTTP_BAD_REQUEST; } rv = apr_parse_addr_port(&host, &scope_id, &port, r->hostname, r->pool); if (rv != APR_SUCCESS || scope_id) { return HTTP_BAD_REQUEST; } - if (strcmp(host, servername)) { + if (strcasecmp(host, servername)) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, "Hostname %s provided via SNI and hostname %s provided" " via HTTP are different", servername, host); return HTTP_BAD_REQUEST; } } else if ((((mySrvConfig(r->server))->strict_sni_vhost_check == SSL_ENABLED_TRUE) || (mySrvConfig(sslconn->server))->strict_sni_vhost_check == SSL_ENABLED_TRUE) && r->connection->vhost_lookup_data) { /* * We are using a name based configuration here, but no hostname was * provided via SNI. Don't allow that if are requested to do strict * checking. Check wether this strict checking was setup either in the * server config we used for handshaking or in our current server. * This should avoid insecure configuration by accident. */ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, "No hostname was provided via SNI for a name based"
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor