www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-04 05:42:12 +03:00
Code Activity

http, mod_ssl: Introduce and return the 421 (Misdirected Request) status code

Browse Source 
for clients requesting a hostname on a reused connection whose SNI (from the
TLS handshake) does not match.
PR 5802.

This allows HTTP/2 clients to fall back to a new connection as per:
https://tools.ietf.org/html/rfc7540#section-9.1.2

Proposed by: Stefan Eissing <stefan eissing.org>
Reviewed by: ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1685069 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Yann Ylavic
2015-06-12 11:33:22 +00:00
parent 488f6e0459
commit 33d6aaf455
3 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
modules/ssl/ssl_engine_kernel.c
View File

@@ -204,6 +204,9 @@ int ssl_hook_ReadReq(request_rec *r)
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02032)
"Hostname %s provided via SNI and hostname %s provided"
" via HTTP are different", servername, host);
if (r->connection->keepalives > 0) {
return HTTP_MISDIRECTED_REQUEST;
}
return HTTP_BAD_REQUEST;
}
}